us-cert

This advisory contains mitigations for Cleartext Transmission of Sensitive Information, Cross-site Scripting, Improper Neutralization of Formula Elements in a CSV File, Cleartext Storage of Sensitive Information, Uncontrolled Search Path Element, and Incorrect Default Permissions vulnerabilities in the Delta Electronics DIALink industrial automation server.

This advisory contains mitigations for an Uncontrolled Recursion vulnerability in ICONICS GENESIS64, Mitsubishi Electric MC Works64 third-party OPC Foundation products.

This advisory contains mitigations for numerous vulnerabilities in AUVESY Versiondog data management software for automated production.

This advisory contains mitigations for a Cross-site Scripting vulnerability in Trane Tracer SC HVAC building automation products.

This advisory contains mitigations for an proper Privilege Management vulnerability in Schneider Electric ConneXium Network Manager (CNM) software.

This advisory contains mitigations for mproper Access Control, Unrestricted Upload of File with Dangerous Type, Open Redirect, Cross-site Scripting, and Cross-site Request Forgery vulnerabilities in Uffizio GPS Tracker software.

This advisory contains mitigations for an Authorization Bypass Through User-controlled Key vulnerability in the Mitsubishi Electric MELSEC iQ-R Series CPU Module.

This advisory contains mitigations for a Heap-based Buffer Overflow vulnerability in Siemens SINUMERIK controllers.

This advisory contains mitigations for Improper Limitation of a Pathname to a Restricted Directory, Improper Authorization, Exposure of Sensitive Information to an Unauthorized Actor, Deserialization of Untrusted Data, and Improper Neutralization of Special Elements used in an SQL Command vulnerabilities in Siemens SINEC NMS network management software.

This advisory contains mitigations for Use After Free, Out-of-bounds Read, and Access of Uninitialized Pointer vulnerabilities in Siemens Solid Edge 3D CAD and solid modeling software.