Lucene search
K

378 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-11391

Malicious code in bioql PyPI...

8.8CVSS6.4AI score0.00648EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-11431

Malicious code in bioql PyPI...

8.8CVSS6.4AI score0.00604EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-11417

Malicious code in bioql PyPI...

8.8CVSS6.4AI score0.00525EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2025/06/16 12:0 a.m.6 views

Siemens TeleControl Server Basic RestoreFromBackup SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens TeleControl Server Basic. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS8.2AI score0.00712EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/06/16 12:0 a.m.7 views

Siemens TeleControl Server Basic UpdateConnectionVariables SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens TeleControl Server Basic. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

6.5CVSS6.8AI score0.00648EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/05/29 12:0 a.m.6 views

The vulnerability of the LockUser method in software for managing and monitoring deleted objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.

The vulnerability of the LockUser method in software for managing and monitoring removed objects in telemetry and telemechanics systems related to the TeleControl Server Basic is associated with the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a...

9CVSS6.1AI score0.00604EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/29 12:0 a.m.7 views

The vulnerability of the getUsers method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.

The vulnerability of the getUsers method in software for managing and monitoring removed objects in telemetry and telemechanics systems related to the TeleControl Server Basic lies in the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to...

9CVSS6.1AI score0.00604EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/29 12:0 a.m.6 views

The vulnerability of the CreateBackup method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.

The vulnerability of the CreateBackup method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to bypass security restrictions,...

9CVSS6.1AI score0.00525EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/29 12:0 a.m.7 views

The vulnerability of the LockTraceLevelSettings method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, allowing a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.

The vulnerability of the LockTraceLevelSettings method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability...

9CVSS6.1AI score0.0049EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/29 12:0 a.m.20 views

The vulnerability of the CreateLog method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, as well as in the TeleControl Server Basic, allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.

The vulnerability of the CreateLog method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass security...

9CVSS6.1AI score0.00525EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/29 12:0 a.m.6 views

The vulnerability of the ExportCertificate method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.

The vulnerability of the ExportCertificate method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allo...

9CVSS6.1AI score0.00335EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/29 12:0 a.m.5 views

The vulnerability of the GetLogs method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems of the TeleControl Server Basic allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.

The vulnerability of the GetLogs method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems related to the lack of security measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass security...

9CVSS6.1AI score0.00525EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/27 12:0 a.m.5 views

The vulnerability of the LockGeneralSettings method in the software for managing and monitoring remote objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, allows a hacker to circumvent security restrictions and gain access to write and read arbitrary files.

The vulnerability of the LockGeneralSettings method in the software for managing and monitoring remote objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability...

9CVSS5.8AI score0.00604EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/04/26 12:12 a.m.8 views

CVE-2025-29931

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected product does not properly validate a length field in a serialized message which it uses to determine the amount of memory to be allocated for deserialization. This could allow an unauthenticated...

6.3CVSS6.8AI score0.00356EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/25 6:31 p.m.31 views

CVE-2025-30030

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'ImportDatabase' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

8.8CVSS7.8AI score0.00648EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/25 6:31 p.m.13 views

CVE-2025-30003

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateProjectConnections' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

8.8CVSS7.8AI score0.00648EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/25 6:27 p.m.22 views

CVE-2025-30032

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateDatabaseSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

8.8CVSS7.8AI score0.00648EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/25 6:27 p.m.18 views

CVE-2025-30002

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateConnectionVariables' method. This could allow an authenticated remote attacker to bypass authorization controls, to rea...

8.8CVSS7.8AI score0.00648EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/25 6:24 p.m.18 views

CVE-2025-30031

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateUsers' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and wri...

8.8CVSS7.8AI score0.00648EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/25 6:13 p.m.6 views

CVE-2025-32845

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateGeneralSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read fr...

8.8CVSS7.8AI score0.00604EPSS
Exploits0References1
Rows per page
Query Builder