EUVD-2023-59112

Malicious code in bioql PyPI...

EUVD-2023-46910

Malicious code in bioql PyPI...

MAL-2025-47897 Malicious code in @imou/web-front-basic-alg (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a09a2b21767c80d9ac4dee1814eba71363cbdaf62aace137c60392788a16ad8f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @imou/web-front-basic-alg (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a09a2b21767c80d9ac4dee1814eba71363cbdaf62aace137c60392788a16ad8f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-42470

The Imou Life com.mm.android.smartlifeiot application through 6.8.0 for Android allows Remote Code Execution via a crafted intent to an exported component. This relates to the com.mm.android.easy4ip.MainActivity activity. JavaScript execution is enabled in the WebView, and direct web content...

CVE-2023-47353

An issue in the com.oneed.dvr.service.DownloadFirmwareService component of IMOU GO v1.0.11 allows attackers to force the download of arbitrary files...

CVE-2023-47353

An issue in the com.oneed.dvr.service.DownloadFirmwareService component of IMOU GO v1.0.11 allows attackers to force the download of arbitrary files...

CVE-2023-47353

An issue in the com.oneed.dvr.service.DownloadFirmwareService component of IMOU GO v1.0.11 allows attackers to force the download of arbitrary files...

Denial of service

An issue in the com.oneed.dvr.service.DownloadFirmwareService component of IMOU GO v1.0.11 allows attackers to force the download of arbitrary files...

CVE-2023-47353

An issue in the com.oneed.dvr.service.DownloadFirmwareService component of IMOU GO v1.0.11 allows attackers to force the download of arbitrary files...

CVE-2023-47353

IMOU GO v1.0.11 is affected by CVE-2023-47353 due to the com.oneed.dvr.service.DownloadFirmwareService component, which allows an attacker to force the download of arbitrary files. The CVE notes network exposure with low attack complexity, requiring user interaction, and impact on confidentiality...

IMOU GO Security Vulnerability

IMOU GO is a mobile app for interacting with a car recorder. A security vulnerability exists in IMOU GO v1.0.11. An attacker can exploit the vulnerability to force the download of arbitrary files...

PT-2024-13444 · Imou Go · Imou Go

Name of the Vulnerable Software and Affected Versions: IMOU GO version 1.0.11 Description: An issue in the com.oneed.dvr.service.DownloadFirmwareService component allows attackers to force the download of arbitrary files. Recommendations: For IMOU GO version 1.0.11, consider disabling the...

CVE-2023-6913

A session hijacking vulnerability has been detected in the Imou Life application affecting version 6.7.0. This vulnerability could allow an attacker to hijack user accounts due to the QR code functionality not properly filtering codes when scanning a new device and directly running WebView withou...

CVE-2023-6913

A session hijacking vulnerability has been detected in the Imou Life application affecting version 6.7.0. This vulnerability could allow an attacker to hijack user accounts due to the QR code functionality not properly filtering codes when scanning a new device and directly running WebView withou...

CVE-2023-6913 Session Hijacking on Imou Life app

A session hijacking vulnerability has been detected in the Imou Life application affecting version 6.7.0. This vulnerability could allow an attacker to hijack user accounts due to the QR code functionality not properly filtering codes when scanning a new device and directly running WebView withou...

CVE-2023-6913

The CVE-2023-6913 entry relates to Imou Life (v6.7.0) and describes a session hijacking issue caused by the QR code flow not filtering codes when pairing a new device, which can trigger WebView to run without user prompt. The result is potential user account takeovers and phishing via the affecte...

PT-2023-32821 · Imou · Imou Life

Name of the Vulnerable Software and Affected Versions: Imou Life version 6.7.0 Description: A session hijacking issue has been detected in the Imou Life application. This issue could allow an attacker to hijack user accounts due to the QR code functionality not properly filtering codes when...

Imou Life Authorization Issues Vulnerability

Imou Life is a software application. Imou Life version 6.7.0 suffers from an authorization issue vulnerability that stems from the presence of a session hijacking vulnerability. An attacker can exploit this vulnerability to launch a phishing attack...

CVE-2023-42470

The Imou Life com.mm.android.smartlifeiot application through 6.8.0 for Android allows Remote Code Execution via a crafted intent to an exported component. This relates to the com.mm.android.easy4ip.MainActivity activity. JavaScript execution is enabled in the WebView, and direct web content...