22 matches found
CVE-2021-47866
WIN-PACK PRO 4.8 contains an unquoted service path vulnerability in the GuardTourService that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path in C:\Program Files \WINPAKPRO\WP GuardTour Service.exe to inject malicious code th...
CVE-2021-47866
WIN-PACK PRO 4.8 contains an unquoted service path vulnerability in the GuardTourService that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted path in C:\Program Files \WINPAKPRO\WP GuardTour Service.exe to inject malicious code th...
Honeywell WIN-PACK PRO code issue vulnerability
Honeywell WIN-PACK PRO is a security management platform software developed by the American company Honeywell. Version 4.8 of Honeywell WIN-PACK PRO contains a code vulnerability. This vulnerability stems from the GuardTourService having service paths that are not enclosed in quotes, which may...
EUVD-2020-8065
Malware in sbrugna...
EUVD-2024-47313
Malicious code in bioql PyPI...
CVE-2025-0325
A Guard Tour VAPIX API parameter allowed the use of arbitrary values and can be incorrectly called, allowing an attacker to block access to the guard tour configuration page in the web interface of the Axis device...
CVE-2025-0325
CVE-2025-0325 affects Axis devices with the Guard Tour VAPIX API. The vulnerability arises from a parameter that allows arbitrary values and can be invoked inappropriately, enabling an attacker to block access to the guard tour configuration page in the Axis device web interface. The primary impa...
CVE-2025-0325
A Guard Tour VAPIX API parameter allowed the use of arbitrary values and can be incorrectly called, allowing an attacker to block access to the guard tour configuration page in the web interface of the Axis device...
CVE-2025-0325
A Guard Tour VAPIX API parameter allowed the use of arbitrary values and can be incorrectly called, allowing an attacker to block access to the guard tour configuration page in the web interface of the Axis device...
PT-2025-23477 · Axis · Axis Device
Name of the Vulnerable Software and Affected Versions: Axis device affected versions not specified Description: A Guard Tour VAPIX API parameter allowed the use of arbitrary values and can be incorrectly called, allowing an attacker to block access to the guard tour configuration page in the web...
CVE-2024-6173
51l3nc3, member of the AXIS OS Bug Bounty Program, has found that a Guard Tour VAPIX API parameter allowed the use of arbitrary values allowing for an attacker to block access to the guard tour configuration page in the web interface of the Axis device. Axis has released patched AXIS OS versions...
CVE-2020-16099
In Gallagher Command Centre v8.20 prior to v8.20.1093MR2 it is possible to create Guard Tour events that when accessed via things like reporting cause clients to temporarily hang or disconnect...
CVE-2024-6173
51l3nc3, member of the AXIS OS Bug Bounty Program, has found that a Guard Tour VAPIX API parameter allowed the use of arbitrary values allowing for an attacker to block access to the guard tour configuration page in the web interface of the Axis device. Axis has released patched AXIS OS versions...
CVE-2024-6173
51l3nc3, member of the AXIS OS Bug Bounty Program, has found that a Guard Tour VAPIX API parameter allowed the use of arbitrary values allowing for an attacker to block access to the guard tour configuration page in the web interface of the Axis device. Axis has released patched AXIS OS versions...
CVE-2024-6173
CVE-2024-6173 concerns Axis OS: a Guard Tour VAPIX API parameter allows arbitrary values, enabling an attacker to block access to the guard tour configuration page in the Axis web interface. Reported by AXIS OS Bug Bounty participant, the flaw’s impact is described as blocking access (availabilit...
CVE-2024-6173
51l3nc3, member of the AXIS OS Bug Bounty Program, has found that a Guard Tour VAPIX API parameter allowed the use of arbitrary values allowing for an attacker to block access to the guard tour configuration page in the web interface of the Axis device. Axis has released patched AXIS OS versions...
AXIS OS 安全漏洞
AXIS OS is an edge device operating system from Axis Sweden. A security vulnerability exists in AXIS OS versions 6.50 through 11.10, which stems from the Guard Tour VAPIX API parameter that allows the use of arbitrary values...
PT-2024-37433 · Axis · Axis Os
Name of the Vulnerable Software and Affected Versions: AXIS OS affected versions not specified Description: A Guard Tour VAPIX API parameter in Axis devices allows the use of arbitrary values, enabling an attacker to block access to the guard tour configuration page in the web interface. Axis has...
CVE-2020-16099
In Gallagher Command Centre v8.20 prior to v8.20.1093MR2 it is possible to create Guard Tour events that when accessed via things like reporting cause clients to temporarily hang or disconnect...
Command injection
In Gallagher Command Centre v8.20 prior to v8.20.1093MR2 it is possible to create Guard Tour events that when accessed via things like reporting cause clients to temporarily hang or disconnect...