74 matches found
EUVD-2024-41639
Malicious code in bioql PyPI...
EUVD-2024-42837
Malicious code in bioql PyPI...
EUVD-2024-39892
Malicious code in bioql PyPI...
EUVD-2024-42807
Malicious code in bioql PyPI...
EUVD-2024-43173
Malicious code in bioql PyPI...
EUVD-2024-42786
Malicious code in bioql PyPI...
EUVD-2024-45761
Malicious code in bioql PyPI...
EUVD-2024-46121
Malicious code in bioql PyPI...
EUVD-2024-42180
Malicious code in bioql PyPI...
CVE-2024-51727
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a feature that could enable attackers to invalidate a legitimate user's session and cause a denial-of-service attack on a user's account...
CVE-2024-42494
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a a feature that could enable sub accounts or attackers to view and exfiltrate sensitive information from all cloud accounts registered to Ruijie's services...
CVE-2024-52324
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses an inherently dangerous function which could allow an attacker to send a malicious MQTT message resulting in devices executing arbitrary OS commands...
CVE-2024-47547
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x contains a weak mechanism for its users to change their passwords which leaves authentication vulnerable to brute force attacks...
CVE-2024-47043
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could enable an attacker to correlate a device serial number and the user's phone number and part of the email address...
CVE-2024-47791
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to subscribe to partial possible topics in Ruijie MQTT broker, and receive partial messages being sent to and from devices...
CVE-2024-45722
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x uses weak credential mechanism that could allow an attacker to easily calculate MQTT credentials...
CVE-2024-46874
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow MQTT clients connecting with device credentials to send messages to some topics. Attackers with device credentials could issue commands to other devices on behalf of Ruijie's cloud...
CVE-2024-48874
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could give attackers the ability to force Ruijie's proxy servers to perform any request the attackers choose. Using this, attackers could access internal services used by Ruijie and their internal cloud infrastructure via AWS cloud...
The vulnerability of the MQTT broker of Ruijie Reyee OS operating system allows a perpetrator to execute arbitrary commands.
The vulnerability of the MQTT broker operating system in Ruijie Reyee OS is related to improper handling of insufficient permissions or privileges. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...
The vulnerability of the Ruijie Reyee OS, related to deficiencies in data storage, allows a perpetrator to match the device serial number with the user’s phone number and a portion of the email address.
The vulnerability of the Ruijie Reyee OS is related to deficiencies in the storage of service data. Exploiting this vulnerability allows a malicious actor to match the device serial number with the user’s phone number and part of the email address...