21 matches found
EUVD-2025-19063
Malicious code in bioql PyPI...
EUVD-2025-19061
Malicious code in bioql PyPI...
EUVD-2025-19062
Malicious code in bioql PyPI...
CVE-2025-49853
ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to SQL injections which could allow an attacker to leak arbitrary information and insert arbitrary SQL syntax into SQL queries...
CVE-2025-49851
ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to an improper authentication vulnerability which could allow an attacker to bypass authentication and gain permissions in the product...
CVE-2025-49852
ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to a server-side request forgery vulnerability which could allow an unauthenticated attacker to retrieve information from other servers...
CVE-2025-49852
ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to a server-side request forgery vulnerability which could allow an unauthenticated attacker to retrieve information from other servers...
CVE-2025-49853
ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to SQL injections which could allow an attacker to leak arbitrary information and insert arbitrary SQL syntax into SQL queries...
CVE-2025-49851
ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to an improper authentication vulnerability which could allow an attacker to bypass authentication and gain permissions in the product...
CVE-2025-49853 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in ControlID iDSecure On-premises
ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to SQL injections which could allow an attacker to leak arbitrary information and insert arbitrary SQL syntax into SQL queries...
CVE-2025-49853
CVE-2025-49853 affects ControlID iDSecure On-premises versions 4.7.48.0 and prior. Root cause is an SQL injection vulnerability that could leak arbitrary information and allow insertion of arbitrary SQL syntax into queries, impacting confidentiality and integrity (CVSS 3.1/4.0 CRITICAL). Remediat...
CVE-2025-49853 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in ControlID iDSecure On-premises
ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to SQL injections which could allow an attacker to leak arbitrary information and insert arbitrary SQL syntax into SQL queries...
CVE-2025-49852
CVE-2025-49852 affects ControlID iDSecure On-premises (versions 4.7.48.0 and prior). The root cause is a Server-Side Request Forgery (SSRF) vulnerability that could allow an unauthenticated attacker to retrieve information from other servers. Public advisories (CISA ICS, Red Hat, CVE list, NVD) c...
CVE-2025-49852 Server-Side Request Forgery (SSRF) in ControlID iDSecure On-premises
ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to a server-side request forgery vulnerability which could allow an unauthenticated attacker to retrieve information from other servers...
CVE-2025-49852 Server-Side Request Forgery (SSRF) in ControlID iDSecure On-premises
ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to a server-side request forgery vulnerability which could allow an unauthenticated attacker to retrieve information from other servers...
CVE-2025-49851
The CVE-2025-49851 entry concerns ControlID iDSecure On-premises, affected versions 4.7.48.0 and prior. The root cause is an improper authentication vulnerability that could let an attacker bypass authentication and gain permissions in the product. Public sources in the connected documents corrob...
CVE-2025-49851 Improper Authentication in ControlID iDSecure On-premises
ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to an improper authentication vulnerability which could allow an attacker to bypass authentication and gain permissions in the product...
CVE-2025-49851 Improper Authentication in ControlID iDSecure On-premises
ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to an improper authentication vulnerability which could allow an attacker to bypass authentication and gain permissions in the product...
CISA Releases Eight Industrial Control Systems Advisories
CISA released eight Industrial Control Systems ICS advisories on June 24, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-175-01 Kaleris Navis N4 Terminal Operating System ICSA-25-175-02 Delta Electronics...
PT-2025-26775 · Control Id · Control Id Idsecure
Name of the Vulnerable Software and Affected Versions: ControlID iDSecure On-premises versions 4.7.48.0 and prior Description: The issue allows attackers to perform SQL injections, which could enable them to leak arbitrary information and insert arbitrary SQL syntax into SQL queries, giving them...