Barracuda Networks Email Security Gateway Appliance contains an improper input validation vulnerability that can lead to remote command injection.

Sources: CISA, NIST

Moxa MXsecurity Series contains command injection and use of hard-coded credentials vulnerabilities that can allow an unauthorized user to bypass authentication or to execute arbitrary commands on the device.

Sources: CISA, Moxa

Hitachi Energy’s AFS65x, AFS67x, AFR67x and AFF66x products contain a use after free vulnerability that can allow an attacker to disclose sensitive information or lead to a denial-of-service.

Sources: CISA, Hitachi Energy

Hitachi Energy’s RTU500 Series product contains out-of-bounds read, infinite loop, classic buffer overflow and more vulnerabilities that can allow an attacker to crash the device being accessed or cause a denial-of-service condition.

Sources: CISA, Hitachi Energy

Mitsubishi Electric MELSEC Series CPU module contains a classic buffer overflow vulnerability that can allow a remote attacker to cause a denial-of-service condition or execute malicious code on a target product by sending specially crafted packets.

Sources: CISA, Mitsubishi Electric

Horner Automation Cscape contains stack-based buffer overflow, out-of-bounds read, use after free and more vulnerabilities that can allow an attacker to disclose information and to execute arbitrary code.

Sources: CISA, Horner

Apple iPadOS, MacOS, iOS, tvOS, watchOS and Safari contain an out-of-bounds read vulnerability that can lead to a disclosure of sensitive data.

Sources: CISA, NIST