98 matches found
FastBee 跨站脚本漏洞
FastBee is an open-source IoT platform developed by FastBee in China. Versions of FastBee 1.2.1 and earlier contained a cross-site scripting vulnerability. This vulnerability originated from the function Add in the parameter handling of noticeContent within the System Notice Handler component,...
OpenRemote 安全漏洞
OpenRemote is an open-source IoT platform developed by OpenRemote. Versions of OpenRemote prior to 1.22.0 contained security vulnerabilities. These vulnerabilities were caused by two related expression injections in the rule engine, which could allow arbitrary code to execute on the server...
Nokia IMPACT 安全漏洞
Nokia IMPACT is a set of IoT intelligent management platforms developed by Finnish company Nokia. Versions of Nokia IMPACT such as 19.11.2.10-20210118042150283 and earlier contain security vulnerabilities. These vulnerabilities stem from the Applications component, which allows JavaScript files t...
CVE-2022-31861
Cross site Scripting XSS in ThingsBoard IoT Platform through 3.3.4.1 via a crafted value being sent to the audit logs...
CVE-2022-35134
Boodskap IoT Platform v4.4.9-02 contains a cross-site scripting XSS vulnerability...
CVE-2021-41278
Functions SDK for EdgeX is meant to provide all the plumbing necessary for developers to get started in processing/transforming/exporting data out of the EdgeX IoT platform. In affected versions broken encryption in app-functions-sdk “AES” transform in EdgeX Foundry releases prior to Jakarta allo...
EUVD-2021-2305
Malware in sbrugna...
EUVD-2020-19243
Malware in sbrugna...
EUVD-2017-16882
Malware in sbrugna...
EUVD-2022-38033
Malicious code in bioql PyPI...
EUVD-2022-53208
Malicious code in bioql PyPI...
EUVD-2022-38031
Malicious code in bioql PyPI...
EUVD-2022-37054
Malicious code in bioql PyPI...
EUVD-2022-38032
Malicious code in bioql PyPI...
EUVD-2022-37055
Malicious code in bioql PyPI...
CVE-2025-57605
Lack of server-side authorisation on department admin assignment APIs in AiKaan IoT Platform allows authenticated users to elevate their privileges by assigning themselves as admins of other departments. This results in unauthorized privilege escalation across the department...
AiKaan IoT management platform 安全漏洞
Aikaan IoT management platform is a management platform from Aikaan India. AiKaan IoT management platform suffers from a security vulnerability that stems from insufficiently hardened proxyuser accounts and the use of a shared hard-coded SSH private key, which could lead to remote code execution,...
AiKaan IoT Platform 安全漏洞
AiKaan IoT Platform is an edge device management platform from AiKaan India. AiKaan IoT Platform has a security vulnerability that stems from a lack of server-side authorization for departmental administrators to assign APIs, which could lead to unauthorized elevation of privileges...
Aikaan IoT management platform 安全漏洞
Aikaan IoT management platform is a management platform from Aikaan India. Aikaan IoT management platform version v3.25.0325-5-g2e9c59796 has a security vulnerability that originates from sending a new password in clear text, which could lead to password exposure...
CVE-2025-52351
CVE-2025-52351 affects Aikaan IoT management platform v3.25.0325-5-g2e9c59796. The vulnerability arises from sending a newly generated password to users in plaintext via email and including the same password as a query parameter in the account activation URL (e.g., https://domain.com/activate=xyz...