CVE-2025-54379
- EPSS 0.13%
- Veröffentlicht 24.07.2025 23:15:26
- Zuletzt bearbeitet 10.10.2025 21:37:36
LF Edge eKuiper is a lightweight IoT data analytics and stream processing engine running on resource-constraint edge devices. In versions before 2.2.1, there is a critical SQL Injection vulnerability in the getLast API functionality of the eKuiper pr...
CVE-2024-52290
- EPSS 0.06%
- Veröffentlicht 14.05.2025 07:19:50
- Zuletzt bearbeitet 11.07.2025 16:20:52
LF Edge eKuiper is a lightweight internet of things (IoT) data analytics and stream processing engine. Prior to version 2.1.0 user with rights to modificate the service (e.g. kuiperUser role) can inject a cross-site scripting payload into Connection ...
CVE-2024-52812
- EPSS 0.28%
- Veröffentlicht 10.03.2025 17:52:13
- Zuletzt bearbeitet 10.03.2025 18:15:29
LF Edge eKuiper is an internet-of-things data analytics and stream processing engine. Prior to version 2.0.8, auser with rights to modify the service (e.g. kuiperUser role) can inject a cross-site scripting payload into the rule `id` parameter. Then,...
CVE-2024-43406
- EPSS 1.93%
- Veröffentlicht 20.08.2024 15:15:24
- Zuletzt bearbeitet 26.08.2024 18:30:13
LF Edge eKuiper is a lightweight IoT data analytics and stream processing engine running on resource-constraint edge devices. A user could utilize and exploit SQL Injection to allow the execution of malicious SQL query via Get method in sqlKvStore. T...