CVE-2026-33362

In Meari IoT SDK builds embedded in CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and white-label Android apps = 1.8.x latest observed, multiple security-critical secrets are hardcoded and shared, including API signing material, password-transport keying, and service access keys...

CVE-2026-33362

In Meari IoT SDK builds embedded in CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and white-label Android apps = 1.8.x latest observed, multiple security-critical secrets are hardcoded and shared, including API signing material, password-transport keying, and service access keys...

CVE-2026-33361

In Meari IoT SDK image handling libmrplayer.so as observed in CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and related white-label apps = 1.8.x, baby monitor ".jpgx3" files use reversible XOR over only the first 1024 bytes with a predictable key derivation model...

CVE-2026-33362

In Meari IoT SDK builds embedded in CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and white-label Android apps = 1.8.x latest observed, multiple security-critical secrets are hardcoded and shared, including API signing material, password-transport keying, and service access keys...

PT-2026-39644

In Meari IoT SDK builds embedded in CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and white-label Android apps = 1.8.x latest observed, multiple security-critical secrets are hardcoded and shared, including API signing material, password-transport keying, and service access keys...

PT-2026-7409

Name of the Vulnerable Software and Affected Versions Azure IoT SDK affected versions not specified Description An issue exists where binding to an unrestricted IP address in the Azure IoT SDK can allow an unauthorized attacker to disclose information over a network. Recommendations At the moment...

aws-greengrass-nucleus (>=0.0.3 <=0.0.7) potentially affected by unknown CVE via aws-sdk-iot (>=0.15.0 <=0.18.0)

aws-sdk-iot CARGO version =0.15.0, =0.0.3, =0.0.7 Source cves: unknown CVE Source advisory: OSV:GHSA-G59M-GF8J-GJF5...

EUVD-2021-0030

Malware in sbrugna...

EUVD-2024-37131

Malicious code in bioql PyPI...

EUVD-2024-37130

Malicious code in bioql PyPI...

MAL-2025-4564 Malicious code in iot-sdk-device-client-rest-api (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b7292c16917957be9e3511b347ab46a5b84d68d182f759d96859e22b934d013f Any computer that has this package installed or running should be considered...

Azure Linux 3.0 Security Update: azure-iot-sdk-c (CVE-2024-29195)

The version of azure-iot-sdk-c installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-29195 advisory. - The azure-c-shared-utility is a C library for AMQP/MQTT communication to Azure Cloud Services. This...

CBL Mariner 2.0 Security Update: azure-iot-sdk-c (CVE-2024-29195)

The version of azure-iot-sdk-c installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-29195 advisory. - The azure-c-shared-utility is a C library for AMQP/MQTT communication to Azure Cloud Services. This...

CVE-2024-29195 affecting package azure-iot-sdk-c for versions less than 2022.01.21-4

CVE-2024-29195 affecting package azure-iot-sdk-c for versions less than 2022.01.21-4. A patched version of the package is available...

Azure Linux 3.0 Security Update: azure-iot-sdk-c (CVE-2024-25110)

The version of azure-iot-sdk-c installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-25110 advisory. - The UAMQP is a general purpose C library for AMQP 1.0. During a call to opengetofferedcapabilities,...

CVE-2024-38158

Azure IoT SDK Remote Code Execution Vulnerability...

CVE-2024-38158

Azure IoT SDK Remote Code Execution Vulnerability...

CVE-2024-38158 Azure IoT SDK Remote Code Execution Vulnerability

...

CVE-2024-38157 Azure IoT SDK Remote Code Execution Vulnerability

...

KLA71478 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in .NET and Visua...