PT-2026-43234

An Allocation of Resources Without Limits or Throttling vulnerability in the OPC-UA Server used in PPT30 Operating System versions before 1.8.0 may be used by an unauthenticated network-based attacker to permanently prevent legitimate users from interacting with the service...

CVE-2026-21620

Relative Path Traversal, Improper Isolation or Compartmentalization vulnerability in erlang otp erlang/otp tftpfile modules, erlang otp inets tftpfile modules, erlang otp tftp tftpfile modules allows Relative Path Traversal. This vulnerability is associated with program files...

CVE-2025-60035

A vulnerability has been identified in the OPC.Testclient utility, which is included in Rexroth IndraWorks. All versions prior to 15V24 are affected. This flaw allows an attacker to execute arbitrary code on the user's system by parsing a manipulated file containing malicious serialized data...

ABB B&R Automation Studio

SUMMARY ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is available that resolves a vulnerability. Successful exploitation of this vulnerability may enable an attacker to masquerade as a trusted party when B&R Automation Studio establishes...

PT-2026-3449

Name of the Vulnerable Software and Affected Versions Automation Studio versions prior to 6.5 Description An Improper Certificate Validation issue exists in the OPC-UA client and ANSL over TLS client. This could allow an unauthenticated attacker on the network to intercept and interfere with data...

CVE-2025-7390

A malicious client can bypass the client certificate trust check of an opc.https server when the server endpoint is configured to allow only secure communication...

PT-2025-34191 · Unknown · Opc.Https Server

Name of the Vulnerable Software and Affected Versions: opc.https server affected versions not specified Description: A malicious client can bypass the client certificate trust check of an opc.https server when the server endpoint is configured to allow only secure communication. Recommendations: ...

[SECURITY] Fedora 41 Update: open62541-1.4.13-1.fc41

open62541 is a C-based library linking with C++ projects is possible with all necessary tools to implement dedicated OPC UA clients and servers, or to integrate OPC UA-based communication into existing applications...

Seeyon Zhiyuan OA 代码问题漏洞

Seeyon Zhiyuan OA Zhiyuan OA is a collaboration management software from China's Seeyon. A code issue vulnerability exists in Seeyon Zhiyuan OA 8.1 SP2 and prior versions, which stems from incorrect manipulation of the parameter url in the file...

A Study on Audio Synchronous Steganography Detection and Distributed Guide Inference Model Based on Sliding Spectral Features and Intelligent Inference Drive

With the rise of short video platforms in global communication, embedding steganographic data in audio synchronization streams has emerged as a new covert communication method. To address the limitations of traditional techniques in detecting synchronized steganography, this paper proposes a...

Schneider Electric EcoStruxure Control Expert、EcoStruxure Process Expert和OPC Factory Server 输入验证错误漏洞

Schneider Electric EcoStruxure Control Expert formerly known as Unity Pro, among others, is a product of Schneider Electric, France.Schneider Electric EcoStruxure Control Expert is a suite of programming software for Schneider Electric logic controller products. Schneider Electric EcoStruxure...

Malicious code in tpro_pc_yyb_open_platform (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d15d2ff8ee637d306770e71be2fd88a7a4120d1560980b598bc86166f56dd479 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OPC UA.NET Standard 安全漏洞

OPC UA.NET Standard is a set of Unified Architecture standards from the OPC Foundation of America for the development of OPC UA applications. A security vulnerability exists in OPC UA .NET Standard. An attacker exploiting the vulnerability could consume all available resources on the server...

Softing OPC UA C++ SDK Security Vulnerability

The Softing OPC UA C++ SDK is a development kit from Softing Germany. It is used to quickly and easily integrate OPC UA clients and servers. A security vulnerability exists in versions of Softing OPC UA C++ SDK prior to V1.30, which stems from an uncaught exception issue that may cause the...

SUSE CVE-2023-28645

Nextcloud richdocuments is a Nextcloud app integrating the office suit Collabora Online. In affected versions the secure view feature of the rich documents app can be bypassed by using unprotected internal API endpoint of the rich documents app. It is recommended that the Nextcloud Office app...

TotalJS OpenPlatform 跨站脚本漏洞

TotalJS OpenPlatform is a simple enterprise-ready platform for TotalJS individual developers. It is used to run, integrate and manage multiple web applications. A security vulnerability exists in version b80b09d of TotalJS OpenPlatform, which stems from the presence of a stored cross-site scripti...

Design/Logic Flaw

Istio is an open platform to connect, manage, and secure microservices. In versions on the 1.15.x branch prior to 1.15.3, a user can impersonate any workload identity within the service mesh if they have localhost access to the Istiod control plane. Version 1.15.3 contains a patch for this issue...

CVE-2022-39232

Discourse is an open source discussion platform. Starting with version 2.9.0.beta5 and prior to version 2.9.0.beta10, an incomplete quote can generate a JavaScript error which will crash the current page in the browser in some cases. Version 2.9.0.beta10 added a fix and tests to ensure incomplete...

CVE-2021-32994

Softing OPC UA C++ SDK Software Development Kit versions from 5.59 to 5.64 exported library functions don't properly validate received extension objects, which may allow an attacker to crash the software by sending a variety of specially crafted packets to access several unexpected memory locatio...

Schneider Electric ConneXium Network Manager Software 安全漏洞

Schneider Electric ConneXium Network Manager Software Schneider Electric Cnm is an industrial Ethernet network management software from Schneider Electric, France. A security vulnerability exists in the Schneider Electric ConneXium Network Manager Software prior to version 03.23 and the Belden...