7660 matches found
Grandsteam GXV3611_HD camera is vulnerable to SQL injection
Overview The Grandsteam GXV3611HD is an IP network camera used for surveillance and security. The Grandsteam GXV3611HD is vulnerable to a SQL injection attack. Description CWE-89: Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' - CVE-2015-2866The Grandstream...
Samsung Flaw Lets Hacker Easily Take Control of Your Galaxy Mobile Remotely
More than 600 Million users of Samsung Galaxy smartphones, including the newly released Galaxy S6, are potentially vulnerable to a software bug that allows hackers to secretly monitor the phone's camera and microphone, read text messages and install malicious apps. The vulnerability is due to a...
Fedora 20 : armacycles-ad-0.2.8.3.3-1.fc20 (2015-9527)
Changes since 0.2.8.3.2 : - security fix: do not read ahead of the beginning of network buffer. - security fix: don't attribute network errors from processing random packets to the connection to the server - security fix: while at it, don't process random packets unless they may be important - fi...
Fedora 21 : armacycles-ad-0.2.8.3.3-1.fc21 (2015-9504)
Changes since 0.2.8.3.2 : - security fix: do not read ahead of the beginning of network buffer. - security fix: don't attribute network errors from processing random packets to the connection to the server - security fix: while at it, don't process random packets unless they may be important - fi...
[SECURITY] Fedora 20 Update: ufraw-0.21-1.fc20
UFRaw is a tool for opening raw format images of digital cameras...
Use-After-Free camera driver exploit
A use-after-free vulnerability in the camera driver of Qualcomm MSM 7x30 SoCs...
Dahua camera ddns settings have a design flaw
Zhejiang Dahua Technology Co., Ltd. is a leading supplier of surveillance products and solution service providers, providing leading video storage, front-end, display control and intelligent transportation products for the world. Dahua camera ddns settings have a security vulnerability, allowing...
FTP Media Server 3.0 - Authentication Bypass / Denial of Service
!/usr/bin/env python ================================================================================== Exploit Title: FTP Media Server 3.0 - Authentication Bypass and Denial of Service Date: 2015-05-25 Exploit Author: Wh1t3Rh1n0 Michael Allen Exploit Author's Homepage: http://www.mikeallen.org...
Denial of Service Vulnerability in Various Y-Cam Products
Y-Cam camera is a wireless network security surveillance camera system from Y-cam. A denial-of-service vulnerability exists in several Y-Cam products, which allows remote, authenticated users to exploit the vulnerability to cause a denial of service...
CVE-2014-1902
Multiple cross-site scripting XSS vulnerabilities in Y-Cam camera models SD range YCB003, YCK003, and YCW003; S range YCB004, YCK004, YCW004; EyeBall YCEB03; Bullet VGA YCBL03 and YCBLB3; Bullet HD 720 YCBLHD5; Y-cam Classic Range YCB002, YCK002, and YCW003; and Y-cam Original Range YCB001, YCW00...
CVE-2014-1901
Y-Cam camera models SD range YCB003, YCK003, and YCW003; S range YCB004, YCK004, YCW004; EyeBall YCEB03; Bullet VGA YCBL03 and YCBLB3; Bullet HD 720 YCBLHD5; Y-cam Classic Range YCB002, YCK002, and YCW003; and Y-cam Original Range YCB001, YCW001, running firmware 4.30 and earlier, allow remote...
CVE-2014-1900
Y-Cam camera models SD range YCB003, YCK003, and YCW003; S range YCB004, YCK004, YCW004; EyeBall YCEB03; Bullet VGA YCBL03 and YCBLB3; Bullet HD 720 YCBLHD5; Y-cam Classic Range YCB002, YCK002, and YCW003; and Y-cam Original Range YCB001, YCW001, running firmware 4.30 and earlier, allow remote...
Authentication flaw
Y-Cam camera models SD range YCB003, YCK003, and YCW003; S range YCB004, YCK004, YCW004; EyeBall YCEB03; Bullet VGA YCBL03 and YCBLB3; Bullet HD 720 YCBLHD5; Y-cam Classic Range YCB002, YCK002, and YCW003; and Y-cam Original Range YCB001, YCW001, running firmware 4.30 and earlier, allow remote...
Authentication flaw
Y-Cam camera models SD range YCB003, YCK003, and YCW003; S range YCB004, YCK004, YCW004; EyeBall YCEB03; Bullet VGA YCBL03 and YCBLB3; Bullet HD 720 YCBLHD5; Y-cam Classic Range YCB002, YCK002, and YCW003; and Y-cam Original Range YCB001, YCW001, running firmware 4.30 and earlier, allow remote...
CVE-2014-1902
CVE-2014-1902 covers multiple XSS vulnerabilities in Y-Cam cameras (SD range YCB003/YCK003/YCW003; S range YCB004/YCK004/YCW004; EyeBall YCEB03; Bullet VGA YCBL03/YCBLB3; Bullet HD 720 YCBLHD5; Classic YCB002/YCK002/YCW003; Original YCB001/YCW001), all affected by firmware 4.30 and earlier. The i...
CVE-2014-1901
CVE-2014-1901 affects Y-Cam camera models and ranges (firmware 4.30 and earlier). The vulnerability allows remote authenticated users to cause a denial of service (reboot) by sending malformed parameters to en/store_main.asp, en/account/accedit.asp, or en/smtpclient.asp. Note: the issue can be ex...
CVE-2014-1900
CVE-2014-1900 affects multiple Y-Cam models (SD, S, EyeBall, Bullet, Classic, Original ranges) with firmware 4.30 and earlier. The issue allows remote attackers to bypass authentication and obtain sensitive information by sending a request to en/account/accedit.asp with a leading "./" sequence in...
CVE-2014-1902
Multiple cross-site scripting XSS vulnerabilities in Y-Cam camera models SD range YCB003, YCK003, and YCW003; S range YCB004, YCK004, YCW004; EyeBall YCEB03; Bullet VGA YCBL03 and YCBLB3; Bullet HD 720 YCBLHD5; Y-cam Classic Range YCB002, YCK002, and YCW003; and Y-cam Original Range YCB001, YCW00...
CVE-2014-1900
Y-Cam camera models SD range YCB003, YCK003, and YCW003; S range YCB004, YCK004, YCW004; EyeBall YCEB03; Bullet VGA YCBL03 and YCBLB3; Bullet HD 720 YCBLHD5; Y-cam Classic Range YCB002, YCK002, and YCW003; and Y-cam Original Range YCB001, YCW001, running firmware 4.30 and earlier, allow remote...
Zhejiang Dahua camera has authentication vulnerability
Zhejiang Dahua Technology Co., Ltd. is a leading supplier of surveillance products and solution service providers, providing leading video storage, front-end, display control and intelligent transportation series of products for the world. A man-in-the-middle attack-based authentication...