EUVD-2017-14270

Malware in sbrugna...

EUVD-2012-4301

Malware in sbrugna...

EUVD-2012-4302

Malware in sbrugna...

EUVD-2023-50854

Malicious code in bioql PyPI...

EUVD-2023-50855

Malicious code in bioql PyPI...

EUVD-2023-50852

Malicious code in bioql PyPI...

EUVD-2023-58039

Malicious code in bioql PyPI...

EUVD-2023-50856

Malicious code in bioql PyPI...

CVE-2023-5754

Sielco PolyEco1000 uses a weak set of default administrative credentials that can be easily guessed in remote password attacks and gain full control of the system...

CVE-2023-46664

Sielco PolyEco1000 is vulnerable to an improper access control vulnerability when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypass authorization and access resources behind protected pages...

CVE-2023-46665

Sielco PolyEco1000 is vulnerable to an authentication bypass vulnerability due to an attacker modifying passwords in a POST request and gain unauthorized access to the affected device with administrative privileges...

CVE-2023-46661

Sielco PolyEco1000 is vulnerable to an attacker escalating their privileges by modifying passwords in POST requests...

CVE-2023-46663

Sielco PolyEco1000 is vulnerable to an attacker bypassing authorization and accessing resources behind protected pages. The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests...

CVE-2023-46662

Sielco PolyEco1000 is vulnerable to an information disclosure vulnerability due to improper access control enforcement. An unauthenticated remote attacker can exploit this via a specially crafted request to gain access to sensitive information...

CVE-2012-4358

Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service invalid 0x00 write operation and daemon crash or possibly have unspecified other impact via a...

CVE-2011-4037

Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog Lite before 2.07.09 allows user-assisted remote attackers to execute arbitrary code via invalid data in unspecified fields of a project file...

CVE-2012-4359

Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service invalid 0x00 write operation and daemon crash or possibly have unspecified other impact via a...

CVE-2012-4356

Multiple directory traversal vulnerabilities in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allow remote attackers to read arbitrary files via port-46824 TCP packets specifying a file-open operation with opcode 0x78 and a .. dot dot in a pathname, followed ...

Sielco Sistemi Winlog Remote File Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sielco Sistemi Winlog Remote File Access', 'Description' = %q This module exploits a directory traversal in Sielco Sistemi Winlog. The...

The vulnerability of Sielco PolyEco1000 digital FM transmitter’s microprogramming software, related to improper session management, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of Sielco PolyEco1000 digital FM transmitter’s microprogramming software is related to improper session management. Exploiting this vulnerability could allow an attacker, operating remotely, to compromise the confidentiality, integrity, and accessibility of the protected...