13 matches found
EUVD-2025-25488
Malicious code in bioql PyPI...
EUVD-2025-25490
Malicious code in bioql PyPI...
CVE-2025-54460
The vulnerability, if exploited, could allow an authenticated miscreant with privileges to create or access publication targets of type Text File or HDFS to upload and persist files that could potentially be executed...
CVE-2025-41415
The vulnerability, if exploited, could allow an authenticated miscreant with privileges to access publication targets to retrieve sensitive information that could then be used to gain additional access to downstream resources...
CVE-2025-54460
The vulnerability, if exploited, could allow an authenticated miscreant with privileges to create or access publication targets of type Text File or HDFS to upload and persist files that could potentially be executed...
CVE-2025-41415
The vulnerability, if exploited, could allow an authenticated miscreant with privileges to access publication targets to retrieve sensitive information that could then be used to gain additional access to downstream resources...
CVE-2025-54460 AVEVA PI Integrator Unrestricted Upload of File with Dangerous Type
The vulnerability, if exploited, could allow an authenticated miscreant with privileges to create or access publication targets of type Text File or HDFS to upload and persist files that could potentially be executed...
CVE-2025-54460
The CVE-2025-54460 entry corresponds to AVEVA PI Integrator and describes an authenticated user with privileges to create or access publication targets (Text File or HDFS) being able to upload and persist files that could be executed. Connected sources corroborate an unrestricted upload of a dang...
CVE-2025-41415 AVEVA PI Integrator Insertion of Sensitive Information into Sent Data
The vulnerability, if exploited, could allow an authenticated miscreant with privileges to access publication targets to retrieve sensitive information that could then be used to gain additional access to downstream resources...
CVE-2025-41415 AVEVA PI Integrator Insertion of Sensitive Information into Sent Data
The vulnerability, if exploited, could allow an authenticated miscreant with privileges to access publication targets to retrieve sensitive information that could then be used to gain additional access to downstream resources...
CVE-2025-41415
The CVE-2025-41415 issue affects AVEVA PI Integrator and, per multiple sources, could allow an authenticated user with privileges to publication targets to retrieve sensitive information, enabling further access to downstream resources. The CISA ICS advisory (ICSA-25-224-04) notes risks such as d...
PT-2025-34290 · Aveva · Ie Integrator
Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: The vulnerability, if exploited, could allow an authenticated attacker with privileges to access publication targets to retrieve sensitive information that could then be used to gain additional...
PT-2025-34294 · Apache · Hdfs
Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: The vulnerability could allow an authenticated attacker with privileges to create or access publication targets of type Text File or HDFS to upload and persist files that could potentially be...