Siemens SCALANCE LPE9403 路径遍历漏洞

Siemens SCALANCE LPE9403 is a local processing engine for industrial field data processing from Siemens. It is used to capture, collect and pre-process industrial field data. A path traversal vulnerability exists in the Siemens SCALANCE LPE9403, which can be exploited by an attacker to cause a...

Siemens SCALANCE LPE9403 Elevation of Privilege Vulnerability

Siemens SCALANCE LPE9403 is a local processing engine for industrial field data processing from Siemens. It is used to capture, collect and pre-process industrial field data. An elevation of privilege vulnerability exists in the Siemens SCALANCE LPE9403, which can be exploited by an attacker to...

Adobe Digital Editions < 4.5.5 Multiple Vulnerabilities (APSB17-20)

The version of Adobe Digital Editions installed on the remote Windows host is prior to 4.5.5. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB17-20 advisory. - Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The...

Security Bulletin: IBM Transformation Extender Advanced is affected by a vulnerability in its dependencies

Summary IBM Transformation Extender Advanced, also known as IBM Standards Processing Engine, is vulnerable in it's dependencies on Apache Commons FileUpload Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons FileUpload and Tomcat are vulnerable to a denial of service, caused b...

net: ethernet: mtk_eth_soc: fix PPE hanging issue

...

SUSE CVE-2024-27432

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: fix PPE hanging issue A patch to resolve an issue was found in MediaTek's GPL-licensed SDK: In the mtkppestop function, the PPE scan mode is not disabled before disabling the PPE. This can potentially le...

UBUNTU-CVE-2024-27432

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: fix PPE hanging issue A patch to resolve an issue was found in MediaTek's GPL-licensed SDK: In the mtkppestop function, the PPE scan mode is not disabled before disabling the PPE. This can potentially le...

Hazelcast Platform permission checking in CSV File Source connector

Impact In Hazelcast Platform through 5.3.4, a security issue exists within the SQL mapping for the CSV File Source connector. This issue arises from inadequate permission checking, which could enable unauthorized clients to access data from files stored on a member's filesystem. Patches Fix...

MediaTek Chip Security Breach

The MediaTek chips are a variety of MediaTek chips from MediaTek, a Chinese company. A security vulnerability exists in the MediaTek chips due to a lack of valid range checking in the dpe module, which may allow out-of-bounds writes...

CVE-2023-20807

In dpe, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07608433; Issue ID: ALPS07608433...

CVE-2023-36834

An Incomplete Internal State Distinction vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on SRX 4600 and SRX 5000 Series allows an adjacent attacker to cause a Denial of Service DoS. If an SRX is configured in L2 transparent mode the receipt of a specific genuine...

Juniper Networks Junos OS MX 安全漏洞

Juniper Networks Junos OS MX is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS MX that originates from allowing an attacker...

Apache Heron Injection Vulnerability

Apache Heron is a distributed, fault-tolerant real-time stream processing engine. Heron suffers from an injection vulnerability caused by a lack of escaping in log statements, which can be exploited to achieve CRLF log injection...

GHSA-8P5C-F836-M4H7 Magento 2 Community Edition XML Injection

An XPath entity injection vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An attacker can craft a GET request to page cache block rendering module that gets passed to XML data processing engine without validation. The crafted key/value GET request data...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server Liberty shipped with IBM Standards Processing Engine and IBM Transformation Extender Advanced (CVE-2015-3183)

Summary IBM WebSphere Application Server Liberty is shipped with IBM Standards Processing Engine and IBM Transformation Extender Advanced. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details...

Security Bulletin: A security vulnerability has been identified in 10x shipped with IBM Standards Processing Engine and IBM Transformation Extender Advanced (CVE-2016-5892)

Summary IBM 10x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. Vulnerability Details CVEID: CVE-2016-5892...

Security Bulletin: A security vulnerability has been identified in 10x shipped with IBM Standards Processing Engine and IBM Transformation Extender Advanced (CVE-2016-0341)

Summary A missing HTTP header has been addressed in IBM 10x, which is shipped in IBM Standards Processing Engine and IBM Transformation Extender Advanced. Vulnerability Details CVEID: CVE-2016-0341 DESCRIPTION: IBM 10x could allow a malicious user to obtain highly sensitive information due to...

Security Bulletin: A vulnerability in IBM Java SDK affects IBM Standards Processing Engine and IBM Transformation Extender Advanced (CVE-2015-4872)

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 7 and 8, that is used by IBM Standards Processing Engine and IBM Transformation Extender Advanced. This issue was disclosed as part of the IBM Java SDK updates for October 2015. Vulnerability Details CVEID: CVE-2015-48...

Security Bulletin: Two vulnerabilities in WAS Liberty affect IBM Transformation Extender Advanced and IBM Standards Processing Engine (CVE-2016-0378 and CVE-2016-5986)

Summary Two vulnerabilities have been found in WAS Liberty, which is shipped in IBM Transforation Extender Advanced and IBM Standards Processing Engine. IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information caused by improper handling of exceptions...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server Liberty shipped with IBM Standards Processing Engine and IBM Transformation Extender Advanced (CVE-2015-1283)

Summary IBM WebSphere Application Server Liberty is shipped as a component of IBM Standards Processing Engine and IBM Transformation Extender Advanced. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin...