19 matches found
EUVD-2024-38325
Malicious code in bioql PyPI...
EUVD-2024-34454
Malicious code in bioql PyPI...
EUVD-2024-41695
Malicious code in bioql PyPI...
CVE-2024-39290
Insufficiently protected credentials issue exists in AIPHONE IX SYSTEM and IXG SYSTEM. A network-adjacent unauthenticated attacker may obtain sensitive information such as a username and its password in the address book...
CVE-2024-45837
Use of hard-coded cryptographic key issue exists in AIPHONE IX SYSTEM, IXG SYSTEM, and System Support Software. A network-adjacent unauthenticated attacker may log in to SFTP service and obtain and/or manipulate unauthorized files...
CVE-2024-31408
OS command injection vulnerability exists in AIPHONE IX SYSTEM and IXG SYSTEM. A network-adjacent authenticated attacker may execute an arbitrary OS command with root privileges by sending a specially crafted request...
CVE-2024-31408
OS command injection vulnerability exists in AIPHONE IX SYSTEM and IXG SYSTEM. A network-adjacent authenticated attacker may execute an arbitrary OS command with root privileges by sending a specially crafted request...
CVE-2024-45837
Use of hard-coded cryptographic key issue exists in AIPHONE IX SYSTEM, IXG SYSTEM, and System Support Software. A network-adjacent unauthenticated attacker may log in to SFTP service and obtain and/or manipulate unauthorized files...
CVE-2024-45837
Use of hard-coded cryptographic key issue exists in AIPHONE IX SYSTEM, IXG SYSTEM, and System Support Software. A network-adjacent unauthenticated attacker may log in to SFTP service and obtain and/or manipulate unauthorized files...
CVE-2024-39290
Insufficiently protected credentials issue exists in AIPHONE IX SYSTEM and IXG SYSTEM. A network-adjacent unauthenticated attacker may obtain sensitive information such as a username and its password in the address book...
CVE-2024-39290
CVE-2024-39290 affects AIPHONE IX SYSTEM and IXG SYSTEM. The issue is insufficiently protected credentials (CWE-522), allowing a network-adjacent unauthenticated attacker to obtain sensitive information (username and password) from the address book. Documented impact includes credential disclosur...
CVE-2024-31408
The CVE-2024-31408 issue affects AIPHONE IX SYSTEM and IXG SYSTEM, where an authenticated, network-adjacent attacker can trigger an OS command injection with root privileges by sending a crafted request. The incident is documented across multiple feeds (NVD, JVN, Red Hat, CNNVD, etc.), with the R...
CVE-2024-31408
OS command injection vulnerability exists in AIPHONE IX SYSTEM and IXG SYSTEM. A network-adjacent authenticated attacker may execute an arbitrary OS command with root privileges by sending a specially crafted request...
CVE-2024-31408
OS command injection vulnerability exists in AIPHONE IX SYSTEM and IXG SYSTEM. A network-adjacent authenticated attacker may execute an arbitrary OS command with root privileges by sending a specially crafted request...
AIPHONE IX SYSTEM和AIPHONE IXG SYSTEM 操作系统命令注入漏洞
AIPHONE IX SYSTEM and AIPHONE IXG SYSTEM are both products of AIPHONE CORPORATION Japan.AIPHONE IX SYSTEM is an IP visual intercom system.AIPHONE IXG SYSTEM is an IP-based residential system. The AIPHONE IX SYSTEM and AIPHONE IXG SYSTEM have an operating system command injection vulnerability tha...
AIPHONE IX SYSTEM和AIPHONE IXG SYSTEM 安全漏洞
AIPHONE IX SYSTEM and AIPHONE IXG SYSTEM are both products of AIPHONE CORPORATION Japan AIPHONE IX SYSTEM is an IP visual intercom system.AIPHONE IXG SYSTEM is an IP-based residential system. A security vulnerability exists in AIPHONE IX SYSTEM and AIPHONE IXG SYSTEM, which arises from insufficie...
PT-2024-28423 · Aiphone · Aiphone Ixg System
Name of the Vulnerable Software and Affected Versions: AIPHONE IX SYSTEM affected versions not specified AIPHONE IXG SYSTEM affected versions not specified Description: An insufficiently protected credentials issue exists, allowing a network-adjacent unauthenticated attacker to obtain sensitive...
PT-2024-24053 · Aiphone · Aiphone Ixg System
Name of the Vulnerable Software and Affected Versions: AIPHONE IX SYSTEM affected versions not specified AIPHONE IXG SYSTEM affected versions not specified Description: A network-adjacent authenticated attacker may execute an arbitrary OS command with root privileges by sending a specially crafte...
JVN#41397971: Multiple vulnerabilities in AIPHONE IX SYSTEM, IXG SYSTEM, and System Support Software
AIPHONE IX SYSTEM is an IP Network Audio-Video Intercom and IXG SYSTEM is an IP-based Residential System. IX SYSTEM, IXG SYSTEM, and System Support Software contain multiple vulnerabilities listed below. OS command injection CWE-78 CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Base Score 8.0...