EUVD-2025-206478

Vulnerability that allows a Padding Oracle Attack to be performed on the Funambol v30.0.0.20 cloud server. The thumbnail display URL allows an attacker to decrypt and encrypt the parameters used by the application to generate ‘self-signed’ access URLs...

PT-2026-5085

Vulnerability that allows a Padding Oracle Attack to be performed on the Funambol v30.0.0.20 cloud server. The thumbnail display URL allows an attacker to decrypt and encrypt the parameters used by the application to generate ‘self-signed’ access URLs...

CVE-2025-56675

The EKEN video doorbell T6 BT60PLUSMAINV1.0GC108420230531 periodically sends debug logs to the EKEN cloud servers with sensitive information such as the Wi-Fi SSID and password...

EUVD-2018-18063

Malware in sbrugna...

EUVD-2018-9660

Malware in sbrugna...

EUVD-2018-9658

Malware in sbrugna...

EUVD-2020-4259

Malware in sbrugna...

EUVD-2022-45074

Malicious code in bioql PyPI...

EUVD-2023-1442

Malicious code in bioql PyPI...

EUVD-2025-22068

Malicious code in bioql PyPI...

EUVD-2025-14086

Malicious code in bioql PyPI...

EUVD-2025-14085

Malicious code in bioql PyPI...

EUVD-2025-14084

Malicious code in bioql PyPI...

EUVD-2021-29934

Malicious code in bioql PyPI...

EUVD-2021-29935

Malicious code in bioql PyPI...

CVE-2025-41675

A high privileged remote attacker can execute arbitrary system commands via GET requests in the cloud server communication script due to improper neutralization of special elements used in an OS command...

CVE-2025-41675

A high privileged remote attacker can execute arbitrary system commands via GET requests in the cloud server communication script due to improper neutralization of special elements used in an OS command...

CVE-2025-41675 Remote Command Injection via GET in Cloud Server Communication Script Due to Improper Input Neutralization

A high privileged remote attacker can execute arbitrary system commands via GET requests in the cloud server communication script due to improper neutralization of special elements used in an OS command...

CVE-2025-41675

CVE-2025-41675 concerns MB CONNECT LINE mbNET.mini and Helmholz/mbNET.mini gateways where an OS command injection arises from improper neutralization of special elements in OS commands. The vulnerability allows a high-privilege remote attacker to trigger arbitrary system commands via GET requests...

CVE-2025-41675 Remote Command Injection via GET in Cloud Server Communication Script Due to Improper Input Neutralization

A high privileged remote attacker can execute arbitrary system commands via GET requests in the cloud server communication script due to improper neutralization of special elements used in an OS command...