CVE-2026-8464

Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. This vulnerability allows an attacker in the same local network to read arbitrary files from the server's operating system by manipulating HTTP request paths. This issue has been fixed in version 11.6.0...

CVE-2026-8464 Path traversal in Neuron Soft Golem OEE MES

Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. This vulnerability allows an attacker in the same local network to read arbitrary files from the server's operating system by manipulating HTTP request paths. This issue has been fixed in version 11.6.0...

PT-2026-48654

Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. This vulnerability allows an attacker in the same local network to read arbitrary files from the server's operating system by manipulating HTTP request paths. This issue has been fixed in version 11.6.0...

EUVD-2022-32079

Malicious code in bioql PyPI...

CVE-2022-27578

An attacker can perform a privilege escalation through the SICK OEE if the application is installed in a directory where non authenticated or low privilege users can modify its content...

Design/Logic Flaw

In Progress OpenEdge OEM OpenEdge Management and OEE OpenEdge Explorer before 12.7, a remote user who has any OEM or OEE role could perform a URL injection attack to change identity or role membership, e.g., escalate to admin. This affects OpenEdge LTS before 11.7.16, 12.x before 12.2.12, and...

CVE-2023-34203

In Progress OpenEdge OEM OpenEdge Management and OEE OpenEdge Explorer before 12.7, a remote user who has any OEM or OEE role could perform a URL injection attack to change identity or role membership, e.g., escalate to admin. This affects OpenEdge LTS before 11.7.16, 12.x before 12.2.12, and...

CVE-2023-34203

CVE-2023-34203 affects Progress OpenEdge OEM (OpenEdge Management) and OEE (OpenEdge Explorer). A remote user who has any OEM or OEE role can perform a URL injection attack to change identity or role membership, enabling escalation to admin. Affected versions are: OpenEdge LTS before 11.7.16; Ope...

CVE-2022-27578

An attacker can perform a privilege escalation through the SICK OEE if the application is installed in a directory where non authenticated or low privilege users can modify its content...

CVE-2022-27578

An attacker can perform a privilege escalation through the SICK OEE if the application is installed in a directory where non authenticated or low privilege users can modify its content...

CVE-2022-27578

An attacker can perform a privilege escalation through the SICK OEE if the application is installed in a directory where non authenticated or low privilege users can modify its content...

Privilege escalation

An attacker can perform a privilege escalation through the SICK OEE if the application is installed in a directory where non authenticated or low privilege users can modify its content...

CVE-2022-27578

An attacker can perform a privilege escalation through the SICK OEE if the application is installed in a directory where non authenticated or low privilege users can modify its content...

CVE-2022-27578

CVE-2022-27578 affects SICK OEE. A privilege escalation is possible when the OEE application is installed in a directory that non-authenticated or low-privilege users can modify. Root cause: write-access to application content enables elevation. Impact: local privilege escalation with high/confid...

SICK OEE 安全漏洞

Sick SICK OEE is a programmable controller from Sick, Germany. A security vulnerability exists in the SICK OEE, which can be exploited by an attacker to perform an elevation of privilege via the SICK OEE if the application is installed in a directory whose contents can be modified by an...

Multiple Siemens Products Input Validation Error Vulnerability (CNVD-2021-54361)

Siemens SIMATIC IT LMS is a total equipment effectiveness OEE line monitoring system. SIMATIC IT Production Suite is a plant production management suite. An input validation error vulnerability exists in several Siemens products. An attacker could exploit the vulnerability with specially crafted...