CVE-2020-36915

Adtec Digital SignEdje Digital Signage Player v2.08.28 contains multiple hardcoded default credentials that allow unauthenticated remote access to web, telnet, and SSH interfaces. Attackers can exploit these credentials to gain root-level access and execute system commands across multiple Adtec...

CVE-2020-36915 Adtec Digital SignEdje Digital Signage Player v2.08.28 Default Credentials

Adtec Digital SignEdje Digital Signage Player v2.08.28 contains multiple hardcoded default credentials that allow unauthenticated remote access to web, telnet, and SSH interfaces. Attackers can exploit these credentials to gain root-level access and execute system commands across multiple Adtec...

EUVD-2019-13525

Malware in sbrugna...

EUVD-2019-15017

Malware in sbrugna...

EUVD-2019-10138

Malware in sbrugna...

EUVD-2021-19342

Malware in sbrugna...

EUVD-2019-8215

Malware in sbrugna...

EUVD-2019-15018

Malware in sbrugna...

EUVD-2022-52225

Malicious code in bioql PyPI...

EUVD-2024-46546

Malicious code in bioql PyPI...

EUVD-2022-49616

Malicious code in bioql PyPI...

EUVD-2023-31185

Malicious code in bioql PyPI...

EUVD-2024-37380

Malicious code in bioql PyPI...

Arbitrary Argument Injection

Overview Affected versions of this package are vulnerable to Arbitrary Argument Injection via the commitCommand function. An attacker can create or overwrite arbitrary files by sending specially crafted requests through the SSH interface. Note: This vulnerability was fixed in version...

CVE-2024-5313

CWE-668: Exposure of the Resource Wrong Sphere vulnerability exists that exposes a SSH interface over the product network interface. This does not allow to directly exploit the product or make any unintended operation as the SSH interface access is protected by an authentication mechanism. Impact...

CVE-2023-27409

A vulnerability has been identified in SCALANCE LPE9403 All versions V2.1. A path traversal vulnerability was found in the deviceinfo binary via the mac parameter. This could allow an authenticated attacker with access to the SSH interface on the affected device to read the contents of any file...

CVE-2023-27408

A vulnerability has been identified in SCALANCE LPE9403 All versions V2.1. The i2c mutex file is created with the permissions bits of -rw-rw-rw-. This file is used as a mutex for multiple applications interacting with i2c. This could allow an authenticated attacker with access to the SSH interfac...

CVE-2022-46832

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU62x firmware version 2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the firmwa...

CVE-2022-46833

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU63x firmware version v2.21 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the...

CVE-2022-30270

The Motorola ACE1000 RTU through 2022-05-02 has default credentials. It exposes an SSH interface on port 22/TCP. This interface is used for remote maintenance and for SFTP file-transfer operations that are part of engineering software functionality. Access to this interface is controlled by 5...