Lucene search
K

442 matches found

Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.19 views

PT-2026-37354

A remote code execution vulnerability exists in Notification Settings on GeoVision GV-ASWeb 6.2.0. An authenticated user with System Setting permissions can execute arbitrary commands on the server by sending a crafted HTTP POST request to the ASWebCommon.srf backend endpoint to bypass the fronte...

8.8CVSS6.7AI score0.00593EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.11 views

Geovision GV-ASWeb 代码注入漏洞

Geovision GV-ASWeb is a web-based software developed by Geovision Corporation. It is used for remote access and configuration of the GV-ASManager’s database. Version 6.2.0 of Geovision GV-ASWeb contains a code injection vulnerability. This vulnerability stems from a remote code execution issue in...

8.8CVSS6.6AI score0.00593EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/05 8:20 a.m.17 views

CVE-2026-7372

A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability. Stack-overflow via...

9CVSS6.5AI score0.00463EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/05 8:20 a.m.13 views

CVE-2026-42368

A privilege escalation vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to execute priviledged operation. An attacker can visit a webpage to trigger this vulnerability...

9.9CVSS5.9AI score0.00348EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/05 8:20 a.m.12 views

CVE-2026-7161

An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...

9.3CVSS5.8AI score0.00214EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/05 8:20 a.m.9 views

CVE-2026-42364

An os command injection vulnerability exists in the DdnsSetting.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted DDNS configuration can lead to arbitrary command execution. An attacker can modify a configuration value to trigger this vulnerability...

9.9CVSS6AI score0.01606EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/05 8:20 a.m.10 views

CVE-2026-42370

A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

9.8CVSS6.2AI score0.00534EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/05 8:20 a.m.10 views

CVE-2026-42367

A privilege escalation vulnerability exists in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to credentials leak. An attacker can visit a webpage to trigger this vulnerability...

6.5CVSS5.8AI score0.00271EPSS
Exploits0References1
NVD
NVD
added 2026/05/04 1:16 a.m.32 views

CVE-2026-42368

A privilege escalation vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to execute priviledged operation. An attacker can visit a webpage to trigger this vulnerability...

9.9CVSS0.00348EPSS
Exploits0References3
NVD
NVD
added 2026/05/04 1:16 a.m.10 views

CVE-2026-42370

A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

9.8CVSS0.00534EPSS
Exploits0References3
NVD
NVD
added 2026/05/04 1:16 a.m.9 views

CVE-2026-7372

A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability. Stack-overflow via...

9CVSS0.00463EPSS
Exploits0References2
NVD
NVD
added 2026/05/04 1:16 a.m.35 views

CVE-2026-7161

An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...

9.3CVSS0.00214EPSS
Exploits0References3
NVD
NVD
added 2026/05/04 1:16 a.m.11 views

CVE-2026-7371

Multiple reflected cross-site scripting xss vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this...

7.4CVSS0.00196EPSS
Exploits0References2
NVD
NVD
added 2026/05/04 1:16 a.m.11 views

CVE-2026-42365

A guessable session cookie vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted series of HTTP requests can lead to an authentication bypas. An attacker can bruteforce session cookies to trigger this vulnerability...

8.6CVSS0.00329EPSS
Exploits0References3
NVD
NVD
added 2026/05/04 1:16 a.m.21 views

CVE-2026-42366

Multiple reflected cross-site scripting xss vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerabili...

7.4CVSS0.00196EPSS
Exploits0References2
NVD
NVD
added 2026/05/04 1:16 a.m.15 views

CVE-2026-42364

An os command injection vulnerability exists in the DdnsSetting.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted DDNS configuration can lead to arbitrary command execution. An attacker can modify a configuration value to trigger this vulnerability...

9.9CVSS0.01606EPSS
Exploits0References3
NVD
NVD
added 2026/05/04 1:16 a.m.8 views

CVE-2026-42367

A privilege escalation vulnerability exists in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to credentials leak. An attacker can visit a webpage to trigger this vulnerability...

6.5CVSS0.00271EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/04 12:48 a.m.36 views

CVE-2026-42370 GeoVision GV-VMS V20 WebCam Server Login stack overflow vulnerability

A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

9CVSS0.00534EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/04 12:48 a.m.7 views

CVE-2026-42370 GeoVision GV-VMS V20 WebCam Server Login stack overflow vulnerability

A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

9CVSS6.2AI score0.00534EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/04 12:48 a.m.11 views

EUVD-2026-26861

A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

9CVSS6.2AI score0.00534EPSS
Exploits0References2
Rows per page
Query Builder