Security
Headlines
HeadlinesLatestCVEs

Source

us-cert

Illumina Local Run Manager

This advisory contains mitigations for Path Traversal, Unrestricted Upload of File with Dangerous Type, Improper Access Control, and Cleartext Transmission of Sensitive Information vulnerabilities in Illumina devices using Local Run Manager software.

us-cert
Open in Source
#vulnerability
BD Pyxis

This advisory contains mitigations for a Not Using Password Aging vulnerability in the BD Pyxis automated medication dispensing system.

BD Synapsys

This advisory contains mitigations for an Insufficient Session Expiration vulnerability in the BD Synapsys microbiology informatics software platform.

Fuji Electric Alpha7 PC Loader

This advisory contains mitigations for a ack-based Buffer Overflow vulnerability in the Fuji Electric Alpha7 PC Loader servo drive system.

Mitsubishi Electric FA Products (Update A)

This updated advisory is a follow-up to the original advisory titled ICSA-22-090-04 Mitsubishi Electric FA Products that was published March 31, 2022, on the ICS webpage on cisa.gov/ics. This advisory contains mitigations for a Use of Password Hash Instead of Password for Authentication, Use of Weak Hash, Cleartext Storage of Sensitive Information, and Authentication Bypass by Capture-replay vulnerabilities in Mitsubishi Electric FA CPU module products.

Mitsubishi Electric Multiple Products (Update D)

This updated advisory is a follow-up to the advisory update titled ICSA-20-245-01 Mitsubishi Electric Multiple Products (Update C) that was published September 9, 2021, to the ICS webpage on cisa.gov/ics. This advisory contains mitigations for a Predictable Exact Value from Previous Values vulnerability in several Mitsubishi Electric devices.

Mitsubishi Electric Factory Automation Engineering Software (Update B)

This updated advisory is a follow-up to the advisory update titled ICSA-20-212-02 Mitsubishi Electric Factory Automation Engineering Software (Update A) that was published January 5, 2021, to the ICS webpage on ucisa.gov/ics. This advisory contains mitigations for a Permission Issues vulnerability in Mitsubishi Electric Factory Automation Engineering software products.

Keysight N6854A Geolocation server and N6841A RF Sensor software

This advisory contains mitigations for Relative Path Traversal, and Deserialization of Untrusted Data vulnerabilities in Keysight N6854A Geolocation and server and N6841A Sensor software, a spectrum monitoring platform.

Horner Automation Cscape Csfont

This advisory contains mitigations for Out-of-bounds Write, Out-of-bounds Read, and Heap-based Buffer Overflow vulnerabilities in Horner Automation Cscape PLC management software.

Rockwell Automation Logix Controllers

This advisory contains mitigations for an Uncontrolled Resource Consumption vulnerability in Rockwell Automation Logix Controllers.