CVE-2021-22775

A CWE-427: Uncontrolled Search Path Element vulnerability exists in GP-Pro EX,V4.09.250 and prior, that could cause local code execution with elevated privileges when installing the software...

CVE-2020-7492

A CWE-521: Weak Password Requirements vulnerability exists in the GP-Pro EX V1.00 to V4.09.100 which could cause the discovery of the password when the user is entering the password because it is not masqueraded...

CISA Releases 10 Industrial Control Systems Advisories

CISA released 10 Industrial Control Systems ICS advisories. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-294-01 Rockwell Automation 1783-NATR ICSA-25-294-02 Rockwell Automation Compact GuardLogix 5370...

EUVD-2018-19544

Malware in sbrugna...

EUVD-2016-3374

Malware in sbrugna...

EUVD-2016-3375

Malware in sbrugna...

EUVD-2020-28617

Malware in sbrugna...

EUVD-2021-9910

Malicious code in bioql PyPI...

EUVD-2023-44579

Malicious code in bioql PyPI...

CISA Releases Nine Industrial Control Systems Advisories

CISA released nine Industrial Control Systems ICS advisories on February 4, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-035-01 Western Telematic Inc NPS Series, DSM Series, CPM Series ICSA-25-035-02 Rockwe...

Schneider Electric Pro-face GP-Pro EX和Remote HMI 安全漏洞

Schneider Electric Pro-face GP-Pro EX and Schneider Electric Pro-face Remote HMI are both products of Schneider Electric, France.Schneider Electric Pro-face GP-Pro EX is an HMI operation management system. Schneider Electric Pro-face GP- EX is a human-machine interface operator management system,...

PT-2024-10223 · Pro Face · Pro-Face Remote Hmi +1

Name of the Vulnerable Software and Affected Versions: Pro-Face GP-Pro EX affected versions not specified Pro-face Remote HMI affected versions not specified Description: The issue is related to an improper enforcement of message integrity during transmission in a communication channel, which cou...

Schneider Electric GP-Pro EX is a set of HMI interface editing and logic programming software from Schneider Electric (France). A buffer overflow vulnerability exists in Schneider Electric Pro-face GP-Pro EX. The vulnerability stems from improper manipulation of restrictions within memory buffer ranges and can be exploited by an attacker to cause memory corruption.

The NETGEAR R7100LG is a router from the American company NETGEAR. A hardware device that connects two or more networks and acts as a gateway between networks. The NETGEAR R7100LG version 1.0.0.78 suffers from a command injection vulnerability that stems from the password parameter in...

CVE-2023-3953

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause memory corruption when an authenticated user opens a tampered log file from GP-Pro EX...

CVE-2023-3953

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause memory corruption when an authenticated user opens a tampered log file from GP-Pro EX...

PT-2023-4195 · Pro Face · Gp-Pro Ex

Name of the Vulnerable Software and Affected Versions: GP-Pro EX affected versions not specified Description: The issue is related to a memory buffer overflow, which could allow an attacker to impact the confidentiality, integrity, and availability of protected information. This occurs when an...

CVE-2021-22775

A CWE-427: Uncontrolled Search Path Element vulnerability exists in GP-Pro EX,V4.09.250 and prior, that could cause local code execution with elevated privileges when installing the software...

Path traversal

A CWE-427: Uncontrolled Search Path Element vulnerability exists in GP-Pro EX,V4.09.250 and prior, that could cause local code execution with elevated privileges when installing the software...

CVE-2021-22775

GP-Pro EX, V4.09.250 and earlier, are affected by CWE-427: Uncontrolled Search Path Element. The issue stems from failure to properly filter special elements in the software’s search path, potentially enabling local code execution with elevated privileges during installation. Impact: local code e...

CVE-2021-22775

A CWE-427: Uncontrolled Search Path Element vulnerability exists in GP-Pro EX,V4.09.250 and prior, that could cause local code execution with elevated privileges when installing the software...