Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-28746

Malicious code in bioql PyPI...

7.6CVSS6.5AI score0.00078EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-19423

Malicious code in bioql PyPI...

5.4CVSS6.5AI score0.002EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/29 6:5 p.m.20 views

CVE-2025-6522

Unauthenticated users on an adjacent network with the Sight Bulb Pro can run shell commands as root through a vulnerable proprietary TCP protocol available on Port 16668. This vulnerability allows an attacker to run arbitrary commands on the Sight Bulb Pro by passing a well formed JSON string...

5.4CVSS7.5AI score0.002EPSS
Exploits0References1
NVD
NVD
added 2025/06/27 6:15 p.m.9 views

CVE-2025-6522

Unauthenticated users on an adjacent network with the Sight Bulb Pro can run shell commands as root through a vulnerable proprietary TCP protocol available on Port 16668. This vulnerability allows an attacker to run arbitrary commands on the Sight Bulb Pro by passing a well formed JSON string...

5.4CVSS0.002EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/27 5:9 p.m.6 views

CVE-2025-6522 TrendMakers Sight Bulb Pro Command Injection

Unauthenticated users on an adjacent network with the Sight Bulb Pro can run shell commands as root through a vulnerable proprietary TCP protocol available on Port 16668. This vulnerability allows an attacker to run arbitrary commands on the Sight Bulb Pro by passing a well formed JSON string...

5.4CVSS7.5AI score0.002EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/27 5:9 p.m.10 views

CVE-2025-6522 TrendMakers Sight Bulb Pro Command Injection

Unauthenticated users on an adjacent network with the Sight Bulb Pro can run shell commands as root through a vulnerable proprietary TCP protocol available on Port 16668. This vulnerability allows an attacker to run arbitrary commands on the Sight Bulb Pro by passing a well formed JSON string...

5.4CVSS0.002EPSS
Exploits0References2
CVE
CVE
added 2025/06/27 5:9 p.m.21 views

CVE-2025-6522

CVE-2025-6522 affects TrendMakers Sight Bulb Pro. An unauthenticated adversary on an adjacent network can execute arbitrary commands as root via a vulnerable proprietary TCP protocol on port 16668 by sending a well-formed JSON string. This is described as a command-injection vulnerability in the ...

5.4CVSS6.9AI score0.002EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/06/27 5:6 p.m.3 views

CVE-2025-6521 TrendMakers Sight Bulb Pro Use of a Broken or Risky Cryptographic Algorithm

During the initial setup of the device the user connects to an access point broadcast by the Sight Bulb Pro. During the negotiation, AES Encryption keys are passed in cleartext. If captured, an attacker may be able to decrypt communications between the management app and the Sight Bulb Pro which...

7.6CVSS6.7AI score0.00078EPSS
Exploits0References2
CVE
CVE
added 2025/06/27 5:6 p.m.19 views

CVE-2025-6521

CVE-2025-6521 affects the TrendMakers Sight Bulb Pro. During initial setup, AES keys are passed in cleartext as the device negotiates with an access point, enabling an attacker on an adjacent network to decrypt management app communications and potentially access credentials. The CISA ICS advisor...

7.6CVSS6.1AI score0.00078EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/27 5:6 p.m.9 views

CVE-2025-6521 TrendMakers Sight Bulb Pro Use of a Broken or Risky Cryptographic Algorithm

During the initial setup of the device the user connects to an access point broadcast by the Sight Bulb Pro. During the negotiation, AES Encryption keys are passed in cleartext. If captured, an attacker may be able to decrypt communications between the management app and the Sight Bulb Pro which...

7.6CVSS0.00078EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/06/27 12:0 a.m.2 views

Trend Makers Sight Bulb Pro 命令注入漏洞

Trend Makers Sight Bulb Pro is a webcam from Trend Makers, USA. The Trend Makers Sight Bulb Pro suffers from a command injection vulnerability that stems from a vulnerability in the TCP protocol on port 16668, which could result in an unauthenticated user executing arbitrary commands...

5.4CVSS7.5AI score0.002EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/06/27 12:0 a.m.5 views

PT-2025-27248 · Unknown · Sight Bulb Pro

Name of the Vulnerable Software and Affected Versions: Sight Bulb Pro affected versions not specified Description: The issue allows unauthenticated users on an adjacent network to run shell commands as root through a vulnerable proprietary TCP protocol available on Port 16668. This enables an...

5.4CVSS8AI score0.002EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/06/27 12:0 a.m.6 views

PT-2025-27247 · Trendmakers · Trendmakers Sight Bulb Pro

Name of the Vulnerable Software and Affected Versions: TrendMakers Sight Bulb Pro affected versions not specified Description: The issue arises during the initial setup of the device, where the user connects to an access point broadcast by the Sight Bulb Pro. During this negotiation, AES Encrypti...

7.6CVSS7.1AI score0.00078EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/06/27 12:0 a.m.4 views

Trend Makers Sight Bulb Pro 加密问题漏洞

Trend Makers Sight Bulb Pro is a camera from Trend Makers, Inc. The Trend Makers Sight Bulb Pro suffers from an encryption issue vulnerability that stems from the plaintext transfer of an AES key during initial setup, which could lead to the decryption of communications and the disclosure of...

7.6CVSS6.3AI score0.00078EPSS
Exploits0References3
Rows per page
Query Builder