Lucene search
K

4 matches found

EUVD
EUVD
added 2026/06/12 3:2 p.m.10 views

EUVD-2026-36479

The Aqara IAM/SSO Gateway gw-builder.aqara.com provides an open redirect, which is an instance of "CWE-601: URL Redirection to Untrusted Site," with an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 6.1 Medium, which can be used to set up a phishing attack...

6.1CVSS5.2AI score0.00147EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/21 6:39 a.m.12 views

Malicious code in turing-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01af0d34d23b6ed4e61390a21baec8c1bb81080c04945293a7e4ba8d20277ca6 package.json declares turing-code as an HTTPS tarball dependency at https://turing.tap365.org/v1.1.2/turing-code-1.1.2.tgz, bypassing the npm registr...

5.9AI score
Exploits0References1
OSV
OSV
added 2024/01/26 5:15 a.m.2 views

UBUNTU-CVE-2023-38318

An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the gateway FQDN entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands...

9.8CVSS6AI score0.01096EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/01/25 12:0 a.m.7 views

PT-2024-12709 · Opennds +1 · Opennds +1

Name of the Vulnerable Software and Affected Versions: OpenNDS versions prior to 10.1.3 Description: An issue was discovered in OpenNDS where it fails to sanitize the gateway FQDN entry in the configuration file. This allows attackers with direct or indirect access to the configuration file to...

9.8CVSS9.5AI score0.01096EPSS
Exploits1References18
Rows per page
Query Builder