196 matches found
CVE-2026-12897
Horner Automation Cscape shows an Out-of-Bounds Read vulnerability in versions prior to 10.2 SP3, caused by parsing CSP files. The issue can lead to information disclosure and arbitrary code execution. Affected product: Horner Automation Cscape. Root cause: improper handling during CSP file parsi...
CVE-2026-12897 Out-of-bounds read in Horner Automation Cscape
Horner Automation Cscape versions prior to 10.2 SP3 are vulnerable to an Out-of-Bounds Read vulnerability through parsing CSP files. Successful exploitation of this vulnerability could allow an attacker to disclose information and execute arbitrary code...
CVE-2026-6284 Horner Automation Cscape and XL4, XL7 PLC Weak password requirements
An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible...
CVE-2026-6284
CVE-2026-6284 affects Horner Automation PLC products (Cscape software and XL4/XL7 XL-series PLCs). Vulnerability stems from weak password requirements: limited password complexity and no input-rate limits enable network-auth brute-forcing to gain unauthorized access to systems and services. Attac...
CVE-2026-6284 Horner Automation Cscape and XL4, XL7 PLC Weak password requirements
An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible...
Horner Automation多款产品 安全漏洞
Horner Automation Cscape is a product of the American company Horner Automation. Horner Automation Cscape is a programming software used for developing industrial control systems. Horner Automation XL7 PLC is an industrial programmable logic controller with integrated touchscreen and control...
Horner Automation Cscape and XL4, XL7 PLC
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to systems and services. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure...
EUVD-2019-4996
Malware in sbrugna...
EUVD-2022-34887
Malicious code in bioql PyPI...
EUVD-2024-50368
Malicious code in bioql PyPI...
EUVD-2022-42757
Malicious code in bioql PyPI...
EUVD-2022-34889
Malicious code in bioql PyPI...
EUVD-2023-36461
Malicious code in bioql PyPI...
EUVD-2023-36783
Malicious code in bioql PyPI...
EUVD-2022-34888
Malicious code in bioql PyPI...
EUVD-2023-35592
Malicious code in bioql PyPI...
TRUSTCHECKPOINTS: Time Betrays Malware for Unconditional Software Root of Trust
Modern IoT and embedded platforms must start execution from a known trusted state to thwart malware, ensure secure firmware updates, and protect critical infrastructure. Current approaches to establish a root of trust depend on secret keys and/or specialized secure hardware, which drives up costs...
CVE-2019-13541
In Horner Automation Cscape 9.90 and prior, an improper input validation vulnerability has been identified that may be exploited by processing files lacking user input validation. This may allow an attacker to access information and remotely execute arbitrary code...
CVE-2019-13545
In Horner Automation Cscape 9.90 and prior, improper validation of data may cause the system to write outside the intended buffer area, which may allow arbitrary code execution...
CVE-2025-4098
Horner Automation Cscape version 10.0 10.0.415.2 SP1 is vulnerable to an out-of-bounds read vulnerability that could allow an attacker to disclose information and execute arbitrary code on affected installations of Cscape...