22 matches found
EUVD-2025-29080
Malicious code in bioql PyPI...
EUVD-2025-29082
Malicious code in bioql PyPI...
EUVD-2025-29083
Malicious code in bioql PyPI...
EUVD-2025-29081
Malicious code in bioql PyPI...
CVE-2025-45584
Incorrect access control in the web service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to download car information without authentication...
CVE-2025-45586
An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files via supplying a crafted PUT request...
CVE-2025-45583
Incorrect access control in the FTP protocol of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to authenticate into the service using any combination of username and password...
CVE-2025-45587
A stack overflow in the FTP service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-45586
An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files via supplying a crafted PUT request...
CVE-2025-45585
CVE-2025-45585 relates to Audi UTR 2.0 Universal Traffic Recorder 2.0, with multiple stored XSS vulnerabilities. The issue arises from injecting crafted payloads into the wifi_sta_ssid and wifi_ap_ssid parameters, enabling attackers to execute arbitrary web scripts or HTML in the affected context...
CVE-2025-45586
An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files via supplying a crafted PUT request...
PT-2025-37350
Name of the Vulnerable Software and Affected Versions: Audi UTR 2.0 Universal Traffic Recorder 2.0 Description: An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files by submitting a crafted PUT request. Recommendations: At the moment, there is no...
CVE-2025-45585
Multiple stored cross-site scripting XSS vulnerabilities in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the wifistassid or wifiapssid parameters...
CVE-2025-45586
An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files via supplying a crafted PUT request...
CVE-2025-45583
Incorrect access control in the FTP protocol of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to authenticate into the service using any combination of username and password...
PT-2025-37347
Name of the Vulnerable Software and Affected Versions: Audi UTR 2.0 Universal Traffic Recorder 2.0 affected versions not specified Description: An incorrect access control issue exists in the FTP protocol. This allows attackers to authenticate to the service using any combination of username and...
CVE-2025-45587
CVE-2025-45587 describes a stack overflow in the FTP service of Audi UTR 2.0 Universal Traffic Recorder 2.0 that allows attackers to cause a Denial of Service (DoS) via a crafted input. Affected component is the FTP service; root cause is a stack overflow. Documented impact: availability impact h...
CVE-2025-30118
An issue was discovered on the Audi Universal Traffic Recorder 2.88. It has Susceptibility to denial of service. It uses the same default credentials for all devices and does not implement proper multi-device authentication, allowing attackers to deny the owner access by occupying the only...
CVE-2025-30118
An issue was discovered on the Audi Universal Traffic Recorder 2.88. It has Susceptibility to denial of service. It uses the same default credentials for all devices and does not implement proper multi-device authentication, allowing attackers to deny the owner access by occupying the only...
CVE-2025-2555
A vulnerability classified as problematic has been found in Audi Universal Traffic Recorder App 2.0. Affected is an unknown function of the component FTP Credentials. The manipulation leads to use of hard-coded password. Attacking locally is a requirement. The complexity of an attack is rather...