CVE-2025-13970

OpenPLCV3 is vulnerable to a cross-site request forgery CSRF attack due to the absence of proper CSRF validation. This issue allows an unauthenticated attacker to trick a logged-in administrator into visiting a maliciously crafted link, potentially enabling unauthorized modification of PLC settin...

PT-2025-46224

Name of the Vulnerable Software and Affected Versions SAP NetWeaver Application Server for ABAP affected versions not specified Description The Migration Workbench DX Workbench component does not initiate a malware scan when files are uploaded to the application server by a user with administrati...

A Time Series Analysis of Malware Uploads to Programming Language Ecosystems

Software ecosystems built around programming languages have greatly facilitated software development. At the same time, their security has increasingly been acknowledged as a problem. To this end, the paper examines the previously overlooked longitudinal aspects of software ecosystem security,...

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to unlimited resource distribution, allows a hacker to cause a service failure.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the unlimited distribution of resources. Exploiting this vulnerability allows a malicious actor to remotely cause service failures by uploading a specially created malware file...

The vulnerability of Juniper Networks’ Junos Space platform, related to the unlimited loading of malicious files, allows attackers to upload malware-infected files.

The vulnerability of the Juniper Networks Junos Space network resource management platform is related to the ability to load files of a malicious nature without limitation. Exploiting this vulnerability allows a remote attacker to load malicious files into the system...