Advantech ADAM-6000 Use of Default Password (CVE-2008-5848)

The Advantech ADAM-6000 module has 00000000 as its default password, which makes it easier for remote attackers to obtain access through an HTTP session, and 1 monitor or 2 control the module's Modbus/TCP I/O activity. This plugin only works with Tenable.ot. Please visit...

Is “Satoshi Nakamoto” Really Adam Back?

The New York Times has a long article where the author lays out an impressive array of circumstantial evidence that the inventor of Bitcoin is the cypherpunk Adam Back. I don't know. The article is convincing, but it's written to be convincing. I can't remember if I ever met Adam. I was a member ...

Advantech ADAM-5630 Use of Persistent Cookies Containing Sensitive Information (CVE-2024-39275)

Cookies of authenticated Advantech ADAM-5630 users remain as active valid cookies when a session is closed. Forging requests with a legitimate cookie, even if the session was terminated, allows an unauthorized attacker to act with the same level of privileges of the legitimate user. This plugin...

Advantech ADAM-5630 Missing Authentication for Critical Function (CVE-2024-39364)

Advantech ADAM-5630 has built-in commands that can be executed without authenticating the user. These commands allow for restarting the operating system, rebooting the hardware, and stopping the execution. The commands can be sent to a simple HTTP request and are executed by the device...

Advantech ADAM-5550 Weak Encoding For Password (CVE-2024-37187)

Advantech ADAM-5550 share user credentials with a low level of encryption, consisting of base 64 encoding. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

Advantech ADAM-5630 Cross-Site Request Forgery (CVE-2024-28948)

Advantech ADAM-5630 contains a cross-site request forgery CSRF vulnerability. It allows an attacker to partly circumvent the same origin policy, which is designed to prevent different websites from interfering with each other. This plugin only works with Tenable.ot. Please visit...

Advantech ADAM-5630 Weak Encoding For Password (CVE-2024-34542)

Advantech ADAM-5630 shares user credentials plain text between the device and the user source device during the login process. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Advantech ADAM-5550 Weak Encoding For Password (CVE-2024-37187)

Advantech ADAM 5550's web application includes a 'logs' page where all the HTTP requests received are displayed to the user. The device doesn't correctly neutralize malicious code when parsing HTTP requests to generate page output This plugin only works with Tenable.ot. Please visit...

CVE-2024-34542

Advantech ADAM-5630 shares user credentials plain text between the device and the user source device during the login process...

CVE-2024-39364

Advantech ADAM-5630 has built-in commands that can be executed without authenticating the user. These commands allow for restarting the operating system, rebooting the hardware, and stopping the execution. The commands can be sent to a simple HTTP request and are executed by the device...

GHSA-7MV8-J34Q-VP7Q @anthropic-ai/claude-code has Sed Command Validation Bypass that Allows Arbitrary File Writes

Due to an error in sed command parsing, it was possible to bypass the Claude Code read-only validation and write to arbitrary files on the host system. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to the...

AudioFile 安全漏洞

AudioFile is a simple C++ library containing only header files by the individual developer Adam Stark in the UK. It is used to read and write audio files. A security vulnerability exists in AudioFile version v0.3.7, which stems from a null pointer dereference in the ModuleState::setup function...

Regular Expression Denial Of Service (ReDoS)

transformers is vulnerable to a Regular Expression Denial Of Service ReDoS. The vulnerability is due to the douseweightdecay method in the AdamWeightDecay optimizer processing user-controlled regular expressions in the includeinweightdecay and excludefromweightdecay lists, which allows an attacke...

EUVD-2011-1912

Malware in sbrugna...

EUVD-2008-3299

Malware in sbrugna...

EUVD-2007-5043

Malware in sbrugna...

EUVD-2006-7187

Malware in sbrugna...

EUVD-2024-37259

Malicious code in bioql PyPI...

EUVD-2022-33758

Malicious code in bioql PyPI...

EUVD-2024-36489

Malicious code in bioql PyPI...