12 matches found
EUVD-2023-42475
Malicious code in bioql PyPI...
EUVD-2023-43241
Malicious code in bioql PyPI...
EUVD-2022-34910
Malicious code in bioql PyPI...
EUVD-2023-36561
Malicious code in bioql PyPI...
CVE-2022-2664
A vulnerability classified as critical has been found in Private Cloud Management Platform. Affected is an unknown function of the file /management/api/rcxmanagement/globalconfigquery of the component POST Request Handler. The manipulation leads to improper authentication. It is possible to launc...
Ruijie Networks' Cloud Platform Flaws Could've Exposed 50,000 Devices to Remote Attacks
Cybersecurity researchers have discovered several security flaws in the cloud management platform developed by Ruijie Networks that could permit an attacker to take control of the network appliances. "These vulnerabilities affect both the Reyee platform, as well as Reyee OS network devices,"...
CVE-2023-44397 CloudExplorer Lite permission bypass vulnerability
CloudExplorer Lite is an open source, lightweight cloud management platform. Prior to version 1.4.1, the gateway filter of CloudExplorer Lite uses a controller with path starting with matching/API/, which can cause a permission bypass. Version 1.4.1 contains a patch for this issue...
Snap One OvrC Cloud 存在输入验证错误漏洞
Snap One OvrC is a free cloud-based remote management and monitoring platform from US-based Snap One. Snap One OvrC Cloud suffers from an input validation error vulnerability that originates from a URL redirection to an untrusted site, which can be exploited by an attacker to redirect a user to a...
Vulnerability Spotlight: Multiple issues in Robustel R1510 cellular router could lead to code execution, denial of service
Francesco Benvenuto of Cisco Talos discovered these vulnerabilities. Cisco Talos recently discovered nine vulnerabilities in the Robustel R1510 industrial cellular router, several of which could allow an adversary to inject operating system code remotely. The Robustel R1510 router is a...
CVE-2022-2664 Private Cloud Management Platform POST Request global_config_query improper authentication
A vulnerability classified as critical has been found in Private Cloud Management Platform. Affected is an unknown function of the file /management/api/rcxmanagement/globalconfigquery of the component POST Request Handler. The manipulation leads to improper authentication. It is possible to launc...
Red Hat CloudForms Denial of Service Vulnerability
Red Hat CloudForms is a suite of IaaS Infrastructure as a Service cloud services solutions from Red Hat, Inc. The solution creates and manages private and public clouds and has the ability to manage the application lifecycle. A denial of service vulnerability exists in Red Hat CloudForms. A remot...
Joyent Smart Data Center 'Docker API' Local Elevation of Privilege Vulnerability
Joyent Smart Data Center SDC is an open source cloud management platform from Joyent, Inc. A local elevation of privilege vulnerability exists in the Joyent Smart Data Center 'Docker API'. A local attacker could exploit this vulnerability to execute arbitrary code with elevated privileges...