5.3
CVE-2025-14848 - Advantech WebAccess/SCADA Absolute Path Traversal
Advantech WebAccess/SCADA is vulnerable to absolute directory traversal, which may allow an attacker to determine the existence of arbitrary files.
5.3
CVE-2025-62002 - BullWall Ransomware Containment file count detection bypass
BullWall Ransomware Containment considers the number of files modified to trigger detection. An authenticated attacker could encrypt a single (possibly large) file without triggering detection if thresholds are configured to require multiple file changes. The number of files to trigger detection caβ¦
8.7
CVE-2025-14849 - Advantech WebAccess/SCADA Unrestricted Upload of File with Dangerous Type
Advantech WebAccess/SCADAΒ is vulnerable to unrestricted file upload, which may allow an attacker to remotely execute arbitrary code.
8.7
CVE-2025-62001 - BullWall Ransomware Containment hard-coded folder exclusions
BullWall Ransomware Containment supports configurable file and directory exclusions such as '$RECYCLE.BIN' to balance monitoring scope and performance. Certain exclusion patterns could allow an authenticated attacker to rename directories in a way that avoids monitoring. Fixed in 4.6.1.14 and 5.0.0β¦
6.9
CVE-2025-62000 - BullWall Ransomware Containment incomplete file inspection
BullWall Ransomware Containment may not always detect an encrypted file. This issue affects a specific file inspection method that evaluates file content based on header bytes. An authenticated attacker could encrypt files, preserving the first four bytes and preventing this particular method from β¦
7.2
CVE-2025-14850 - Advantech WebAccess/SCADA Improper Limitation of a Pathname to a Restricted Directory
Advantech WebAccess/SCADAΒ is vulnerable to directory traversal, which may allow an attacker to delete arbitrary files.
7.3
CVE-2025-13911 - Inductive Automation Ignition Execution with Unnecessary Privileges
The vulnerability affects Ignition SCADA applications where Python scripting is utilized for automation purposes. The vulnerability arises from the absence of proper security controls that restrict which Python libraries can be imported and executed within the scripting environment. The core isβ¦
5.3
CVE-2025-14889 - Campcodes Advanced Voting Management System Password voters_edit.php improper authorization
A security flaw has been discovered in Campcodes Advanced Voting Management System 1.0. The impacted element is an unknown function of the file /admin/voters_edit.php of the component Password Handler. Performing a manipulation of the argument ID results in improper authorization. The attack is posβ¦
8.4
CVE-2023-53940 - Codigo Markdown Editor 1.0.1 Electron Arbitrary Code Execution via Markdown File
Codigo Markdown Editor 1.0.1 contains a code execution vulnerability that allows attackers to run arbitrary system commands by crafting a malicious markdown file. Attackers can embed a video source with an onerror event that executes shell commands through Node.js child_process module when the fileβ¦
8.5
CVE-2023-53937 - Hubstaff 1.6.14 DLL Search Order Hijacking via wow64log Library
Hubstaff 1.6.14 contains a DLL search order hijacking vulnerability that allows attackers to replace a missing system32 wow64log.dll with a malicious library. Attackers can generate a custom DLL using Metasploit and place it in the system32 directory to obtain a reverse shell during application staβ¦