104 matches found
EUVD-2023-43936
Malicious code in bioql PyPI...
EUVD-2023-43935
Malicious code in bioql PyPI...
EUVD-2022-42604
Malicious code in bioql PyPI...
EUVD-2022-42603
Malicious code in bioql PyPI...
EUVD-2022-42600
Malicious code in bioql PyPI...
EUVD-2022-42605
Malicious code in bioql PyPI...
EUVD-2022-42602
Malicious code in bioql PyPI...
EUVD-2022-42606
Malicious code in bioql PyPI...
EUVD-2023-43940
Malicious code in bioql PyPI...
EUVD-2023-43937
Malicious code in bioql PyPI...
EUVD-2023-43939
Malicious code in bioql PyPI...
EUVD-2023-43938
Malicious code in bioql PyPI...
CVE-2023-3260
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to command injection via the user-name URL parameter. An authenticated malicious agent can exploit this vulnerability to execute arbitrary command on the underlying Linux operating system...
CVE-2023-3261
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier contains a buffer overflow vulnerability in the librta.so.0.0.0 library.Successful exploitation could cause denial of service or unexpected behavior with respect to all interactions relying on the targeted vulnerable binary...
CVE-2023-3264
The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded credentials for all interactions with the internal Postgres database. A malicious agent with the ability to execute operating system commands on the device can leverage this vulnerability to read, modify, or...
CVE-2022-3187
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where certain PHP pages only validate when a valid connection is established with the database. However, these PHP pages do not verify the validity of a user. Attackers could leverage this lack of verification to read...
CVE-2022-3185
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product exposes sensitive data concerning the device...
CVE-2022-3189
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specially crafted PHP script could use parameters from a HTTP request to create a URL capable of changing the host parameter. The changed host parameter in the HTTP could point to another host that will send a...
CVE-2022-3188
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where unauthenticated users could open PHP index pages without authentication and download the history file from the device; the history file includes the latest actions completed by specific users...
CVE-2022-3183
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specific function does not sanitize the input provided by the user, which may expose the affected to an OS command injection vulnerability...