29 matches found
CVE-2026-49199
Crafted MQTT messages can trigger command injection, resulting in root-level code execution on the target device...
CVE-2026-49199
Crafted MQTT messages can trigger command injection, resulting in root-level code execution on the target device...
CVE-2026-24003
EVerest is an EV charging software stack. In versions up to and including 2025.12.1, it is possible to bypass the sequence state verification including authentication, and send requests that transition to forbidden states relative to the current one, thereby updating the current context with...
CVE-2026-24003
EVerest is an EV charging software stack. In versions up to and including 2025.12.1, it is possible to bypass the sequence state verification including authentication, and send requests that transition to forbidden states relative to the current one, thereby updating the current context with...
EUVD-2025-20408
Malicious code in bioql PyPI...
EUVD-2025-20409
Malicious code in bioql PyPI...
EUVD-2024-47816
Malicious code in bioql PyPI...
EUVD-2023-35507
Malicious code in bioql PyPI...
CVE-2025-24002
An unauthenticated remote attacker can use MQTT messages to crash a service on charging stations complying with German Calibration Law, resulting in a temporary denial-of-service for these stations until they got restarted by the watchdog...
CVE-2025-24003
An unauthenticated remote attacker can use MQTT messages to trigger out-of-bounds writes in charging stations complying with German Calibration Law, resulting in a loss of integrity for only EichrechtAgents and potential denial-of-service for these stations...
CVE-2025-24002
An unauthenticated remote attacker can use MQTT messages to crash a service on charging stations complying with German Calibration Law, resulting in a temporary denial-of-service for these stations until they got restarted by the watchdog...
CVE-2025-24003
An unauthenticated remote attacker can use MQTT messages to trigger out-of-bounds writes in charging stations complying with German Calibration Law, resulting in a loss of integrity for only EichrechtAgents and potential denial-of-service for these stations...
CVE-2025-24002
CVE-2025-24002 concerns unauthenticated MQTT-triggered crashes of services on charging stations that comply with the German Calibration Law. The primary sources (NVD, CVE listing, Red Hat advisory, PT Security report, etc.) describe an MQTT-based DoS where a remote attacker can cause the charging...
PT-2025-28341 · Unknown · Eichrechtagents
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: An unauthenticated remote attacker can use MQTT messages to trigger out-of-bounds writes in charging stations complying with German Calibration Law. This results in a loss of integrity for...
PT-2025-28340 · Phoenix Contact · Charx Sec-3000 +7
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: An unauthenticated remote attacker can use MQTT messages to crash a service on charging stations complying with German Calibration Law, resulting in a temporary denial-of-service for these...
CVE-2024-50695
SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to stack-based buffer overflow when parsing MQTT messages, due to missing MQTT topic bounds checks...
CVE-2024-50697
In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when decrypting MQTT messages, the code that parses specific TLV fields does not have sufficient bounds checks. This may result in a stack-based buffer overflow...
CVE-2024-50695
SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to stack-based buffer overflow when parsing MQTT messages, due to missing MQTT topic bounds checks...
CVE-2024-50695
SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to stack-based buffer overflow when parsing MQTT messages, due to missing MQTT topic bounds checks...
CVE-2024-50695
CVE-2024-50695 affects SunGrow WiNet-SV200.001.00.P027 and earlier versions. The issue is a stack-based buffer overflow that occurs when parsing MQTT messages due to missing MQTT topic bounds checks. Public sources describe the vulnerability as potentially enabling arbitrary code execution remote...