Malicious Package

Overview @monkey-tilt/client is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview @monkey-tilt/ui is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

CVE-2025-14749

A vulnerability was identified in Ningyuanda TC155 57.0.2.0. This impacts an unknown function of the file /onvif/deviceservice of the component ONVIF PTZ Control Interface. The manipulation leads to improper access controls. The attack requires being on the local network. The exploit is publicly...

CVE-2025-14749

A vulnerability was identified in Ningyuanda TC155 57.0.2.0. This impacts an unknown function of the file /onvif/deviceservice of the component ONVIF PTZ Control Interface. The manipulation leads to improper access controls. The attack requires being on the local network. The exploit is publicly...

EUVD-2025-203496

A vulnerability was identified in Ningyuanda TC155 57.0.2.0. This impacts an unknown function of the file /onvif/deviceservice of the component ONVIF PTZ Control Interface. The manipulation leads to improper access controls. The attack requires being on the local network. The exploit is publicly...

Ningyuanda TC155 访问控制错误漏洞

The Ningyuanda TC155 is an IP camera from the Chinese company Ningyuanda. An access control error vulnerability exists in the Ningyuanda TC155 version 57.0.2.0, which stems from improper access control of the ONVIF PTZ control interface component, which could lead to unauthorized access...

EUVD-2025-202927

SpaceX Starlink Dish devices with firmware 2024.12.04.mr46620 e.g., on Mini1prod2 allow administrative actions via unauthenticated LAN gRPC requests, aka MARMALADE 2. The cross-origin policy can be bypassed by omitting a Referer header. In some cases, an attacker's ability to read tilt, rotation,...

CVE-2025-67780

SpaceX Starlink Dish devices with firmware 2024.12.04.mr46620 e.g., on Mini1prod2 allow administrative actions via unauthenticated LAN gRPC requests, aka MARMALADE 2. The cross-origin policy can be bypassed by omitting a Referer header. In some cases, an attacker's ability to read tilt, rotation,...

CVE-2025-67780

SpaceX Starlink Dish devices running firmware 2024.12.04.mr46620 are affected by CVE-2025-67780 due to unauthenticated LAN gRPC requests. The issue allows administrative actions via the diagnostic interface, and the cross-origin policy can be bypassed by omitting a Referer header, potentially ena...

CVE-2025-67780

SpaceX Starlink Dish devices with firmware 2024.12.04.mr46620 e.g., on Mini1prod2 allow administrative actions via unauthenticated LAN gRPC requests, aka MARMALADE 2. The cross-origin policy can be bypassed by omitting a Referer header. In some cases, an attacker's ability to read tilt, rotation,...

Malicious code in tilt-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f82989e88831785c95c219b66edb876aed00a77b53cedc1b81e595e395222aa5 The package tilt-ui was found to contain malicious code...

EUVD-2025-200039

Malicious code in tilt-ui npm...

MAL-2025-191530 Malicious code in tilt-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f82989e88831785c95c219b66edb876aed00a77b53cedc1b81e595e395222aa5 The package tilt-ui was found to contain malicious code...

EUVD-2019-11010

Malware in sbrugna...

CVE-2025-35452 Pan-Tilt-Zoom cameras default administrative credentials for web interface

PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use default, shared credentials for the administrative web interface...

CVE-2025-35452

PTZOptics and ValueHD-based PTZ cameras are affected by an insufficient authentication issue affecting the administrative web interface. The vulnerability stems from default, shared credentials and weak access controls for the /cgi-bin/param.cgi path, enabling remote, unauthenticated access to se...

CVE-2025-35452 Pan-Tilt-Zoom cameras default administrative credentials for web interface

PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use default, shared credentials for the administrative web interface...

CVE-2025-35451

CVE-2025-35451 concerns PTZOptics and ValueHD-based pan-tilt-zoom cameras with hard-coded default administrative credentials. Affected devices expose SSH and/or Telnet on all interfaces, and the default passwords cannot be changed or the services disabled, enabling potential unauthorized admin ac...

CVE-2025-35451 Pan-Tilt-Zoom cameras hard-coded default passwords with SSH and telnet enabled

PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be...

CVE-2025-35451 Pan-Tilt-Zoom cameras hard-coded default passwords with SSH and telnet enabled

PTZOptics and possibly other ValueHD-based pan-tilt-zoom cameras use hard-coded, default administrative credentials. The passwords can readily be cracked. Many cameras have SSH or telnet listening on all interfaces. The passwords cannot be changed by the user, nor can the SSH or telnet service be...