EUVD-2021-15878

Malware in sbrugna...

EUVD-2021-9037

Malicious code in bioql PyPI...

EUVD-2023-44307

Malicious code in bioql PyPI...

EUVD-2021-9038

Malicious code in bioql PyPI...

EUVD-2021-9034

Malicious code in bioql PyPI...

EUVD-2021-9035

Malicious code in bioql PyPI...

EUVD-2022-51425

Malicious code in bioql PyPI...

EUVD-2023-44312

Malicious code in bioql PyPI...

CVE-2021-21867

An unsafe deserialization vulnerability exists in the ObjectManager.plugin ObjectStream.ProfileByteArray functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigge...

CVE-2021-21866

A unsafe deserialization vulnerability exists in the ObjectManager.plugin ProfileInformation.ProfileData functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigge...

CVE-2021-29240

The Package Manager of CODESYS Development System 3 before 3.5.17.0 does not check the validity of packages before installation and may be used to install CODESYS packages with malicious content...

CVE-2021-29239

CODESYS Development System 3 before 3.5.17.0 displays or executes malicious documents or files embedded in libraries without first checking their validity...

CVE-2021-21869

An unsafe deserialization vulnerability exists in the Engine.plugin ProfileInformation ProfileData functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this...

CVE-2021-21865

A unsafe deserialization vulnerability exists in the PackageManagement.plugin ExtensionMethods.Clone functionality of CODESYS GmbH CODESYS Development System 3.5.16. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this...

CVE-2021-21868

An unsafe deserialization vulnerability exists in the ObjectManager.plugin Project.getMissingTypes functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this...

CVE-2021-21864

A unsafe deserialization vulnerability exists in the ComponentModel ComponentManager.StartupCultureSettings functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to...

CVE-2021-21863

A unsafe deserialization vulnerability exists in the ComponentModel Profile.FromFile functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this vulnerability...

CVE-2022-4048

Inadequate Encryption Strength in CODESYS Development System V3 versions prior to V3.5.18.40 allows an unauthenticated local attacker to access and manipulate code of the encrypted boot application...

Arbitrary File Read Vulnerability in KingPortal Development System Client of Beijing Asia Control Technology Development Co.

Beijing Asian Control Technology Development Co., Ltd. is a high-tech enterprise of automation software platform. There is an arbitrary file reading vulnerability in the client side of KingPortal development system of Beijing Asian Control Technology Development Co., Ltd, which can be exploited b...

CVE-2023-5751 CODESYS: Development system prone to DoS through exposure of resource to wrong sphere

A local attacker with low privileges can read and modify any users files and cause a DoS in the working directory of the affected products due to exposure of resource to wrong sphere...