Malicious code in strawberry-graphql (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8eb433a0339783d1a58993e1611278218492a4349a80801e6c6a2d475278a99c This package is published under the strawberry-graphql name but diverges from the legitimate upstream by declaring a hard runtime dependency on...

MAL-2026-4771 Malicious code in strawberry-graphql (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8eb433a0339783d1a58993e1611278218492a4349a80801e6c6a2d475278a99c This package is published under the strawberry-graphql name but diverges from the legitimate upstream by declaring a hard runtime dependency on...

CVE-2025-34036

An OS command injection vulnerability exists in white-labeled DVRs manufactured by TVT, affecting a custom HTTP service called "Cross Web Server" that listens on TCP ports 81 and 82. The web interface fails to sanitize input in the URI path passed to the language extraction functionality. When th...

CVE-2025-34036

An OS command injection vulnerability exists in white-labeled DVRs manufactured by TVT, affecting a custom HTTP service called "Cross Web Server" that listens on TCP ports 81 and 82. The web interface fails to sanitize input in the URI path passed to the language extraction functionality. When th...

CVE-2025-34036

The CVE-2025-34036 issue affects white-labeled TVT DVRs’ Cross Web Server, a custom HTTP service listening on TCP ports 81/82. The web UI fails to sanitize the [lang] parameter in the /language/[lang]/index.html path, allowing unsafely used input in a tar extraction command to enable OS command i...

TVT DVR 操作系统命令注入漏洞

TVT DVR is a video recorder from China-based Tongwei TVT. TVT DVR suffers from an OS command injection vulnerability, which stems from an un-cleaned language parameter in Cross Web Server that leads to an OS command injection attack...

PT-2025-26663

Name of the Vulnerable Software and Affected Versions: TVT DVR Cross Web Server affected versions not specified Description: An OS command injection issue exists in the custom HTTP service called "Cross Web Server" that listens on TCP ports 81 and 82. The web interface fails to sanitize input in...

VulnCheck KEV: CVE-2025-34036

An OS command injection vulnerability exists in white-labeled DVRs manufactured by TVT, affecting a custom HTTP service called "Cross Web Server" that listens on TCP ports 81 and 82. The web interface fails to sanitize input in the URI path passed to the language extraction functionality. When...

PCViewer vt1000 - Directory Traversal Vulnerability

Exploit for windows platform in category web applications Exploit Title: PCViewer vt1000 - Directory Traversal Exploit Author: Berk Dusunur Vendor Homepage: N/A Software Link: http://www.softpedia.com/get/System/File-Management/Pc-Viewer.shtml Affected Version: vt1000 Tested on: Parrot OS CVE : N...

PCViewer vt1000 - Directory Traversal

PCViewer vt1000 - Directory Traversal Exploit Title: PCViewer vt1000 - Directory Traversal Exploit Author: Berk Dusunur Google Dork: N/A Type: Hardware Date: 2018-07-21 Vendor Homepage: N/A Software Link: http://www.softpedia.com/get/System/File-Management/Pc-Viewer.shtml Affected Version: vt1000...

PCViewer vt1000 - Directory Traversal

Exploit Title: PCViewer vt1000 - Directory Traversal Exploit Author: Berk Dusunur Google Dork: N/A Type: Hardware Date: 2018-07-21 Vendor Homepage: N/A Software Link: http://www.softpedia.com/get/System/File-Management/Pc-Viewer.shtml Affected Version: vt1000 Tested on: Parrot OS CVE : N/A Proof ...

PCViewer vt1000 Directory Traversal

Exploit Title: PCViewer vt1000 - Directory Traversal Exploit Author: Berk Dusunur Google Dork: N/A Type: Hardware Date: 2018-07-21 Vendor Homepage: N/A Software Link: http://www.softpedia.com/get/System/File-Management/Pc-Viewer.shtml Affected Version: vt1000 Tested on: Parrot OS CVE : N/A Proof ...

GeoVision GV-SNVR0811 Directory Traversal Vulnerability

Exploit for linux platform in category web applications Exploit Title: GeoVision GV-SNVR0811 Directory Traversal Exploit Author: Berk Dusunur Google Dork: N/A Type: Hardware Vendor Homepage: http://www.geovision.com.tw/product/GV-SNVR0811 Software Link:...

GeoVision GV-SNVR0811 Directory Traversal

Exploit Title: GeoVision GV-SNVR0811 Directory Traversal Exploit Author: Berk Dusunur Google Dork: N/A Type: Hardware Date: 2018-07-21 Vendor Homepage: http://www.geovision.com.tw/product/GV-SNVR0811 Software Link: http://www.geovision.com.tw/product/GV-SNVR0811 Affected Version: N/A Tested on:...

GeoVision GV-SNVR0811 - Directory Traversal

GeoVision GV-SNVR0811 - Directory Traversal Exploit Title: GeoVision GV-SNVR0811 Directory Traversal Exploit Author: Berk Dusunur Google Dork: N/A Type: Hardware Date: 2018-07-21 Vendor Homepage: http://www.geovision.com.tw/product/GV-SNVR0811 Software Link:...

GeoVision GV-SNVR0811 - Directory Traversal

Exploit Title: GeoVision GV-SNVR0811 Directory Traversal Exploit Author: Berk Dusunur Google Dork: N/A Type: Hardware Date: 2018-07-21 Vendor Homepage: http://www.geovision.com.tw/product/GV-SNVR0811 Software Link: http://www.geovision.com.tw/product/GV-SNVR0811 Affected Version: N/A Tested on:...

Botnet Powered by 25,000 CCTV Devices Uncovered

A botnet comprised entirely of internet-enabled closed circuit TV devices used a barrage of HTTP requests to knock a small jewelry store offline for days. Researchers who came across the botnet recently said they weren’t surprised that IoT devices were being used to carry out a distributed denial...