69 matches found
CVE-2026-54429
A vulnerability has been identified in SIMATIC S7-PLCSIM Advanced All versions. Affected devices do not properly handle high-volume multicast network traffic, which can exhaust available memory resources in the affected application. This could allow an unauthenticated attacker on the local networ...
CVE-2026-54429
A vulnerability has been identified in SIMATIC S7-PLCSIM Advanced All versions. Affected devices do not properly handle high-volume multicast network traffic, which can exhaust available memory resources in the affected application. This could allow an unauthenticated attacker on the local networ...
CVE-2026-54429
The CVE-2026-54429 entry concerns SIMATIC S7-PLCSIM Advanced (All versions). The issue is that the application does not properly handle high-volume multicast network traffic, leading to memory exhaustion and a denial-of-service condition. This can be triggered by an unauthenticated attacker on th...
EUVD-2026-43649
A vulnerability has been identified in SIMATIC S7-PLCSIM Advanced All versions. Affected devices do not properly handle high-volume multicast network traffic, which can exhaust available memory resources in the affected application. This could allow an unauthenticated attacker on the local networ...
CVE-2026-49146 App::Ack versions before 3.10.0 for Perl allow memory exhaustion via an unbounded context value in a project .ackrc
App::Ack versions before 3.10.0 for Perl allow memory exhaustion via an unbounded context value in a project .ackrc. ack searches up the directory hierarchy from the current directory for a project .ackrc and loads its options. The -B and -C context options accepted any positive integer, and ack...
CVE-2026-55448 mise: Local credential_command executes untrusted config
mise manages dev tools like node, python, cmake, and terraform. From 2026.3.15 until 2026.6.4, mise loads github.credentialcommand from local project config before any trust decision, then executes that value with sh -c when resolving a GitHub token. An attacker who can place a .mise.toml in a...
CVE-2026-53915
In JetBrains GoLand before 2026.1.3 remote code execution was possible via untrusted project configuration...
EUVD-2026-38005
In JetBrains GoLand before 2026.1.3 remote code execution was possible via untrusted project configuration...
CVE-2026-53915
In JetBrains GoLand before 2026.1.3 remote code execution was possible via untrusted project configuration...
PT-2026-50874
Name of the Vulnerable Software and Affected Versions JetBrains GoLand versions prior to 2026.1.3 Description Remote code execution is possible through the use of untrusted project configuration. Recommendations Update JetBrains GoLand to version 2026.1.3 or later...
CVE-2026-35533
The CVE-2026-35533 issue affects mise (dev tools manager). From 2026.2.18–2026.4.5, mise loads trust-control settings from a local project .mise.toml before the trust check runs. An attacker who can place a malicious .mise.toml in a repository can cause that file to be treated as trusted and reac...
EUVD-2026-14938
Craft CMS: Unauthenticated Users Can Perform Restricted Project Config Sync Operations...
CVE-2020-7518
A CWE-20: Improper input validation vulnerability exists in Easergy Builder Version 1.4.7.2 and older which could allow an attacker to modify project configuration files...
CVE-2022-33320
Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions...
CVE-2025-68162
In JetBrains TeamCity before 2025.11 maven embedder allowed loading extensions via project configuration...
CVE-2025-68162
In JetBrains TeamCity before 2025.11 maven embedder allowed loading extensions via project configuration...
CVE-2025-68162
In JetBrains TeamCity before 2025.11 maven embedder allowed loading extensions via project configuration...
CVE-2025-68162
In JetBrains TeamCity before 2025.11 maven embedder allowed loading extensions via project configuration...
CVE-2025-68162
JetBrains TeamCity: CVE-2025-68162 affects the maven embedder in TeamCity versions before 2025.11, allowing loading of extensions via project configuration. The published metrics indicate a low overall severity (CVSS 3.1: Confidentiality None, Integrity Low, Availability None; Privileges Required...
EUVD-2025-203768
In JetBrains TeamCity before 2025.11 maven embedder allowed loading extensions via project configuration...