Lucene search
+L

433 matches found

ATTACKERKB
ATTACKERKB
•added 2026/03/20 6:2 a.m.•1 views

CVE-2026-4475

A vulnerability has been found in Yi Technology YI Home Camera 2 2.1.120171024151200. The affected element is an unknown function of the file home/web/ipc. Such manipulation leads to hard-coded credentials. Access to the local network is required for this attack to succeed. The exploit has been...

8.8CVSS5.2AI score0.00299EPSS
Exploits0References4
Cvelist
Cvelist
•added 2026/03/20 6:2 a.m.•27 views

CVE-2026-4475 Yi Technology YI Home Camera ipc hard-coded credentials

A vulnerability has been found in Yi Technology YI Home Camera 2 2.1.120171024151200. The affected element is an unknown function of the file home/web/ipc. Such manipulation leads to hard-coded credentials. Access to the local network is required for this attack to succeed. The exploit has been...

8.8CVSS0.00299EPSS
Exploits0References3
CVE
CVE
•added 2026/03/20 6:2 a.m.•24 views

CVE-2026-4475

CVE-2026-4475 concerns Yi Technology YI Home Camera 2 (version 2.1.1_20171024151200). The vulnerability is in an unknown function within the file home/web/ipc, leading to hard-coded credentials. Access to the local network is required for exploitation. Public disclosure has occurred, and the vend...

8.8CVSS6.7AI score0.00299EPSS
Exploits0References3
Positive Technologies
Positive Technologies
•added 2026/03/20 12:0 a.m.•6 views

PT-2026-26569

A vulnerability was found in Yi Technology YI Home Camera 2 2.1.1 20171024151200. The impacted element is an unknown function of the file home/web/ipc of the component CGI Endpoint. Performing a manipulation results in missing authentication. Access to the local network is required for this attac...

6.3CVSS6AI score0.00316EPSS
Exploits0References4
Positive Technologies
Positive Technologies
•added 2026/03/20 12:0 a.m.•9 views

PT-2026-26634

Name of the Vulnerable Software and Affected Versions QHora versions prior to 2.6.2.007 Description A weak authentication issue exists in QHora. An attacker with local network access can exploit this to obtain sensitive information. Recommendations Update to version 2.6.2.007 or later...

7CVSS7AI score0.00197EPSS
Exploits0References5
NVD
NVD
•added 2026/03/11 8:16 a.m.•8 views

CVE-2024-14025

An SQL injection vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the...

6.7CVSS0.00136EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/03/11 8:2 a.m.•4 views

CVE-2024-14025 Video Station

An SQL injection vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the...

1CVSS5.9AI score0.00136EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
•added 2026/03/11 8:2 a.m.•5 views

CVE-2024-14025

An SQL injection vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the...

1CVSS5.9AI score0.00136EPSS
Exploits0References2Affected Software1
CVE
CVE
•added 2026/03/11 8:2 a.m.•18 views

CVE-2024-14024

CVE-2024-14024 affects QNAP Video Station. The vulnerability is an improper certificate validation flaw that can be exploited by an attacker with local network access and administrative privileges to compromise the system. A fix is available in Video Station 5.8.2 and later. Root cause: certifica...

6.7CVSS5.7AI score0.00077EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
•added 2026/03/11 8:2 a.m.•29 views

CVE-2024-14024 Video Station

An improper certificate validation vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the...

1CVSS0.00077EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
•added 2026/03/11 8:2 a.m.•5 views

CVE-2024-14024

An improper certificate validation vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the...

1CVSS5.7AI score0.00077EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
•added 2026/03/11 12:0 a.m.•7 views

PT-2026-24595

🚨 CVE-2024-14025 An SQL injection vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the...

6.7CVSS6AI score0.00136EPSS
Exploits0References8
Positive Technologies
Positive Technologies
•added 2026/03/11 12:0 a.m.•12 views

PT-2026-24594

🚨 CVE-2024-14024 An improper certificate validation vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to compromise the security of the system. We have already...

6.7CVSS5.8AI score0.00077EPSS
Exploits0References8
Positive Technologies
Positive Technologies
•added 2026/03/11 12:0 a.m.•9 views

PT-2026-24596

🚨 CVE-2024-14026 A command injection vulnerability has been reported to affect several QNAP operating system versions. If an attacker gains local network access who have also gained a user account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the...

7.8CVSS6AI score0.00624EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
•added 2026/03/03 2:41 a.m.•17 views

CVE-2026-20801

Cleartext Transmission of Sensitive Information CWE-319 in a component used in the Gallagher Hanwha VMS and Gallagher NxWitness VMS integrations allows unprivileged users with local network access to view live video streams. This issue affects all versions of Gallagher NxWitness VMS integration...

5.6CVSS5.9AI score0.00102EPSS
Exploits0References2
EUVD
EUVD
•added 2026/03/03 2:41 a.m.•6 views

EUVD-2026-9276

Cleartext Transmission of Sensitive Information CWE-319 in a component used in the Gallagher Hanwha VMS and Gallagher NxWitness VMS integrations allows unprivileged users with local network access to view live video streams. This issue affects all versions of Gallagher NxWitness VMS integration...

5.6CVSS5.9AI score0.00102EPSS
Exploits0References1
CVE
CVE
•added 2026/03/03 2:41 a.m.•17 views

CVE-2026-20801

CVE-2026-20801 describes a cleartext transmission flaw (CWE-319) in a component used by Gallagher Hanwha VMS and Gallagher NxWitness VMS integrations. Unprivileged users on the local network could view live video streams due to this issue. Affected are Gallagher NxWitness VMS integration versions...

5.6CVSS5.9AI score0.00102EPSS
Exploits0References1
Vulnrichment
Vulnrichment
•added 2026/03/03 2:41 a.m.•4 views

CVE-2026-20801

Cleartext Transmission of Sensitive Information CWE-319 in a component used in the Gallagher Hanwha VMS and Gallagher NxWitness VMS integrations allows unprivileged users with local network access to view live video streams. This issue affects all versions of Gallagher NxWitness VMS integration...

5.6CVSS5.9AI score0.00102EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/03/03 2:41 a.m.•33 views

CVE-2026-20801

Cleartext Transmission of Sensitive Information CWE-319 in a component used in the Gallagher Hanwha VMS and Gallagher NxWitness VMS integrations allows unprivileged users with local network access to view live video streams. This issue affects all versions of Gallagher NxWitness VMS integration...

5.6CVSS0.00102EPSS
Exploits0References1
CNNVD
CNNVD
•added 2026/03/03 12:0 a.m.•9 views

Gallagher NxWitness VMS 安全漏洞

Gallagher NxWitness VMS is a video management system developed by the New Zealand-based Gallagher company. Versions of Gallagher NxWitness VMS prior to 9.10.017 and 9.10.025 contained security vulnerabilities. These vulnerabilities stemmed from the transmission of sensitive information in plainte...

5.6CVSS5.8AI score0.00102EPSS
Exploits0References2
Rows per page
Query Builder