177 matches found
Axis Communications AXIS OS Improper Validation of Specified Type of Input (CVE-2024-47262)
Dzmitry Lukyanenka, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API param.cgi was vulnerable to a race condition attack allowing for an attacker to block access to the web interface of the Axis device. Axis has released patched AXIS OS versions for this flaw. Endpoints not...
Axis Communications AXIS OS Improper Validation of Syntactic Correctness of Input (CVE-2024-6173)
A researcher in the AXIS OS Bug Bounty Program has found that a Guard Tour VAPIX API parameter accepted arbitrary values, which could let an attacker block access to the guard tour configuration page in the web interface of the Axis device. Axis has released patched AXIS OS versions for this flaw...
Axis Communications AXIS OS Cleartext Transmission of Sensitive Information (CVE-2024-0066)
A researcher in the AXIS OS Bug Bounty Program has found that a O3C feature may expose sensitive traffic between the client Axis device and O3C server. This issue does not apply if O3C is not used. Axis has released patched AXIS OS versions for this flaw. This plugin only works with Tenable.ot...
Axis Communications AXIS OS Improper Neutralization of Wildcards or Matching Symbols (CVE-2024-6509)
A researcher in the AXIS OS Bug Bounty Program has found that the VAPIX API alwaysmulti.cgi was vulnerable for file globbing which could lead to resource exhaustion of the Axis device. Axis has released patched AXIS OS versions for this flaw. This plugin only works with Tenable.ot. Please visit...
Axis Communications AXIS OS Improper Neutralization of Wildcards or Matching Symbols (CVE-2024-0055)
A researcher in the AXIS OS Bug Bounty Program has found that the VAPIX APIs mediaclip.cgi and playclip.cgi were vulnerable for file globbing which could lead to a resource exhaustion attack. Axis has released patched AXIS OS versions for this flaw. This plugin only works with Tenable.ot. Please...
Axis Communications AXIS OS Improper Validation of Specified Type of Input (CVE-2024-47261)
A researcher in the AXIS OS Bug Bounty Program has found that the VAPIX API uploadoverlayimage.cgi did not have sufficient input validation to allow an attacker to upload files to block access to create image overlays in the web interface of the Axis device. Axis has released patched AXIS OS...
Axis Communications AXIS OS Improper Neutralization of Wildcards or Matching Symbols (CVE-2024-0054)
A researcher in the AXIS OS Bug Bounty Program has found that the VAPIX APIs locallist.cgi, createoverlay.cgi and irissetup.cgi were vulnerable for file globbing which could lead to a resource exhaustion attack. Axis has released patched AXIS OS versions for this flaw. This plugin only works with...
AXIS OS 安全漏洞
AXIS OS is an operating system for edge devices developed by Axis, a Swedish company. There is a security vulnerability in AXIS OS, which stems from improper input validation during the installation process. This vulnerability may lead to privilege escalation. This vulnerability can only be...
AXIS OS 安全漏洞
AXIS OS is an operating system for edge devices developed by Axis, a Swedish company. There is a security vulnerability in AXIS OS, which stems from improper validation of configuration file inputs in the local file system. This vulnerability may allow code execution and potentially escalate...
AXIS OS 安全漏洞
AXIS OS is an operating system for edge devices developed by Axis, a Swedish company. There is a security vulnerability in AXIS OS, which stems from insufficient input validation in configuration files. This vulnerability may lead to command injection and potentially allow for privilege escalatio...
AXIS OS 安全漏洞
AXIS OS is an edge device operating system developed by AXIS, a company from Sweden. There is a security vulnerability in AXIS OS, which stems from insufficient input validation. This vulnerability may allow for the execution of remote code after authentication is performed using a service accoun...
AXIS OS 安全漏洞
AXIS OS is an edge device operating system from Swedish company Axis AXIS. AXIS OS has a security vulnerability that originates from the ability to upload a file with a specific name to a temporary directory, which could cause a process crash and affect availability...
AXIS OS 安全漏洞
AXIS OS is an edge device operating system from the Swedish company Axis AXIS. AXIS OS has a security vulnerability that stems from an unquoted search path vulnerability that could lead to elevation of privilege in Microsoft Windows operating systems...
AXIS OS 安全漏洞
AXIS OS is an edge device operating system from Axis Sweden. AXIS OS has a security vulnerability that stems from improper ACAP configuration file permissions, which could lead to command injection and elevation of privilege...
EUVD-2024-54215
Malicious code in bioql PyPI...
EUVD-2023-25584
Malicious code in bioql PyPI...
EUVD-2024-49553
Malicious code in bioql PyPI...
EUVD-2023-58083
Malicious code in bioql PyPI...
EUVD-2023-25582
Malicious code in bioql PyPI...
EUVD-2023-25583
Malicious code in bioql PyPI...