18 matches found
EUVD-2022-42520
Malicious code in bioql PyPI...
EUVD-2022-35122
Malicious code in bioql PyPI...
CVE-2022-2893
RONDS EPM version 1.19.5 does not properly validate the filename parameter, which could allow an unauthorized user to specify file paths and download files...
CVE-2022-3091
RONDS EPM version 1.19.5 has a vulnerability in which a function could allow unauthenticated users to leak credentials. In some circumstances, an attacker can exploit this vulnerability to execute operating system OS commands...
CVE-2022-2893
RONDS EPM version 1.19.5 does not properly validate the filename parameter, which could allow an unauthorized user to specify file paths and download files...
CVE-2022-3091
RONDS EPM version 1.19.5 has a vulnerability in which a function could allow unauthenticated users to leak credentials. In some circumstances, an attacker can exploit this vulnerability to execute operating system OS commands...
Design/Logic Flaw
RONDS EPM version 1.19.5 has a vulnerability in which a function could allow unauthenticated users to leak credentials. In some circumstances, an attacker can exploit this vulnerability to execute operating system OS commands...
Design/Logic Flaw
RONDS EPM version 1.19.5 does not properly validate the filename parameter, which could allow an unauthorized user to specify file paths and download files...
CVE-2022-3091
RONDS EPM version 1.19.5 has a vulnerability in which a function could allow unauthenticated users to leak credentials. In some circumstances, an attacker can exploit this vulnerability to execute operating system OS commands...
CVE-2022-3091
CVE-2022-3091 affects RONDS EPM version 1.19.5. The vulnerability arises in a function that could allow an unauthenticated actor to leak credentials, with the ICS advisory also indicating that in some cases an attacker could leverage credentials to achieve remote code execution. Affected product:...
CVE-2022-2893
RONDS EPM version 1.19.5 does not properly validate the filename parameter, which could allow an unauthorized user to specify file paths and download files...
CVE-2022-2893
RONDS EPM version 1.19.5 does not properly validate the filename parameter, which could allow an unauthorized user to specify file paths and download files...
CVE-2022-2893
RONDS EPM v1.19.5 contains a path traversal vulnerability where the filename parameter is not properly validated, allowing an unauthorized user to specify file paths and download files. The issue is explicitly CVE-2022-2893; CISA ICS advisories also describe an adjacent exposure vulnerability (CV...
RONDS EPM 路径遍历漏洞
RONDS EPM is an application from RONDS, Inc. A path traversal vulnerability exists in RONDS EPM version 1.19.5 that stems from not properly validating the filename parameter. An attacker could use this vulnerability to download a file from a specified file path...
RONDS EPM 信息泄露漏洞
RONDS EPM is an application from RONDS, Inc. An information disclosure vulnerability exists in RONDS EPM version 1.19.5. An attacker could exploit this vulnerability to execute operating system OS commands...
CISA Releases Twelve Industrial Control Systems Advisories
CISA released twelve Industrial Control Systems ICS advisories on January 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for...
RONDS Equipment Predictive Maintenance Solution
1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: RONDS Equipment: Equipment Predictive Maintenance EPM Vulnerabilities: Exposure of Sensitive Information to an Unauthorized Actor, Path Traversal 2. RISK EVALUATION Successful exploitation of these...
@cowlick/analyzer (>=0.9.0 <=0.9.1), @cowlick/kag-compiler (>=0.9.0 <=0.9.1) +4 more potentially affected by CVE-2020-8244 via bl (=2.0.1)
bl NPM version =2.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on bl and may be impacted: - @cowlick/analyzer =0.9.0, =0.9.0, =4.1.6, =1.2.0, =1.0.0, =1.0.0, =1.1.37 Source cves: CVE-2020-8244 Source advisory: OSV:GHSA-PP7H-53GX-MX7R...