154 matches found
Ksenia Security Lares 4.0 Home Automation 信任管理问题漏洞
Ksenia Security Lares 4.0 Home Automation is an intelligent security and home automation control platform from Ksenia Security, Italy. A trust management issue vulnerability exists in Ksenia Security Lares 4.0 Home Automation version 1.6, which stems from default credentials and could allow an...
Ksenia Security Lares 4.0 Home Automation 安全漏洞
Ksenia Security Lares 4.0 Home Automation is an intelligent security and home automation control platform from Ksenia Security, Italy. A security vulnerability exists in Ksenia Security Lares 4.0 Home Automation version 1.6, which stems from the exposure of the alarm system PIN in the baseInfo XM...
AVE DOMINAplus 安全漏洞
AVE DOMINAplus is an application from AVE Italy. The best home automation system for next generation houses. A security vulnerability exists in AVE DOMINAplus version 1.10.x, which stems from vulnerability to cross-site request forgery and cross-site scripting attacks that could lead to the...
EUVD-2020-14764
Malware in sbrugna...
EUVD-2020-14755
Malware in sbrugna...
EUVD-2015-2936
Malware in sbrugna...
EUVD-2013-6749
Malware in sbrugna...
EUVD-2014-4811
Malware in sbrugna...
EUVD-2024-2658
Malicious code in bioql PyPI...
EUVD-2023-46373
Malicious code in bioql PyPI...
EUVD-2024-2477
Malicious code in bioql PyPI...
Invitation Is All You Need! Promptware Attacks against LLM-Powered Assistants in Production Are Practical and Dangerous
The growing integration of LLMs into applications has introduced new security risks, notably known as Promptware - maliciously engineered prompts designed to manipulate LLMs to compromise the CIA triad of these applications. While prior research warned about a potential shift in the threat...
Ilevia EVE X1 Server 4.7.18.0.eden (db_log) Pre-Auth File Disclosure
Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...
CISA Releases Three Industrial Control Systems Advisories
CISA released three Industrial Control Systems ICS advisories on June 3, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-153-01 Schneider Electric Wiser Home Automation ICSA-25-153-02 Schneider Electric...
CVE-2020-21987
HomeAutomation 3.3.2 is affected by persistent Cross Site Scripting XSS. XSS vulnerabilities occur when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's...
CVE-2020-22001
HomeAutomation 3.3.2 suffers from an authentication bypass vulnerability when spoofing client IP address using the X-Forwarded-For header with the local loopback IP address value allowing remote control of the smart home solution...
Ksenia Security Lares WebServer Home Automation PIN Logic Flaw
Summary Lares is a burglar alarm & home automation system that can be controlled by means of an ergo LCD keyboard, as well as remotely by telephone, and even via the Internet through a built-in WEB server. Description The Ksenia home automation and burglar alarm system has a security flaw where t...
EUVD-2024-2569
openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. Prior to version 4.2.1, CometVisu's file system endpoints don't require authentication and additionally the endpoint to update an existing file is susceptible to path traversal...
CVE-2024-42467 CometVisu Backend for openHAB affected by SSRF/XSS
openHAB, a provider of open-source home automation software, has add-ons including the visualization add-on CometVisu. Prior to version 4.2.1, the proxy endpoint of openHAB's CometVisu add-on can be accessed without authentication. This proxy-feature can be exploited as Server-Side Request Forger...
PT-2025-54259
Name of the Vulnerable Software and Affected Versions Ksenia Security Lares 4.0 Home Automation version 1.6 Description Ksenia Security Lares 4.0 Home Automation version 1.6 has a default credentials issue that allows unauthorized access to administrative functions. Successful exploitation grants...