Lucene search
K

26 matches found

GithubExploit
GithubExploit
added 2026/04/07 4:37 a.m.130 views

Exploit for CVE-2025-1242

CERT/CC VU653116 | CISA Advisory ICSA-26-055-03https:/...

9.3CVSS7.5AI score0.00438EPSS
Exploits2
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-33891

Malicious code in bioql PyPI...

9.8CVSS9AI score0.00958EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.7 views

Malicious code in node-red-azure-iot-hub (npm)

The package node-red-azure-iot-hub was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.6 views

MAL-2025-27640 Malicious code in node-red-azure-iot-hub (npm)

The package node-red-azure-iot-hub was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 10:46 p.m.10 views

CVE-2022-29556

The iot-manager microservice 1.0.0 in Northern.tech Mender Enterprise before 3.2.2 allows SSRF because the Azure IoT Hub integration provides several SSRF primitives that can execute cross-tenant actions via internal API endpoints...

9.8CVSS7.1AI score0.00958EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/09/09 11:7 a.m.6 views

Malicious code in azure-iothub-service-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 39be68a1794d85382ecb02d31e4d56c310788c3eb8f0f552d464410ec90138a5 The OpenSSF Package Analysis project identified 'azure-iothub-service-client' @ 0.0.2 npm as malicious. It is considered malicious because: - Th...

7.1AI score
Exploits0
Kaspersky
Kaspersky
added 2024/08/13 12:0 a.m.42 views

KLA71478 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in .NET and Visua...

7.5CVSS8.5AI score0.02701EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2023/03/29 12:0 a.m.24 views

Wago PFC200 Cloud Connectivity Improper Host Validation (CVE-2019-5160)

An exploitable improper host validation vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 Firmware versions 03.02.0214, 03.01.0713, and 03.00.3912. A specially crafted HTTPS POST request can cause the software to connect to an unauthorized host, resulting in unauthorized...

9.1CVSS8.3AI score0.02672EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/04/28 8:15 p.m.5 views

CVE-2022-29556

The iot-manager microservice 1.0.0 in Northern.tech Mender Enterprise before 3.2.2 allows SSRF because the Azure IoT Hub integration provides several SSRF primitives that can execute cross-tenant actions via internal API endpoints...

9.8CVSS5.9AI score0.00958EPSS
Exploits0References3
NVD
NVD
added 2022/04/28 8:15 p.m.18 views

CVE-2022-29556

The iot-manager microservice 1.0.0 in Northern.tech Mender Enterprise before 3.2.2 allows SSRF because the Azure IoT Hub integration provides several SSRF primitives that can execute cross-tenant actions via internal API endpoints...

9.8CVSS0.00958EPSS
Exploits0References2
OSV
OSV
added 2022/04/28 8:15 p.m.7 views

CVE-2022-29556

The iot-manager microservice 1.0.0 in Northern.tech Mender Enterprise before 3.2.2 allows SSRF because the Azure IoT Hub integration provides several SSRF primitives that can execute cross-tenant actions via internal API endpoints...

9.8CVSS7.4AI score0.00958EPSS
Exploits0References2
Prion
Prion
added 2022/04/28 8:15 p.m.16 views

Server side request forgery (ssrf)

The iot-manager microservice 1.0.0 in Northern.tech Mender Enterprise before 3.2.2 allows SSRF because the Azure IoT Hub integration provides several SSRF primitives that can execute cross-tenant actions via internal API endpoints...

7.5CVSS9.4AI score0.00958EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/04/28 7:48 p.m.702 views

CVE-2022-29556

CVE-2022-29556 affects the iot-manager microservice 1.0.0 in Northern.tech Mender Enterprise before 3.2.2. The vulnerability arises from the Azure IoT Hub integration, which exposes SSRF primitives that can be used to execute cross-tenant actions via internal API endpoints. This leads to potentia...

9.8CVSS9.4AI score0.00958EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/04/28 7:48 p.m.37 views

CVE-2022-29556

The iot-manager microservice 1.0.0 in Northern.tech Mender Enterprise before 3.2.2 allows SSRF because the Azure IoT Hub integration provides several SSRF primitives that can execute cross-tenant actions via internal API endpoints...

9.7AI score0.00958EPSS
Exploits0References2
OSV
OSV
added 2020/03/11 10:27 p.m.6 views

CVE-2019-5160

An exploitable improper host validation vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 Firmware versions 03.02.0214, 03.01.0713, and 03.00.3912. A specially crafted HTTPS POST request can cause the software to connect to an unauthorized host, resulting in unauthorized...

9.1CVSS7.3AI score0.02672EPSS
Exploits1References1
NVD
NVD
added 2020/03/11 10:27 p.m.20 views

CVE-2019-5160

An exploitable improper host validation vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 Firmware versions 03.02.0214, 03.01.0713, and 03.00.3912. A specially crafted HTTPS POST request can cause the software to connect to an unauthorized host, resulting in unauthorized...

9.1CVSS8.7AI score0.02672EPSS
Exploits1References1
Prion
Prion
added 2020/03/11 10:27 p.m.17 views

Input validation

An exploitable improper host validation vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 Firmware versions 03.02.0214, 03.01.0713, and 03.00.3912. A specially crafted HTTPS POST request can cause the software to connect to an unauthorized host, resulting in unauthorized...

6.5CVSS8.7AI score0.02672EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/03/10 10:35 p.m.19 views

CVE-2019-5160

An exploitable improper host validation vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 Firmware versions 03.02.0214, 03.01.0713, and 03.00.3912. A specially crafted HTTPS POST request can cause the software to connect to an unauthorized host, resulting in unauthorized...

8.8AI score0.02672EPSS
Exploits1References1
Talos
Talos
added 2020/03/09 12:0 a.m.70 views

WAGO PFC200 Cloud Connectivity Multiple Command Injection Vulnerabilities

Summary An exploitable command injection vulnerability exists in the cloud connectivity feature of WAGO PFC200. An attacker can inject operating system commands into any of the parameter values contained in the firmware update command. Tested Versions WAGO PFC200 Firmware version 03.02.0214 WAGO...

9CVSS7.4AI score0.04614EPSS
Exploits1
Talos
Talos
added 2020/03/09 12:0 a.m.80 views

WAGO PFC200 Cloud Connectivity Improper Host Validation Vulnerability

Summary An exploitable improper host validation vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200. A specially crafted HTTPS POST request can cause the software to connect to an unauthorized host, resulting in unauthorized access to firmware update functionality. An...

9.1CVSS8.9AI score0.02672EPSS
Exploits1
Rows per page
Query Builder