Source
us-cert
This advisory contains mitigations for an Improper Access Control vulnerability in Makitron OPC software.
This updated advisory is a follow-up to the advisory update titled ICSA-21-049-02 Mitsubishi Electric FA Engineering Software Products (Update D) that was published February 8, 2022, to the ICS webpage on cisa.gov/ics. This advisory contains mitigations for Heap-based Buffer Overflow, and Improper Handling of Length Parameter Inconsistency vulnerabilities in Mitsubishi Electric FA engineering software.
This updated advisory is a follow-up to the advisory update titled ICSA-20-212-04 Mitsubishi Electric Factory Automation Engineering Products (Update F) that was published February 8, 2022, to the ICS webpage on cisa.gov/ics. This advisory contains mitigations for an Unquoted Search Path or Element vulnerability in Mitsubishi Electric Factory Automation Engineering products.
This advisory contains mitigations for Improper Input Validation vulnerabilities in Mitsubishi Electric MELSEC iQ-F Series CPU modules.
This advisory contains mitigations for a Stack-based Buffer Overflow vulnerability in the Circutor COMPACT DC-S BASIC smart metering concentrator.
This advisory contains mitigations for Stack-based Buffer Overflow, and Out-of-bounds Read vulnerabilities in the Delta Electronics CNCSoft software management platform.
This advisory contains mitigations for Missing Authorization, Out-of-bounds Write, NULL Pointer Dereference, Classic Buffer Overflow, HTTP Request Smuggling, and Infinite Loop vulnerabilities in Mitsubishi Electric MELSOFT iQ AppPortal products.
This advisory contains mitigations for Out-of-bounds Read, Access of Uninitialized Pointer, and Out-of-bounds Write vulnerabilities in the Inkscape open-source graphics editor.
This advisory contains mitigations for OS Command Injection, SQL Injection, Path Traversal, and Use of Potentially Dangerous Function vulnerabilities in the Cambium Networks cnMaestro network management system.
This advisory contains mitigations for Improper Input Validation, Improper Authentication, Improper Isolation of Shared Resources on System-on-a-Chip, and Improper Privilege Management vulnerabilities in Siemens Industrial PCs and CNC devices.