BM Maximo Asset Management contains an HTML injection vulnerability that could allow a remote attacker to inject malicious HTML code and disrupt a system or device.

Sources: CVE, IBM

Illumina Universal Copy Service contains binding to an unrestricted IP address and execution with unnecessary privileges vulnerabilities that can allow an attacker to take any action at the operating system level.

Sources: CISA, Illumina

mySCADA myPRO contains a command injection vulnerability that could allow a threat actor to exploit and inject arbitrary operating system commands.

Sources: CVE, CISA

IBM AIX 7.1, 7.2 and 7.3 contain a command execution vulnerability that could lead to a nonprivileged local user executing arbitrary commands.

Sources: CVE, IBM

Keysight N8844A Data Analytics Web Service contains a deserialization of untrusted data vulnerability that could lead to remote code execution.

Sources: CISA, Keysight

Scada-LTS Third Party Component contains a cross-site scripting vulnerability that can allow loss of sensitive information and execution of arbitrary code.

Sources: CISA, Scada-LTS