73 matches found
EUVD-2022-46483
Malicious code in bioql PyPI...
EUVD-2022-49520
Malicious code in bioql PyPI...
EUVD-2022-50161
Malicious code in bioql PyPI...
EUVD-2022-50655
Malicious code in bioql PyPI...
EUVD-2022-45093
Malicious code in bioql PyPI...
EUVD-2022-50659
Malicious code in bioql PyPI...
EUVD-2022-48044
Malicious code in bioql PyPI...
CVE-2022-47917
Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to improper input validation of user input to several modules and services of the software. This could allow an attacker to delete arbitrary files and cause a denial-of-service condition...
CVE-2022-47917
Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to improper input validation of user input to several modules and services of the software. This could allow an attacker to delete arbitrary files and cause a denial-of-service condition...
CVE-2022-47911
Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the backup services of the software. This could allow a remote attacker to access sensitive functions of the application and execute arbitrary system...
CVE-2022-45127
Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary backup operations and cause a denial-of-service condition...
CVE-2022-47395
Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its monitor services. An attacker could take advantage of this vulnerability to execute arbitrary maintenance operations and cause a denial-of-service...
CVE-2022-45444
Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 contains hard-coded passwords for select users in the application’s database. This could allow a remote attacker to login to the database with unrestricted access...
CVE-2022-43455
Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to improper input validation of user input to the servicestart, servicestop, and servicerestart modules of the software. This could allow an attacker to start, stop, or restart arbitrary...
CVE-2022-43455
Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to improper input validation of user input to the servicestart, servicestop, and servicerestart modules of the software. This could allow an attacker to start, stop, or restart arbitrary...
CVE-2022-45127
Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary backup operations and cause a denial-of-service condition...
CVE-2022-43483
Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the monitor services of the software. This could allow a remote attacker to access sensitive functions of the application and execute arbitrary system...
CVE-2022-45444
Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 contains hard-coded passwords for select users in the application’s database. This could allow a remote attacker to login to the database with unrestricted access...
CVE-2022-46733
Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site scripting in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary commands...
CVE-2022-46733
Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site scripting in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary commands...