Lucene search
+L

35 matches found

CVE
CVE
added 5 days ago12 views

CVE-2026-13699

CVE-2026-13699 affects Eclipse KUKSA Databroker 0.6.1. The gRPC handler kuksa.val.v2.VAL/PublishValue fails to validate the optional data_point in PublishValueRequest; if signal_id is valid but data_point is omitted, the code dereferences request.data_point (unwrap) and panics in the Tokio worker...

6.5CVSS6.1AI score0.00237EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 5 days ago5 views

EUVD-2026-43634

In Eclipse KUKSA Databroker version 0.6.1, the kuksa.val.v2.VAL/PublishValue gRPC handler fails to validate the existence of the optional datapoint field in PublishValueRequest. When a request contains a valid signalid but omits datapoint, the server directly calls unwrap on request.datapoint,...

6.5CVSS6.1AI score0.00237EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago30 views

CVE-2026-13699 Databroker 0.6.1 PublishValue missing data_point panic

In Eclipse KUKSA Databroker version 0.6.1, the kuksa.val.v2.VAL/PublishValue gRPC handler fails to validate the existence of the optional datapoint field in PublishValueRequest. When a request contains a valid signalid but omits datapoint, the server directly calls unwrap on request.datapoint,...

4.3CVSS0.00237EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-13699

In Eclipse KUKSA Databroker version 0.6.1, the kuksa.val.v2.VAL/PublishValue gRPC handler fails to validate the existence of the optional datapoint field in PublishValueRequest. When a request contains a valid signalid but omits datapoint, the server directly calls unwrap on request.datapoint,...

4.3CVSS6.1AI score0.00237EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/04 7:45 p.m.6 views

CVE-2026-3465

A vulnerability was determined in Tuya App and SDK 24.07.11 on Android. Affected by this vulnerability is an unknown functionality of the component JSON Data Point Handler. This manipulation of the argument cruisetime causes denial of service. Remote exploitation of the attack is possible. The...

3.1CVSS5.1AI score0.00288EPSS
Exploits0References1
NVD
NVD
added 2026/03/03 3:16 p.m.7 views

CVE-2026-3465

A vulnerability was determined in Tuya App and SDK 24.07.11 on Android. Affected by this vulnerability is an unknown functionality of the component JSON Data Point Handler. This manipulation of the argument cruisetime causes denial of service. Remote exploitation of the attack is possible. The...

3.1CVSS0.00288EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/03 3:2 p.m.8 views

CVE-2026-3465

A vulnerability was determined in Tuya App and SDK 24.07.11 on Android. Affected by this vulnerability is an unknown functionality of the component JSON Data Point Handler. This manipulation of the argument cruisetime causes denial of service. Remote exploitation of the attack is possible. The...

3.1CVSS5.1AI score0.00288EPSS
Exploits0References4Affected Software2
Vulnrichment
Vulnrichment
added 2026/03/03 3:2 p.m.7 views

CVE-2026-3465 Tuya App/SDK JSON Data Point denial of service

A vulnerability was determined in Tuya App and SDK 24.07.11 on Android. Affected by this vulnerability is an unknown functionality of the component JSON Data Point Handler. This manipulation of the argument cruisetime causes denial of service. Remote exploitation of the attack is possible. The...

3.1CVSS5.1AI score0.00288EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/03 3:2 p.m.8 views

EUVD-2026-9297

A vulnerability was determined in Tuya App and SDK 24.07.11 on Android. Affected by this vulnerability is an unknown functionality of the component JSON Data Point Handler. This manipulation of the argument cruisetime causes denial of service. Remote exploitation of the attack is possible. The...

3.1CVSS5.1AI score0.00288EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/03 3:2 p.m.32 views

CVE-2026-3465 Tuya App/SDK JSON Data Point denial of service

A vulnerability was determined in Tuya App and SDK 24.07.11 on Android. Affected by this vulnerability is an unknown functionality of the component JSON Data Point Handler. This manipulation of the argument cruisetime causes denial of service. Remote exploitation of the attack is possible. The...

3.1CVSS0.00288EPSS
Exploits0References4
CVE
CVE
added 2026/03/03 3:2 p.m.12 views

CVE-2026-3465

The CVE-2026-3465 entry concerns Tuya App and SDK 24.07.11 on Android. It cites a vulnerability in the JSON Data Point Handler where manipulating the cruise_time argument can cause a denial of service. The attack is described as remotely exploitable with high attack complexity, and exploitation i...

3.1CVSS5.1AI score0.00288EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/03/03 12:0 a.m.10 views

Tuya App和Tuya SDK 安全漏洞

Both the Tuya App and Tuya SDK are products of the Chinese company Tuya. The Tuya App is a smart home control terminal. The Tuya SDK is a developer toolkit. There are security vulnerabilities in the 24.07.11 version of both the Tuya App and Tuya SDK. These vulnerabilities stem from incorrect...

3.1CVSS5.8AI score0.00288EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.19 views

PT-2026-22746

Name of the Vulnerable Software and Affected Versions Tuya App and SDK version 24.07.11 Description A denial of service condition exists in Tuya App and SDK. The issue affects an unknown functionality within the JSON Data Point Handler component. Manipulation of the cruise time argument can lead ...

3.1CVSS5.5AI score0.00288EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.12 views

EUVD-2025-27622

Malicious code in bioql PyPI...

4.8CVSS3.8AI score0.0028EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/09/13 12:31 a.m.7 views

CVE-2025-10234

A vulnerability was detected in Scada-LTS up to 2.7.8.1. This vulnerability affects unknown code of the file /datapointedit.shtm of the component Data Point Edit Module. The manipulation of the argument Text Renderer properties results in cross site scripting. The attack can be launched remotely...

4.8CVSS5.7AI score0.0028EPSS
Exploits1References1
NVD
NVD
added 2025/09/11 12:15 a.m.12 views

CVE-2025-10234

A vulnerability was detected in Scada-LTS up to 2.7.8.1. This vulnerability affects unknown code of the file /datapointedit.shtm of the component Data Point Edit Module. The manipulation of the argument Text Renderer properties results in cross site scripting. The attack can be launched remotely...

4.8CVSS0.0028EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/09/10 11:32 p.m.5 views

CVE-2025-10234 Scada-LTS Data Point Edit data_point_edit.shtm cross site scripting

A vulnerability was detected in Scada-LTS up to 2.7.8.1. This vulnerability affects unknown code of the file /datapointedit.shtm of the component Data Point Edit Module. The manipulation of the argument Text Renderer properties results in cross site scripting. The attack can be launched remotely...

4.8CVSS5.5AI score0.0028EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/09/10 11:32 p.m.16 views

CVE-2025-10234 Scada-LTS Data Point Edit data_point_edit.shtm cross site scripting

A vulnerability was detected in Scada-LTS up to 2.7.8.1. This vulnerability affects unknown code of the file /datapointedit.shtm of the component Data Point Edit Module. The manipulation of the argument Text Renderer properties results in cross site scripting. The attack can be launched remotely...

4.8CVSS0.0028EPSS
Exploits1References4
CVE
CVE
added 2025/09/10 11:32 p.m.22 views

CVE-2025-10234

CVE-2025-10234 affects Scada-LTS before 2.7.8.2, with the vulnerability residing in the Data Point Edit Module’s /data_point_edit.shtm. The issue stems from improper handling of the Text Renderer properties argument, enabling cross-site scripting (XSS) when the page is accessed remotely. The publ...

4.8CVSS3.1AI score0.0028EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/09/10 11:32 p.m.6 views

CVE-2025-10234 Scada-LTS Data Point Edit data_point_edit.shtm cross site scripting

A vulnerability was detected in Scada-LTS up to 2.7.8.1. This vulnerability affects unknown code of the file /datapointedit.shtm of the component Data Point Edit Module. The manipulation of the argument Text Renderer properties results in cross site scripting. The attack can be launched remotely...

4.8CVSS4.3AI score0.0028EPSS
Exploits1References6
Rows per page
Query Builder