5 matches found
EUVD-2025-27278
Malicious code in bioql PyPI...
CVE-2025-10183
A blind XML External Entity XXE injection in the OpenMessaging webservice in TecCom TecConnect 4.1 allows an unauthenticated attacker to exfiltrate arbitrary files to an attacker-controlled server. TecConnect 4.1 is considered end-of-life as of December 2023. Users are advised to upgrade to TecCo...
CVE-2025-10183 XML External Entity Injection in TecConnect 4.1
A blind XML External Entity XXE injection in the OpenMessaging webservice in TecCom TecConnect 4.1 allows an unauthenticated attacker to exfiltrate arbitrary files to an attacker-controlled server. TecConnect 4.1 is considered end-of-life as of December 2023. Users are advised to upgrade to TecCo...
CVE-2025-10183
CVE-2025-10183 describes a blind XML External Entity (XXE) injection in the OpenMessaging webservice of TecCom TecConnect 4.1, allowing an unauthenticated attacker to exfiltrate arbitrary files to a controller server. Affected: TecConnect 4.1 OpenMessaging webservice; root cause is XXE in OpenMes...
PT-2025-36738
Name of the Vulnerable Software and Affected Versions: TecCom TecConnect version 4.1 Description: The OpenMessaging webservice in TecCom TecConnect version 4.1 contains a blind XML External Entity XXE injection. This allows an unauthenticated attacker to exfiltrate arbitrary files to an...