83 matches found
EUVD-2021-30800
Malicious code in bioql PyPI...
EUVD-2022-34378
Malicious code in bioql PyPI...
EUVD-2022-34394
Malicious code in bioql PyPI...
EUVD-2021-30794
Malicious code in bioql PyPI...
EUVD-2021-30796
Malicious code in bioql PyPI...
EUVD-2021-30792
Malicious code in bioql PyPI...
CVE-2022-2106
Elcomplus SmartICS v2.3.4.0 does not validate the filenames sufficiently, which enables authenticated administrator-level users to perform path traversal attacks and specify arbitrary files...
CVE-2022-2088
An authenticated user with admin privileges may be able to terminate any process on the system running Elcomplus SmartICS v2.3.4.0...
CVE-2021-43934
Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate upload requests, enabling a malicious user to potentially upload arbitrary files...
CVE-2021-43930
Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate download requests, enabling malicious users to perform path traversal attacks and potentially download arbitrary files from the system...
CVE-2022-2140
Elcomplus SmartICS v2.3.4.0 does not neutralize user-controllable input, which allows an authenticated user to inject arbitrary code into specific parameters...
The vulnerability of the Setting Handler component of the Elcomplus SmartPPT server allows a perpetrator to execute arbitrary code.
The vulnerability of the Setting Handler component in the Elcomplus SmartPPT server is related to authentication errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the software platform for industrial automation and IoT solutions, Elcomplus SmartICS, is related to the lack of measures to sanitize input data. This allows attackers to execute cross-site scripting (XSS) attacks.
The vulnerability of the software platform for industrial automation and IoT solutions, Elcomplus SmartICS, is related to the lack of measures to sanitize input data. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks XSS...
The vulnerability of the software platform for industrial automation and IoT solutions, Elcomplus SmartICS, is related to inadequate access control mechanisms. This allows a malicious individual to complete any process within the system.
The vulnerability of the software platform for industrial automation and IoT solutions, Elcomplus SmartICS, is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to complete any process within the system remotely...
The vulnerability of the software platform for industrial automation and IoT solutions, Elcomplus SmartICS, is related to errors in processing the relative path to the catalog. This vulnerability allows a perpetrator to disclose protected information and replace arbitrary files.
The vulnerability of the software platform for industrial automation and IoT solutions, Elcomplus SmartICS, is related to errors in processing the relative path to the catalog. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information and replace arbitrary files...
CVE-2022-2088
An authenticated user with admin privileges may be able to terminate any process on the system running Elcomplus SmartICS v2.3.4.0...
CVE-2022-2140
Elcomplus SmartICS v2.3.4.0 does not neutralize user-controllable input, which allows an authenticated user to inject arbitrary code into specific parameters...
CVE-2022-2140
Elcomplus SmartICS v2.3.4.0 does not neutralize user-controllable input, which allows an authenticated user to inject arbitrary code into specific parameters...
CVE-2022-2088
An authenticated user with admin privileges may be able to terminate any process on the system running Elcomplus SmartICS v2.3.4.0...
CVE-2022-2106
Elcomplus SmartICS v2.3.4.0 does not validate the filenames sufficiently, which enables authenticated administrator-level users to perform path traversal attacks and specify arbitrary files...