CVE-2025-7353

CVE-2025-7353 affects Rockwell Automation ControlLogix Ethernet Modules via the web-based debugger agent (WDB). The connected PT-2025-33275 entry specifies affected software versions pre-12.001 and explains that connecting to the WDB agent from a specific IP can enable remote attackers to perform...

Predictability of cloned address may be susceptible to frontrunning

Lines of code Vulnerability details Impact DoS for the Aquifer.boreWell function due to frontrunning. Proof of Concept From the video documentation, Anyone can call boreWell in Aquifer.sol after confirming an implementation contract. The address of the new Well depends solely upon the salt...

GHSA-8F9F-PC5V-9R5H Malicious takeover of previously owned ENS names

Impact A user who owns an ENS domain can set a "trapdoor", allowing them to transfer ownership to another user, and later regain ownership without the new owner's consent or awareness. Patches A new ENS deployment is being rolled out that fixes this vulnerability in the ENS registry. The registry...

File Upload Vulnerability in Merchant Alliance Membership Spending Management System

Merchant Alliance Consumer Management System is a management software for professional membership management and merchant settlement for heterogeneous merchant alliances. A file upload vulnerability exists in the Merchant Alliance Membership and Consumption Management System. The attacker does no...