5.3
CVE-2025-46268 - Advantech WebAccess/SCADA SQL Injection
Advantech WebAccess/SCADAΒ is vulnerable to SQL injection, which may allow an attacker to execute arbitrary SQL commands.
5.3
CVE-2025-14848 - Advantech WebAccess/SCADA Absolute Path Traversal
Advantech WebAccess/SCADA is vulnerable to absolute directory traversal, which may allow an attacker to determine the existence of arbitrary files.
5.3
CVE-2025-62002 - BullWall Ransomware Containment large file encryption
BullWall Ransomware Containment relies on the number of file modifications to trigger detection. An authenticated attacker could encrypt a single large file without triggering a detection alert. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before andβ¦
8.7
CVE-2025-14849 - Advantech WebAccess/SCADA Unrestricted Upload of File with Dangerous Type
Advantech WebAccess/SCADAΒ is vulnerable to unrestricted file upload, which may allow an attacker to remotely execute arbitrary code.
8.7
CVE-2025-62001 - BullWall Ransomware Containment hard-coded folder exclusions
BullWall Ransomware Containment contains excluded file paths, such as '$recycle.bin' that are not monitored. An attacker with file write permissions could bypass detection by renaming a directory. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before aβ¦
6.9
CVE-2025-62000 - BullWall Ransomware Containment incomplete file inspection
BullWall Ransomware Containment does not entirely inspect a file to determine if it is ransomware. An authenticated attacker could bypass detection by encrypting a file and leaving the first four bytes unaltered. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other vβ¦
7.2
CVE-2025-14850 - Advantech WebAccess/SCADA Improper Limitation of a Pathname to a Restricted Directory
Advantech WebAccess/SCADAΒ is vulnerable to directory traversal, which may allow an attacker to delete arbitrary files.
5.5
CVE-2025-59529 - simple protocol server ignores accepts unlimited connections and logs failures without limit
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. In versions up to and including 0.9-rc2, the simple protocol server ignores the documented client limit and accepts unlimited connections, allowing for easy local DoS. Although `CLIENTS_MAX`β¦
7.3
CVE-2025-13911 - Inductive Automation Ignition Execution with Unnecessary Privileges
The vulnerability affects Ignition SCADA applications where Python scripting is utilized for automation purposes. The vulnerability arises from the absence of proper security controls that restrict which Python libraries can be imported and executed within the scripting environment. The core isβ¦
5.3
CVE-2025-14889 - Campcodes Advanced Voting Management System Password voters_edit.php improper authorization
A security flaw has been discovered in Campcodes Advanced Voting Management System 1.0. The impacted element is an unknown function of the file /admin/voters_edit.php of the component Password Handler. Performing manipulation of the argument ID results in improper authorization. The attack is possiβ¦