CVE-2022-23690

A vulnerability in the web-based management interface of AOS-CX could allow a remote unauthenticated attacker to fingerprint the exact version AOS-CX running on the switch. This allows an attacker to retrieve information which could be used to more precisely target the switch for further...

EUVD-2020-6253

Malware in sbrugna...

EUVD-2018-7284

Malware in sbrugna...

EUVD-2022-26128

Malicious code in bioql PyPI...

EUVD-2023-24374

Malicious code in bioql PyPI...

EUVD-2025-9519

Malicious code in bioql PyPI...

PT-2025-26660 · Unknown · Blue Angel Software Suite

Name of the Vulnerable Software and Affected Versions: Blue Angel Software Suite affected versions not specified Description: An OS command injection vulnerability exists in the Blue Angel Software Suite running on embedded Linux devices via the ping addr parameter in the webctrl.cgi script. The...

CVE-2023-51743

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Set Upstream Channel ID UCID parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter...

CVE-2025-4008 Arbitrary Command Injection in Smartbedded MeteoBridge

The Meteobridge web interface let meteobridge administrator manage their weather station data collection and administer their meteobridge system through a web application written in CGI shell scripts and C. This web interface exposes an endpoint that is vulnerable to command injection. Remote...

PT-2024-10772 · Epson +1 · Epson Products +1

Name of the Vulnerable Software and Affected Versions: Siime Eye version 14.1.00000001.3.330.0.0.3.14 Description: An issue was discovered in Siime Eye where information on all users, including passwords, can be found in cleartext in a backup file created through the web interface. An attacker...

CVE-2023-51737 Stored Cross Site Scripting Vulnerability in Skyworth Router

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Preshared Phrase parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web...

PT-2023-22707 · Milesight · Milesight 4K/H.265 Series Nvr

Name of the Vulnerable Software and Affected Versions: Milesight 4K/H.265 Series NVR models MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS-Nxxxx-xxT, MS-Nxxxx-xxH and MS-Nxxxx-xxC affected versions not specified Description: This issue is due to improper authorization at the Milesight NVR web-based management...

bug found

NetworkEverywhere router Model NR041 latest firmware rev 1.2 Release 03 suffers a "script injection over dhcp" vulnerability. The NR041 does not filter DHCP HOSTNAME options coming from its clients. Because of that, we can inject a web script into the web based administrative interface and wait...