16 matches found
EUVD-2025-16466
Malicious code in bioql PyPI...
EUVD-2025-16464
Malicious code in bioql PyPI...
EUVD-2025-16465
Malicious code in bioql PyPI...
CVE-2025-41406
Cross-site scripting vulnerability exists in wivia 5 all versions. If exploited, when a user connects to the affected device with a specific operation, an arbitrary script may be executed on the web browser of the moderator user...
CVE-2025-47697
Client-side enforcement of server-side security issue exists in wivia 5 all versions. If exploited, an unauthenticated attacker may bypass authentication and operate the affected device as the moderator user...
CVE-2025-41385
An OS Command Injection issue exists in wivia 5 all versions. If this vulnerability is exploited, an arbitrary OS command may be executed by a logged-in administrative user...
CVE-2025-41406
Cross-site scripting vulnerability exists in wivia 5 all versions. If exploited, when a user connects to the affected device with a specific operation, an arbitrary script may be executed on the web browser of the moderator user...
CVE-2025-41385
An OS Command Injection issue exists in wivia 5 all versions. If this vulnerability is exploited, an arbitrary OS command may be executed by a logged-in administrative user...
CVE-2025-47697
Client-side enforcement of server-side security issue exists in wivia 5 all versions. If exploited, an unauthenticated attacker may bypass authentication and operate the affected device as the moderator user...
CVE-2025-47697
Client-side enforcement of server-side security issue exists in wivia 5 all versions. If exploited, an unauthenticated attacker may bypass authentication and operate the affected device as the moderator user...
CVE-2025-41406
CVE-2025-41406 affects wivia 5 all versions. Connected sources confirm a Cross-site Scripting (CWE-79) flaw where, when a user connects to the affected device with a specific operation, an arbitrary script can execute in the moderator’s web browser. No explicit exploit details are provided in the...
CVE-2025-41385
An OS Command Injection issue exists in wivia 5 all versions. If this vulnerability is exploited, an arbitrary OS command may be executed by a logged-in administrative user...
PT-2025-23262 · Wivia 5 · Wivia 5
Name of the Vulnerable Software and Affected Versions: Wivia 5 affected versions not specified Description: A client-side enforcement of server-side security issue exists. If exploited, an unauthenticated attacker may bypass authentication and operate the affected device as the moderator user...
PT-2025-23261 · Wivia 5 · Wivia 5
Name of the Vulnerable Software and Affected Versions: Wivia 5 affected versions not specified Description: A cross-site scripting issue exists. If exploited, when a user connects to the affected device with a specific operation, an arbitrary script may be executed on the web browser of the...
JVN#51394666: Multiple vulnerabilities in wivia 5
wivia 5 provided by UCHIDA YOKO CO., LTD. contains multiple vulnerabilities listed below. OS Command Injection CWE-78 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 7.1 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H Base Score 6.7 CVE-2025-41385 Cross-site Scripting CWE-...
PT-2025-23260 · Wivia 5 · Wivia 5
Name of the Vulnerable Software and Affected Versions: Wivia 5 affected versions not specified Description: There is an issue with OS command injection in Wivia 5. If this issue is exploited, a logged-in administrative user could execute an arbitrary OS command. Recommendations: At the moment,...