GHSA-3824-QMFQ-2QV7 SurrealDB no JavaScript script function default timeout could facilitate DoS

Through enabling the scripting capability. SurrealDB allows for advanced functions with complicated logic, by allowing embedded functions to be written in JavaScript. These functions are bounded for memory and stack size, but not in time. An attacker could launch a number of long running function...

CVE-2023-25910

A vulnerability has been identified in SIMATIC PCS 7 All versions V9.1 SP2 UC04, SIMATIC S7-PM All versions V5.7 SP1 HF1, SIMATIC S7-PM All versions V5.7 SP2 HF1, SIMATIC STEP 7 V5 All versions V5.7. The affected product contains a database management system that could allow remote users with low...

CVE-2023-25910

A vulnerability has been identified in SIMATIC PCS 7 All versions V9.1 SP2 UC04, SIMATIC S7-PM All versions V5.7 SP1 HF1, SIMATIC S7-PM All versions V5.7 SP2 HF1, SIMATIC STEP 7 V5 All versions V5.7. The affected product contains a database management system that could allow remote users with low...

PT-2023-3371 · Siemens · Simatic Pcs 7 +2

Name of the Vulnerable Software and Affected Versions: SIMATIC PCS 7 versions prior to V9.1 SP2 UC04 SIMATIC S7-PM versions prior to V5.7 SP1 HF1 SIMATIC S7-PM versions prior to V5.7 SP2 HF1 SIMATIC STEP 7 V5 versions prior to V5.7 Description: A vulnerability has been identified in the affected...