EUVD-2024-48817

Malicious code in bioql PyPI...

EUVD-2024-48819

Malicious code in bioql PyPI...

EUVD-2024-48818

Malicious code in bioql PyPI...

EUVD-2024-47104

Malicious code in bioql PyPI...

EUVD-2025-27249

Malicious code in bioql PyPI...

CVE-2025-9065

A server-side request forgery security issue exists within Rockwell Automation ThinManager® software due to the lack of input sanitization. Authenticated attackers can exploit this vulnerability by specifying external SMB paths, exposing the ThinServer® service account NTLM hash...

CVE-2025-9065

A server-side request forgery security issue exists within Rockwell Automation ThinManager® software due to the lack of input sanitization. Authenticated attackers can exploit this vulnerability by specifying external SMB paths, exposing the ThinServer® service account NTLM hash...

CVE-2025-9065 Rockwell Automation ThinManager® Server-Side Request Forgery Vulnerability

A server-side request forgery security issue exists within Rockwell Automation ThinManager® software due to the lack of input sanitization. Authenticated attackers can exploit this vulnerability by specifying external SMB paths, exposing the ThinServer® service account NTLM hash...

Rockwell Automation ThinManager

RISK EVALUATION Successful exploitation of this vulnerability could expose the ThinServer service account NTLM hash. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...

PT-2025-36729

Name of the Vulnerable Software and Affected Versions: Rockwell Automation ThinManager® affected versions not specified Description: A server-side request forgery issue exists in Rockwell Automation ThinManager® software due to insufficient input sanitization. Authenticated attackers can exploit...

The vulnerability of the ThinServer.exe executable file of the ThinServer component of Rockwell Automation’s ThinManager application management platform allows a attacker to cause a service failure.

The vulnerability of the ThinServer.exe executable file of the ThinServer component of Rockwell Automation’s ThinManager application for centralized application management involves reading data beyond the buffer boundaries. Exploiting this vulnerability could allow a malicious actor to cause...

The vulnerability of the ThinServer.exe executable file of the ThinServer component of the Rockwell Automation ThinManager centralized application management platform allows a attacker to load arbitrary files.

The vulnerability of the ThinServer.exe executable file of the ThinServer component of Rockwell Automation’s ThinManager application platform is related to errors in processing the relative path to the restricted access directory. Exploiting this vulnerability could allow a malicious actor to...

The vulnerability of the Enable API Endpoints configuration of the ThinServer component on the Rockwell Automation ThinManager centralized application management platform allows a malicious individual to read arbitrary files.

The vulnerability of the Enable API Endpoints configuration of the ThinServer component of Rockwell Automation’s ThinManager centralized application management platform is related to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a...

Rockwell Automation ThinManager ThinServer Null Pointer Dereference Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Rockwell Automation ThinManager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ThinServer component. The issue results from...

Rockwell Automation ThinManager ThinServer Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Rockwell Automation ThinManager. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

Rockwell Automation ThinManager ThinServer Missing Authentication (CVE-2024-10386)

Binary data rockwellthinmanagerthinservercve-2024-10386.nbin...

The vulnerability of the ThinServer component of the Rockwell Automation ThinManager application management platform allows a attacker to execute arbitrary code.

The vulnerability of the ThinServer component of Rockwell Automation’s centralized application management platform, ThinManager, is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the ThinServer component of Rockwell Automation’s ThinManager platform for centralized application management allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the ThinServer component of Rockwell Automation’s ThinManager application management platform involves insecure management of privileges. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

The vulnerability of the ThinServer component of Rockwell Automation’s ThinManager application management platform, which stems from incorrect input validation, allows attackers to execute arbitrary code with system privileges.

The vulnerability of the ThinServer component of Rockwell Automation’s ThinManager application platform for centralized application management lies in the lack of proper input data validation. Exploiting this vulnerability can allow attackers to enhance their privileges...

Rockwell Automation ThinManager ThinServer

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/Low attack complexity Vendor : Rockwell Automation Equipment : ThinManager ThinServer Vulnerabilities : Improper Privilege Management, Incorrect Permission Assignment for Critical Resource, Improper Input Validation 2...