1420 matches found
Alibaba Cloud Linux 3 : 0040: freerdp (ALINUX3-SA-2026:0040)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0040 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-22855: FreeRDP is a free...
Malicious code in aliyun-python-sdk-v2 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 29bd2455a576643c51939bd166abab847afd04c3142b576e3f9f0c7978763181 Series of packages impersonating Alibaba Cloud. Two oldest hide code to run obfuscated code, but are likely to be used as dependency as the obfuscated code is...
MAL-2026-917 Malicious code in aliyun-python-sdk-v2 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 29bd2455a576643c51939bd166abab847afd04c3142b576e3f9f0c7978763181 Series of packages impersonating Alibaba Cloud. Two oldest hide code to run obfuscated code, but are likely to be used as dependency as the obfuscated code is...
Malicious code in alibabacloude (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 c45df7f85cfaba4bf141f0a17ba2d0987e080131bab1f1233798a1287d63fa7f Series of packages impersonating Alibaba Cloud. Two oldest hide code to run obfuscated code, but are likely to be used as dependency as the obfuscated code is...
Malicious code in alibabacloud-code-tool (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5e4d81a71d0710ac3618ec41e8027ee6a96ae9845ca67b33b950c8d99d8d2e8a This package impersonates Alibaba Cloud account and contains highly obfuscated code. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...
287 Chrome Extensions Caught Harvesting Browsing Data from 37M Users
New investigation by Q Continuum reveals 287 Chrome extensions leaking the private browsing data of 37.4 million users to firms like Similarweb and Alibaba. Learn how these harmless tools turn your history into a product...
CVE-2025-15573
The affected devices do not validate the server certificate when connecting to the SolaX Cloud MQTTS server hosted in the Alibaba Cloud mqtt001.solaxcloud.com, TCP 8883. This allows attackers in a man-in-the-middle position to act as the legitimate MQTT server and issue arbitrary commands to...
Alibaba Cloud Linux 3 : 0035: python3 (ALINUX3-SA-2026:0035)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0035 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-12084: When building nested...
Alibaba Cloud Linux 3 : 0032: util-linux (ALINUX3-SA-2026:0032)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0032 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-14104: A flaw was found in util-linux. Thi...
Alibaba Cloud Linux 3 : 0037: spice-client-win (ALINUX3-SA-2026:0037)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0037 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-14523: A flaw in libsoups HTTP...
Alibaba Cloud Linux 3 : 0036: libsoup (ALINUX3-SA-2026:0036)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0036 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-0719: A flaw was identified in th...
Alibaba Cloud Linux 3 : 0033: resource-agents (ALINUX3-SA-2026:0033)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0033 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-23490: pyasn1 is a generic ASN.1 library f...
CVE-2025-15573
The affected devices do not validate the server certificate when connecting to the SolaX Cloud MQTTS server hosted in the Alibaba Cloud mqtt001.solaxcloud.com, TCP 8883. This allows attackers in a man-in-the-middle position to act as the legitimate MQTT server and issue arbitrary commands to...
CVE-2025-15573 Missing Certificate Validation for Solax Power Pocket WiFi models MQTT Cloud Connection
The affected devices do not validate the server certificate when connecting to the SolaX Cloud MQTTS server hosted in the Alibaba Cloud mqtt001.solaxcloud.com, TCP 8883. This allows attackers in a man-in-the-middle position to act as the legitimate MQTT server and issue arbitrary commands to...
CVE-2025-15573 Missing Certificate Validation for Solax Power Pocket WiFi models MQTT Cloud Connection
The affected devices do not validate the server certificate when connecting to the SolaX Cloud MQTTS server hosted in the Alibaba Cloud mqtt001.solaxcloud.com, TCP 8883. This allows attackers in a man-in-the-middle position to act as the legitimate MQTT server and issue arbitrary commands to...
CVE-2025-15573
CVE-2025-15573 affects SolaX Power Pocket devices. The issue arises because the devices do not validate the server certificate when connecting to the SolaX Cloud MQTTS server (mqtt001.solaxcloud.com:8883), enabling a man-in-the-middle attacker to impersonate the legitimate MQTT server and issue a...
CVE-2025-15573
The affected devices do not validate the server certificate when connecting to the SolaX Cloud MQTTS server hosted in the Alibaba Cloud mqtt001.solaxcloud.com, TCP 8883. This allows attackers in a man-in-the-middle position to act as the legitimate MQTT server and issue arbitrary commands to...
PT-2026-7834
Name of the Vulnerable Software and Affected Versions SolaX devices affected versions not specified Description Devices do not validate the server certificate when connecting to the SolaX Cloud MQTTS server hosted in Alibaba Cloud mqtt001.solaxcloud.com, TCP 8883. This allows attackers in a...
Alibaba Cloud Linux 3 : 0020: pcs (ALINUX3-SA-2026:0020)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0020 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-67725: Tornado is a Python web...
Alibaba Cloud Linux 3 : 0024: grafana (ALINUX3-SA-2026:0024)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0024 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-61729: Within HostnameError.Error, when...