The Visual Form Builder WordPress plugin before 3.0.8 does not enforce nonce checks which could allow attackers to make a logged in admin or editor…

The Visual Form Builder WordPress plugin before 3.0.6 is vulnerable to CSV injection allowing a user with low level or no privileges to inject a…

Electric Vehicle (EV) commonly utilises the Combined Charging System (CCS) for DC rapid charging. To exchange important messages such as the State of Charge (SoC)…

A vulnerability has been identified in SIMATIC S7-400 H V6 CPU family (incl. SIPLUS variants) (All versions < V6.0.10), SIMATIC S7-400 PN/DP V7 CPU family…

A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC STEP 7 (TIA Portal) V16 (All versions < V16 Update…

An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000…

Improper access control in GitLab CE/EE versions 10.7 prior to 14.7.7, 10.8 prior to 14.8.5, and 10.9 prior to 14.9.2 allows a malicious actor to…

A command injection vulnerability in the protest binary allows an attacker with access to the remote command line interface to execute arbitrary commands as root.…

Missing sanitization of logged exception messages in all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 of GitLab CE/EE causes…

The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch for CVE-2021-39242 was missing. This issue only affects Red…