ROS-20260508-73-0007

Vulnerability in roundcubemail related to the use of an insecure alternate channel. Exploitation of the vulnerability could allow an attacker acting remotely to modify user projects and/or device configuration via cip commands...

PT-2025-3997 · Rockwell Automation · Dataedge Platform Datamosaix Private Cloud

Name of the Vulnerable Software and Affected Versions: Rockwell Automation DataEdge Platform DataMosaix Private Cloud affected versions not specified Description: A path traversal issue exists, allowing files to be overwritten outside the intended directory by specifying a character sequence in t...

Rockwell Automation Logix Controllers Unprotected Alternate Channel (CVE-2024-6242)

A vulnerability exists in the affected products that allows a threat actor to bypass the Trusted Slot feature in a ControlLogix controller. If exploited on any affected module in a 1756 chassis, a threat actor could potentially execute CIP commands that modify user projects and/or device...

CVE-2024-28188

Jupyter Scheduler is collection of extensions for programming jobs to run now or run on a schedule. The list of conda environments of jupyter-scheduler users maybe be exposed, potentially revealing information about projects that a specific user may be working on. This vulnerability has been...