EUVD-2026-23484

Anviz CX2 Lite and CX7 administrative sessions occur over HTTP, enabling on‑path attackers to sniff credentials and session data, which can be used to compromise the device...

Malicious code in @emilgroup/task-sdk-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d10e089e1ab5774c571e6a0f5c650a044301456e9558509c051d38dce51eac73 The package @emilgroup/task-sdk-node was found to contain malicious code. Source: ghsa-malware...

EUVD-2025-11975

Malicious code in bioql PyPI...

Malicious code in topomat.controls.ctrlmaster (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f70236b8a23bd596788f7726490e4ac44c5cbcacf88bda2b8adeda33486c14d7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Huawei HarmonyOS Information Disclosure Vulnerability (CNVD-2022-61608)

Huawei HarmonyOS is an operating system from Huawei China. It provides a microkernel-based, fully distributed operating system. Huawei HarmonyOS contains a security vulnerability that could be exploited by attackers to compromise device confidentiality...

CVE-2018-12072

An issue was discovered in Cloud Media Popcorn A-200 03-05-130708-21-POP-411-000 firmware. It is configured to provide TELNET remote access without a password that pops a shell as root. If an attacker can connect to port 23 on the device, he can completely compromise it...