17 matches found
CVE-2025-61956
Radiometrics VizAir is vulnerable to a lack of authentication mechanisms for critical functions, such as admin access and API requests. Attackers can modify configurations without authentication, potentially manipulating active runway settings and misleading air traffic control ATC and pilots...
CVE-2025-54863
Radiometrics VizAir is vulnerable to exposure of the system's REST API key through a publicly accessible configuration file. This allows attackers to remotely alter weather data and configurations, automate attacks against multiple instances, and extract sensitive meteorological data, which could...
CVE-2025-61956
Radiometrics VizAir is vulnerable to a lack of authentication mechanisms for critical functions, such as admin access and API requests. Attackers can modify configurations without authentication, potentially manipulating active runway settings and misleading air traffic control ATC and pilots...
CVE-2025-61956
Radiometrics VizAir is affected by a lack of authentication for critical functions (admin panel and REST API). This could allow an unauthenticated attacker to modify configurations and weather data, potentially manipulating active runway settings, misleading air traffic control and pilots, and ca...
CVE-2025-54863
Radiometrics VizAir is affected by a vulnerability where the system’s REST API key is exposed via a publicly accessible configuration file. Public access could let an attacker remotely alter weather data and configurations, automate attacks across multiple instances, and exfiltrate sensitive mete...
Radiometrics VizAir
RISK EVALUATION Successful exploitation of these vulnerabilities could allow attackers to manipulate critical weather parameters and runway settings, mislead air traffic control and pilots, extract sensitive meteorological data, and cause significant disruption to airport operations, leading to...
Radiometrics VizAir 安全漏洞
Radiometrics VizAir is a weather monitoring and warning system from Radiometrics, Inc. A security vulnerability exists in Radiometrics VizAir that stems from a publicly accessible configuration file exposing the system's REST API key, which could lead to remote tampering with weather data and...
Radiometrics VizAir 访问控制错误漏洞
Radiometrics VizAir is a weather monitoring and warning system from Radiometrics, Inc. An access control error vulnerability exists in Radiometrics VizAir that stems from the lack of an authentication mechanism for critical functionality, which could allow an unauthenticated attacker to modify...
Radiometrics VizAir 访问控制错误漏洞
Radiometrics VizAir is a weather monitoring and warning system from Radiometrics, Inc. An access control error vulnerability exists in Radiometrics VizAir that originates from unauthenticated access to the administration panel of the VizAir system, which could result in modification of critical...
EUVD-2018-1809
Malware in sbrugna...
Unspecified Vulnerability in Green Electronics RainMachine Mini-8 (CNVD-2019-28250)
The Green Electronics RainMachine Mini-8 is a smart irrigation sprinkler from Green Electronics USA. A security vulnerability exists in the 'Weather Service' feature in the Green Electronics RainMachine Mini-8 2nd generation. The vulnerability can be exploited to inject arbitrary Python code via...
CVE-2018-6012
The 'Weather Service' feature of the Green Electronics RainMachine Mini-8 2nd generation allows an attacker to inject arbitrary Python code via the 'Add new weather data source' upload function...
CVE-2018-1000045
NASA Singledop version v1.0 contains a CWE-502 vulnerability in NASA Singledop library Weather data that can result in remote code execution. This attack appear to be exploitable via Victim opening a specially crafted radar data file. This vulnerability appears to have been fixed in v1.1...
CVE-2018-1000048
NASA RtRetrievalFramework version v1.0 contains a CWE-502 vulnerability in Data retrieval functionality of RtRetrieval framework that can result in remote code execution. This attack appear to be exploitable via Victim tries to retrieve and process a weather data file...
Design/Logic Flaw
NASA RtRetrievalFramework version v1.0 contains a CWE-502 vulnerability in Data retrieval functionality of RtRetrieval framework that can result in remote code execution. This attack appear to be exploitable via Victim tries to retrieve and process a weather data file...
CVE-2018-1000045
NASA Singledop version v1.0 contains a CWE-502 vulnerability in NASA Singledop library Weather data that can result in remote code execution. This attack appear to be exploitable via Victim opening a specially crafted radar data file. This vulnerability appears to have been fixed in v1.1...
[SECURITY] Fedora 7 Update: xfce4-weather-plugin-0.6.2-2.fc7
A weather plugin for the Xfce panel. It shows the current temperature and weather condition, using weather data provided by xoap.weather.com...