CVE-2024-41927

The CVE-2024-41927 entry covers a cleartext transmission of sensitive information in multiple IDEC PLCs (CWE-319). Affected products include IDEC’s FC6A/FC6B MICROSmart modules (various firmware versions) and FT1A/FT1B lines, with specific version ceilings noted in vendor advisories. The root cau...

CVE-2024-41927

Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs. If an attacker sends a specific command to PLC's serial communication port, user credentials may be obtained. As a result, the program of the PLC may be obtained, and the PLC may be manipulated...

Caryll OTFCC otfccdump+0x703969 Denial of Service Vulnerability

Caryll OTFCC is Caryll open source a C library and utility programs. Used to parse and write OpenType font files. A denial of service vulnerability exists in Caryll OTFCC, which originates from a segmentation conflict at /release-x64/otfccdump+0x703969. An attacker can exploit the vulnerability t...

CVE-2021-37401

An attacker may obtain the user credentials from file servers, backup repositories, or ZLD files saved in SD cards. As a result, the PLC user program may be uploaded, altered, and/or downloaded...

Windows Atom Tables Can Be Abused for Code Injection Attacks

Researchers have identified a way attackers could use atom tables in all versions of Windows to inject malicious code into a computer and bypass detection by security products at the same time. The technique has been nicknamed AtomBombing by researchers at enSilo, and opens the door to perform...

CVE-2004-0411

CVE-2004-0411 describes improper filtering of leading '-' characters in hostname fields within telnet, rlogin, ssh, and mailto URI handlers in KDE/KDelibs up to version prior to 3.2.2 (and earlier). The vulnerability allows remote attackers to influence the options passed to the invoked programs,...