Emerson Electric’s Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-284 Improper Access Control, and stores project data in a directory with improper…

Emerson Electric’s Proficy Machine Edition Version 9.00 and prior is vulenrable to CWE-353 Missing Support for Integrity Check, and has no authentication or authorization of…

A heap-based buffer over write vulnerability was found in GhostScript’s lp8000_print_page() function in gdevlp8k.c file. An attacker could trick a user to open a crafted…

An off-by-one overflow flaw was found in radare2 due to mismatched array length in core_java.c. This could allow an attacker to cause a crash, and…

A double free issue was discovered in radare2 in cmd_info.c:cmd_info(). Successful exploitation could lead to modification of unexpected memory locations and potentially causing a crash.…

A segmentation fault was discovered in radare2 with adf command. In libr/core/cmd_anal.c, when command “adf” has no or wrong argument, anal_fcn_data (core, input + 1)…

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any…

Emerson Electric’s Proficy Machine Edition Version 9.80 and prior is vulnerable to CWE-29 Path Traversal: ‘..Filename’, also known as a ZipSlip attack, through an upload…

Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx json parsing may lead to stack exhaustion…

IBM MQ 8.0, (9.0, 9.1, 9.2 LTS), and (9.1 and 9.2 CD) are vulnerable to an XML External Entity Injection (XXE) attack when processing XML…