26 matches found
EUVD-2025-16466
Malicious code in bioql PyPI...
EUVD-2025-16464
Malicious code in bioql PyPI...
EUVD-2025-16465
Malicious code in bioql PyPI...
CVE-2025-41406
Cross-site scripting vulnerability exists in wivia 5 all versions. If exploited, when a user connects to the affected device with a specific operation, an arbitrary script may be executed on the web browser of the moderator user...
CVE-2025-47697
Client-side enforcement of server-side security issue exists in wivia 5 all versions. If exploited, an unauthenticated attacker may bypass authentication and operate the affected device as the moderator user...
CVE-2025-41385
An OS Command Injection issue exists in wivia 5 all versions. If this vulnerability is exploited, an arbitrary OS command may be executed by a logged-in administrative user...
CVE-2025-47697
Client-side enforcement of server-side security issue exists in wivia 5 all versions. If exploited, an unauthenticated attacker may bypass authentication and operate the affected device as the moderator user...
CVE-2025-41406
Cross-site scripting vulnerability exists in wivia 5 all versions. If exploited, when a user connects to the affected device with a specific operation, an arbitrary script may be executed on the web browser of the moderator user...
CVE-2025-41385
An OS Command Injection issue exists in wivia 5 all versions. If this vulnerability is exploited, an arbitrary OS command may be executed by a logged-in administrative user...
Multiple vulnerabilities in wivia 5
Overview wivia 5 provided by UCHIDA YOKO CO., LTD. contains multiple vulnerabilities listed below. OS Command Injection CWE-78 - CVE-2025-41385 Cross-site Scripting CWE-79 - CVE-2025-41406 Client-Side Enforcement of Server-Side Security CWE-602 - CVE-2025-47697 Shogo Iyota of GMO Cybersecurity by...
CVE-2025-47697
Client-side enforcement of server-side security issue exists in wivia 5 all versions. If exploited, an unauthenticated attacker may bypass authentication and operate the affected device as the moderator user...
CVE-2025-47697
Client-side enforcement of server-side security issue exists in wivia 5 all versions. If exploited, an unauthenticated attacker may bypass authentication and operate the affected device as the moderator user...
CVE-2025-47697
CVE-2025-47697 concerns the product wivia 5 (all versions), where a client-side enforcement of server-side security issue (CWE-602) could let an unauthenticated attacker bypass authentication and operate the device as the moderator user. The affected component is the web/app interface for wivia 5...
CVE-2025-41406
Cross-site scripting vulnerability exists in wivia 5 all versions. If exploited, when a user connects to the affected device with a specific operation, an arbitrary script may be executed on the web browser of the moderator user...
CVE-2025-41406
Cross-site scripting vulnerability exists in wivia 5 all versions. If exploited, when a user connects to the affected device with a specific operation, an arbitrary script may be executed on the web browser of the moderator user...
CVE-2025-41406
CVE-2025-41406 affects wivia 5 all versions. Connected sources confirm a Cross-site Scripting (CWE-79) flaw where, when a user connects to the affected device with a specific operation, an arbitrary script can execute in the moderator’s web browser. No explicit exploit details are provided in the...
CVE-2025-41385
An OS Command Injection issue exists in wivia 5 all versions. If this vulnerability is exploited, an arbitrary OS command may be executed by a logged-in administrative user...
CVE-2025-41385
An OS Command Injection issue exists in wivia 5 all versions. If this vulnerability is exploited, an arbitrary OS command may be executed by a logged-in administrative user...
CVE-2025-41385
Summary: CVE-2025-41385 is an OS command injection vulnerability in wivia 5 (all versions). The issue allows a logged-in administrative user to execute arbitrary OS commands due to an injection flaw in the product. The CVSS-derived assessments in the provided documents indicate high impact to con...
PT-2025-23262 · Wivia 5 · Wivia 5
Name of the Vulnerable Software and Affected Versions: Wivia 5 affected versions not specified Description: A client-side enforcement of server-side security issue exists. If exploited, an unauthenticated attacker may bypass authentication and operate the affected device as the moderator user...