The vulnerability of Siemens Sinumerik programmable logic controllers lies in the improper assignment of permissions for the scripts executed by the system. This allows attackers to increase their privileges.

The vulnerability of Siemens Sinumerik programmable logic controllers is related to the incorrect assignment of permissions for the system’s scripts. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the web server of the microprogramming software for programmable logic controllers SIMATICS7-1500 and S7-1200 CPU family allows a hacker to redirect users to any desired URL address.

The vulnerability of the web server of the microprogramming software for programmable logic controllers SIMATICS7-1500 and S7-1200 CPUs is related to the redirection of URLs to unreliable websites. Exploiting this vulnerability allows an attacker to remotely redirect users to arbitrary URL...

Code-Projects Wazifa System SQL注入漏洞

Wazifa System is a content management system. Wazifa System suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in the parameter to of the file /controllers/control.php. An attacker can exploit this vulnerability to execute illegal...

The vulnerability of the CIP Message Handler component in Rockwell Automation’s programmable logic controllers ControlLogix 5580, CompactLogix 5380, Compact GuardLogix 5380 SIL 2, Compact GuardLogix 5380 SIL 3, CompactLogix 5480, FactoryTalk Logix Echo allows a intruder to trigger a service failure.

The vulnerability of the CIP Message Handler component in Rockwell Automation’s programmable logic controllers ControlLogix 5580, CompactLogix 5380, Compact GuardLogix 5380 SIL 2, Compact GuardLogix 5380 SIL 3, CompactLogix 5480, and FactoryTalk Logix Echo is related to errors in processing input...

About the security content of macOS Sequoia 15.1

About the security content of macOS Sequoia 15.1 This document describes the security content of macOS Sequoia 15.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases...

The vulnerability of the microprogrammed software in modular controller devices for AC charging stations and wall-mounted charging devices from Phoenix Contact, CHARX SEC-3000, arises from insecure resource initialization. This allows a hacker to bypass the password protection of arbitrary users.

The vulnerability of the microprogrammed software in modular control devices for AC charging stations and wall-mounted charging devices from Phoenix Contact’s CHARX SEC-3000 is related to an unsafe initialization of resources. Exploiting this vulnerability could allow a malicious actor to reset t...

SUSE CVE-2022-48982

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix crash when replugging CSR fake controllers It seems fake CSR 5.0 clones can cause the suspend notifier to be registered twice causing the following kernel panic: 71.986122 Call Trace: 71.986124 71.986125...

CVE-2022-48982

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix crash when replugging CSR fake controllers It seems fake CSR 5.0 clones can cause the suspend notifier to be registered twice causing the following kernel panic: 71.986122 Call Trace: 71.986124 71.986125...

CVE-2022-48982

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix crash when replugging CSR fake controllers It seems fake CSR 5.0 clones can cause the suspend notifier to be registered twice causing the following kernel panic: 71.986122 Call Trace: 71.986124 71.986125...

DEBIAN-CVE-2022-48982

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix crash when replugging CSR fake controllers It seems fake CSR 5.0 clones can cause the suspend notifier to be registered twice causing the following kernel panic: 71.986122 Call Trace: 71.986124 71.986125...

UBUNTU-CVE-2022-48982

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix crash when replugging CSR fake controllers It seems fake CSR 5.0 clones can cause the suspend notifier to be registered twice causing the following kernel panic: 71.986122 Call Trace: 71.986124 71.986125...

CVE-2022-48982 Bluetooth: Fix crash when replugging CSR fake controllers

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix crash when replugging CSR fake controllers It seems fake CSR 5.0 clones can cause the suspend notifier to be registered twice causing the following kernel panic: 71.986122 Call Trace: 71.986124 71.986125...

CVE-2022-48982 Bluetooth: Fix crash when replugging CSR fake controllers

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix crash when replugging CSR fake controllers It seems fake CSR 5.0 clones can cause the suspend notifier to be registered twice causing the following kernel panic: 71.986122 Call Trace: 71.986124 71.986125...

CVE-2022-48982 Bluetooth: Fix crash when replugging CSR fake controllers

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix crash when replugging CSR fake controllers It seems fake CSR 5.0 clones can cause the suspend notifier to be registered twice causing the following kernel panic: 71.986122 Call Trace: 71.986124 71.986125...

Rockwell Automation Logix Controllers

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION : Exploitable remotely/low attack complexity Vendor : Rockwell Automation Equipment : Compact GuardLogix, CompactLogix, ControlLogix, GuardLogix, 1756-EN4TR Vulnerability : Uncontrolled Resource Consumption 2. RISK EVALUATION Successful...

Siemens Multiple Products URL Redirection Vulnerability

SIMATIC Drive Controllers are designed for the automation of production machines, combining the functionality of SIMATIC S7-1500 CPUs and SINAMICS S120 drive controls. simatic ET 200SP Open Controller is the pc-based version of the SIMATIC S7-1500 controller, including optional visualization and...

The vulnerability of the installation package for microprogramming software in embedded network controllers for building control systems, ASPECT Enterprise, NEXUS Series, MATRIX Series, allows a intruder to gain full control over the device.

The vulnerability of the installation package for microprogramming software in ASPECT Enterprise, NEXUS Series, and MATRIX Series embedded network controllers is related to the use of default account data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain full contr...

CVE-2024-8626 Logix Controllers Vulnerable to Denial-of-Service Vulnerability

Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. A malicious actor could exploit this vulnerability by performing multiple actions on certain web pages of the product causing the affected products to become fully unavailable and require ...

CVE-2024-8626 Logix Controllers Vulnerable to Denial-of-Service Vulnerability

Due to a memory leak, a denial-of-service vulnerability exists in the Rockwell Automation affected products. A malicious actor could exploit this vulnerability by performing multiple actions on certain web pages of the product causing the affected products to become fully unavailable and require ...

PT-2024-6729 · Microsoft · Windows Netlogon +1

Name of the Vulnerable Software and Affected Versions: Windows Netlogon affected versions not specified Description: The vulnerability in Windows Netlogon is related to deficiencies in the authentication procedure, allowing a remote attacker to elevate their privileges. It involves predicting the...