Lucene search
K

138 matches found

Fedora
Fedora
added 2022/07/30 1:55 a.m.14 views

[SECURITY] Fedora 36 Update: golang-github-burntsushi-toml-test-0.2.0-12.20210108git9767d20.fc36

Toml-test is a higher-order program that tests other TOML decoders or encoder s. The goal is to make it comprehensive. Tests are divided into two groups: inva lid TOML data and valid TOML data. Decoders that reject invalid TOML data pass invalid TOML tests. Decoders that accept valid TOML data an...

7.2AI score
Exploits0
Fedora
Fedora
added 2022/07/04 1:35 a.m.30 views

[SECURITY] Fedora 36 Update: golang-github-burntsushi-toml-test-0.2.0-11.20210108git9767d20.fc36

Toml-test is a higher-order program that tests other TOML decoders or encoder s. The goal is to make it comprehensive. Tests are divided into two groups: inva lid TOML data and valid TOML data. Decoders that reject invalid TOML data pass invalid TOML tests. Decoders that accept valid TOML data an...

9.3CVSS8.7AI score0.05994EPSS
Exploits4
CNVD
CNVD
added 2022/03/18 12:0 a.m.19 views

Bosch Video Security Code Injection Vulnerability

Bosch Video Security is a video security system from Bosch, Germany. Used to connect to Bosch Ip cameras and encoders from around the world, experience instant video playback, full access to your recordings, forensic search of cameras with Bosch video analytics support, and smooth control of Ptz...

4.3CVSS6.3AI score0.00562EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2022/02/12 12:0 a.m.4 views

com.adaptrex:adaptrex-core (>=0.9.13 <=1.0-Alpha3), com.adaptrex:adaptrex-sandbox-core (>=0.9.13 <=1.0-Alpha3) +82 more potentially affected by CVE-2022-24289 via org.apache.cayenne:cayenne-server (>=3.0M4 <=4.1.RC2)

org.apache.cayenne:cayenne-server MAVEN version =3.0M4, =0.9.13, =0.9.13, =0.9.13, =0.9.13, =0.12, =0.8, =0.6, =1.6, =1.7, =1.7, =1.14, =1.23, =2.11, =2.10, =0.6.0.2, =0.7.3 and more Source cves: CVE-2022-24289 Source advisory: OSV:GHSA-C58C-W527-H77P...

8.8CVSS7.2AI score0.02197EPSS
Exploits0
Kitploit
Kitploit
added 2022/02/10 8:30 p.m.32 views

Php-Malware-Finder - Detect Potentially Malicious PHP Files

PHP-malware-finder does its very best to detect obfuscated/dodgy code as well as files using PHP functions often used in malwares/webshells. The following list of encoders/obfuscators/webshells are also detected: Bantam Best PHP Obfuscator Carbylamine Cipher Design Cyklodev Joes Web Tools...

7.3AI score
Exploits0References13
Kitploit
Kitploit
added 2021/04/10 9:30 p.m.530 views

Gotestwaf - Go Test WAF Is A Tool To Test Your WAF Detection Capabilities Against Different Types Of Attacks And By-Pass Techniques

An open-source Go project to test different web application firewalls WAF for detection logic and bypasses. How it works It is a 3-steps requests generation process that multiply amount of payloads to encoders and placeholders. Let's say you defined 2 payloads, 3 encoders Base64, JSON, and...

7.1AI score
Exploits0References1
Fedora
Fedora
added 2021/02/24 8:46 p.m.62 views

[SECURITY] Fedora 32 Update: mingw-flac-1.3.3-1.fc32

FLAC stands for Free Lossless Audio Codec. Grossly oversimplified, FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, flac, a command-line program to encode and decode FLAC files, metaflac, a command-line...

5.5CVSS4.1AI score0.03964EPSS
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2020/11/06 12:0 a.m.4 views

VulnCheck KEV: CVE-2020-24217

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. The file-upload endpoint does not enforce authentication. Attackers can send an unauthenticated HTTP request to upload a custom firmware component, possibly in conjunction with command injection, to...

9.8CVSS7.2AI score0.40302EPSS
Exploits5References1
0day.today
0day.today
added 2020/10/19 12:0 a.m.94 views

HiSilicon Video Encoders - Unauthenticated RTSP buffer overflow (DoS) Exploit

!/usr/bin/env bash Exploit Title: HiSilicon video encoders - unauthenticated RTSP buffer overflow DoS Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24214 Vendors: URayTech, J-Tech Digita...

9.8CVSS9.7AI score0.35393EPSS
Exploits4
Packet Storm
Packet Storm
added 2020/10/19 12:0 a.m.259 views

HiSilicon Video Encoder Backdoor Password

!/usr/bin/env bash Exploit Title: HiSilicon video encoders - full admin access via backdoor password Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24215 Vendors: URayTech, J-Tech Digital...

0.6AI score0.1976EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/10/19 12:0 a.m.412 views

HiSilicon video encoders - RCE via unauthenticated upload of malicious firmware

!/usr/bin/env bash Exploit Title: HiSilicon video encoders - RCE via unauthenticated upload of malicious firmware Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24217 Vendors: URayTech,...

9.8CVSS9.6AI score0.40302EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/10/19 12:0 a.m.271 views

HiSilicon Video Encoders - Full admin access via backdoor password

!/usr/bin/env bash Exploit Title: HiSilicon video encoders - full admin access via backdoor password Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24215 Vendors: URayTech, J-Tech Digital...

9.8CVSS9.7AI score0.1976EPSS
Exploits3
Exploit DB
Exploit DB
added 2020/10/19 12:0 a.m.225 views

HiSilicon Video Encoders - Unauthenticated RTSP buffer overflow (DoS)

!/usr/bin/env bash Exploit Title: HiSilicon video encoders - unauthenticated RTSP buffer overflow DoS Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: multiple vendors Software Link: N/A Version: vendor-specific Tested on: Linux CVE: CVE-2020-24214 Vendors: URayTech, J-Tech Digita...

9.8CVSS9.7AI score0.35393EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/10/19 12:0 a.m.310 views

HiSilicon Video Encoders - Unauthenticated file disclosure via path traversal

!/usr/bin/env bash Exploit Title: HiSilicon video encoders - unauthenticated file disclosure via path traversal Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: https://www.szuray.com/ Software Link: N/A Version: up to 1.97 Tested on: Linux CVE: CVE-2020-24219 Vendors: URayTech...

7.8CVSS7.7AI score0.23224EPSS
Exploits3
NVD
NVD
added 2020/10/06 2:15 p.m.7 views

CVE-2020-24216

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. When the administrator configures a secret URL for RTSP streaming, the stream is still available via its default name such as /0. Unauthenticated attackers can view video streams that are meant to b...

7.5CVSS0.02112EPSS
Exploits1References2
NVD
NVD
added 2020/10/06 2:15 p.m.10 views

CVE-2020-24217

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. The file-upload endpoint does not enforce authentication. Attackers can send an unauthenticated HTTP request to upload a custom firmware component, possibly in conjunction with command injection, to...

9.8CVSS0.40302EPSS
Exploits5References4
OSV
OSV
added 2020/10/06 2:15 p.m.5 views

CVE-2020-24218

An issue was discovered on URayTech IPTV/H.264/H.265 video encoders through 1.97. Attackers can log in as root via the password that is hard-coded in the executable file...

9.8CVSS7.3AI score0.01959EPSS
Exploits1References2
NVD
NVD
added 2020/10/06 2:15 p.m.12 views

CVE-2020-24219

An issue was discovered on URayTech IPTV/H.264/H.265 video encoders through 1.97. Attackers can send crafted unauthenticated HTTP requests to exploit path traversal and pattern-matching programming flaws, and retrieve any file from the device's file system, including the configuration file with t...

7.8CVSS0.23224EPSS
Exploits3References3
NVD
NVD
added 2020/10/06 2:15 p.m.12 views

CVE-2020-24218

An issue was discovered on URayTech IPTV/H.264/H.265 video encoders through 1.97. Attackers can log in as root via the password that is hard-coded in the executable file...

9.8CVSS0.01959EPSS
Exploits1References2
Prion
Prion
added 2020/10/06 2:15 p.m.17 views

Hardcoded credentials

An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. When the administrator configures a secret URL for RTSP streaming, the stream is still available via its default name such as /0. Unauthenticated attackers can view video streams that are meant to b...

5CVSS7.8AI score0.02112EPSS
Exploits1References2
Rows per page
Query Builder