EUVD-2026-1414

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV has undefined behavior due to an invalid enum value. This issue has been patched in version 2.3.1.2...

EUVD-2021-10769

Malware in sbrugna...

Disabled permissions can be granted by Folder-based in Jenkins Authorization Strategy Plugin

Jenkins Folder-based Authorization Strategy Plugin 217.vd5b18537403e and earlier does not verify that permissions configured to be granted are enabled, potentially allowing users formerly granted typically optional permissions, like Overall/Manage to access functionality they're no longer entitle...

Siemens Solid Edge V2024 Integer Underflow Vulnerability

Solid Edge is a portfolio of software tools to address a variety of product development processes: 3D design, simulation, manufacturing and design management. Siemens Solid Edge V2024 suffers from an integer underflow vulnerability that can be exploited by an attacker to execute code in the conte...

CVE-2024-48966

The software tools used by service personnel to test & calibrate the ventilator do not support user authentication. An attacker with access to the Service PC where the tools are installed could obtain diagnostic information through the test tool or manipulate the ventilator's settings and embedde...

PT-2024-7388 · Mitsubishi · M800/M80/E80 Series +5

Name of the Vulnerable Software and Affected Versions: Mitsubishi Electric M800V/M80V Series versions affected versions not specified Mitsubishi Electric M800/M80/E80 Series versions affected versions not specified Mitsubishi Electric C80 Series versions affected versions not specified Mitsubishi...

Siemens Solid Edge Uninitialized Pointer Access Vulnerability (CNVD-2024-01400)

Solid Edge is a portfolio of software tools that address a variety of product development processes: 3D design, simulation, manufacturing and design management. An uninitialized pointer access vulnerability exists in Siemens Solid Edge, which can be exploited by an attacker to execute code in the...

Historical ICA RTT data

How to capture Historical ICA RTT data...

Siemens Solid Edge Out-of-Bounds Read Vulnerability (CNVD-2023-62036)

Solid Edge is a portfolio of software tools that address a variety of product development processes: 3D design, simulation, manufacturing and design management. Siemens Solid Edge suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to execute code in the context ...

How to Diagnose IP Conflicts on the ADC

To check if any ADC IP address have IP conflict...

CVE-2021-23843

The Bosch software tools AccessIPConfig.exe and AmcIpConfig.exe are used to configure certains settings in AMC2 devices. The tool allows putting a password protection on configured devices to restrict access to the configuration of an AMC2. An attacker can circumvent this protection and make...

GoldMax, GoldFinder, and Sibot: Analyzing NOBELIUM’s layered persistence

Microsoft continues to work with partners and customers to expand our knowledge of the threat actor behind the nation-state cyberattacks that compromised the supply chain of SolarWinds and impacted multiple other organizations. As we have shared previously, we have observed the threat actor using...

CVE-2021-20587

Heap-based buffer overflow vulnerability in Mitsubishi Electric FA Engineering Software CPU Module Logging Configuration Tool versions 1.112R and prior, CW Configurator versions 1.011M and prior, Data Transfer versions 3.44W and prior, EZSocket versions 5.4 and prior, FR Configurator all versions...

CVE-2019-12532

Improper access control in the Insyde software tools may allow an authenticated user to potentially enable escalation of privilege, or information disclosure via local access. This is a software vulnerability, not a firmware issue. Affected tools include: H2OFFT version 3.025.28,...

Improper access control

Improper access control in the Insyde software tools may allow an authenticated user to potentially enable escalation of privilege, or information disclosure via local access. This is a software vulnerability, not a firmware issue. Affected tools include: H2OFFT version 3.025.28,...

CVE-2019-12532

Improper access control in the Insyde software tools may allow an authenticated user to potentially enable escalation of privilege, or information disclosure via local access. This is a software vulnerability, not a firmware issue. Affected tools include: H2OFFT version 3.025.28,...

ABB DriveSize-AddOn MCSize Detection (Windows SMB Login)

SMB login-based detection of ABB DriveSize-AddOn MCSize. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

How to check MAC address for interfaces of SDX device

To find the mac address for SDX device interface...

Webinar with Rick Orloff, ex CISO of eBay

Join us at 11 am PDT on Wednesday, September 27 for a live frank conversation with Rick Orloff, CSO of Code42 and former CISO of eBay. UPDATE: The recorded webinar is available as a podcast: Rick shared his insights about the changing role of security with new realities of DevOps world, new...

How to check PVS target device write cache size remotely

...