Malicious Package in saync

All versions of saync typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the process was...

WECON Technology Co., Ltd. LeviStudio HMI Editor and PI Studio HMI Project Programmer

1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION : Low skill level to exploit. Vendor : WECON Technology Co., Ltd. WECON Equipment : LeviStudio HMI Editor, and PI Studio HMI Project Programmer Vulnerabilities : Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these...