EUVD-2023-46202

Malicious code in bioql PyPI...

CVE-2024-34144

A sandbox bypass vulnerability involving crafted constructor bodies in Jenkins Script Security Plugin 1335.vf07d9ce377ae and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the contex...

CVE-2023-36609

CVE-2023-36609 affects Ovarro TBox RTUs where OpenVPN runs with root privileges and can execute user-defined configuration scripts. An attacker could set up a local OpenVPN server and push a malicious script to the TBox host to gain root privileges. Mitigation from CISA/EU/NVD references: update ...

Empower Your Security Team With Our Robust Script Library

Introduction Qualys Custom Assessment and Remediation CAR lets you leverage your same Qualys Cloud Agent for custom detection and remediation measures. Yes, the same agent you rely on for VMDR, Patch Management, Policy Compliance, EDR, or FIM can now be used for custom detection and response...

CVE-2013-0671

Directory traversal vulnerability in Siemens WinCC TIA Portal 11 allows remote authenticated users to read HMI web-application source code and user-defined scripts via a crafted URL...

Directory traversal

Directory traversal vulnerability in Siemens WinCC TIA Portal 11 allows remote authenticated users to read HMI web-application source code and user-defined scripts via a crafted URL...

CVE-2013-0671

CVE-2013-0671 affects Siemens WinCC (TIA Portal) 11. The vulnerability is a Directory Traversal vulnerability in the HMI Web server, exploitable by manipulating the URL to read panel server-side source code and user-defined scripts. It requires authenticated access; exploitation is not remote wit...