PT-2026-38330

Name of the Vulnerable Software and Affected Versions Spring Cloud Config versions 3.1.0 through 3.1.13 Spring Cloud Config versions 4.1.0 through 4.1.9 Spring Cloud Config versions 4.2.0 through 4.2.6 Spring Cloud Config versions 4.3.0 through 4.3.2 Spring Cloud Config versions 5.0.0 through 5.0...

VMware Spring Cloud Config 日志信息泄露漏洞

VMware Spring Cloud Config is a configuration management solution for distributed systems developed by VMware, Inc. This product provides server and client support for external configurations in distributed systems. VMware Spring Cloud Config has a vulnerability related to log information leakage...

Access Control Bypass

Overview genieacs is an A TR-069 Auto Configuration Server ACS Affected versions of this package are vulnerable to Access Control Bypass via the NBI API endpoint. An attacker can gain unauthorized access to sensitive functionality or data by sending unauthenticated requests. Remediation There is ...

EUVD-2001-0589

Malware in sbrugna...

EUVD-2000-0846

Malware in sbrugna...

EUVD-2001-0444

Malware in sbrugna...

EUVD-2012-5401

Malware in sbrugna...

EUVD-2020-18245

Malware in sbrugna...

EUVD-2025-15794

Malicious code in bioql PyPI...

CVE-2020-23079

SSRF vulnerability in Halo =1.3.2 exists in the SMTP configuration, which can detect the server intranet...

CVE-2025-3223

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in GE Vernova WorkstationST on Windows EGD Configuration Server modules allows Path Traversal.This issue affects WorkstationST: WorkstationST V07.10.10C and earlier...

CVE-2025-3223

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in GE Vernova WorkstationST on Windows EGD Configuration Server modules allows Path Traversal.This issue affects WorkstationST: WorkstationST V07.10.10C and earlier...

CVE-2025-3223 WorkstationST EGD Configuration Server Path Traversal Vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in GE Vernova WorkstationST on Windows EGD Configuration Server modules allows Path Traversal.This issue affects WorkstationST: WorkstationST V07.10.10C and earlier...

CVE-2025-3223

The CVE-2025-3223 entry concerns GE Vernova WorkstationST on Windows, specifically the EGD Configuration Server modules. The vulnerability is caused by improper limitation of a pathname to a restricted directory, enabling a path traversal in WorkstationST versions V07.10.10C and earlier. Document...

CVE-2025-3223 WorkstationST EGD Configuration Server Path Traversal Vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in GE Vernova WorkstationST on Windows EGD Configuration Server modules allows Path Traversal.This issue affects WorkstationST: WorkstationST V07.10.10C and earlier...

PT-2025-22085 · Ge · Ge Vernova Workstationst

Name of the Vulnerable Software and Affected Versions: GE Vernova WorkstationST versions V07.10.10C and earlier Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a 'Path Traversal' vulnerability, in the EGD Configuration Server...

PT-2025-3266 · Axess · Axess Acs

Name of the Vulnerable Software and Affected Versions: AXESS ACS Auto Configuration Server versions prior to 5.2.0 Description: The issue is related to unsanitized user input in the TR069 API, which allows remote unauthenticated attackers to cause a permanent Denial of Service via crafted TR069...

PT-2024-25535 · Axiros · Axess Auto Configuration Server

Name of the Vulnerable Software and Affected Versions: Axiros AXESS Auto Configuration Server ACS versions 4.x through 5.0.0 Description: The issue is related to Incorrect Access Control, allowing an authorization bypass that enables remote attackers to achieve unauthenticated remote code...

Open Automation Software OAS Platform OAS Engine User Configuration improper input validation vulnerability

Talos Vulnerability Report TALOS-2024-1949 Open Automation Software OAS Platform OAS Engine User Configuration improper input validation vulnerability April 3, 2024 CVE Number CVE-2024-27201 SUMMARY An improper input validation vulnerability exists in the OAS Engine User Configuration functionali...

Open Automation Software OAS Platform OAS Engine authentication bypass vulnerability

Talos Vulnerability Report TALOS-2023-1769 Open Automation Software OAS Platform OAS Engine authentication bypass vulnerability September 5, 2023 CVE Number CVE-2023-31242 SUMMARY An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platfor...