39 matches found
EUVD-2023-38506
Malicious code in bioql PyPI...
EUVD-2023-39164
Malicious code in bioql PyPI...
EUVD-2023-36900
Malicious code in bioql PyPI...
EUVD-2023-41265
Malicious code in bioql PyPI...
The vulnerability of the Weincloud industrial device management cloud platform lies in improper handling of its components, allowing attackers to trigger a service failure.
The vulnerability of the Weincloud industrial device management cloud platform is related to incorrect handling of its components. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the Weincloud industrial device management cloud platform lies in its insufficient authentication attempt limit, which allows attackers to execute a brute-force attack.
The vulnerability of the Weincloud industrial device management cloud platform lies in the insufficient limitation on authentication attempts. Exploiting this vulnerability allows a malicious actor to execute a brute-force attack...
CVE-2023-35134
Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding account’s JWT token only...
CVE-2023-37362
Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website...
CVE-2023-34429
Weintek Weincloud v0.13.6 could allow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token...
CVE-2023-35134
Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding account’s JWT token only...
CVE-2023-37362
Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website...
CVE-2023-34429
Weintek Weincloud v0.13.6 could allow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token...
CVE-2023-32657
Weintek Weincloud v0.13.6 could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses...
CVE-2023-32657
Weintek Weincloud v0.13.6 could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses...
Authentication flaw
Weintek Weincloud v0.13.6 could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses...
Design/Logic Flaw
Weintek Weincloud v0.13.6 could allow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token...
Design/Logic Flaw
Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website...
Default credentials
Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding account’s JWT token only...
CVE-2023-37362
CVE-2023-37362 affects Weintek Weincloud v0.13.6. The issue is an improper authentication via the registration function that could allow an attacker to log in with testing credentials on the official site. Reported scores indicate high impact (NVD CVSSv3.1: 8.8; ICS-CERT: 7.2). Mitigation: Weinte...
CVE-2023-37362 Weintek Weincloud Improper Authentication
Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website...