Lucene search
+L

397 matches found

Cvelist
Cvelist
added 2026/03/03 2:40 a.m.35 views

CVE-2026-20757

Improper Locking vulnerability CWE-667 in Gallagher Morpho integration allows a privileged operator to cause a limited denial-of-service in the Command Centre Server. This issue affects Command Centre Server: 9.40 prior to vEL9.40.1976MR1, 9.30 prior to vEL9.30.3382 MR4, 9.20 prior to vEL9.20.378...

2.5CVSS0.00069EPSS
Exploits0References1
CVE
CVE
added 2026/03/03 2:40 a.m.12 views

CVE-2026-20757

CVE-2026-20757 is an Improper Locking (CWE-667) vulnerability in the Gallagher Morpho integration affecting the Command Centre Server. Affected versions include 9.40 before vEL9.40.1976(MR1), 9.30 before vEL9.30.3382(MR4), 9.20 before vEL9.20.3783(MR6), 9.10 before vEL9.10.4647(MR9), and all 9.00...

2.5CVSS5.9AI score0.00069EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/03 2:40 a.m.4 views

CVE-2026-20757

Improper Locking vulnerability CWE-667 in Gallagher Morpho integration allows a privileged operator to cause a limited denial-of-service in the Command Centre Server. This issue affects Command Centre Server: 9.40 prior to vEL9.40.1976MR1, 9.30 prior to vEL9.30.3382 MR4, 9.20 prior to vEL9.20.378...

2.5CVSS5.9AI score0.00069EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/03 2:40 a.m.6 views

EUVD-2026-9275

Improper Locking vulnerability CWE-667 in Gallagher Morpho integration allows a privileged operator to cause a limited denial-of-service in the Command Centre Server. This issue affects Command Centre Server: 9.40 prior to vEL9.40.1976MR1, 9.30 prior to vEL9.30.3382 MR4, 9.20 prior to vEL9.20.378...

2.5CVSS5.9AI score0.00069EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/03 12:0 a.m.7 views

Gallagher Command Centre Server 安全漏洞

The Gallagher Command Centre Server is a management system developed by the New Zealand-based Gallagher company, used for monitoring and managing infrastructure within buildings. There is a security vulnerability in the Gallagher Command Centre Server, caused by improper locking mechanisms, which...

2.5CVSS5.8AI score0.00069EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.10 views

PT-2026-22717

Cleartext Transmission of Sensitive Information CWE-319 in a component used in the Gallagher Hanwha VMS and Gallagher NxWitness VMS integrations allows unprivileged users with local network access to view live video streams. This issue affects all versions of Gallagher NxWitness VMS integration...

5.6CVSS5.9AI score0.00102EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/03 12:0 a.m.7 views

Gallagher Command Centre Mobile Client 安全漏洞

Gallagher Command Centre Mobile Client is a mobile application developed by the New Zealand-based company Gallagher. Versions of Gallagher Command Centre Mobile Client prior to version 9.40.123 contained security vulnerabilities. These vulnerabilities stemmed from the storage of sensitive...

5.7CVSS5.8AI score0.00071EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.6 views

PT-2026-22716

Improper Locking vulnerability CWE-667 in Gallagher Morpho integration allows a privileged operator to cause a limited denial-of-service in the Command Centre Server. This issue affects Command Centre Server: 9.40 prior to vEL9.40.1976MR1, 9.30 prior to vEL9.30.3382 MR4, 9.20 prior to vEL9.20.378...

2.5CVSS5.9AI score0.00069EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/03 12:0 a.m.9 views

Gallagher NxWitness VMS 安全漏洞

Gallagher NxWitness VMS is a video management system developed by the New Zealand-based Gallagher company. Versions of Gallagher NxWitness VMS prior to 9.10.017 and 9.10.025 contained security vulnerabilities. These vulnerabilities stemmed from the transmission of sensitive information in plainte...

5.6CVSS5.8AI score0.00102EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 10:0 a.m.16 views

CVE-2020-7215

An issue was discovered in Gallagher Command Centre 7.x before 7.90.991MR5, 8.00 before 8.00.1161MR5, and 8.10 before 8.10.1134MR4. External system configuration data used for third party integrations such as DVR systems were logged in the Command Centre event trail. Any authenticated operator wi...

5.5CVSS7AI score0.00301EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:41 a.m.12 views

CVE-2022-26348

Command Centre Server is vulnerable to SQL Injection via Windows Registry settings for date fields on the server. The Windows Registry setting allows an attacker using the Visitor Management Kiosk, an application designed for public use, to invoke an arbitrary SQL query that has been preloaded in...

8.2CVSS7.9AI score0.00266EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:41 a.m.9 views

CVE-2022-26078

Gallagher Controller 6000 is vulnerable to a Denial of Service attack via conflicting ARP packets with a duplicate IP address. This issue affects: Gallagher Gallagher Controller 6000 vCR8.60 versions prior to 220303a; vCR8.50 versions prior to 220303a; vCR8.40 versions prior to 220303a; vCR8.30...

7.8CVSS6.7AI score0.00845EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:34 a.m.8 views

CVE-2024-41724

Improper Certificate Validation CWE-295 in the Gallagher Command Centre SALTO integration allowed an attacker to spoof the SALTO server. This issue affects all versions of Gallagher Command Centre prior to 9.20.1043...

8.7CVSS6.7AI score0.00178EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.8 views

Gallagher HBUS Devices 安全漏洞

Gallagher HBUS Devices is a family of access control and alarm peripheral devices from Gallagher New Zealand. A security vulnerability exists in Gallagher HBUS Devices that stems from improper use of seeds in the pseudo-random number generator, which could result in corrupting internal device...

5.7CVSS6.7AI score0.00142EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.6 views

Gallagher T-Series Reader 安全漏洞

The Gallagher T-Series Reader is a card reader in an access control system from Gallagher of New Zealand. A security vulnerability exists in the Gallagher T-Series Reader that stems from improper resource release and could lead to a denial of service attack...

2.4CVSS6.5AI score0.00157EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.6 views

Gallagher HBUS Devices 安全漏洞

Gallagher HBUS Devices is a family of access control and alarm peripheral devices from Gallagher New Zealand. A security vulnerability exists in Gallagher HBUS Devices that stems from an observable timing difference that could lead to the extraction of device-specific keys...

5.7CVSS6.5AI score0.00142EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/24 4:9 a.m.9 views

CVE-2025-48428

Cleartext Storage of Sensitive Information CWE-312 in the Gallagher Morpho integration could allow an authenticated user with access to the Command Centre Server to export a specific signing key while in use allowing them to deploy a compromised or counterfeit device on that site. This issue...

6.7CVSS6.7AI score0.00094EPSS
Exploits0References1
NVD
NVD
added 2025/10/23 4:16 a.m.7 views

CVE-2025-47699

Exposure of Sensitive System Information to an Unauthorized Control Sphere CWE-497 in the Gallagher Morpho integration could allow an authenticated operator with limited site permissions to make critical changes to local Morpho devices. This issue affects Command Centre Server: 9.30 prior to...

9.9CVSS0.00309EPSS
Exploits0References1
NVD
NVD
added 2025/10/23 4:16 a.m.7 views

CVE-2025-48428

Cleartext Storage of Sensitive Information CWE-312 in the Gallagher Morpho integration could allow an authenticated user with access to the Command Centre Server to export a specific signing key while in use allowing them to deploy a compromised or counterfeit device on that site. This issue...

6.7CVSS0.00094EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/23 3:39 a.m.4 views

EUVD-2025-35648

Cleartext Storage of Sensitive Information CWE-312 in the Gallagher Morpho integration could allow an authenticated user with access to the Command Centre Server to export a specific signing key while in use allowing them to deploy a compromised or counterfeit device on that site. This issue...

6.7CVSS6.2AI score0.00094EPSS
Exploits0References2
Rows per page
Query Builder