Malicious Package

Overview test-pkg-x5 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

📄 Ilevia EVE X1/X5 Server 4.7.18.0.eden Root Privilege Escalation

A critical privilege escalation vulnerability exists in Ilevia EVE X1/X5 Server versions 4.7.18.0.eden and below. This is a proof of concept exploit written in PHP...

Ilevia EVE X1/X5 Server 4.7.18.0.eden Authenticated Remote Command Injections

Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...

Ilevia EVE X1/X5 Server 4.7.18.0.eden Insecure Hashing Algorithm

Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...

EUVD-2006-1947

Malware in sbrugna...

EUVD-2019-6384

Malware in sbrugna...

EUVD-2025-6667

Malicious code in bioql PyPI...

EUVD-2025-6666

Malicious code in bioql PyPI...

EUVD-2025-7236

Malicious code in bioql PyPI...

EUVD-2025-29644

Malicious code in bioql PyPI...

CVE-2025-34187

Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a misconfiguration in the sudoers file that allows passwordless execution of certain Bash scripts. If these scripts are writable by web-facing users or accessible via command injection, attackers can replace them with malicious payloads...

CVE-2025-34186

Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a vulnerability in its authentication mechanism. Unsanitized input is passed to a system call for authentication, allowing attackers to inject special characters and manipulate command parsing. Due to the binary's interpretation of non-zero...

CVE-2025-34186

Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a vulnerability in its authentication mechanism. Unsanitized input is passed to a system call for authentication, allowing attackers to inject special characters and manipulate command parsing. Because the binary interprets non-zero exit...

CVE-2025-34186 Ilevia EVE X1/X5 Server 4.7.18.0.eden Authentication Bypass

Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a vulnerability in its authentication mechanism. Unsanitized input is passed to a system call for authentication, allowing attackers to inject special characters and manipulate command parsing. Because the binary interprets non-zero exit...

Ilevia EVE X1 Server和Ilevia EVE X5 Server 安全漏洞

Ilevia EVE X1 Server and Ilevia EVE X5 Server are both a smart home and building automation from Ilevia, Italy. A security vulnerability exists in Ilevia EVE X1 Server and Ilevia EVE X5 Server versions 4.7.18.0.eden and earlier, which stems from uncleaned inputs in the authentication mechanism...

PT-2025-38076

Name of the Vulnerable Software and Affected Versions Ilevia EVE X1/X5 Server versions prior to 4.7.18.0.eden Description The Ilevia EVE X1/X5 Server authentication mechanism has a flaw where unsanitized input is passed to a system call during authentication. This allows attackers to inject speci...

Ilevia EVE X1 Server和Ilevia EVE X5 Server 安全漏洞

Ilevia EVE X1 Server and Ilevia EVE X5 Server are both a smart home and building automation from Ilevia, Italy. A security vulnerability exists in Ilevia EVE X1 Server and Ilevia EVE X5 Server versions 4.7.18.0.eden and earlier, which stems from a misconfigured sudoers file and could lead to remo...

PT-2025-38077

Name of the Vulnerable Software and Affected Versions: Ilevia EVE X1/X5 Server versions prior to 4.7.18.0.eden Description: Ilevia EVE X1/X5 Server contains a misconfiguration in the sudoers file that allows passwordless execution of certain Bash scripts. If these scripts are writable by web-faci...

Ilevia EVE X1/X5 Server 4.7.18.0.eden Reverse Rootshell

Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...

Ilevia EVE X1/X5 Server 4.7.18.0.eden Authentication Bypass Exploit

Summary EVE is a smart home and building automation solution designed for both residential and commercial environments, including malls, hotels, restaurants, bars, gyms, spas, boardrooms, and offices. It enables comprehensive control and monitoring of electrical installations through a highly...