Lucene search
K

442 matches found

NVD
NVD
added 2026/07/02 4:17 a.m.9 views

CVE-2026-57276

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS0.00286EPSS
Exploits0References2
NVD
NVD
added 2026/07/02 4:17 a.m.12 views

CVE-2026-13132

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS0.00215EPSS
Exploits0References2
NVD
NVD
added 2026/07/02 4:17 a.m.13 views

CVE-2026-57265

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS0.00215EPSS
Exploits0References2
NVD
NVD
added 2026/07/02 4:17 a.m.6 views

CVE-2026-13125

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.8CVSS0.00227EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 2:26 a.m.25 views

CVE-2026-57278

GeoWebPlayer (Web Plugin/WS Player) vulnerable to a stack-based buffer overflow in the connectInfo handler, specifically in the ip field (conn_info.ip_or_host) with unbounded JSON input. TALOS confirms multiple CVEs in the same connectInfo codepath, including potential arbitrary code execution in...

8.3CVSS5.9AI score0.0028EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 2:25 a.m.16 views

CVE-2026-57277

CVE-2026-57277 affects GeoWebPlayer (Web Plugin/WS Player) GeoVision GeoWebPlayer Websocket Server connectInfo handler. The vulnerability is a stack-based buffer overflow in the key field (buffer key_blob[17]), caused by copying attacker-controlled JSON fields into fixed-size buffers without prop...

8.3CVSS5.9AI score0.0028EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 2:24 a.m.15 views

CVE-2026-57275

Geovision GeoWebPlayer Websocket Server connectInfo handler is vulnerable to stack-based buffer overflows in multiple fields when handling JSON input (username, password, username_enc, password_enc, key, ip). Affected product: GeoWebPlayer (GeoVision software family), with version context cited b...

8.3CVSS5.9AI score0.00286EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/02 2:24 a.m.9 views

EUVD-2026-41236

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.9AI score0.00286EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/02 2:24 a.m.7 views

CVE-2026-57274

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.9AI score0.00286EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/02 2:24 a.m.17 views

CVE-2026-57274

GeoWebPlayer’s CVE-2026-57274 is a buffer overflow in the connectInfo password handling of the Websocket Server (no key present) affecting GeoWebPlayer 1.1.1.0. A crafted websocket message can overflow the 64-byte password buffer, potentially enabling arbitrary code execution. Vendor patch releas...

8.3CVSS5.9AI score0.00286EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 2:23 a.m.13 views

CVE-2026-57273

GeoWebPlayer Websocket Server connectInfo handler in GeoVision software contains multiple stack-based buffer overflows in user-supplied JSON fields. Specifically, overflows occur in: username and password when key is absent (64-byte buffers), and username_enc, password_enc, key_blob, ip fields wh...

8.3CVSS5.9AI score0.00286EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 2:22 a.m.16 views

CVE-2026-57272

GeoWebPlayer/Websocket Server in GeoVision software (GV-VMS, GV-Cloud, etc.) uses an index parameter that is not validated, allowing out-of-bounds reads when handling localhost commands. This is the stated root cause and leads to the reported vulnerability (CVE-2026-57272). Impact is noted as hig...

8.3CVSS5.8AI score0.00247EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/02 2:21 a.m.11 views

EUVD-2026-41233

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.7AI score0.00235EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/02 2:21 a.m.8 views

CVE-2026-57271

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.7AI score0.00235EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/02 2:21 a.m.22 views

CVE-2026-57271

GeoWebPlayer (GeoVision GeoWebPlayer/Web Plugin/WS Player) contains a WebSocket server component, and a discovered out-of-bounds read vulnerability affecting the pause command index, as reported in CVE-2026-57271. Connected records identify this as a WebSocket server issue within GeoVision softwa...

8.3CVSS5.7AI score0.00235EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 2:21 a.m.18 views

CVE-2026-57270

GeoWebPlayer (also called Web Plugin in GV-VMS and WS Player in VMS-Cloud) furnishes a websocket server that extends the Web interfaces of GeoVision software. The server processes commands from localhost, many of which use an index to access arrays and perform actions. The index value is not cons...

8.3CVSS5.8AI score0.0022EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/02 2:21 a.m.11 views

EUVD-2026-41232

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.8AI score0.0022EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 2:20 a.m.20 views

CVE-2026-57269

GeoWebPlayer (Web Plugin/WS Player) in GeoVision software exposes a websocket server where an unvalidated index can access multiple arrays out-of-bounds, leading to an out-of-bounds read. This affects the Websocket interface used by GV-VMS and GV-Cloud; CVSS 3.1 base score 8.3 (HIGH) with potenti...

8.3CVSS5.8AI score0.0024EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 2:20 a.m.13 views

CVE-2026-57268

GeoWebPlayer’s Websocket server exposes a saveVideo command where the provided index is not validated before it's used to access internal arrays and call a function pointer in CCriticalSection. This out-of-bounds access can reach the critical section and release path, potentially enabling code ex...

8.3CVSS5.8AI score0.00286EPSS
Exploits0References2
CVE
CVE
added 2026/07/02 2:19 a.m.16 views

CVE-2026-57267

GeoWebPlayer (aka Web Plugin / WS Player) ships a websocket server that handles localhost commands. The index parameter used to access internal arrays is not consistently validated, enabling index-out-of-bounds reads in multiple arrays. This is documented as a GeoVision vulnerability (CVE-2026-57...

8.3CVSS5.8AI score0.0022EPSS
Exploits0References2
Rows per page
Query Builder