17 matches found
EUVD-2023-54051
Malicious code in bioql PyPI...
EUVD-2023-43201
Malicious code in bioql PyPI...
EUVD-2023-43203
Malicious code in bioql PyPI...
CVE-2023-39480
Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this...
CVE-2023-39478
Softing Secure Integration Server Exposure of Resource to Wrong Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this...
CVE-2023-39480
Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this...
CVE-2023-39480 Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability
Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this...
CVE-2023-39480 Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability
Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this...
CVE-2023-39479
Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability (CVE-2023-39479) affects the OPC UA Gateway handling of FileDirectory OPC UA Objects. The flaw allows remote attackers, bypassing authentication, to create directories by accessing the filesystem, potentially enabli...
CVE-2023-39478
The CVE-2023-39478 issue affects Softing Secure Integration Server. Affected component is the OPC FileDirectory namespace handling, where lack of proper validation of user-supplied data when creating a server object can enable remote code execution in the root context. Attackers can exploit this ...
Softing Secure Integration Server 安全漏洞
Softing Secure Integration Server is a secure integration server from Softing Germany. It provides a powerful OPC UA data integration layer and supports interface abstraction, aggregation, data preprocessing, and security supervision. A security vulnerability exists in Softing Secure Integration...
(Pwn2Own) Softing Secure Integration Server Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handli...
PT-2023-26964 · Softing · Softing Secure Integration Server
Name of the Vulnerable Software and Affected Versions: Softing Secure Integration Server affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. Although authentication is required to exploit this, the existing...
(0Day) (Pwn2Own) Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability
This vulnerability allows remote attackers to create arbitrary files on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handli...
(0Day) (Pwn2Own) Softing Secure Integration Server Exposure of Resource to Wrong Sphere Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handli...
CVE-2023-4172
A vulnerability, which was classified as problematic, has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This issue affects some unknown processing of the file \Service\FileHandler.ashx. The manipulation of the argument FileDirectory leads to absolute path traversal...
Path traversal
A vulnerability, which was classified as problematic, has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This issue affects some unknown processing of the file \Service\FileHandler.ashx. The manipulation of the argument FileDirectory leads to absolute path traversal...