Lucene search
K

52 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-19998

Malware in sbrugna...

9.8CVSS9.2AI score0.01962EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-40567

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00271EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-40568

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00328EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-40566

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.01023EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 4:1 a.m.12 views

CVE-2023-36622

The websocket configuration endpoint of the Loxone Miniserver Go Gen.2 before 14.1.5.9 allows remote authenticated administrators to inject arbitrary OS commands via the timezone parameter...

7.2CVSS7AI score0.01023EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 4:1 a.m.7 views

CVE-2023-36624

Loxone Miniserver Go Gen.2 through 14.0.3.28 allows an authenticated operating system user to escalate privileges via the Sudo configuration. This allows the elevated execution of binaries without a password requirement...

7.8CVSS7.2AI score0.00328EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 5:1 p.m.4 views

CVE-2020-27488

Loxone Miniserver devices with firmware before 11.1 aka 11.1.9.3 are unable to use an authentication method that is based on the "signature of the update package." Therefore, these devices or attackers who are spoofing these devices can continue to use an unauthenticated cloud service for an...

9.8CVSS7.5AI score0.01962EPSS
Exploits1
OSV
OSV
added 2023/07/05 8:15 p.m.5 views

CVE-2023-36624

Loxone Miniserver Go Gen.2 through 14.0.3.28 allows an authenticated operating system user to escalate privileges via the Sudo configuration. This allows the elevated execution of binaries without a password requirement...

7.8CVSS5.9AI score0.00328EPSS
Exploits1References2
OSV
OSV
added 2023/07/05 8:15 p.m.2 views

CVE-2023-36622

The websocket configuration endpoint of the Loxone Miniserver Go Gen.2 before 14.1.5.9 allows remote authenticated administrators to inject arbitrary OS commands via the timezone parameter...

7.2CVSS5.9AI score0.01023EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/07/05 8:15 p.m.4 views

CVE-2023-36624

Loxone Miniserver Go Gen.2 through 14.0.3.28 allows an authenticated operating system user to escalate privileges via the Sudo configuration. This allows the elevated execution of binaries without a password requirement...

7.8CVSS7.3AI score0.00328EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2023/07/05 8:15 p.m.4 views

CVE-2023-36622

The websocket configuration endpoint of the Loxone Miniserver Go Gen.2 before 14.1.5.9 allows remote authenticated administrators to inject arbitrary OS commands via the timezone parameter...

7.2CVSS7.3AI score0.01023EPSS
Exploits1References3
NVD
NVD
added 2023/07/05 8:15 p.m.17 views

CVE-2023-36622

The websocket configuration endpoint of the Loxone Miniserver Go Gen.2 before 14.1.5.9 allows remote authenticated administrators to inject arbitrary OS commands via the timezone parameter...

7.2CVSS6.9AI score0.01023EPSS
Exploits1References2
NVD
NVD
added 2023/07/05 8:15 p.m.20 views

CVE-2023-36623

The root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded secrets and the MAC address. This allows a local user to calculate the root password and escalate privileges...

7.8CVSS7.8AI score0.00271EPSS
Exploits1References2
NVD
NVD
added 2023/07/05 8:15 p.m.21 views

CVE-2023-36624

Loxone Miniserver Go Gen.2 through 14.0.3.28 allows an authenticated operating system user to escalate privileges via the Sudo configuration. This allows the elevated execution of binaries without a password requirement...

7.8CVSS7.8AI score0.00328EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/07/05 8:15 p.m.2 views

CVE-2023-36623

The root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded secrets and the MAC address. This allows a local user to calculate the root password and escalate privileges...

7.8CVSS7.1AI score0.00271EPSS
Exploits1References3
Prion
Prion
added 2023/07/05 8:15 p.m.20 views

Hardcoded credentials

The root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded secrets and the MAC address. This allows a local user to calculate the root password and escalate privileges...

4.3CVSS7.7AI score0.00271EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2023/07/05 8:15 p.m.18 views

Design/Logic Flaw

Loxone Miniserver Go Gen.2 through 14.0.3.28 allows an authenticated operating system user to escalate privileges via the Sudo configuration. This allows the elevated execution of binaries without a password requirement...

4.3CVSS7.8AI score0.00328EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2023/07/05 12:0 a.m.2 views

Loxone Miniserver 操作系统命令注入漏洞

Loxone Miniserver is a server from Loxone, Inc. that automates equipment in buildings, houses, and homes to provide energy management, monitoring, and other functions. A security vulnerability exists in Loxone Miniserver Go Gen.2 versions prior to 14.1.5.9, which stems from a websocket...

7.2CVSS7.4AI score0.01023EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/07/05 12:0 a.m.13 views

CVE-2023-36623

The root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded secrets and the MAC address. This allows a local user to calculate the root password and escalate privileges...

7.1AI score0.00271EPSS
Exploits1References2
CVE
CVE
added 2023/07/05 12:0 a.m.38 views

CVE-2023-36624

Summary: CVE-2023-36624 affects Loxone Miniserver Go Gen.2 up to 14.0.3.28. An authenticated operating system user can escalate privileges via the Sudo configuration, allowing elevated execution of binaries without a password. What’s known from documents: Multiple sources (NVD/Red Hat/CVE listing...

7.8CVSS7.8AI score0.00328EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder