Siemens SIMATIC HMI Comfort Panels 安全漏洞

Siemens SIMATIC HMI Comfort Panels are touchscreen devices produced by the German company Siemens. There are security vulnerabilities in Siemens SIMATIC HMI Comfort Panels. These vulnerabilities stem from improper restrictions on access to web browsers through the control panel. This allows...

WordPress Orange Confort+ accessibility toolbar for WordPress plugin <= 0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Attributes vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Orange Comfort+ accessibility toolbar for WordPress versions = 0.7...

CVE-2025-59886

Improper input validation at one of the endpoints of Eaton xComfort ECI's web interface, could lead into an attacker with network access to the device executing privileged user commands. As cybersecurity standards continue to evolve and to meet our requirements today, Eaton has decided to...

EUVD-2020-17933

Malware in sbrugna...

EUVD-2019-8900

Malware in sbrugna...

EUVD-2019-2638

Malware in sbrugna...

EUVD-2018-11645

Malware in sbrugna...

EUVD-2020-17934

Malware in sbrugna...

EUVD-2025-2744

Malicious code in bioql PyPI...

CVE-2023-28827

A vulnerability has been identified in SIMATIC CP 1242-7 V2 incl. SIPLUS variants All versions V3.5.20, SIMATIC CP 1243-1 incl. SIPLUS variants All versions V3.5.20, SIMATIC CP 1243-1 DNP3 incl. SIPLUS variants All versions V3.5.20, SIMATIC CP 1243-1 IEC incl. SIPLUS variants All versions V3.5.20...

CVE-2020-25243

A vulnerability has been identified in LOGO! Soft Comfort All versions V8.4. A zip slip vulnerability could be triggered while importing a compromised project file to the affected software. Chained with other vulnerabilities this vulnerability could ultimately lead to a system takeover by an...

CVE-2019-10924

A vulnerability has been identified in LOGO! Soft Comfort All versions V8.3. The vulnerability could allow an attacker to execute arbitrary code if the attacker tricks a legitimate user to open a manipulated project. In order to exploit the vulnerability, a valid user must open a manipulated...

CVE-2025-22345

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tsinf TS Comfort DB ts-comfort-database allows Reflected XSS.This issue affects TS Comfort DB: from n/a through = 2.0.7...

CVE-2020-25244

A vulnerability has been identified in LOGO! Soft Comfort All versions V8.4. The software insecurely loads libraries which makes it vulnerable to DLL hijacking. Successful exploitation by a local attacker could lead to a takeover of the system where the software is installed...

CVE-2025-22345

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tsinf TS Comfort DB ts-comfort-database allows Reflected XSS.This issue affects TS Comfort DB: from n/a through = 2.0.7...

CVE-2025-22345

CVE-2025-22345 pertains to the TS Comfort DB WordPress plugin. The connected CIRCL entry documents a Reflected Cross-Site Scripting (XSS) vulnerability in TS Comfort DB versions up to and including 2.0.7, arising from improper input neutralization during web page generation. The Red Hat advisory ...

CVE-2025-22345 WordPress TS Comfort DB plugin <= 2.0.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tsinf TS Comfort DB ts-comfort-database allows Reflected XSS.This issue affects TS Comfort DB: from n/a through = 2.0.7...

CVE-2025-22345 WordPress TS Comfort DB plugin <= 2.0.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tsinf TS Comfort DB ts-comfort-database allows Reflected XSS.This issue affects TS Comfort DB: from n/a through = 2.0.7...

WordPress plugin TS Comfort DB 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...

PT-2025-4459 · Tobias Spiess · Ts Comfort Db

Name of the Vulnerable Software and Affected Versions: Tobias Spiess TS Comfort DB versions prior to 2.0.8 Description: The issue is related to improper neutralization of input during web page generation, which allows reflected Cross-site Scripting XSS. This enables attackers to inject malicious...