21 matches found
EUVD-2023-37892
Malicious code in bioql PyPI...
EUVD-2023-35972
Malicious code in bioql PyPI...
CVE-2023-33740
Incorrect access control in luowice v3.5.18 allows attackers to access cloud source code information via modification fo the Verify parameter in a warning message...
CVE-2023-31677
Insecure permissions in luowice 3.5.18 allow attackers to view information for other alarm devices via modification of the eseeid parameter...
CVE-2023-33740
Incorrect access control in luowice v3.5.18 allows attackers to access cloud source code information via modification fo the Verify parameter in a warning message...
CVE-2023-33740
Incorrect access control in luowice v3.5.18 allows attackers to access cloud source code information via modification fo the Verify parameter in a warning message...
CVE-2023-33740
Incorrect access control in luowice v3.5.18 allows attackers to access cloud source code information via modification fo the Verify parameter in a warning message...
CVE-2023-33740
CVE-2023-33740 affects luowice v3.5.18, with improper access control allowing attackers to access cloud source code information by modifying the Verify parameter in a warning message. Publicly available sources consistently identify the affected component as luowice v3.5.18 and describe the root ...
CVE-2023-33740
Incorrect access control in luowice v3.5.18 allows attackers to access cloud source code information via modification fo the Verify parameter in a warning message...
Luowice 安全漏洞
Luowice is a cloud app for a series of security monitoring devices from China-based Luowice. A security vulnerability exists in Luowice version 3.5.18, which stems from incorrect access control and can be exploited by an attacker to access cloud source code information...
CVE-2023-33740
Incorrect access control in luowice v3.5.18 allows attackers to access cloud source code information via modification fo the Verify parameter in a warning message...
PT-2023-24465 · Luowice · Luowice
Name of the Vulnerable Software and Affected Versions: luowice version 3.5.18 Description: The issue allows attackers to access cloud source code information due to incorrect access control. This is achieved by modifying the Verify parameter in a warning message. Recommendations: For luowice...
CVE-2023-31677
Insecure permissions in luowice 3.5.18 allow attackers to view information for other alarm devices via modification of the eseeid parameter...
Code injection
Insecure permissions in luowice 3.5.18 allow attackers to view information for other alarm devices via modification of the eseeid parameter...
PT-2023-23414 · Luowice · Luowice
Name of the Vulnerable Software and Affected Versions: luowice version 3.5.18 Description: The issue allows attackers to view information for other alarm devices by modifying the eseeid parameter, due to insecure permissions. Recommendations: For luowice version 3.5.18, restrict access to the...
Luowice 安全漏洞
Luowice is a cloud app for a series of security monitoring devices from China Luowice. A security vulnerability exists in Luowice version 3.5.18. An attacker can use this vulnerability to view the information of other alarm devices by modifying the eseeid parameter...
CVE-2023-31677
Insecure permissions in luowice 3.5.18 allow attackers to view information for other alarm devices via modification of the eseeid parameter...
CVE-2023-31677
CVE-2023-31677 affects Luowice 3.5.18. The root cause is insecure permissions that allow modification of the eseeid parameter, enabling an attacker to view information for other alarm devices. High-severity impact (confidentiality) is stated in multiple sources. Reported exploitation status is no...
CVE-2023-31677
Insecure permissions in luowice 3.5.18 allow attackers to view information for other alarm devices via modification of the eseeid parameter...
CVE-2020-9527
Firmware developed by Shenzhen Hichip Vision Technology V6 through V20, after 2018-08-09 through 2020, as used by many different vendors in millions of Internet of Things devices, suffers from buffer overflow vulnerability that allows unauthenticated remote attackers to execute arbitrary code via...