EUVD-2023-24154

Malicious code in bioql PyPI...

Malicious code in @espace-client-axafr/resiliation-3-clics (npm)

The package communicates with a domain associated with malicious activity...

[SECURITY] Fedora 42 Update: openssh-9.9p1-9.fc42

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

CVE-2023-1968

Instruments with Illumina Universal Copy Service v2.x are vulnerable due to binding to an unrestricted IP address. An unauthenticated malicious actor could use UCS to listen on all IP addresses, including those capable of accepting remote communications...

Design/Logic Flaw

Instruments with Illumina Universal Copy Service v2.x are vulnerable due to binding to an unrestricted IP address. An unauthenticated malicious actor could use UCS to listen on all IP addresses, including those capable of accepting remote communications...

Denial of Service Vulnerability in Schneider Electric Modicon M580 (CNVD-2020-55774)

The Modicon M580 is a programmable logic controller from Schneider Electric. A denial of service vulnerability exists in the Schneider Electric Modicon M580, which can be exploited by an attacker to cause a denial of service in the PLC and disrupt remote communication with the device...

Schneider Electric Modicon M580 UMAS REST API getcominfo denial-of-service vulnerability

Summary An exploitable denial of service vulnerability exists in the UMAS REST API getcominfo functionality of the Schneider Electric Modicon M580 Programmable Automation Controller firmware version SV2.80. A specially crafted HTTP request can cause the device to enter a non-recoverable fault...

Schneider Electric Modicon M580 outdated firmware image FTP upgrade denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the FTP firmware update functionality of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.80. An outdated firmware image can cause the device to enter a non-recoverable fault state,...

Schneider Electric Modicon M580 UMAS Function Code 0x29 Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists in the UMAS function code 0x29 functionality of the Schneider Electric Modicon M580 Programmable Automation Controller firmware version SV2.70. A specially crafted UMAS command can cause the device to enter a non-recoverable fault stat...

Schneider Electric Modicon M580 UMAS function code 0x6d multiple denial-of-service vulnerabilities

Summary Multiple denial-of-service vulnerabilities exist in the UMAS protocol functionality of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.70. Specially crafted UMAS commands can cause the device to enter a non-recoverable fault state, resulting in...

Schneider Electric Modicon M580 UMAS memory block write denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the UMAS memory block write functionality of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.70. A specially crafted UMAS command can cause the device to enter a non-recoverable fault...

Schneider Electric Modicon M580 UMAS write system coils and holding registers denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the UMAS write system coils and holding registers functionality of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.70. A specially crafted UMAS command can cause the device to enter a...

Schneider Electric Modicon M580 UMAS function code 0x28 denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the UMAS function code 0x28 functionality of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.70. A specially crafted UMAS command can cause the device to enter a non-recoverable fault...

Schneider Electric Modicon M580 UMAS write system bits and blocks denial-of-service vulnerability

Summary An exploitable denial-of-service vulnerability exists in the UMAS write system bits and blocks functionality of the Schneider Electric Modicon M580 Programmable Automation Controller, firmware version SV2.70. A specially crafted set of UMAS commands can cause the device to enter a...

Security Bulletin: Java vulnerability on IBM Storage DS8870 (CVE-2014-0411)

Summary IBM Enterprise Storage DS8870 HMC extensively uses Java, for which a fix is available for a security vulnerability. Vulnerability Details CVEID: CVE-2014-0411 DESCRIPTION: Java is used throughout the DS8870 HMC including the command line interface CLI and graphical user interface GUI and...

Security Bulletin: Java vulnerability issue on IBM Storwize V7000 Unified system (CVE-2014-0411)

Summary IBM Storwize V7000 Unified system is shipped with Java, for which a fix is available for a security vulnerability. Vulnerability Details CVEID: CVE-2014-0411 DESCRIPTION: IBM Storwize V7000 Unified system is shipped with Java. Java is used in the V7000 Unified for implementing the system...