160 matches found
EUVD-2017-14085
Malware in sbrugna...
EUVD-2017-17003
Malware in sbrugna...
EUVD-2015-1949
Malware in sbrugna...
EUVD-2016-5966
Malware in sbrugna...
EUVD-2017-17012
Malware in sbrugna...
EUVD-2020-26579
Malware in sbrugna...
EUVD-2024-1110
Malicious code in bioql PyPI...
EUVD-2024-37642
Malicious code in bioql PyPI...
EUVD-2021-9262
Malicious code in bioql PyPI...
EUVD-2021-9273
Malicious code in bioql PyPI...
CVE-2025-57601
AiKaan Cloud Controller uses a single hardcoded SSH private key and the username proxyuser for remote terminal access to all managed IoT/edge devices. When an administrator initiates "Open Remote Terminal" from the AiKaan dashboard, the controller sends this same static private key to the target...
CVE-2025-57602
Insufficient hardening of the proxyuser account in the AiKaan IoT management platform, combined with the use of a shared, hardcoded SSH private key, allows remote attackers to authenticate to the cloud controller, gain interactive shell access, and pivot into other connected IoT devices. This can...
PT-2025-38731
Name of the Vulnerable Software and Affected Versions AiKaan IoT management platform affected versions not specified Description The AiKaan IoT management platform suffers from inadequate hardening of the proxyuser account and utilizes a shared, hardcoded SSH private key. This combination enables...
CVE-2025-57602
CVE-2025-57602 affects the AiKaan IoT management platform. The issue stems from insufficient hardening of the proxyuser account and the use of a shared, hardcoded SSH private key, which can allow remote attackers to authenticate to the cloud controller, obtain an interactive shell, and pivot to o...
AiKaan Cloud Controller 安全漏洞
AiKaan Cloud Controller is a monitoring platform for Internet edge devices from AiKaan India. AiKaan Cloud Controller has a security vulnerability that stems from remote endpoint access using a hard-coded SSH private key and username proxyuser, which could allow an attacker to impersonate a manag...
Linux Distros Unpatched Vulnerability : CVE-2020-8563
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controll...
CVE-2021-22115
Cloud Controller API versions prior to 1.106.0 logs service broker credentials if the default value of db logging config field is changed. CAPI database logs service broker password in plain text whenever a job to clean up orphaned items is run by Cloud Controller...
CVE-2024-38826
Authenticated users can upload specifically crafted files to leak server resources. This behavior can potentially be used to run a denial of service attack against Cloud Controller. The Cloud Foundry project recommends upgrading the following releases: Upgrade capi release version to 1.194.0 or...
CVE-2024-38826 CVE-2024-38826 Cloud Controller Denial of Service Attack
Authenticated users can upload specifically crafted files to leak server resources. This behavior can potentially be used to run a denial of service attack against Cloud Controller. The Cloud Foundry project recommends upgrading the following releases: Upgrade capi release version to 1.194.0 or...
CVE-2024-38826
CVE-2024-38826 concerns Cloud Foundry Cloud Controller. Authenticated users can upload specially crafted files to leak server resources, enabling a potential denial-of-service against the Cloud Controller. Affected components include Cloud Foundry Capi Release versions before 1.194.0 and cf-deplo...