63 matches found
EUVD-2021-12224
Malware in sbrugna...
EUVD-2021-12223
Malware in sbrugna...
EUVD-2021-28870
Malicious code in bioql PyPI...
CVE-2021-25328
Skyworth Digital Technology RN510 V.3.1.0.4 RN510 V.3.1.0.4 contains a buffer overflow vulnerability in /cgi-bin/app-staticIP.asp. An authenticated attacker can send a specially crafted request to endpoint which can lead to a denial of service DoS or possible code execution on the device...
CVE-2021-25326
Skyworth Digital Technology RN510 V.3.1.0.4 is affected by an incorrect access control vulnerability in/cgi-bin/testversion.asp. If Wi-Fi is connected but an unauthenticated user visits a URL, the SSID password and web UI password may be disclosed...
CVE-2024-8328 HWA JIUH DIGITAL TECHNOLOGY Easy test Online Learning and Testing Platform - Reflected XSS
Easy test Online Learning and Testing Platform from HWA JIUH DIGITAL TECHNOLOGY does not properly validate a specific page parameter, allowing remote attackers with regular privilege to inject arbitrary JavaScript code and perform Reflected Cross-site scripting attacks...
CVE-2024-8328 HWA JIUH DIGITAL TECHNOLOGY Easy test Online Learning and Testing Platform - Reflected XSS
Easy test Online Learning and Testing Platform from HWA JIUH DIGITAL TECHNOLOGY does not properly validate a specific page parameter, allowing remote attackers with regular privilege to inject arbitrary JavaScript code and perform Reflected Cross-site scripting attacks...
CVE-2024-8327 HWA JIUH DIGITAL TECHNOLOGY Easy test Online Learning and Testing Platform - SQL injection
Easy test Online Learning and Testing Platform from HWA JIUH DIGITAL TECHNOLOGY does not properly validate a specific page parameter, allowing remote attackers with regular privilege to inject arbitrary SQL commands to read, modify, and delete database contents...
CVE-2024-8327 HWA JIUH DIGITAL TECHNOLOGY Easy test Online Learning and Testing Platform - SQL injection
Easy test Online Learning and Testing Platform from HWA JIUH DIGITAL TECHNOLOGY does not properly validate a specific page parameter, allowing remote attackers with regular privilege to inject arbitrary SQL commands to read, modify, and delete database contents...
Weak password vulnerability in InVid Tech of Shenzhen Tongwei Digital Technology Co.
Shenzhen Tongwei Digital Technology Co., Ltd. is a research and development, production, sales and service in one of the video security field of international - streaming products and system solutions provider. Shenzhen Tongwei Digital Technology Co., Ltd InVid Tech There is a weak password...
Command Execution Vulnerability in Hikvision Integrated Security Management Platform of Hangzhou Hikvision Digital Technology Co.
Hangzhou Hikvision Digital Technology Co., Ltd. is a technology company that focuses on technological innovation. A command execution vulnerability exists in the Hikvision Integrated Security Management Platform of Hangzhou Hikvision Digital Technology Company Limited, which can be exploited by...
Arbitrary File Download Vulnerability in iVMS-8700 Integrated Security Management Platform Software of Hangzhou Hikvision Digital Technology Co.
The iVMS-8700 integrated security management platform software is a life-useful and convenient security software. Hangzhou Hikvision Digital Technology Co., Ltd. iVMS-8700 integrated security management platform software has an arbitrary file download vulnerability that can be exploited by...
File Upload Vulnerability in iVMS-8700 Integrated Security Management Platform of Hangzhou Hikvision Digital Technology Co.
iVMS-8700 integrated security management platform is a networking platform that integrates multiple systems based on SOA system architecture. A file upload vulnerability exists in the iVMS-8700 Integrated Security Management Platform of Hangzhou Hikvision Digital Technology Company Limited, which...
Corel CorelDRAW Graphics Suite buffer overflow vulnerability (CNVD-2023-29423)
Corel CorelDRAW Graphics Suite is a vector graphics editing software from Corel Digital Technology Canada. A buffer overflow vulnerability exists in Corel CorelDRAW Graphics Suite, which can be exploited by an attacker to read more than the end of the allocated object...
CVE-2022-43437 HWA JIUH DIGITAL TECHNOLOGY LTD. EasyTest - SQL Injection
The Download function’s parameter of EasyTest has insufficient validation for user input. A remote attacker authenticated as a general user can inject arbitrary SQL command to access, modify or delete database...
CVE-2022-43438 HWA JIUH DIGITAL TECHNOLOGY LTD. EasyTest - Incorrect Authorization
The Administrator function of EasyTest has an Incorrect Authorization vulnerability. A remote attacker authenticated as a general user can exploit this vulnerability to bypass the intended access restrictions, to make API functions calls, manipulate system and terminate service...
SQL Injection Vulnerability in the Unified Management System of Shanghai Inlitech Digital Technology Co.
Ltd. is a company whose business scope includes engaging in technology development in the fields of digital technology, network technology and integrated circuit technology. A SQL injection vulnerability exists in the Unified Management System of Shanghai Inalways Digital Technology Co., Ltd, whi...
Romance scammer deepfakes Mark Ruffalo to con elderly artist
Deepfakes have settled into a groove, as most scam techniques do. It seems most deepfakers have decided to make as much cash as possible from unsuspecting victims instead of doing anything particularly earth-shattering with their technology. One curious twist we may not have seen coming is the...
CVE-2021-41872
Skyworth Digital Technology Penguin Aurora Box 41502 has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service...
CVE-2021-41872
Skyworth Digital Technology Penguin Aurora Box 41502 has a denial of service vulnerability, which can be exploited by attackers to cause a denial of service...