EUVD-2023-12202

Malicious code in bioql PyPI...

CVE-2023-0104

The listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by decompiling a malicious project file. This may allow an attacker to gain control of the user’s computer or gain access to sensitive data...

CVE-2023-5777

Weintek EasyBuilder Pro contains a vulnerability that, even when the private key is immediately deleted after the crash report transmission is finished, the private key is exposed to the public, which could result in obtaining remote control of the crash report server...

CVE-2023-5777

Weintek EasyBuilder Pro contains a vulnerability that, even when the private key is immediately deleted after the crash report transmission is finished, the private key is exposed to the public, which could result in obtaining remote control of the crash report server...

Design/Logic Flaw

Weintek EasyBuilder Pro contains a vulnerability that, even when the private key is immediately deleted after the crash report transmission is finished, the private key is exposed to the public, which could result in obtaining remote control of the crash report server...

CVE-2023-5777 Weintek EasyBuilder Pro Use of Hard-coded Credentials

Weintek EasyBuilder Pro contains a vulnerability that, even when the private key is immediately deleted after the crash report transmission is finished, the private key is exposed to the public, which could result in obtaining remote control of the crash report server...

CVE-2023-5777

CVE-2023-5777 affects Weintek EasyBuilder Pro. The root issue is use of hard-coded credentials, which can expose the private key after a crash report is sent, potentially allowing remote control of the crash report server. Affected versions are EasyBuilder Pro before v6.07.02, and 6.08.01.592 and...

CVE-2023-5777 Weintek EasyBuilder Pro Use of Hard-coded Credentials

Weintek EasyBuilder Pro contains a vulnerability that, even when the private key is immediately deleted after the crash report transmission is finished, the private key is exposed to the public, which could result in obtaining remote control of the crash report server...

Weintek EasyBuilder Pro Trust Management Issue Vulnerability

Weintek EasyBuilder Pro is Weintek's platform that provides ample high-quality graphic libraries for different industrial applications such as packaging machinery, processing plants, water treatment plants, etc., greatly reducing your project display design time. A security vulnerability exists i...

Weintek EasyBuilder Pro

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity Vendor : Weintek Equipment : EasyBuilder Pro Vulnerability : Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain remote...

CVE-2023-0104

The listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by decompiling a malicious project file. This may allow an attacker to gain control of the user’s computer or gain access to sensitive data...

CVE-2023-0104

The listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by decompiling a malicious project file. This may allow an attacker to gain control of the user’s computer or gain access to sensitive data...

Design/Logic Flaw

The listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by decompiling a malicious project file. This may allow an attacker to gain control of the user’s computer or gain access to sensitive data...

CVE-2023-0104

The listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by decompiling a malicious project file. This may allow an attacker to gain control of the user’s computer or gain access to sensitive data...

CVE-2023-0104

Weintek EasyBuilder Pro is affected by CVE-2023-0104 (ZipSlip via decompiling a malicious project file). Affected: v6.07.01 and prior, v6.07.02.479 and prior, v6.08.01.349 and prior. Risk: enables attackers to gain control of a user’s machine or access sensitive data. Mitigation: upgrade to v6.07...

CVE-2023-0104

The listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by decompiling a malicious project file. This may allow an attacker to gain control of the user’s computer or gain access to sensitive data...

PT-2023-16013 · Weintek · Weintek Easybuilder Pro

Name of the Vulnerable Software and Affected Versions: Weintek EasyBuilder Pro affected versions not specified Description: The issue is caused by a ZipSlip attack resulting from decompiling a malicious project file. This may allow an attacker to gain control of the user’s computer or gain access...

Weintek EasyBuilder Pro cMT Series

1. EXECUTIVE SUMMARY CVSS v3 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Weintek Equipment: EasyBuilder Pro Vulnerability: Path Traversal: '\..\filename' 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain control of the user’s...

Weintek EasyBuilder Pro 路径遍历漏洞

Weintek EasyBuilder Pro is Weintek's platform that provides ample high-quality graphic libraries for different industrial applications such as packaging machinery, processing plants, water treatment plants, etc., greatly reducing your project display design time. A security vulnerability exists i...

CISA Releases One Industrial Control Systems Advisory

CISA released one Industrial Control Systems ICS advisory on February 14, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical...