16 matches found
CVE-2026-7461 OS Command Injection in Amazon ECS Agent via FSx Windows File Server Volume Credentials
Improper neutralization of inputs used in an OS command in the FSx Windows File Server volume mounting component in Amazon ECS Agent on Windows before version 1.103.0 might allow a remote authenticated threat actor to execute shell commands with SYSTEM privileges on the underlying host via a...
EUVD-2024-17581
Malicious code in bioql PyPI...
CVE-2024-1856
In Progress® Telerik® Reporting versions prior to 2024 Q1 18.0.24.130, a code execution attack is possible by a remote threat actor through an insecure deserialization vulnerability...
CVE-2024-51771
A vulnerability in the HPE Aruba Networking ClearPass Policy Manager web-based management interface could allow an authenticated remote threat actor to conduct a remote code execution attack. Successful exploitation could enable the attacker to run arbitrary commands on the underlying operating...
CVE-2024-1856
In Progress® Telerik® Reporting versions prior to 2024 Q1 18.0.24.130, a code execution attack is possible by a remote threat actor through an insecure deserialization vulnerability...
CVE-2024-1856
CVE-2024-1856 affects Progress Telerik Reporting: an ObjectReader deserialization vulnerability in versions prior to 2024 Q1 (18.0.24.130) allows remote code execution. Exploitation conditions vary by advisory (ZDI notes may require authentication and/or user interaction). Remediation is to upgra...
Path traversal
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, Due to improper input validation, a path traversal vulnerability exists when the ThinManager software processes a certain function. If exploited, an unauthenticated remote threat actor can...
CVE-2023-2915
CVE-2023-2915 is a path traversal vulnerability in Rockwell Automation ThinManager ThinServer. Concrete details from multiple sources: ThinManager ThinServer processes a function with improper input validation, allowing an unauthenticated remote attacker to delete arbitrary files with system priv...
CVE-2023-2915 Rockwell Automation ThinManager Thinserver Software Vulnerable to Input Validation Vulnerability
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, Due to improper input validation, a path traversal vulnerability exists when the ThinManager software processes a certain function. If exploited, an unauthenticated remote threat actor can...
Rockwell Automation RSLinx Classic <= 4.00.01 Multiple Vulnerabilities (ICSA-18-263-02)
Binary data 720266.prm...
Rockwell Automation/Allen-Bradley Multiple Devices Authentication Bypass (ICSA-18-310-02)
Binary data 720141.prm...
CVE-2018-17924
CVE-2018-17924 affects Rockwell Automation MicroLogix 1400 Controllers (Series A/B/C) and 1756 ControlLogix EtherNet/IP Communications Modules. The vulnerability allows an unauthenticated remote actor to initiate a CIP connection and push a new IP configuration, potentially disrupting system comm...
CVE-2018-17924
Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An unauthenticated, remote threat actor could send a CIP connection request to an affected device, and upon successful connection, send a new IP configuration to the affected device even if the controller...
CVE-2018-14829
Rockwell Automation RSLinx Classic is affected in versions 4.00.01 and earlier. The CVE-2018-14829 vulnerability arises from handling malformed CIP packets sent to TCP port 44818, which can cause the application to stop responding and crash; there is also potential for a buffer overflow that coul...
CVE-2018-14829
Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote threat actor to intentionally send a malformed CIP packet to Port 44818, causing the software application to stop responding and crash. This vulnerability also has the potential to exploit a buffe...
CVE-2018-14829
Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote threat actor to intentionally send a malformed CIP packet to Port 44818, causing the software application to stop responding and crash. This vulnerability also has the potential to exploit a buffe...