RMX Security CERT Global
- CISA Adds Two Known Exploited Vulnerabilities to CatalogCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-32433 Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability CVE-2024-42009 ... read more
- CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-5419 Google Chromium V8 Out-of-Bounds Read and Write Vulnerability This type of ... read more
- Hitachi Energy Relion 670, 650 Series and SAM600-IO ProductView CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Relion 670, Relion 650, SAM600-IO Vulnerabilities: Integer Overflow or Wraparound 2. RISK EVALUATION ... read more
- CyberData 011209 SIP Emergency IntercomView CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: CyberData Equipment: 011209 SIP Emergency Intercom Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Missing ... read more
- CISA Releases Seven Industrial Control Systems AdvisoriesCISA released seven Industrial Control Systems (ICS) advisories on June 5, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-155-01 CyberData 011209 SIP ... read more
- CERT-SE:s veckobrev v.23Ett peppar, peppar något lugnare nyhetsflöde denna kortvecka men som oftast ett gäng matnyttiga fördjupningar att förkovra sig i. ... read more
- Vulnérabilité dans Wireshark (05 juin 2025)Une vulnérabilité a été découverte dans Wireshark. Elle permet à un attaquant de provoquer un déni de service à distance. ... read more
- Multiples vulnérabilités dans les produits VMware (05 juin 2025)De multiples vulnérabilités ont été découvertes dans VMware NSX. Elles permettent à un attaquant de provoquer une injection de code indirecte à distance (XSS). ... read more
- お知らせ:システムメンテナンスのお知らせ... read more
- Deploying on the EdgeDeploying cloud-centric technologies such as Kubernetes in edge environments poses challenges, especially for mission-critical defense systems. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Patrick Earl, ... read more
- Vulnérabilité dans Traefik (28 mai 2025)Une vulnérabilité a été découverte dans Traefik. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité. ... read more
- Multiples vulnérabilités dans Curl (28 mai 2025)De multiples vulnérabilités ont été découvertes dans Curl. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données et un contournement de la politique de sécurité. ... read more
- Multiples vulnérabilités dans les produits Mozilla (28 mai 2025)De multiples vulnérabilités ont été découvertes dans les produits Mozilla. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service ... read more
- Multiples vulnérabilités dans Citrix et Xen (28 mai 2025)De multiples vulnérabilités ont été découvertes dans Citrix et Xen. Elles permettent à un attaquant de provoquer une élévation de privilèges. ... read more
- Threat Actors Target U.S. Critical Infrastructure with LummaC2 MalwareToday, CISA and the Federal Bureau of Investigation released a joint Cybersecurity Advisory, LummaC2 Malware Targeting U.S. Critical Infrastructure Sectors. This advisory details the tactics, techniques, and procedures, and indicators ... read more
- Threat Actors Deploy LummaC2 Malware to Exfiltrate Sensitive Data from OrganizationsSummary The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint advisory to disseminate known tactics, techniques, and procedures (TTPs) and indicators ... read more
- A 5-Stage Process for Automated Testing and Delivery of Complex Software SystemsManaging and maintaining deployments of complex software present engineers with a multitude of challenges including security vulnerabilities. ... read more
- Facing the cyber threat behind the headlinesNCSC CEO urges all businesses to face the stark reality of the cyber threat they face, whether in the spotlight or not. ... read more
- Vulnérabilité dans Schneider Electric EcoStruxure Power Build Rapsody (21 mai 2025)Une vulnérabilité a été découverte dans Schneider Electric EcoStruxure Power Build Rapsody. Elle permet à un attaquant de provoquer une exécution de code arbitraire. ... read more
- Vulnérabilité dans Mitel OpenScapeXpressions (21 mai 2025)Une vulnérabilité a été découverte dans Mitel OpenScapeXpressions. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données. ... read more
- CISA Releases Thirteen Industrial Control Systems AdvisoriesCISA released thirteen Industrial Control Systems (ICS) advisories on May 20, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-140-01 ABUP IoT Cloud ... read more
- Vertiv Liebert RDU101 and UNITYView CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Vertiv Equipment: Liebert RDU101 and Liebert UNITY Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, ... read more
- ABUP IoT Cloud PlatformView CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.9 ATTENTION: Exploitable remotely/Low attack complexity Vendor: ABUP Equipment: ABUP Internet of Things (IoT) Cloud Platform Vulnerability: Incorrect Privilege Assignment 2. RISK EVALUATION ... read more
- Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric ProductsView CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.3 ATTENTION: Low attack complexity Vendor: Mitsubishi Electric Iconics Digital Solutions, Mitsubishi Electric Equipment: ICONICS Product Suite and Mitsubishi Electric MC Works64 Vulnerability: ... read more
- Danfoss AK-SM 8xxA SeriesView CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.3 ATTENTION: Exploitable remotely Vendor: Danfoss Equipment: AK-SM 8xxA Series Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could enable ... read more
- Siemens Siveillance VideoAs of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this ... read more
- Schneider Electric Galaxy VS, Galaxy VL, Galaxy VXLView CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Galaxy VS, Galaxy VL, Galaxy VXL Vulnerability: Missing Authentication for Critical Function 2. ... read more
- National Instruments Circuit Design SuiteView CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.4 ATTENTION: Low attack complexity Vendor: National Instruments Equipment: Circuit Design Suite Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read, Stack-based Buffer Overflow 2. RISK EVALUATION ... read more
- AutomationDirect MB-GatewayView CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: AutomationDirect Equipment: MB-Gateway Vulnerability: Missing Authentication For Critical Function 2. RISK EVALUATION Successful exploitation of this ... read more
- Schneider Electric PrismaSeT Active – Wireless Panel ServerView CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: PrismaSeT Active - Wireless Panel Server Vulnerability: Buffer Copy without Checking Size of ... read more
- Assured Telematics Inc (ATI) Fleet Management System with Geotab IntegrationView CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Assured Telematics Inc. Equipment: Fleet Management System Vulnerabilities: Exposure of Sensitive System Information to an Unauthorized ... read more
- Schneider Electric Modicon ControllersView CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Modicon Controllers M241/M251/M258/LMC058 Vulnerability: Externally Controlled Reference to a Resource in Another Sphere ... read more
- Multiples vulnérabilités dans les produits Nextcloud (16 mai 2025)De multiples vulnérabilités ont été découvertes dans les produits Nextcloud. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une atteinte à l'intégrité des données ... read more
- CISA Adds Three Known Exploited Vulnerabilities to CatalogCISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-12987 DrayTek Vigor Routers OS Command Injection Vulnerability CVE-2025-4664 Google Chromium Loader Insufficient ... read more
- Siemens User Management Component (UMC)As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this ... read more
- Schneider Electric EcoStruxure Power Build RapsodyView CSAF 1. EXECUTIVE SUMMARY CVSS v4 4.6 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: EcoStruxure Power Build Rapsody Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of ... read more
- Siemens SIPROTEC and SICAMAs of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this ... read more
- Siemens Mendix OIDC SSOAs of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this ... read more
- Siemens VersiCharge AC Series EV ChargersAs of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this ... read more
- Siemens SCALANCE LPE9403As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this ... read more
- Siemens Teamcenter VisualizationAs of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this ... read more
- Siemens OZW Web ServersAs of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this ... read more
- Siemens SIRIUS 3SK2 Safety Relays and 3RK3 Modular Safety SystemsAs of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this ... read more
- Siemens RUGGEDCOM APE1808 DevicesAs of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this ... read more
- Siemens RUGGEDCOM ROX IIAs of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this ... read more
- Siemens PolarionAs of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this ... read more
- Siemens IPC RS-828AAs of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this ... read more
- ECOVACS DEEBOT Vacuum and Base StationView CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: ECOVACS Equipment: DEEBOT Vacuum and Base Station Vulnerabilities: Use of Hard-coded Cryptographic Key, Download of Code ... read more
- Siemens INTRALOG WMSAs of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this ... read more
- +F FS010M vulnerable to OS command injection+F FS010M provided by FUJI SOFT INCORPORATED contains an OS command injection vulnerability. ... read more
Title | Category | Tag |
Building Innovative Public-Private-Partnerships for Effective and Equitable WSS Services – Project Financing |
InfrastructurePPPProjectFinance | epcm governments infrastructure |
Accelerating Action CDP Global Water Report 2015 – Project Financing |
InfrastructureProjectFinanceWater | governments infrastructure water |
A Review of the Use of Output-Based Aid Approaches – Project Financing |
EPCMPPPProjectFinance | data sharing governments infrastructure |