CODESYS多款产品 安全漏洞

CODESYS Control and others are products of the German company CODESYS. CODESYS Control is a set of industrial control programming software. CODESYS is an industrial control automation software. CODESYS HMI is a visualization software. Several CODESYS products have security vulnerabilities. These...

CODESYS多款产品 安全漏洞

CODESYS and others are products of the German CODESYS company. CODESYS is an industrial control automation software. CODESYS HMI is a visualization software. CODESYS Control RTE is a high-performance programmable controller. Several CODESYS products have security vulnerabilities; these...

EUVD-2018-18066

Malware in sbrugna...

Autodesk Revit RTE File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Revit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of RTE...

CVE-2025-5037

A maliciously crafted RFA, RTE, or RVT file, when parsed through Autodesk Revit, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...

CVE-2025-5040

Autodesk Revit is affected by CVE-2025-5040: parsing a malicious RTE file can trigger a Heap-Based Overflow in the RTE parser, potentially causing a crash, reading sensitive data, or executing arbitrary code in the current process. Several connected sources corroborate heap overflow/RCE vectors v...

CVE-2025-5040 RTE File Parsing Heap-Based Overflow Vulnerability

A maliciously crafted RTE file, when parsed through Autodesk Revit, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

CVE-2025-5040

A maliciously crafted RTE file, when parsed through Autodesk Revit, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

CVE-2025-5040 RTE File Parsing Heap-Based Overflow Vulnerability

A maliciously crafted RTE file, when parsed through Autodesk Revit, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

Security Bulletin: IBM InfoSphere Information Server is affected by a denial of service vulnerability in JSON-java (CVE-2023-5072)

Summary A denial of service vulnerability in JSON-java used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-5072 DESCRIPTION: JSON-java is vulnerable to a denial of service, caused by a bug in the parser. By sending a specially crafted request, a remote...

Multiple Codesys Products Input Validation Error Vulnerability

3s-smart Software Solutions CODESYS is a controller development system from 3s-smart Software Solutions, Germany. An input validation error vulnerability exists in multiple Codesys products. The vulnerability stems from the fact that after successful authentication of a user's identity, a specifi...

MAL-2023-1345 Malicious code in workfront-rte (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 29da7f471e2f22aa3a14670bb0d11d78a1ee7650004b4316a0a1448b0b185be8 The OpenSSF Package Analysis project identified 'workfront-rte' @ 1.1.1 npm as malicious. It is considered malicious because: - The package...

Malicious code in workfront-rte (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 29da7f471e2f22aa3a14670bb0d11d78a1ee7650004b4316a0a1448b0b185be8 The OpenSSF Package Analysis project identified 'workfront-rte' @ 1.1.1 npm as malicious. It is considered malicious because: - The package...

virt:kvm_utils2 security update

hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt libvirt-dbus libvirt-python nbdkit netcf perl-Sys-Virt qemu-kvm 6.1.1-6-el8 - CVE-2023-1544 is not applicable to Oracle QEMU 6.1.1 Karl Heubaum Orabug: 35305727 CVE-2023-1544 - virtio-gpu: do not byteswap padding Paolo Bonzini...

ta-odessa.com Cross Site Scripting vulnerability OBB-2320560

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

@abdelilah/react-rich-text (=0.0.1), @bemit/flood-admin (>=0.1.2 <=0.1.6) +36 more potentially affected by CVE-2019-12043 via remarkable (>=1.3.0 <=1.7.1)

remarkable NPM version =1.3.0, =0.1.2, =0.1.0, =0.1.0, =4.0.0, =5.17.1, =1.1.2, =0.0.23, =0.0.23, =0.1.0, =2.0.0-beta0, =0.1.9, =0.2.1 - docpack =1.0.0-alpha and more Source cves: CVE-2019-12043 Source advisory: OSV:GHSA-36M4-6V6M-4VPR...

ICSA-18-093-01 Siemens Building Technologies Products (Update A)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low skill level to exploit. Vendor : Siemens Equipment : Building Technologies Products Vulnerabilities : Stack-based Buffer Overflows, Security Features, Improper Restriction of Operations within the Bounds of a Memory Buffer, NUL...

CVE-2018-6305

Denial of service in Gemalto's Sentinel LDK RTE version before 7.65...

CVE-2018-6305

Denial of service in Gemalto's Sentinel LDK RTE version before 7.65...

CVE-2018-6304

Stack overflow in custom XML-parser in Gemalto's Sentinel LDK RTE version before 7.65 leads to remote denial of service...