PT-2026-33929

This vulnerability exists in Quantum Networks router due to improper access control and insecure default configuration in the web-based management interface. An unauthenticated attacker could exploit this vulnerability by accessing exposed API endpoints on the targeted device. Successful...

Malicious code in paddle-internal-scripts (npm)

Malicious package due to sensitive data exfiltration via obfuscated preinstall script. Few published versions increase suspicion. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eae655788b800d689464263a26d904ccb45fe4aa65b61422a51325008aff3003 The package...

MAL-2026-2829 Malicious code in paddle-internal-scripts (npm)

Malicious package due to sensitive data exfiltration via obfuscated preinstall script. Few published versions increase suspicion. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eae655788b800d689464263a26d904ccb45fe4aa65b61422a51325008aff3003 The package...

EUVD-2020-21917

Malware in sbrugna...

CVE-2022-29490

Improper Authorization vulnerability exists in the Workplace X WebUI of the Hitachi Energy MicroSCADA X SYS600 allows an authenticated user to execute any MicroSCADA internal scripts irrespective of the authenticated user's role. This issue affects: Hitachi Energy MicroSCADA X SYS600 version 10 t...

Hitachi Energy MicroSCADA X SYS600 安全漏洞

Hitachi Energy MicroSCADA X SYS600 is a SCADA product from Hitachi Japan. It ensures optimal control and reliable operation of your switching station through seamless integration and connectivity between different devices and systems. A security vulnerability exists in Hitachi Energy MicroSCADA X...

PT-2022-19656 · Hitachi Energy · Microscada X Sys600

Name of the Vulnerable Software and Affected Versions: Hitachi Energy MicroSCADA X SYS600 versions 10 through 10.3.1 Description: An Improper Authorization issue exists in the Workplace X WebUI of the Hitachi Energy MicroSCADA X SYS600, allowing an authenticated user to execute any MicroSCADA...

CVE-2022-29490

Improper Authorization vulnerability exists in the Workplace X WebUI of the Hitachi Energy MicroSCADA X SYS600 allows an authenticated user to execute any MicroSCADA internal scripts irrespective of the authenticated user's role. This issue affects: Hitachi Energy MicroSCADA X SYS600 version 10 t...

Malicious code in internal-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1d4583bea88824ef161eff89fddcfcad1437c405b759199306bc71b55930db9f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-3868 Malicious code in internal-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1d4583bea88824ef161eff89fddcfcad1437c405b759199306bc71b55930db9f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

USN-5395-1 networkd-dispatcher vulnerabilities

It was discovered that networkd-dispatcher incorrectly handled internal scripts. A local attacker could possibly use this issue to cause a race condition, escalate privileges and execute arbitrary code. CVE-2022-29799, CVE-2022-29800...

CVE-2020-29551

An issue was discovered in URVE Build 24.03.2020. Using the internal/pc/shutdown.php path, it is possible to shutdown the system. Among others, the following files and scripts are also accessible: internal/pc/abort.php, internal/pc/restart.php, internal/pc/vpro.php, internal/pc/wake.php,...

Urve Access Control Error Vulnerability

Urve is a device for booking meeting rooms/rooms from Urve UK. The device supports integration with MS Exchange, Lotus, Office 365, Google Calendar and other systems to support meeting room and guest room reservations. An Access Control Error vulnerability exists in URVE Build 24.03.2020, which...