Security
Headlines
HeadlinesLatestCVEs

Source

us-cert

Johnson Controls Metasys ADS ADX OAS Servers

This advisory contains mitigations for Unverified Password Change, and Cross-site Scripting vulnerabilities in the Johnson Controls Metasys ADS ADX OAS Servers.

us-cert
Open in Source
#xss#vulnerability
Meridian Cooperative Meridian

This advisory contains mitigations for an Improper Access Control vulnerability in Meridian utility software.

Mitsubishi Electric MELSEC-Q/L and MELSEC iQ-R

This advisory contains mitigations for an Improper Input Validation vulnerability in the Mitsubishi Electric MELSEC-Q/L Series and MELSEC iQ-R Series Interface Modules.

Mitsubishi Electric Air Conditioning Systems

This advisory contains mitigations for Use of a Broken or Risky Cryptographic Algorithm, Exposure of Sensitive Information to an Unauthorized Actor, and Channel Accessible by Non-Endpoint vulnerabilities in Mitsubishi Electric Air Conditioning Systems.

Vulnerabilities Affecting Dominion Voting Systems ImageCast X

This advisory contains mitigations for Improper Verification of Cryptographic Signature, Mutable Attestation of Measurement Reporting Data, Hidden Functionality, Improper Protection of Alternate Path, Path Traversal: ''../filedir', Execution with Unnecessary Privileges, Authentication Bypass Spoofing, Incorrect Privilege Assignment, and Origin Validation Error vulnerabilities in versions of Dominion Voting Systems Democracy Suite ImageCast X software.

Carrier LenelS2 HID Mercury access panels

This advisory contains mitigations for Protection Mechanism Failure, Forced Browsing, Classic Buffer Overflow, Path Traversal, and OS Command Injection vulnerabilities in Carrier HID Mercury access panels sold by LenlS2.

Illumina Local Run Manager

This advisory contains mitigations for Path Traversal, Unrestricted Upload of File with Dangerous Type, Improper Access Control, and Cleartext Transmission of Sensitive Information vulnerabilities in Illumina devices using Local Run Manager software.

BD Pyxis

This advisory contains mitigations for a Not Using Password Aging vulnerability in the BD Pyxis automated medication dispensing system.

BD Synapsys

This advisory contains mitigations for an Insufficient Session Expiration vulnerability in the BD Synapsys microbiology informatics software platform.

Fuji Electric Alpha7 PC Loader

This advisory contains mitigations for a ack-based Buffer Overflow vulnerability in the Fuji Electric Alpha7 PC Loader servo drive system.