EUVD-2023-26485

Malicious code in bioql PyPI...

EUVD-2023-26529

Malicious code in bioql PyPI...

CVE-2023-22322

Improper restriction of XML external entity reference XXE vulnerability exists in OMRON CX-Motion Pro 1.4.6.013 and earlier. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Motion Pro is installed may be disclosed...

CVE-2023-22366

CX-Motion-MCH v2.32 and earlier contains an access of uninitialized pointer vulnerability. Having a user to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution...

CVE-2023-22322

Improper restriction of XML external entity reference XXE vulnerability exists in OMRON CX-Motion Pro 1.4.6.013 and earlier. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Motion Pro is installed may be disclosed...

CVE-2023-22322

Improper restriction of XML external entity reference XXE vulnerability exists in OMRON CX-Motion Pro 1.4.6.013 and earlier. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Motion Pro is installed may be disclosed...

Xxe

Improper restriction of XML external entity reference XXE vulnerability exists in OMRON CX-Motion Pro 1.4.6.013 and earlier. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Motion Pro is installed may be disclosed...

CVE-2023-22322

Improper restriction of XML external entity reference XXE vulnerability exists in OMRON CX-Motion Pro 1.4.6.013 and earlier. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Motion Pro is installed may be disclosed...

CVE-2023-22322

Improper restriction of XML external entity reference XXE vulnerability exists in OMRON CX-Motion Pro 1.4.6.013 and earlier. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Motion Pro is installed may be disclosed...

CVE-2023-22322

CVE-2023-22322 affects OMRON CX-Motion Pro prior to 1.4.6.014, with an XXE flaw that can disclose sensitive filesystem data when a user opens a crafted project file. Root cause: improper restriction of XML external entity references in CX-Motion Pro 1.4.6.013 and earlier. Impact: potential exposu...

Improper restriction of XML external entity reference (XXE) vulnerability in OMRON CX-Motion Pro

Overview CX-Motion Pro provided by OMRON Corporation contains an improper restriction of XML external entity reference XXE vulnerability CWE-611. Michael Heinzl reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact If a user opens a specially crafted project...

CVE-2023-22366

CX-Motion-MCH v2.32 and earlier contains an access of uninitialized pointer vulnerability. Having a user to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution...

CVE-2023-22366

CX-Motion-MCH v2.32 and earlier contains an access of uninitialized pointer vulnerability. Having a user to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution...

CVE-2023-22366

CX-Motion-MCH (Omron) versions 2.32 and earlier are affected by an uninitialized pointer vulnerability (CWE-824, CVE-2023-22366). The issue may allow information disclosure and arbitrary code execution when a user opens a specially crafted project file. Some sources indicate a fix is available in...

Omron CX-Motion-MCH 缓冲区错误漏洞

Omron CX-Motion-MCH is an advanced motion application programming and configuration software from Omron Corporation Japan. A security vulnerability exists in Omron CX-Motion-MCH versions prior to v2.32 that stems from the inclusion of an uninitialized pointer vulnerability...

OMRON CX-One CX-Motion wcscpy Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of M...