36 matches found
EUVD-2020-29874
Malware in sbrugna...
EUVD-2021-14406
Malware in sbrugna...
EUVD-2024-30647
Malicious code in bioql PyPI...
EUVD-2024-16694
Malicious code in bioql PyPI...
CISA Releases Three Industrial Control Systems Advisories
CISA released three Industrial Control Systems ICS advisories on July 17, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-198-01 Leviton AcquiSuite and Energy Monitoring Hub ICSMA-25-198-01 Panoramic Corporati...
CVE-2020-9045
During installation or upgrade to Software House C•CURE 9000 v2.70 and American Dynamics victor Video Management System v5.2, the credentials of the user used to perform the installation or upgrade are logged in a file. The install log file persists after the installation...
CVE-2024-32861
Under certain circumstances the impacted Software House C•CURE 9000 installer will utilize unnecessarily wide permissions...
CVE-2024-32861 Software House C•CURE - CouchDB executable protection
Under certain circumstances the impacted Software House C•CURE 9000 installer will utilize unnecessarily wide permissions...
CVE-2024-32861
CVE-2024-32861 affects Software House C•CURE 9000 Site Server (3.00.3 and earlier). Root cause: installer directories containing executables (C:\CouchDB\bin) are given unnecessarily wide permissions. Impact: potential exposure of credentials and other sensitive data; CVSS v3.1 base 7.8 (LOCAL, LO...
CVE-2024-32759
Under certain circumstances the Software House C●CURE 9000 installer will utilize weak credentials...
CVE-2024-32759 Johnson Controls Software House C●CURE 9000 installer password strength
Under certain circumstances the Software House C●CURE 9000 installer will utilize weak credentials...
CVE-2024-32759 Johnson Controls Software House C●CURE 9000 installer password strength
Under certain circumstances the Software House C●CURE 9000 installer will utilize weak credentials...
CVE-2024-32759
The CVE-2024-32759 issue affects Johnson Controls Software House C●CURE 9000 installer (versions 2.80 and earlier). Under certain circumstances, the installer uses weak credentials, potentially allowing an attacker to gain administrative access to affected systems via a network attack with low co...
Johnson Controls Software House C CURE 9000 Security Breach
Johnson Controls Software House C CURE 9000 is an access control system from Johnson Controls, Inc. A security vulnerability exists in Johnson Controls Software House C CURE 9000 that stems from the installation program using weak credentials...
PT-2024-24831
Name of the Vulnerable Software and Affected Versions Software House C●CURE 9000 affected versions not specified Description The issue arises when the Software House C●CURE 9000 installer uses weak credentials under certain circumstances. Recommendations At the moment, there is no information abo...
Johnson Controls Inc. Software House C●CURE 9000 (Update B)
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION : Exploitable remotely/Low attack complexity Vendor : Johnson Controls Inc. Equipment : Software House C●CURE 9000 Vulnerability : Incorrect Default Permissions 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an...
CVE-2024-0912
Under certain circumstances the Microsoft® Internet Information Server IIS used to host the C•CURE 9000 Web Server will log Microsoft Windows credential details within logs. There is no impact to non-web service interfaces C•CURE 9000 or prior versions...
CVE-2024-0912
CVE-2024-0912 affects Johnson Controls Software House C•CURE 9000 running on IIS. In certain conditions, the IIS web host can log Windows credentials within the application logs, exposing sensitive information. Affected product/version: Software House C•CURE 9000 v3.00.2 (hosted on IIS). Technica...
PT-2024-15915 · Microsoft · Windows +1
Name of the Vulnerable Software and Affected Versions: C•CURE 9000 Web Server affected versions not specified Microsoft Internet Information Server IIS affected versions not specified Description: Under certain circumstances, the Microsoft Internet Information Server IIS used to host the C•CURE...
Johnson Controls Software House C●CURE 9000
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION : Low attack complexity Vendor : Johnson Controls Equipment : Software House C●CURE 9000 Vulnerability : Insertion of Sensitive Information into Log File 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to...