CVE-2025-36407

IBM® Db2® is vulnerable to a denial of service with a specially crafted query that uses ALTER TABLE operations...

CVE-2025-14751 Unverified Password Change in Weintek cMT X Series HMI EasyWeb Service

A low-privileged user can bypass account credentials without confirming the user's current authentication state, which may lead to unauthorized privilege escalation...

CVE-2025-14751 Unverified Password Change in Weintek cMT X Series HMI EasyWeb Service

A low-privileged user can bypass account credentials without confirming the user's current authentication state, which may lead to unauthorized privilege escalation...

CVE-2025-14750 External Control of Assumed-Immutable Web Parameter in Weintek cMT X Series HMI EasyWeb Service

The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable. A low-privileged user can modify the parameters and potentially manipulate account-level privileges...

Weintek cMT X Series security vulnerabilities

The Weintek cMT X Series is a series of intelligent human-computer interfaces developed by Weintek Company in Taiwan, China. The cMT X Series contains security vulnerabilities. These vulnerabilities allow low-privilege users to bypass account credentials without confirming the user’s current...

EUVD-2019-5202

Malware in sbrugna...

EUVD-2022-30939

Malicious code in bioql PyPI...

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS advisories on July 24, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-205-01 Mitsubishi Electric CNC Series ICSA-25-205-02 Network Thermostat X-Series WiFi...

CVE-2022-25751

A vulnerability has been identified in SCALANCE X302-7 EEC 230V, SCALANCE X302-7 EEC 230V, coated, SCALANCE X302-7 EEC 24V, SCALANCE X302-7 EEC 24V, coated, SCALANCE X302-7 EEC 2x 230V, SCALANCE X302-7 EEC 2x 230V, coated, SCALANCE X302-7 EEC 2x 24V, SCALANCE X302-7 EEC 2x 24V, coated, SCALANCE...

CVE-2024-20365 Cisco Integrated Management Controller Redfish Command Injection Vulnerability

A vulnerability in the Redfish API of Cisco UCS B-Series, Cisco UCS Managed C-Series, and Cisco UCS X-Series Servers could allow an authenticated, remote attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root. This...

PT-2024-8975 · Cisco · Managed C-Series +2

Name of the Vulnerable Software and Affected Versions: Cisco UCS B-Series, Managed C-Series, and X-Series Servers affected versions not specified Description: The issue is related to insufficient input validation in the Redfish API, allowing an authenticated, remote attacker with administrative...

Cisco UCS B-Series Blade Servers、Cisco UCS Managed C-Series Rack Servers和Cisco UCS X-Series Modular System 安全漏洞

Cisco UCS B-Series Blade Servers and others are products of Cisco, Inc.The Cisco UCS B-Series Blade Servers are a UCS B-Series blade server appliance.The Cisco UCS Managed C-Series Rack Servers are a standard form factor server designed to fit in a rack to save space in the data center.The Cisco...

HIMA Paul Hildebrandt Multiple Product Access Control Error Vulnerability

The HIMA Paul Hildebrandt F Series and the HIMA Paul Hildebrandt X Series are both a line of electronic components from HIMA Paul Hildebrandt. An access control error vulnerability exists in multiple HIMA Paul Hildebrandt products that originates from an unauthenticated attacker being able to sen...

HIMA Paul Hildebrandt Multiple Product Resource Management Error Vulnerability

The HIMA Paul Hildebrandt F Series and HIMA Paul Hildebrandt X Series are both a line of electronic components from HIMA Paul Hildebrandt. A resource management error vulnerability exists in multiple HIMA Paul Hildebrandt products, which originates from a denial of service attack in which an...

Debian: Security Advisory (DSA-5506-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-39969

uthenticode is a small cross-platform library for partially verifying Authenticode digital signatures. Version 1.0.9 of uthenticode hashed the entire file rather than hashing sections by virtual address, in violation of the Authenticode specification. As a result, an attacker could modify code...

Critical Flaws in Cisco Small Business Switches Could Allow Remote Attacks

Cisco has released updates to address a set of nine security flaws in its Small Business Series Switches that could be exploited by an unauthenticated, remote attacker to run arbitrary code or cause a denial-of-service DoS condition. "These vulnerabilities are due to improper validation of reques...

CVE-2023-29054

CVE-2023-29054 affects Siemens SCALANCE devices (X200-4P IRT, X201-3P IRT/IRT PRO, X202-2IRT/IRT PRO/2P, X204IRT, XF201-3P/XF202-2P/XF204IRT, SIPLUS NET X202-2P IRT) with all versions

CVE-2023-22332

Information disclosure vulnerability exists in Pgpool-II 4.4.0 to 4.4.1 4.4 series, 4.3.0 to 4.3.4 4.3 series, 4.2.0 to 4.2.11 4.2 series, 4.1.0 to 4.1.14 4.1 series, 4.0.0 to 4.0.21 4.0 series, All versions of 3.7 series, All versions of 3.6 series, All versions of 3.5 series, All versions of 3....

RubyGems Improper Input Validation vulnerability

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Improper Input Validation vulnerability in ruby gems specification homepage attribute that can...