CVE-2023-45796

A stored cross-site scripting vulnerability in the Runtime component of Pilz PASvisu before 1.14.1 and PMI v8xx up to and including 2.0.33992 allows a low-privileged remote unauthenticated attacker to manipulate process data with potential impact on integrity and/or availability...

CVE-2023-45796 XSS vulnerability in Pilz PASvisu and PMI v8xx

A stored cross-site scripting vulnerability in the Runtime component of Pilz PASvisu before 1.14.1 and PMI v8xx up to and including 2.0.33992 allows a low-privileged remote unauthenticated attacker to manipulate process data with potential impact on integrity and/or availability...

EUVD-2023-60593

A stored cross-site scripting vulnerability in the Runtime component of Pilz PASvisu before 1.14.1 and PMI v8xx up to and including 2.0.33992 allows a low-privileged remote unauthenticated attacker to manipulate process data with potential impact on integrity and/or availability...

CVE-2023-45796

The CVE-2023-45796 applies to Pilz PASvisu Runtime (before 1.14.1) and PMI v8xx (up to 2.0.33992). It is a stored XSS that allows a low-privileged, remote, unauthenticated attacker to manipulate process data, affecting integrity and availability. CVSSv3.1: 8.1 (HIGH); AV:N, AC:L, PR:L, UI:N, S:U,...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: xfs: added bounds checking to xlogrecoverprocessdata There is a lack of verification of the space occupied by fixed members of xlogopheader in xlogrecoverprocessdata. We can create a crafted image to trigger an out-of-bounds read...

CVE-2026-41155

The CVE-2026-41155 entry describes a vulnerability in GPU DDK where shared secure memory allocations are mapped into all GPU virtual address spaces, enabling cooperative data transfer between secure GPU processes and potential disruption of others, causing image corruption or GPU hardware recover...

CVE-2026-40930

LIBPNG is a reference library for use in applications that process PNG Portable Network Graphics raster image files. In version 1.8.0, three inter-frame chunk discard paths in the push-mode APNG parser clear the chunk-header flag without consuming the chunk body and CRC, allowing...

EulerOS Virtualization 2.13.0 : systemd (EulerOS-SA-2025-2601)

According to the versions of the systemd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a...

EUVD-2025-5858

Malicious code in bioql PyPI...

EUVD-2024-23243

Malicious code in bioql PyPI...

EUVD-2025-16486

Malicious code in bioql PyPI...

CVE-2022-50354 drm/amdkfd: Fix kfd_process_device_init_vm error handling

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix kfdprocessdeviceinitvm error handling Should only destroy the ibmem and let process cleanup worker to free the outstanding BOs. Reset the pointer in pdd-qpd structure, to avoid NULL pointer access in process destr...

Privacy and Confidentiality Requirements Engineering for Process Data

The application and development of process mining techniques face significant challenges due to the lack of publicly available real-life event logs. One reason for companies to abstain from sharing their data are privacy and confidentiality concerns. Privacy concerns refer to personal data as...

UBUNTU-CVE-2024-56666

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Dereference null return value In the function pqmuninit there is a call-assignment of "pdd = kfdgetprocessdevicedata" which could be null, and this value was later dereferenced without checking...

Siemens SIMATIC SCADA and PCS 7 systems Remote Code Execution Vulnerability

SIMATIC Information Server is used to report and visualize process data stored in SIMATIC process Historian, the SIMATIC PCS 7, SIMATIC WinCC, and SIMATIC PCS-neo long-term archiving system. It stores process values, alarms, and batch data from the production plant in its database and provides...

CVE-2023-22308

An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability...

SoftEther VPN Number Error Vulnerability

SoftEther VPN is an open source cross-platform multi-protocol VPN Virtual Private Network application. A numeric error vulnerability exists in SoftEther VPN versions 5.01.9674 and 5.02, which stems from an integer overflow vulnerability in the vpnserver OvsProcessData function that can be exploit...

CVE-2022-29550

An issue was discovered in Qualys Cloud Agent 4.8.0-49. It writes "ps auxwwe" output to the /var/log/qualys/qualys-cloud-agent-scan.log file. This may, for example, unexpectedly write credentials from environment variables to disk in cleartext. NOTE: there are no common circumstances in which...

The vulnerability of the php_wddx_process_data function in the PHP programming language allows a hacker to cause a service failure or potentially have other adverse effects.

The vulnerability of the phpwddxprocessdata function in the PHP programming language is related to a memory reclamation error. Exploiting this vulnerability may allow an attacker to cause service failures or potentially cause other adverse effects...

Linux Kernel Bug Opens Door to Wider Cyberattacks

An information-disclosure security vulnerability has been discovered in the Linux kernel, which can be exploited to expose information in the kernel stack memory of vulnerable devices. Specifically, the bug CVE-2020-28588 exists in the /proc/pid/syscall functionality of 32-bit ARM devices running...