CVE-2017-20212 FLIR Thermal Camera F/FC/PT/D 8.0.0.64 Information Disclosure via File Reading

FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64 contains an information disclosure vulnerability that allows unauthenticated attackers to read arbitrary files through unverified input parameters. Attackers can exploit the /var/www/data/controllers/api/xml.php readFile function to access...

CVE-2025-47334

Memory corruption while processing shared command buffer packet between camera userspace and kernel...

CVE-2019-7315

Genie Access WIP3BVAF WISH IP 3MP IR Auto Focus Bullet Camera devices through 3.x are vulnerable to directory traversal via the web interface, as demonstrated by reading /etc/shadow. NOTE: this product is discontinued, and its final firmware version has this vulnerability 4.x versions exist only...

CVE-2019-12920

On Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 devices, an attacker on the network can login remotely to the camera and gain root access. The device ships with a hardcoded 12345678 password for the root account, accessible from a TELNET login prompt...

CVE-2019-12919

On Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 devices, an attacker on the local network has unauthenticated access to the internal SD card via the HTTP service on port 8000. The HTTP web server on the camera allows anyone to view or download the video archive recorded and saved o...

CVE-2025-1056

Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has identified an issue with a specific file that the server is using. A non-admin user can modify this file to either create files or change the content of files in an admin-protected location. Axis has released a patched version...

CVE-2025-1738

A Password Transmitted over Query String vulnerability has been found in Trivision Camera NC227WF v5.8.0 from TrivisionSecurity, exposing this sensitive information to a third party...

CVE-2024-2995

A vulnerability was found in NUUO Camera up to 20240319 and classified as problematic. This issue affects some unknown processing of the file /deletefile.php. The manipulation of the argument filename leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed...

CVE-2025-1739

An Authentication Bypass vulnerability has been found in Trivision Camera NC227WF v5.8.0 from TrivisionSecurity. This vulnerability allows an attacker to retrieve administrator's credentials in cleartext by sending a request against the server using curl with random credentials to...

CVE-2025-1099

This vulnerability exists in Tapo C500 Wi-Fi camera due to hard-coded RSA private key embedded within the device firmware. An attacker with physical access could exploit this vulnerability to obtain cryptographic private keys which can then be used to perform impersonation, data decryption and ma...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm, Inc. A security vulnerability exists in Qualcomm Chipsets that stems from a potential memory corruption when processing shared command buffer packets between the camera's user space and the kernel...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000404)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000404 advisory. In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlinkcit.c aka the Xirlink camera USB driver mishandles invalid descriptors, aka CID-a246b4d54770. Tenabl...

CVE-2025-47380 Untrusted Pointer Dereference in Camera

Memory corruption while preprocessing IOCTLs in sensors...

CVE-2025-47380 Untrusted Pointer Dereference in Camera

Memory corruption while preprocessing IOCTLs in sensors...

CVE-2025-47380

CVE-2025-47380 is a memory corruption vulnerability in the sensors component that occurs during preprocessing of IOCTLs. Affected: the sensors functionality; root cause reported as memory corruption during IOCTL preprocessing. Documented impact indicates high severity with full confidentiality, i...

CVE-2025-47344 Time-of-check Time-of-use (TOCTOU) Race Condition in Camera Driver

Memory corruption while handling sensor utility operations...

CVE-2025-47344 Time-of-check Time-of-use (TOCTOU) Race Condition in Camera Driver

Memory corruption while handling sensor utility operations...

CVE-2025-47344

CVE-2025-47344 is linked to memory corruption in sensor utility handling (affecting Qualcomm chipsets and related camera/sensor drivers). The Red Hat, NVD, and CVE lists describe a local exploit surface with high impact to confidentiality, integrity, and availability, caused by issues in processi...

CVE-2025-47337

CVE-2025-47337 involves a memory corruption issue that occurs when accessing a synchronization object during concurrent operations. Multiple connected sources corroborate the description across vendors and schemes (e.g., Red Hat, NVD, CNNVD, CIRCL, and others), with no public exploit details prov...

CVE-2025-47337 Use After Free in Camera Driver

Memory corruption while accessing a synchronization object during concurrent operations...