CVE-2026-30368

CVE-2026-30368 concerns Lightspeed Classroom (v5.1.2.1763770643). A client‑side authorization flaw allows unauthenticated attackers to impersonate users by bypassing integrity checks and abusing client‑generated authorization tokens, enabling unauthorized control and monitoring of student devices...

CVE-2019-25655

Device Monitoring Studio 8.10.00.8925 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string to the server connection dialog. Attackers can trigger the crash by entering a malformed server name or address containing...

CVE-2019-25655 Device Monitoring Studio 8.10.00.8925 Denial of Service

Device Monitoring Studio 8.10.00.8925 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string to the server connection dialog. Attackers can trigger the crash by entering a malformed server name or address containing...

CVE-2019-25655 Device Monitoring Studio 8.10.00.8925 Denial of Service

Device Monitoring Studio 8.10.00.8925 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string to the server connection dialog. Attackers can trigger the crash by entering a malformed server name or address containing...

CVE-2019-25655

CVE-2019-25655 affects Device Monitoring Studio 8.10.00.8925 and is a Denial of Service vulnerability. The issue arises when a user provides an excessively long string to the server connection dialog, specifically by entering a malformed server name or address containing repeated characters via T...

HDD Device Monitoring Studio 安全漏洞

HDD Device Monitoring Studio is a device communication monitoring and debugging tool developed by the American company HDD. Version 8.10.00.8925 of HDD Device Monitoring Studio contains a security vulnerability. This vulnerability stems from a denial-of-service vulnerability in the server...

IoTEdu: Access Control, Detection, and Automatic Incident Response in Academic IoT Networks

The growing presence of IoT devices in academic environments has increased operational complexity and exposed security weaknesses, especially in academic institutions without unified policies for registration, monitoring, and incident response involving IoT. This work presents IoTEdu, an integrat...

EUVD-2022-15800

Malicious code in bioql PyPI...

SAMSUNG MagicINFO 9 Server path traversal vulnerability (CNVD-2025-20806)

SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. SAMSUNG MagicINFO 9 Server suffers from a path traversal vulnerability that stems from an improper restriction of restricted directory pathnames. An attacker cou...

SAMSUNG MagicINFO 9 Server path traversal vulnerability (CNVD-2025-20074)

SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung South Korea. A path traversal vulnerability exists in SAMSUNG MagicINFO 9 Server, which stems from an improperly restricted path, and can be exploited by an attacker to...

SAMSUNG MagicINFO 9 Server File Upload Vulnerability

SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. A file upload vulnerability exists in SAMSUNG MagicINFO 9 Server, which originates from allowing the upload of dangerous types of files and can be exploited by a...

SAMSUNG MagicINFO 9 Server 安全漏洞

SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. SAMSUNG MagicINFO 9 Server suffers from a path traversal vulnerability that originates from improper path restrictions and can be exploited by an attacker to...

SAMSUNG MagicINFO 9 Server 安全漏洞

SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. SAMSUNG MagicINFO 9 Server suffers from a path traversal vulnerability that can be exploited by an attacker to execute arbitrary code on the system...

SAMSUNG MagicINFO 9 Server 安全漏洞

SAMSUNG MagicINFO 9 Server is an enterprise-class digital signage content management and device monitoring platform from Samsung Korea. SAMSUNG MagicINFO 9 Server suffers from a code injection vulnerability that originates from improper code generation control and can be exploited by an attacker ...

MAL-2025-2621 Malicious code in bsb-backup (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron 7c8850cc513318b8ede38268eed0fee01ba44c81087cd289294b63bada9f394c This package decodes and executes a script during installation to set up a Telegram bot for device event monitoring. However, the code is...

The vulnerability of the instance_create function in the monitoring and adaptive configuration of system devices allows a perpetrator to execute arbitrary code.

The vulnerability of the instancecreate function in the monitoring and adaptive configuration of system devices related to tuned systems lies in the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows an attacker to execute arbitrary code with root...

CVE-2023-49115

CVE-2023-49115 concerns MachineSense FeverWarn devices where unauthenticated MQTT messaging allows remote viewing of sensor data. Affected components include FeverWarn ESP32, FeverWarn RaspberryPi, and FeverWarn DataHub RaspberryPi. Root cause stated across sources is missing authentication for c...

CVE-2023-6368 WhatsUp Gold Unauthenticated Access to an API Endpoint

In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated attacker to enumerate information related to a registered device being monitored by WhatsUp Gold...

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring lies in improper restrictions on path names in the catalog. This allows attackers to disclose user information, obtain login credentials in plain text, or perform NTLM relay attacks.

The vulnerability of the Delta Electronics InfraSuite Device Master software for real-time device monitoring is related to an incorrect limitation on the path name to the catalog. Exploiting this vulnerability can allow a malicious actor to disclose user information, obtain login credentials in...

Delta Electronics InfraSuite Device Master Deserialization Vulnerability (CNVD-2023-23883)

Delta Electronics InfraSuite Device Master is a device for simplifying and automating the monitoring of critical equipment from Delta Electronics of Taiwan, China. A deserialization vulnerability exists in Delta Electronics InfraSuite Device Master versions prior to 1.0.5, which can be exploited ...