Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-46258

Malicious code in bioql PyPI...

9.5CVSS6.6AI score0.00365EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/25 12:18 a.m.18 views

CVE-2025-2394

Ecovacs Home Android and iOS Mobile Applications up to version 3.3.0 contained embedded access keys and secrets for Alibaba Object Storage Service OSS, leading to sensitive data disclosure...

4.7CVSS6.6AI score0.00181EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/23 12:3 a.m.4 views

CVE-2025-2394 Disclosure of Alibaba (OSS) Keys In Ecovacs Home Android and iOS Mobile Applications

Ecovacs Home Android and iOS Mobile Applications up to version 3.3.0 contained embedded access keys and secrets for Alibaba Object Storage Service OSS, leading to sensitive data disclosure...

4.7CVSS6.3AI score0.00181EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/23 12:3 a.m.13 views

CVE-2025-2394 Disclosure of Alibaba (OSS) Keys In Ecovacs Home Android and iOS Mobile Applications

Ecovacs Home Android and iOS Mobile Applications up to version 3.3.0 contained embedded access keys and secrets for Alibaba Object Storage Service OSS, leading to sensitive data disclosure...

4.7CVSS0.00181EPSS
Exploits0References2
CVE
CVE
added 2025/05/23 12:3 a.m.50 views

CVE-2025-2394

CVE-2025-2394 affects Ecovacs Home mobile apps (Android and iOS) up to version 3.3.0. The root cause is embedded Alibaba OSS access keys and secrets within the app, enabling potential sensitive data disclosure. The accompanying PT-2025-22570 advisory recommends removing or securely storing embedd...

4.7CVSS6.2AI score0.00181EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/05/23 12:0 a.m.7 views

PT-2025-22570 · Ecovacs · Ecovacs Home

Name of the Vulnerable Software and Affected Versions: Ecovacs Home Android and iOS Mobile Applications versions up to 3.3.0 Description: The issue concerns the disclosure of sensitive data due to embedded access keys and secrets for Alibaba Object Storage Service OSS in the Ecovacs Home mobile...

4.7CVSS6.1AI score0.00181EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/05/23 12:0 a.m.3 views

ECOVACS HOME 安全漏洞

ECOVACS HOME is a smart home management software from ECOVACS, China. A security vulnerability exists in ECOVACS HOME 3.3.0 and prior versions, which originates from embedding Alibaba Object Storage Service access keys and secrets, which could lead to sensitive data leakage...

4.7CVSS6.6AI score0.00181EPSS
Exploits0References2
OSV
OSV
added 2025/01/23 5:15 p.m.5 views

CVE-2024-52329

ECOVACS HOME mobile app plugins for specific robots do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic and obtain authentication tokens...

7.4CVSS5.8AI score0.00365EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/01/23 4:36 p.m.9 views

CVE-2024-52329 ECOVACS HOME mobile app plugins do not properly validate TLS certificates

ECOVACS HOME mobile app plugins for specific robots do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic and obtain authentication tokens...

9.5CVSS7.7AI score0.00365EPSS
Exploits1References3
CVE
CVE
added 2025/01/23 4:36 p.m.52 views

CVE-2024-52329

CVE-2024-52329 affects ECOVACS HOME mobile app plugins for specific robots, where TLS certificate validation is not properly performed. The underlying issue allows an unauthenticated attacker to read or modify TLS traffic and to obtain authentication tokens. The entry provides CVSS data indicatin...

9.5CVSS7.7AI score0.00365EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2025/01/23 4:36 p.m.16 views

CVE-2024-52329 ECOVACS HOME mobile app plugins do not properly validate TLS certificates

ECOVACS HOME mobile app plugins for specific robots do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic and obtain authentication tokens...

9.5CVSS0.00365EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/01/23 12:0 a.m.7 views

ECOVACS HOME mobile app plugins 信任管理问题漏洞

The ECOVACS HOME mobile app plugins is a mobile app plugin from ECOVACS, China. A security vulnerability exists in the ECOVACS HOME mobile app plugins that stems from the mobile app plugin not properly validating TLS certificates. An unauthenticated attacker could read or modify TLS traffic and...

9.5CVSS6.8AI score0.00365EPSS
Exploits1References4
Rows per page
Query Builder