23 matches found
EUVD-2024-47268
Malicious code in bioql PyPI...
EUVD-2024-47269
Malicious code in bioql PyPI...
CVE-2024-6122
An incorrect permission in the installation directory for the shared NI SystemLink Server KeyValueDatabase service may result in information disclosure via local access. This affects NI SystemLink Server 2024 Q1 and prior versions. It also affects NI FlexLogger 2023 Q2 and prior versions which...
CVE-2025-2449
NI FlexLogger usiReg URI File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of NI FlexLogger. User interaction is required to exploit this vulnerability in that the target must visit ...
CVE-2025-2449
NI FlexLogger usiReg URI File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of NI FlexLogger. User interaction is required to exploit this vulnerability in that the target must visit ...
CVE-2025-2449
CVE-2025-2449 concerns NI FlexLogger, specifically the usiReg URI file parsing component. The vulnerability arises from insufficient validation of a user-supplied path before file operations, enabling a path traversal that can lead to remote code execution in the context of the current user. Expl...
CVE-2025-2449 NI FlexLogger usiReg URI File Parsing Directory Traversal Remote Code Execution Vulnerability
NI FlexLogger usiReg URI File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of NI FlexLogger. User interaction is required to exploit this vulnerability in that the target must visit ...
CVE-2025-2449 NI FlexLogger usiReg URI File Parsing Directory Traversal Remote Code Execution Vulnerability
NI FlexLogger usiReg URI File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of NI FlexLogger. User interaction is required to exploit this vulnerability in that the target must visit ...
(0Day) NI FlexLogger usiReg URI File Parsing Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to create arbitrary files on affected installations of NI FlexLogger. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of URI...
CVE-2024-6121
An out-of-date version of Redis shipped with NI SystemLink Server is susceptible to multiple vulnerabilities, including CVE-2022-24834. This affects NI SystemLink Server 2024 Q1 and prior versions. It also affects NI FlexLogger 2023 Q2 and prior versions which installed this shared service...
NI FlexLogger Redis Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of NI FlexLogger. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the product installer...
NI FlexLogger Redis Server Incorrect Permission Assignment Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of NI FlexLogger. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
CVE-2024-6121
CVE-2024-6121 involves NI SystemLink Server shipping an outdated Redis version (affecting NI SystemLink Server 2024 Q1 and earlier; NI FlexLogger 2023 Q2 and earlier). Connected sources confirm CVE-2022-24834 and other Redis flaws; the security issue arises from Lua scripting in Redis, leading to...
CVE-2024-6121 NI SystemLink Server Ships Out of Date Redis Version
An out-of-date version of Redis shipped with NI SystemLink Server is susceptible to multiple vulnerabilities, including CVE-2022-24834. This affects NI SystemLink Server 2024 Q1 and prior versions. It also affects NI FlexLogger 2023 Q2 and prior versions which installed this shared service...
CVE-2024-4044
A deserialization of untrusted data vulnerability exists in common code used by FlexLogger and InstrumentStudio that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted project file. This vulnerability affects NI FlexLogger...
CVE-2024-4044 Deserialization of Untrusted Data Vulnerability in FlexLogger and InstrumentStudio
A deserialization of untrusted data vulnerability exists in common code used by FlexLogger and InstrumentStudio that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted project file. This vulnerability affects NI FlexLogger...
CVE-2024-4044 Deserialization of Untrusted Data Vulnerability in FlexLogger and InstrumentStudio
A deserialization of untrusted data vulnerability exists in common code used by FlexLogger and InstrumentStudio that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted project file. This vulnerability affects NI FlexLogger...
CVE-2024-4044
This CVE describes a deserialization of untrusted data vulnerability in NI FlexLogger and NI InstrumentStudio code paths shared by both applications. The flaw allows remote code execution and requires an attacker to convince a user to open a specially crafted project file (FLXPROJ) to trigger exp...
NI FlexLogger SkylineService Missing Authorization Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of NI FlexLogger. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SkylineService...
NI FlexLogger userservices Missing Authorization Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of NI FlexLogger. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the userservices...