50 matches found
EUVD-2020-29018
Malware in sbrugna...
EUVD-2024-26119
Malicious code in bioql PyPI...
EUVD-2023-28560
Malicious code in bioql PyPI...
EUVD-2021-9954
Malicious code in bioql PyPI...
EUVD-2025-8847
Malicious code in bioql PyPI...
CVE-2024-39300
Missing authentication vulnerability exists in Telnet function of WAB-I1750-PS v1.5.10 and earlier. When Telnet function of the product is enabled, a remote attacker may login to the product without authentication and alter the product's settings...
CVE-2024-23785
Cross-site request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a remote unauthenticated attacker to change the product settings...
CVE-2023-22304
OS command injection vulnerability in PIX-RT100 versions RT100TEQ2.1.1EQ101 and RT100TEQ2.1.2EQ101 allows a network-adjacent attacker who can access product settings to execute an arbitrary OS command...
CVE-2022-41807
Missing authorization vulnerability exists in Kyocera Document Solutions MFPs and printers, which may allow a network-adjacent attacker to alter the product settings without authentication by sending a specially crafted request. Affected products/versions are as follows: TASKalfa 7550ci/6550ci,...
CVE-2025-32738
CVE-2025-32738 affects I-O DATA HDL-T Series network-attached HDDs with firmware versions 1.21 and earlier. The flaw is a missing authentication for a critical function, enabling a remote unauthenticated attacker to change product settings. Public sources (JVNDB/Red Hat/US CVE feeds) confirm the ...
CVE-2025-26689
Direct request 'Forced Browsing' issue exists in CHOCO TEI WATCHER mini IB-MCT001 all versions. If a remote attacker sends a specially crafted HTTP request to the product, the product data may be obtained or deleted, and/or the product settings may be altered...
CVE-2024-39300
Missing authentication vulnerability exists in Telnet function of WAB-I1750-PS v1.5.10 and earlier. When Telnet function of the product is enabled, a remote attacker may login to the product without authentication and alter the product's settings...
CVE-2024-39300
Missing authentication vulnerability exists in Telnet function of WAB-I1750-PS v1.5.10 and earlier. When Telnet function of the product is enabled, a remote attacker may login to the product without authentication and alter the product's settings...
CVE-2024-29078
Incorrect permission assignment for critical resource issue exists in MosP kintai kanri V4.6.6 and earlier, which may allow a remote unauthenticated attacker with access to the product to alter the product settings...
CVE-2024-29078
Incorrect permission assignment for critical resource issue exists in MosP kintai kanri V4.6.6 and earlier, which may allow a remote unauthenticated attacker with access to the product to alter the product settings...
CVE-2024-29078
MosP kintai kanri is affected by CVE-2024-29078 in versions 4.6.6 and earlier. The root cause is an incorrect permission assignment for a critical resource, which could allow a remote unauthenticated attacker with access to the product to alter product settings. The issue is documented across mul...
CVE-2024-29078
Incorrect permission assignment for critical resource issue exists in MosP kintai kanri V4.6.6 and earlier, which may allow a remote unauthenticated attacker with access to the product to alter the product settings...
esMind MosP 安全漏洞
esMind MosP is an open source attendance management system from esMind. A security vulnerability exists in esMind MosP kintai kanri 4.6.6 and prior versions, which stems from incorrect privilege assignments and could allow an unauthenticated, remote attacker with privileged access to the product ...
CVE-2024-23785
Cross-site request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a remote unauthenticated attacker to change the product settings...
CVE-2024-23785
Cross-site request forgery vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a remote unauthenticated attacker to change the product settings...