CVE-2025-41108 Improper Authentication vulnerability in Ghost Robotics' Vision 60

The communication protocol implemented in Ghost Robotics Vision 60 v0.27.2 could allow an attacker to send commands to the robot from an external attack station, impersonating the control station tablet and gaining unauthorised full control of the robot. The absence of encryption and authenticati...

EUVD-2022-34265

Malicious code in bioql PyPI...

Security update for redis

This update for redis fixes the following issues: CVE-2025-32023: Fixed out-of-bounds write when working with HyperLogLog commands can lead to remote code execution. bsc1246059 CVE-2025-48367: Fixed unauthenticated connection causing repeated IP protocol erros can lead to client starvation and Do...

CVE-2025-8627 Unauthenticated Protocol Commands on TP-Link KP303

The TP-Link KP303 Smartplug can be issued unauthenticated protocol commands that may cause unintended power-off condition and potential information leak. This issue affects TP-Link KP303 US Smartplug: before 1.1.0...

PT-2025-54638

Name of the Vulnerable Software and Affected Versions Epson printer and scanner firmware Web Installer Epson printer driver installer Description The Epson Web Installer for printer and scanner firmware and the com.epson.InstallNavi.helper tool, included with the Epson printer driver installer,...

CVE-2022-29958

JTEKT TOYOPUC PLCs through 2022-04-29 do not ensure data integrity. They utilize the unauthenticated CMPLink/TCP protocol for engineering purposes, including downloading projects and control logic to the PLC. Control logic is downloaded to the PLC on a block-by-block basis with a given memory...

Schneider Modicon Ladder Logic Upload/Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Schneider Modicon Ladder Logic Upload/Download', 'Description' = %q The Schneider Modicon with Unity series of PLCs use Modbus function code 90...

CVE-2022-29958

JTEKT TOYOPUC PLCs through 2022-04-29 do not ensure data integrity. They utilize the unauthenticated CMPLink/TCP protocol for engineering purposes, including downloading projects and control logic to the PLC. Control logic is downloaded to the PLC on a block-by-block basis with a given memory...

Honeywell Safety Manager 数据伪造问题漏洞

Honeywell Safety Manager is used by Honeywell to minimize accidents, maximize production uptime, reduce compliance costs, and manage plant safety. A data forgery issue vulnerability exists in all versions of Honeywell Safety Manager, which arises from the use of an unauthenticated Safety Builder...

PT-2022-3087 · Jtekt · Jtekt Toyopuc Plcs

Name of the Vulnerable Software and Affected Versions: JTEKT TOYOPUC PLCs versions prior to 2022-04-29 Description: The issue is related to insufficient data authentication in the programmable logic controllers. This allows a remote attacker to execute arbitrary code. The controllers use the...

Reverse-CTF, Snort rule challenge and more — What to expect from Talos at Defcon

Want to get up close and personal with Talos researchers? Then be sure to stick around for the second half of “Hacker Summercamp:” Defcon. After our series of talks at Blackhat, we’re headed elsewhere on the strip for Defcon. Specifically, we’ll have a huge presence at this year’s Blue Team...