EUVD-2025-16473

Malicious code in bioql PyPI...

EUVD-2025-16475

Malicious code in bioql PyPI...

CVE-2025-4634

The web portal on airpointer 2.4.107-2 was vulnerable local file inclusion. A malicious user with administrative privileges in the web portal would be able to manipulate requests to view files on the filesystem...

CVE-2025-4636

Due to excessive privileges granted to the web user running the airpointer web platform, a malicious actor that gains control of the this user would be able to privilege escalate to the root user...

CVE-2025-4633

Default credentials were present in the web portal for Airpointer 2.4.107-2, allowing an unauthenticated malicious actor to log in via the web portal...

CVE-2025-4636

Due to excessive privileges granted to the web user running the airpointer web platform, a malicious actor that gains control of the this user would be able to privilege escalate to the root user...

CVE-2025-4633

Default credentials were present in the web portal for Airpointer 2.4.107-2, allowing an unauthenticated malicious actor to log in via the web portal...

CVE-2025-4634

The web portal on airpointer 2.4.107-2 was vulnerable local file inclusion. A malicious user with administrative privileges in the web portal would be able to manipulate requests to view files on the filesystem...

CVE-2025-4636

CVE-2025-4636 concerns local privilege escalation in the Airpointer web platform. Multiple connected sources describe that excessive privileges granted to the web user allow a user-space compromise to escalate to root if an attacker gains control of that account. Documents consistently indicate t...

CVE-2025-4636 Local Privilege Escalation

Due to excessive privileges granted to the web user running the airpointer web platform, a malicious actor that gains control of the this user would be able to privilege escalate to the root user...

CVE-2025-4636 Local Privilege Escalation

Due to excessive privileges granted to the web user running the airpointer web platform, a malicious actor that gains control of the this user would be able to privilege escalate to the root user...

CVE-2025-4634 Local File Inclusion

The web portal on airpointer 2.4.107-2 was vulnerable local file inclusion. A malicious user with administrative privileges in the web portal would be able to manipulate requests to view files on the filesystem...

CVE-2025-4634 Local File Inclusion

The web portal on airpointer 2.4.107-2 was vulnerable local file inclusion. A malicious user with administrative privileges in the web portal would be able to manipulate requests to view files on the filesystem...

CVE-2025-4634

CVE-2025-4634 describes a local file inclusion vulnerability in the web portal of airpointer version 2.4.107-2. The issue arises from the web portal allowing manipulation of requests that enables a user with administrative privileges to view files on the filesystem. Affected component: web portal...

CVE-2025-4633 Default Credentials

Default credentials were present in the web portal for Airpointer 2.4.107-2, allowing an unauthenticated malicious actor to log in via the web portal...

CVE-2025-4633

CVE-2025-4633 concerns Airpointer 2.4.107-2 where default credentials in the web portal allow an unauthenticated attacker to log in. Affected component: the web portal of Airpointer 2.4.107-2; root cause is default credentials enabling access without authentication. Impact notes from sources indi...

jct-aq Airpointer 2D 信任管理问题漏洞

The jct-aq Airpointer 2D is a device for air quality monitoring from jct-aq Austria. A security vulnerability exists in the jct-aq Airpointer 2D version 2.4.107-2, which stems from default credentials and could lead to unauthorized access...

jct-aq Airpointer 2D 输入验证错误漏洞

The jct-aq Airpointer 2D is a device for air quality monitoring from the Austrian company jct-aq. A security vulnerability exists in the jct-aq Airpointer 2D version 2.4.107-2, which stems from improper operation of the diagnostics module and could lead to remote code execution...

jct-aq Airpointer 2D 安全漏洞

The jct-aq Airpointer 2D is a device for air quality monitoring from the Austrian company jct-aq. A security vulnerability exists in the jct-aq Airpointer 2D version 2.4.107-2, which originates from a local file inclusion and could lead to file system access...

PT-2025-23271 · Unknown · Airpointer

Name of the Vulnerable Software and Affected Versions: airpointer version 2.4.107-2 Description: The web portal on airpointer presented a local file inclusion issue. A malicious user with administrative privileges in the web portal could manipulate requests to view files on the filesystem...