Lucene search
+L

1420 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/03 12:0 a.m.7 views

Alibaba Cloud Linux 3 : 0040: freerdp (ALINUX3-SA-2026:0040)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0040 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-22855: FreeRDP is a free...

9.1CVSS6.1AI score0.00756EPSS
Exploits3References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/16 11:28 a.m.8 views

Malicious code in aliyun-python-sdk-v2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 29bd2455a576643c51939bd166abab847afd04c3142b576e3f9f0c7978763181 Series of packages impersonating Alibaba Cloud. Two oldest hide code to run obfuscated code, but are likely to be used as dependency as the obfuscated code is...

5.6AI score
Exploits0References2
OSV
OSV
added 2026/02/16 11:28 a.m.10 views

MAL-2026-917 Malicious code in aliyun-python-sdk-v2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 29bd2455a576643c51939bd166abab847afd04c3142b576e3f9f0c7978763181 Series of packages impersonating Alibaba Cloud. Two oldest hide code to run obfuscated code, but are likely to be used as dependency as the obfuscated code is...

5.6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/16 11:20 a.m.10 views

Malicious code in alibabacloude (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c45df7f85cfaba4bf141f0a17ba2d0987e080131bab1f1233798a1287d63fa7f Series of packages impersonating Alibaba Cloud. Two oldest hide code to run obfuscated code, but are likely to be used as dependency as the obfuscated code is...

5.6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/16 11:19 a.m.9 views

Malicious code in alibabacloud-code-tool (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5e4d81a71d0710ac3618ec41e8027ee6a96ae9845ca67b33b950c8d99d8d2e8a This package impersonates Alibaba Cloud account and contains highly obfuscated code. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

5.5AI score
Exploits0References2
HackRead
HackRead
added 2026/02/14 9:54 p.m.13 views

287 Chrome Extensions Caught Harvesting Browsing Data from 37M Users

New investigation by Q Continuum reveals 287 Chrome extensions leaking the private browsing data of 37.4 million users to firms like Similarweb and Alibaba. Learn how these harmless tools turn your history into a product...

5.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/02/13 1:22 p.m.10 views

CVE-2025-15573

The affected devices do not validate the server certificate when connecting to the SolaX Cloud MQTTS server hosted in the Alibaba Cloud mqtt001.solaxcloud.com, TCP 8883. This allows attackers in a man-in-the-middle position to act as the legitimate MQTT server and issue arbitrary commands to...

9.4CVSS5.8AI score0.00216EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/02/13 12:0 a.m.11 views

Alibaba Cloud Linux 3 : 0035: python3 (ALINUX3-SA-2026:0035)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0035 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-12084: When building nested...

6.3CVSS7.2AI score0.00708EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/02/13 12:0 a.m.6 views

Alibaba Cloud Linux 3 : 0032: util-linux (ALINUX3-SA-2026:0032)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0032 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-14104: A flaw was found in util-linux. Thi...

6.1CVSS5.8AI score0.00179EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/02/13 12:0 a.m.14 views

Alibaba Cloud Linux 3 : 0037: spice-client-win (ALINUX3-SA-2026:0037)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0037 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-14523: A flaw in libsoups HTTP...

8.6CVSS7AI score0.00947EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/13 12:0 a.m.10 views

Alibaba Cloud Linux 3 : 0036: libsoup (ALINUX3-SA-2026:0036)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0036 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-0719: A flaw was identified in th...

8.6CVSS7.4AI score0.00947EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/13 12:0 a.m.7 views

Alibaba Cloud Linux 3 : 0033: resource-agents (ALINUX3-SA-2026:0033)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0033 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-23490: pyasn1 is a generic ASN.1 library f...

7.5CVSS5.5AI score0.00679EPSS
Exploits0References2
NVD
NVD
added 2026/02/12 11:15 a.m.13 views

CVE-2025-15573

The affected devices do not validate the server certificate when connecting to the SolaX Cloud MQTTS server hosted in the Alibaba Cloud mqtt001.solaxcloud.com, TCP 8883. This allows attackers in a man-in-the-middle position to act as the legitimate MQTT server and issue arbitrary commands to...

9.4CVSS0.00216EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/12 10:39 a.m.5 views

CVE-2025-15573 Missing Certificate Validation for Solax Power Pocket WiFi models MQTT Cloud Connection

The affected devices do not validate the server certificate when connecting to the SolaX Cloud MQTTS server hosted in the Alibaba Cloud mqtt001.solaxcloud.com, TCP 8883. This allows attackers in a man-in-the-middle position to act as the legitimate MQTT server and issue arbitrary commands to...

5.8AI score0.00216EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/12 10:39 a.m.34 views

CVE-2025-15573 Missing Certificate Validation for Solax Power Pocket WiFi models MQTT Cloud Connection

The affected devices do not validate the server certificate when connecting to the SolaX Cloud MQTTS server hosted in the Alibaba Cloud mqtt001.solaxcloud.com, TCP 8883. This allows attackers in a man-in-the-middle position to act as the legitimate MQTT server and issue arbitrary commands to...

0.00216EPSS
Exploits0References1
CVE
CVE
added 2026/02/12 10:39 a.m.18 views

CVE-2025-15573

CVE-2025-15573 affects SolaX Power Pocket devices. The issue arises because the devices do not validate the server certificate when connecting to the SolaX Cloud MQTTS server (mqtt001.solaxcloud.com:8883), enabling a man-in-the-middle attacker to impersonate the legitimate MQTT server and issue a...

9.4CVSS5.8AI score0.00216EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/12 10:39 a.m.8 views

CVE-2025-15573

The affected devices do not validate the server certificate when connecting to the SolaX Cloud MQTTS server hosted in the Alibaba Cloud mqtt001.solaxcloud.com, TCP 8883. This allows attackers in a man-in-the-middle position to act as the legitimate MQTT server and issue arbitrary commands to...

9.4CVSS5.8AI score0.00216EPSS
Exploits0References2Affected Software5
Positive Technologies
Positive Technologies
added 2026/02/12 12:0 a.m.15 views

PT-2026-7834

Name of the Vulnerable Software and Affected Versions SolaX devices affected versions not specified Description Devices do not validate the server certificate when connecting to the SolaX Cloud MQTTS server hosted in Alibaba Cloud mqtt001.solaxcloud.com, TCP 8883. This allows attackers in a...

9.4CVSS5.9AI score0.00216EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/02/02 12:0 a.m.6 views

Alibaba Cloud Linux 3 : 0020: pcs (ALINUX3-SA-2026:0020)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0020 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-67725: Tornado is a Python web...

7.5CVSS5.7AI score0.00403EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/02 12:0 a.m.8 views

Alibaba Cloud Linux 3 : 0024: grafana (ALINUX3-SA-2026:0024)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0024 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-61729: Within HostnameError.Error, when...

7.5CVSS5.6AI score0.00459EPSS
Exploits2References2
Rows per page
Query Builder