CVE-2022-21124

Summary (CVE-2022-21124): An out-of-bounds write in CX-Programmer v9.76.1 and earlier (part of CX-One v4.60) may lead to information disclosure and/or arbitrary code execution when a user opens a specially crafted CXP file. Affected component is CX-Programmer; root cause is an out-of-bounds write...

Omron CX-Programmer 资源管理错误漏洞

Omron CX-Programmer is a PLC Programmable Logic Controller programming software from Omron, Japan. A security vulnerability exists in CX-Programmer v9.76.1 and earlier versions, which can be exploited by an attacker to trick a user into opening a carefully crafted CXP file to cause information...

Omron CX-Programmer资源管理错误漏洞

Omron CX-Programmer is a PLC Programmable Logic Controller programming software from Omron, Japan. A security vulnerability exists in CX-Programmer v9.76.1 and earlier versions, which can be exploited by an attacker to cause a user to open a carefully crafted CXP file to cause information...

Omron CX-Programmer缓冲区错误漏洞

Omron CX-Programmer is a PLC Programmable Logic Controller programming software from Omron, Japan. A security vulnerability exists in CX-Programmer v9.76.1 and earlier versions, which can be exploited by an attacker to cause a user to open a carefully crafted CXP file, leading to information...

Omron CX-Programmer缓冲区错误漏洞

Omron CX-Programmer is a PLC Programmable Logic Controller programming software from Omron, Japan. A security vulnerability exists in CX-Programmer v9.76.1 and earlier versions, which can be exploited by an attacker to trick a user into opening a carefully crafted CXP file to cause information...

[SECURITY] Fedora 34 Update: log4j-2.16.0-1.fc34

Log4j is a tool to help the programmer output log statements to a variety of output targets...

[SECURITY] Fedora 35 Update: log4j-2.15.0-1.fc35

Log4j is a tool to help the programmer output log statements to a variety of output targets...

Russian TrickBot Gang Hacker Extradited to U.S. Charged with Cybercrime

A Russian national, who was arrested in South Korea last month and extradited to the U.S. on October 20, appeared in a federal court in the state of Ohio on Thursday to face charges for his alleged role as a member of the infamous TrickBot group. Court documents showed that Vladimir Dunaev, 38,...

CVE-2021-38396

The programmer installation utility does not perform a cryptographic authenticity or integrity checks of the software on the flash drive. An attacker could leverage this weakness to install unauthorized software using a specially crafted USB...

Design/Logic Flaw

The programmer installation utility does not perform a cryptographic authenticity or integrity checks of the software on the flash drive. An attacker could leverage this weakness to install unauthorized software using a specially crafted USB...

PT-2021-22109 · Boston Scientific · Zoom Latitude +1

Name of the Vulnerable Software and Affected Versions: Programmer installation utility affected versions not specified Description: The issue arises from the programmer installation utility's failure to perform cryptographic authenticity or integrity checks on the software stored on a flash drive...

Boston Scientific Zoom Latitude Programmer/Recorder/Monitor Model 3120 安全漏洞

The Boston Scientific ZOOM LATITUDE Programmer/Recorder/Monitor PRM Model 3120 is a portable cardiac rhythm management Crm programming system from Boston Scientific, Inc. The Boston Scientific ZOOM LATITUDE Programmer/Recorder/Monitor PRM Model 3120 is vulnerable to an encryption error that could...

Type confusion

Wasmtime is an open source runtime for WebAssembly & WASI. Wasmtime before version 0.30.0 is affected by a type confusion vulnerability. As a Rust library the wasmtime crate clearly marks which functions are safe and which are unsafe, guaranteeing that if consumers never use unsafe then it should...

PYSEC-2021-322

Wasmtime is an open source runtime for WebAssembly & WASI. Wasmtime before version 0.30.0 is affected by a type confusion vulnerability. As a Rust library the wasmtime crate clearly marks which functions are safe and which are unsafe, guaranteeing that if consumers never use unsafe then it should...

Sniffle - A Sniffer For Bluetooth 5 And 4.X LE

Sniffle is a sniffer for Bluetooth 5 and 4.x LE using TI CC1352/CC26x2 hardware. Sniffle has a number of useful features, including: Support for BT5/4.2 extended length advertisement and data packets Support for BT5 Channel Selection Algorithms 1 and 2 Support for all BT5 PHY modes regular 1M, 2M...

How Does One Get Hired by a Top Cybercrime Gang?

The U.S. Department of Justice DOJ last week announced the arrest of a 55-year-old Latvian woman whos alleged to have worked as a programmer for Trickbot, a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware. Just how di...

Fedora: Security Advisory for rubygem-rails (FEDORA-2020-4dd34860a3)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Programmer Hacks Pregnancy Test to Play Doom

By Waqas A hardware and software reverse engineer managed to run Doom's fully functional game on a pregnancy test. This is a post from HackRead.com Read the original post: Programmer Hacks Pregnancy Test to Play Doom...

Coder-Turned-Kingpin Paul Le Roux Gets His Comeuppance

The programmer who became a flagrant drug lord and weapons trafficker was sentenced in New York City to 25 years in prison...

SimplePHPGal 0.7 - Remote File Inclusion Vulnerability

Exploit for php platform in category web applications Title: SimplePHPGal 0.7 - Remote File Inclusion Author: h4shur Vendor Homepage: https://johncaruso.ca Software Link: https://johncaruso.ca/phpGallery/ Software Link: https://sourceforge.net/projects/simplephpgal/ Tested on: Windows 10 & Google...