CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-29602

Malicious code in bioql PyPI...

10CVSS9.2AI score0.06441EPSS

Exploits0References2

0day.today•added 2025/02/22 12:0 a.m.•440 views

RaspberryMatic 3.73.9.20240130 Remote Code Execution Exploit

RaspberryMatic / OCCU contains a unauthenticated remote code execution vulnerability, caused by multiple issues within the Java based HMIPServer.jar component. The webui allows for Firmware uploads which can be reached through the URL /pages/jpages/system/DeviceFirmware/addFirmware. This allows a...

10CVSS8.4AI score0.64209EPSS

Exploits4

Metasploit•added 2025/02/21 6:53 p.m.•665 views

RaspberryMatic unauthenticated Remote Code Execution vulnerability through HMServer File Upload.

RaspberryMatic / OCCU contains a unauthenticated remote code execution RCE vulnerability, caused by multiple issues within the Java based HMIPServer.jar component. The webui allows for Firmware uploads which can be reached through the URL /pages/jpages/system/DeviceFirmware/addFirmware. This allo...

10CVSS7.9AI score0.64209EPSS

Exploits4

Packet Storm•added 2025/02/21 12:0 a.m.•426 views

RaspberryMatic 3.73.9.20240130 Remote Code Execution

10CVSS8.3AI score0.64209EPSS

Exploits4

RedhatCVE•added 2025/02/05 9:42 p.m.•5 views

CVE-2022-24796

RaspberryMatic is a free and open-source operating system for running a cloud-free smart-home using the homematicIP / HomeMatic hardware line of IoT devices. A Remote Code Execution RCE vulnerability in the file upload facility of the WebUI interface of RaspberryMatic exists. Missing input...

10CVSS8.4AI score0.06441EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 2:19 a.m.•5 views

CVE-2024-24578

RaspberryMatic is an open-source operating system for HomeMatic internet-of-things devices. RaspberryMatic / OCCU prior to version 3.75.6.20240316 contains a unauthenticated remote code execution RCE vulnerability, caused by multiple issues within the Java based HMIPServer.jar component...

10CVSS9.9AI score0.64209EPSS

Exploits4References1

NVD•added 2024/03/18 10:15 p.m.•12 views

CVE-2024-24578

10CVSS10AI score0.64209EPSS

Exploits4References1

Cvelist•added 2024/03/18 9:13 p.m.•17 views

CVE-2024-24578 RaspberryMatic Unauthenticated Remote Code Execution vulnerability through HMServer File Upload

10CVSS10AI score0.64209EPSS

Exploits4References1

Vulnrichment•added 2024/03/18 9:13 p.m.•18 views

CVE-2024-24578 RaspberryMatic Unauthenticated Remote Code Execution vulnerability through HMServer File Upload

10CVSS8.4AI score0.64209EPSS

Exploits4References1

CVE•added 2024/03/18 9:13 p.m.•101 views

CVE-2024-24578

CVE-2024-24578 affects RaspberryMatic / OCCU prior to 3.75.6.20240316. The vulnerability stems from multiple issues in the Java HMIPServer.jar, enabling unauthenticated RCE via the Firmware upload UI at /pages/jpages (Zip Slip). An attacker can upload a malicious archive that is extracted without...

10CVSS10AI score0.64209EPSS

Exploits4References1Affected Software1

OSV•added 2024/03/18 9:13 p.m.•1 views

CVE-2024-24578 RaspberryMatic Unauthenticated Remote Code Execution vulnerability through HMServer File Upload

10CVSS9.7AI score0.64209EPSS

Exploits4References3

CNNVD•added 2024/03/18 12:0 a.m.•1 views

RaspberryMatic Security Vulnerabilities

RaspberryMatic is a free and non-commercial open source operating system alternative from the individual developer Jens Maus in Germany. It is used to run cloud-free smart home IoT centers. A security vulnerability exists in RaspberryMatic versions prior to 3.75.6.20240316, which stems from...

10CVSS7.9AI score0.64209EPSS

Exploits4References2

Positive Technologies•added 2024/03/18 12:0 a.m.•2 views

PT-2024-20465 · Unknown · Raspberrymatic +1

Name of the Vulnerable Software and Affected Versions: RaspberryMatic / OCCU versions prior to 3.75.6.20240316 Description: RaspberryMatic is an open-source operating system for HomeMatic internet-of-things devices. The issue is caused by multiple problems within the Java-based HMIPServer.jar...

10CVSS10AI score0.64209EPSS

Exploits4References4

NVD•added 2022/03/31 11:15 p.m.•9 views

CVE-2022-24796

10CVSS0.06441EPSS

Exploits0References2

Prion•added 2022/03/31 11:15 p.m.•21 views

Design/Logic Flaw

10CVSS10AI score0.06441EPSS

Exploits0References2Affected Software1

CVE•added 2022/03/31 10:40 p.m.•116 views

CVE-2022-24796

RaspberryMatic WebUI file upload vulnerability allows remote, unauthenticated RCE via shell metacharacters in HTTP query strings. The root cause is missing input validation/sanitization in the upload mechanism. Affected versions are 2.31.25.20180428 through 3.63.7.20220226 (note: exact upper boun...

10CVSS10AI score0.06441EPSS

Exploits0References2Affected Software1

Cvelist•added 2022/03/31 10:40 p.m.•9 views

CVE-2022-24796 Remote Command Injection in RaspberryMatic

10CVSS10AI score0.06441EPSS

Exploits0References2

OSV•added 2022/03/31 10:40 p.m.•2 views

CVE-2022-24796 Remote Command Injection in RaspberryMatic

10CVSS8.1AI score0.06441EPSS

Exploits0References4

CNNVD•added 2022/03/31 12:0 a.m.•1 views

RaspberryMatic 操作系统命令注入漏洞

RaspberryMatic is a free and non-commercial open source operating system alternative from the individual developer Jens Maus in Germany. It is used to run cloud-free smart home IoT centers. RaspberryMatic suffers from an operating system command injection vulnerability that stems from a lack of...

10CVSS8.8AI score0.06441EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by