26 matches found
EUVD-2024-31599
Malicious code in bioql PyPI...
CVE-2024-33892
Insecure Permissions vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are susceptible to leaking information through cookies. This is fixed in version 21.2s10 and 22.1s3...
CVE-2024-33894
Insecure Permission vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are executing several processes with elevated privileges...
CVE-2024-33895
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 use a unique key to encrypt the configuration parameters. This is fixed in version 21.2s10 and 22.1s3, the key is now unique per device...
CVE-2024-33896
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are vulnerable to code injection due to improper parameter blacklisting. This is fixed in version 21.2s10 and 22.1s3...
CVE-2024-33893
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are vulnerable to XSS when displaying the logs due to improper input sanitization. This is fixed in version 21.2s10 and 22.1s3...
CVE-2024-33896
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are vulnerable to code injection due to improper parameter blacklisting. This is fixed in version 21.2s10 and 22.1s3...
CVE-2024-33892
Insecure Permissions vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are susceptible to leaking information through cookies. This is fixed in version 21.2s10 and 22.1s3...
CVE-2024-33894
Insecure Permission vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are executing several processes with elevated privileges...
CVE-2024-33895
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 use a unique key to encrypt the configuration parameters. This is fixed in version 21.2s10 and 22.1s3, the key is now unique per device...
CVE-2024-33895
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 use a unique key to encrypt the configuration parameters. This is fixed in version 21.2s10 and 22.1s3, the key is now unique per device...
CVE-2024-33892
Insecure Permissions vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are susceptible to leaking information through cookies. This is fixed in version 21.2s10 and 22.1s3...
CVE-2024-33894
CVE-2024-33894 affects HMS/Ewon Cosy+ industrial remote access devices. The issue is insecure permissions that allow several processes to run with elevated privileges on Cosy+ firmware 21.x < 21.2s10 or 22.x
CVE-2024-33894
Insecure Permission vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are executing several processes with elevated privileges...
PT-2024-25530 · Cosy+ · Cosy+
Name of the Vulnerable Software and Affected Versions: Cosy+ devices versions 21.x through 21.2s9 Cosy+ devices versions 22.x through 22.1s2 Description: The issue arises from improper input sanitization when displaying logs, leading to a potential XSS attack. This is due to the improper...
CVE-2024-33892
CVE-2024-33892 concerns an Insecure Permissions vulnerability in HMS Cosy+ devices. Affected firmware ranges are 21.x below 21.2s10 and 22.x below 22.1s3, which allow information leakage via cookies. The issue is fixed in firmware versions 21.2s10 and 22.1s3. Connected documents from Red Hat, NVD...
CVE-2024-33894
Insecure Permission vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are executing several processes with elevated privileges...
CVE-2024-33893
CVE-2024-33893 affects Ewon Cosy+ devices running firmware 21.x versions below 21.2s10 or 22.x versions below 22.1s3. Root cause: improper input sanitization when displaying logs, leading to a cross-site scripting (XSS) vulnerability. Impact is limited to the log-display functionality as describe...
CVE-2024-33892
Insecure Permissions vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are susceptible to leaking information through cookies. This is fixed in version 21.2s10 and 22.1s3...
PT-2024-25529 · Cosy+ · Cosy+
Name of the Vulnerable Software and Affected Versions: Cosy+ devices versions 21.x through 21.2s9 Cosy+ devices versions 22.x through 22.1s2 Description: The issue concerns insecure permissions in Cosy+ devices, which can lead to information leakage through cookies. This problem is resolved in...