400 matches found
EUVD-2025-11409
Malicious code in bioql PyPI...
EUVD-2025-11442
Malicious code in bioql PyPI...
EUVD-2025-11421
Malicious code in bioql PyPI...
EUVD-2025-11440
Malicious code in bioql PyPI...
EUVD-2023-33016
Malicious code in bioql PyPI...
EUVD-2025-11438
Malicious code in bioql PyPI...
Siemens TeleControl Server Basic SQLi (CVE-2025-27540)
Binary data siemenstelecontrolserverbasiccve-2025-27540.nbin...
Siemens TeleControl Server Basic UpdateConnectionVariables SQL Injection Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens TeleControl Server Basic. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
Siemens TeleControl Server Basic RestoreFromBackup SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens TeleControl Server Basic. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
The vulnerability of the ExportCertificate method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.
The vulnerability of the ExportCertificate method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allo...
The vulnerability of the LockUser method in software for managing and monitoring deleted objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.
The vulnerability of the LockUser method in software for managing and monitoring removed objects in telemetry and telemechanics systems related to the TeleControl Server Basic is associated with the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a...
The vulnerability of the GetLogs method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems of the TeleControl Server Basic allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.
The vulnerability of the GetLogs method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems related to the lack of security measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass security...
The vulnerability of the getUsers method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.
The vulnerability of the getUsers method in software for managing and monitoring removed objects in telemetry and telemechanics systems related to the TeleControl Server Basic lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to...
The vulnerability of the CreateBackup method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.
The vulnerability of the CreateBackup method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to bypass security restrictions,...
The vulnerability of the LockTraceLevelSettings method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, allowing a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.
The vulnerability of the LockTraceLevelSettings method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability...
The vulnerability of the CreateLog method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, as well as in the TeleControl Server Basic, allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.
The vulnerability of the CreateLog method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass security...
The vulnerability of the LockGeneralSettings method in the software for managing and monitoring remote objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, allows a hacker to circumvent security restrictions and gain access to write and read arbitrary files.
The vulnerability of the LockGeneralSettings method in the software for managing and monitoring remote objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability...
CVE-2025-29931
A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected product does not properly validate a length field in a serialized message which it uses to determine the amount of memory to be allocated for deserialization. This could allow an unauthenticated...
CVE-2025-30030
A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'ImportDatabase' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...
CVE-2025-30003
A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateProjectConnections' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...