A vulnerability was found in Parsec Automation TrackSYS 11.x.x and classified as problematic. This issue affects some unknown processing of the file /TS/export/pagedefinition. The manipulation of the argument ID leads to direct request. The attack may be initiated remotely. The exploit has been...
5.3CVSS
5.4AI Score
0.0004EPSS
Root my webOS TV A simple python script that starts a telnet...
7.2AI Score
7.2AI Score
Exploit for Deserialization of Untrusted Data in Apache Log4J
POC for CVE-2021-44228 This python script was created while...
10CVSS
10AI Score
0.976EPSS
Real Time Innovations (RTI) Connext Data Distribution Service (DDS) is installed on the remote host. RTI Connext DDS is a connectivity platform for Industrial Internet of Things (IIoT)...
1.8AI Score
9.8CVSS
9.6AI Score
0.038EPSS
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that...
7.8CVSS
8AI Score
0.001EPSS
Inductive Automation Ignition ExtendedDocumentCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this...
8.8CVSS
9AI Score
0.0005EPSS
Jenkins plugins Multiple Vulnerabilities (2023-10-25)
According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: High GitHub Plugin 1.37.3 and earlier does not escape the GitHub project URL on the build page when showing changes. This results in a...
8.1CVSS
5.5AI Score
0.001EPSS
Exploit for Server-Side Request Forgery in Fusion Builder Project Fusion Builder
Fubucker | CVE-2022-1386 - Fusion Builder Automatic Mass Tool...
9.6AI Score
A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE v12. The vulnerability allows a user from a remote system with FTView to send a packet to the customer’s server to view an HMI project. This action is allowed without proper authentication...
6.5AI Score
0.0004EPSS
CVE-2024-24919-PoC ![Screenshot of the exploit...
8.6CVSS
8.8AI Score
0.945EPSS
A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the...
7.1AI Score
0.0004EPSS
Zebra Industrial Printers Insufficiently Protected Credentials (CVE-2019-10960)
Zebra Industrial Printers All Versions, Zebra printers are shipped with unrestricted end-user access to front panel options. If the option to use a passcode to limit the functionality of the front panel is applied, specially crafted packets could be sent over the same network to a port on the...
7.5CVSS
6.5AI Score
0.002EPSS
Security Bulletin: IBM Integration Designer is vulnerable to a denial of service (CVE-2023-38264)
Summary Vulnerability in IBM® Runtime Environment Java™ Version 8 used by IBM Integration Designer. IBM Integration Designer has addressed the following CVE. Vulnerability Details ** CVEID: CVE-2023-38264 DESCRIPTION: **The IBM SDK, Java Technology Edition's Object Request Broker (ORB) 7.1.0.0...
5.9CVSS
6.1AI Score
0.0004EPSS
RuggedCom RuggedOS < 3.12.1 Web UI Multiple Security Vulnerabilities
According to its self-reported version, the RuggedCom RuggedOS (ROS) Web UI is affected by multiple vulnerabilities, some of which could allow a remote attacker to gain administrative access to the...
4.8AI Score
7AI Score
0.001EPSS
Exploit for Externally Controlled Reference to a Resource in Another Sphere in Microsoft
CVE 30190 Amine TITROFINE | December 17, 2022 ...
8.2AI Score
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FunnelKit Automation By Autonami allows Stored XSS.This issue affects Automation By Autonami: from n/a through...
6.5CVSS
6.6AI Score
0.0004EPSS
resources/src/mediawiki.page.ready/ready.js in MediaWiki before 1.35 allows remote attackers to force a logout and external redirection via HTML content in a MediaWiki...
6.1CVSS
6.7AI Score
0.002EPSS
Jenkins, an open source automation server software, is installed on the remote Windows...
1.9AI Score
Jenkins, an open source automation server software, is installed on the remote Linux...
1.1AI Score
A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE. The vulnerability allows a user from a remote system with FTView to send a packet to the customer’s server to view an HMI project. Due to the lack of proper authentication, this action is allowed without...
6.6AI Score
0.0004EPSS
Exploit for Externally Controlled Reference to a Resource in Another Sphere in Microsoft
CVE 30190 Amine TITROFINE | December 17, 2022 ...
7.8CVSS
8.5AI Score
0.962EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FunnelKit Automation By Autonami allows Stored XSS.This issue affects Automation By Autonami: from n/a through...
6.5CVSS
6.7AI Score
0.0004EPSS
Inductive Automation Ignition OPC UA Quick Client Task Scheduling Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit...
7.2CVSS
7.7AI Score
0.0005EPSS
Exploit for Command Injection in Tp-Link Tapo C200 Firmware
TP-Link Tapo c200 1.1.15 - Remote Code Execution (RCE)...
9.8CVSS
8.5AI Score
0.251EPSS
Ansible Tower, an IT automation and management application, is running on the remote web...
2.9AI Score
Security Bulletin: Vulnerabilities in Node.js and packages affect IBM Voice Gateway
Summary Security Vulnerabilities in Node.js and packages affect IBM Voice Gateway. The vulnerabilities have been addressed. Vulnerability Details ** CVEID: CVE-2024-31206 DESCRIPTION: **Node.js dectalk-tts module could allow a remote attacker to obtain sensitive information, caused by the use of...
8.2CVSS
8AI Score
0.0004EPSS
JBWPer | CVE-2022-4061 - JobBoardWP Automatic Mass Tool for...
7.7AI Score
SaltStack Salt Master Detection
Salt Master for SaltStack, a security and configuration management automation platform, was detected on the remote Linux...
1.2AI Score
Inductive Automation Ignition ResponseParser SerializedResponse Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to...
8.8CVSS
8.9AI Score
0.0005EPSS
Inductive Automation Ignition downloadLaunchClientJar Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target.....
8CVSS
8.2AI Score
0.001EPSS
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that...
7.8CVSS
8AI Score
0.001EPSS
Ansible AWX Installed (Linux/UNIX)
Ansible AWX, an open-source IT automation and management application, was found on the remote...
1.5AI Score
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FunnelKit Automation By Autonami allows Stored XSS.This issue affects Automation By Autonami: from n/a through...
6.5CVSS
9.1AI Score
0.0004EPSS
Summary IBM Business Automation Workflow reintroduced an outdated version of the Xalan library. Vulnerability Details ** CVEID: CVE-2014-0107 DESCRIPTION: **Apache Xalan-Java could allow a remote attacker to bypass security restrictions, caused by the improper handling of output properties. An...
7.5CVSS
10AI Score
0.005EPSS
CVE-2023-22515 Exploit Script 🔐 This script is designed to...
9.8CVSS
9.8AI Score
0.973EPSS
Summary IBM Business Automation Workflow is vulnerable to a denial of service attack. Vulnerability Details ** CVEID: CVE-2023-33008 DESCRIPTION: **Apache Johnzon is vulnerable to a denial of service, caused by an unsafe deserialization flaw in BigDecimal. By sending a specially crafted JSON...
5.3CVSS
6.7AI Score
0.002EPSS
SaltStack Salt Minion Installed (Linux)
SaltsSack Salt Minion, a security and configuration management automation platform, is installed on the remote Linux...
1.3AI Score
SaltStack Salt Master Installed (Linux)
SaltsSack Salt Master, a security and configuration management automation platform, is installed on the remote Linux...
1.3AI Score
Ansible AWX, an open-source IT automation and management application, is running on the remote web...
2.3AI Score
Ecava IntegraXor, a suite of tools targeting factory and process automation solutions, is installed on the remote Windows...
2.3AI Score
Nautobot is a Network Source of Truth and Network Automation Platform built as a web application All users of Nautobot versions earlier than 1.6.6 or 2.0.5 are potentially affected by a cross-site scripting vulnerability. Due to incorrect usage of Django's mark_safe() API when rendering certain...
7.1CVSS
5.3AI Score
0.001EPSS
Inductive Automation Ignition OPC UA Quick Client Task Scheduling Exposed Dangerous Function Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit...
7.2CVSS
8AI Score
0.0005EPSS
The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.222.x prior to 2.222.43.0.4, 2.249.x prior to 2.249.30.0.4, or 2.x prior to 2.277.2.3. It is, therefore, affected by multiple vulnerabilities, including the following: Reflected XSS vulnerability...
6.5CVSS
5.5AI Score
0.001EPSS
Improper handling of JavaScript whitespace in html/template
Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during...
9.8CVSS
9.6AI Score
0.003EPSS
An issue was discovered in the ProofreadPage (aka Proofread Page) extension for MediaWiki through 1.39.3. In includes/Page/PageContentHandler.php and includes/Page/PageDisplayHandler.php, hidden users can be exposed via public...
5.3CVSS
7.1AI Score
0.001EPSS
An issue was discovered in the CheckUserLog API in the CheckUser extension for MediaWiki through 1.39.3. There is incorrect access control for visibility of hidden...
5.3CVSS
7.2AI Score
0.001EPSS
Sielco Sistemi Winlog Detection
Winlog, from Sielco Sistemi, is installed on the remote Windows host. It is a software package for SCADA/HMI applications with web support and is used for supervision of industrial...
2.5AI Score