EUVD-2020-17857

Malware in sbrugna...

CVE-2025-59448

Components of the YoSmart YoLink ecosystem through 2025-10-02 leverage unencrypted MQTT to communicate over the internet. An attacker with the ability to monitor network traffic could therefore obtain sensitive information or tamper with the traffic to control affected devices. This affects YoLin...

EUVD-2025-21576

Malicious code in bioql PyPI...

EUVD-2023-25582

Malicious code in bioql PyPI...

CVE-2025-53842

Use of hard-coded credentials issue exists in ZWX-2000CSW2-HN prior to 0.3.19 and ZWX-2000CS2-HN firmware all versions. If this vulnerability is exploited, an attacker may tamper with the settings of the device by obtaining the credentials. This vulnerability is caused by an insufficient fix for...

JVN#44419726: ZWX-2000CSW2-HN and ZWX-2000CS2-HN vulnerable to use of hard-coded credentials

ZWX-2000CSW2-HN and ZWX-2000CS2-HN provided by ZEXELON CO., LTD. contain the following vulnerability. Use of Hard-coded Credentials CWE-798 CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N Base Score 6.8 CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N Base Score 4.5 CVE-2025-53842 Thi...

CVE-2024-7784

During internal Axis Security Development Model ASDM threat-modelling, a flaw was found in the protection for device tampering commonly known as Secure Boot in AXIS OS making it vulnerable to a sophisticated attack to bypass this protection. To Axis' knowledge, there are no known exploits of the...

CVE-2024-7784

CVE-2024-7784 affects Axis OS: a flaw in the Secure Boot/device-tampering protection could allow bypass of protection mechanisms. Public details consistently state no known exploits at this time; Axis has released patched AXIS OS versions addressing the flaw. The CVE notes a physical attack vecto...

TOTOLINK A3600R Hardcoded Password Vulnerability

The TOTOLINK A3600R is a wireless router. The TOTOLINK A3600R suffers from a hard-coded password vulnerability that originates from the use of hard-coded passwords in the Telnet service, which can be exploited by an attacker to cause tampering of the device configuration, disclosure of sensitive...

CVE-2023-5553

During internal Axis Security Development Model ASDM threat-modelling, a flaw was found in the protection for device tampering commonly known as Secure Boot in AXIS OS making it vulnerable to a sophisticated attack to bypass this protection. To Axis' knowledge, there are no known exploits of the...

CVE-2023-5553

CVE-2023-5553 affects Axis OS Secure Boot protection. The AXIS OS tampering-protection bypass is the underlying issue, enabling a sophisticated attack to bypass the device’s tamper protection. Public detail indicates affected AXIS OS ranges include versions 10.8–11.6 (per external summaries), wit...

CVE-2023-5553

During internal Axis Security Development Model ASDM threat-modelling, a flaw was found in the protection for device tampering commonly known as Secure Boot in AXIS OS making it vulnerable to a sophisticated attack to bypass this protection. To Axis' knowledge, there are no known exploits of the...

CVE-2023-21414

NCC Group has found a flaw during the annual internal penetration test ordered by Axis Communications. The protection for device tampering commonly known as Secure Boot contains a flaw which provides an opportunity for a sophisticated attack to bypass this protection. Axis has released patched AX...

Design/Logic Flaw

NCC Group has found a flaw during the annual internal penetration test ordered by Axis Communications. The protection for device tampering commonly known as Secure Boot contains a flaw which provides an opportunity for a sophisticated attack to bypass this protection. Axis has released patched AX...

CVE-2023-21414

NCC Group has found a flaw during the annual internal penetration test ordered by Axis Communications. The protection for device tampering commonly known as Secure Boot contains a flaw which provides an opportunity for a sophisticated attack to bypass this protection. Axis has released patched AX...

CVE-2023-21414

CVE-2023-21414 affects Axis OS Secure Boot (device tamper protection). A flaw in the tamper protection mechanism can allow a sophisticated attacker to bypass Secure Boot. Axis has released patched AXIS OS versions and directs to the Axis security advisory for details and remediation. Connected so...

CVE-2023-21414

NCC Group has found a flaw during the annual internal penetration test ordered by Axis Communications. The protection for device tampering commonly known as Secure Boot contains a flaw which provides an opportunity for a sophisticated attack to bypass this protection. Axis has released patched AX...

CVE-2020-1855

Huawei HEGE-570 version 1.0.1.22SP3; and HEGE-560, OSCA-550, OSCA-550A, OSCA-550AX, and OSCA-550X version 1.0.1.21SP3 have an insufficient verification vulnerability. An attacker can access the device physically and exploit this vulnerability to tamper with device information. Successful exploit...

Google Releases reCAPTCHA API for Android

Google announced today that it has made a new reCAPTCHA API available for Android. The API is part of Google Play Services, Google said, and developers can now add the verification to mobile applications to distinguish between bots and human users. The technology is more than a decade old and...