PT-2026-25782

Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a stored cross-site scripting vulnerability that allows authenticated attackers to inject arbitrary JavaScript by manipulating the Device Location field. Attackers can inject malicious scripts through the System Status interface that...

EUVD-2025-28745

E3 Site Supervisor firmware version 2.31F01 has a default admin user "ONEDAY" with a daily generated password. An attacker can predictably generate the password for ONEDAY. The oneday user cannot be deleted or modified by any user...

EUVD-2019-16926

Malware in sbrugna...

EUVD-2015-8000

Malware in sbrugna...

EUVD-2025-30938

Malicious code in bioql PyPI...

EUVD-2021-32425

Malicious code in bioql PyPI...

EUVD-2022-31588

Malicious code in bioql PyPI...

Netgear RAX30 安全漏洞

The NETGEAR RAX30 is a dual-band wireless router from NETGEAR. A security vulnerability exists in Netgear RAX30 version V1.0.10.94, which can be exploited by an attacker to potentially cause remote code execution...

CVE-2022-22986

Netcommunity OG410X and OG810X series Netcommunity OG410Xa, OG410Xi, OG810Xa, and OG810Xi firmware Ver.2.28 and earlier allow an attacker on the adjacent network to execute an arbitrary OS command via a specially crafted config file...

CVE-2020-27488

Loxone Miniserver devices with firmware before 11.1 aka 11.1.9.3 are unable to use an authentication method that is based on the "signature of the update package." Therefore, these devices or attackers who are spoofing these devices can continue to use an unauthenticated cloud service for an...

CVE-2023-44320

A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V7.2.2, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V7.2.2, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V7.2.2, SCALANCE M812-1 ADSL-Router 6GK5812-1AA00-2AA2 All versions V7.2.2,...

CVE-2024-4640

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to missing bounds checking on buffer operations. An attacker could write past the boundaries of allocated buffer regions in memory, causing a program crash...

CVE-2024-12429

ABB AC500v3 (PM5xxx) firmware versions earlier than 3.8.0 are affected by CVE-2024-12429 (directory traversal) that allows read access to system-wide files and configuration. A following CVE-2024-12430 enables command execution after exploiting CVE-12429, with root-level execution possible via a ...

CVE-2017-8230

On Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices, the users on the device are divided into 2 groups "admin" and "user". However, as a part of security analysis it was identified that a low privileged user who belongs to the "user" group and who has access to login in to the web administrativ...