EUVD-2022-48044

Malicious code in bioql PyPI...

EUVD-2022-50655

Malicious code in bioql PyPI...

CVE-2022-47917 CVE-2022-47917

Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to improper input validation of user input to several modules and services of the software. This could allow an attacker to delete arbitrary files and cause a denial-of-service condition...

CVE-2022-45127 CVE-2022-45127

Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary backup operations and cause a denial-of-service condition...

CVE-2022-43483 CVE-2022-43483

Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the monitor services of the software. This could allow a remote attacker to access sensitive functions of the application and execute arbitrary system...

CVE-2022-41989 CVE-2022-41989

Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 does not validate the length of RTLS report payloads during communication. This allows an attacker to send an exceedingly long payload, resulting in an out-of-bounds write to cause a denial-of-service...