Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2026/05/15 7:57 p.m.14 views

CVE-2026-38740

Foscam VD1 Video Doorbell before V5.3.131072 is vulnerable to Cleartext Transmission of Sensitive Information. The device transmits sensitive Session Description Protocol SDP, including ICE credentials and candidates, in cleartext over network interfaces. An attacker with network visibility can...

5.3CVSS5.9AI score0.00131EPSS
Exploits0References1
NVD
NVD
added 2026/05/14 7:16 p.m.15 views

CVE-2026-38740

Foscam VD1 Video Doorbell before V5.3.131072 is vulnerable to Cleartext Transmission of Sensitive Information. The device transmits sensitive Session Description Protocol SDP, including ICE credentials and candidates, in cleartext over network interfaces. An attacker with network visibility can...

5.3CVSS0.00131EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/14 12:0 a.m.11 views

Foscam VD1 Video Doorbell 安全漏洞

The Foscam VD1 Video Doorbell is a smart video doorbell from the American company Foscam, capable of supporting high-definition video surveillance and two-way voice communication. Versions of the Foscam VD1 Video Doorbell prior to V5.3.131072 contained security vulnerabilities. These...

5.3CVSS5.8AI score0.00131EPSS
Exploits0References2
CVE
CVE
added 2026/05/14 12:0 a.m.18 views

CVE-2026-38740

CVE-2026-38740 affects the Foscam VD1 Video Doorbell (pre‑V5.3.13_1072). The root cause is cleartext transmission of sensitive SDP data, including ICE credentials and candidates, exposed over network interfaces. An attacker with network visibility can intercept these credentials to hijack media s...

5.3CVSS5.9AI score0.00131EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2017-14099

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In res/resrtpasterisk.c in Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before 14.6.1 and Certified Asterisk 11.x before 11.6-cert17 and 13.x...

7.5CVSS7.5AI score0.0433EPSS
Exploits0References2
Malwarebytes
Malwarebytes
added 2024/06/10 7:1 a.m.17 views

A week in security (June 3 – June 9)

Last week on Malwarebytes Labs: Google will start deleting location history Advance Auto Parts customer data posted for sale Husband stalked ex-wife with seven AirTags, indictment says Microsoft Recall snapshots can be easily grabbed with TotalRecall tool Financial sextortion scams on the rise Sa...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/01/10 5:29 p.m.24 views

SEC X account hacked to hawk crypto-scams

We have seen several high-profile accounts that were taken over on X formerly Twitter only to be used for cryptocurrency related promotional activities, like expressing the approval of exchange-traded funds ETFs. The latest victim in this line-up is the Securities and Exchange Commission SEC. The...

7.6AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/23 10:45 a.m.2 views

New S1deload Malware Hijacking Users' Social Media Accounts and Mining Cryptocurrency

An active malware campaign has set its sights on Facebook and YouTube users by leveraging a new information stealer to hijack the accounts and abuse the systems' resources to mine cryptocurrency. Bitdefender is calling the malware S1deload Stealer for its use of DLL side-loading techniques to get...

6.6AI score
Exploits0
Krebs on Security
Krebs on Security
added 2019/05/10 5:2 p.m.159 views

Nine Charged in Alleged SIM Swapping Ring

Eight Americans and an Irishman have been charged with wire fraud this week for allegedly hijacking mobile phones through SIM-swapping, a form of fraud in which scammers bribe or trick employees at mobile phone stores into seizing control of the target's phone number and diverting all texts and...

7.5AI score
Exploits0
OSV
OSV
added 2017/09/02 4:29 p.m.1 views

DEBIAN-CVE-2017-14099

In res/resrtpasterisk.c in Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before 14.6.1 and Certified Asterisk 11.x before 11.6-cert17 and 13.x before 13.13-cert5, unauthorized data disclosure media takeover in the RTP stack is possible with careful timing by an attacker. The...

7.5CVSS7.5AI score0.0433EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2017/09/02 4:0 p.m.19 views

CVE-2017-14099

In res/resrtpasterisk.c in Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before 14.6.1 and Certified Asterisk 11.x before 11.6-cert17 and 13.x before 13.13-cert5, unauthorized data disclosure media takeover in the RTP stack is possible with careful timing by an attacker. The...

7.5CVSS7.6AI score0.0433EPSS
Exploits0
The Hacker News
The Hacker News
added 2016/03/22 10:22 p.m.21 views

FBI Most Wanted — Three 'Syrian Electronic Army' Hackers Charged for Cyber Crime

Syrian Electronic Army SEA Hackers have made their place on the FBI's Most Wanted List. The US Department of Justice and the Federal Bureau of Investigation FBI are willing to pay $100,000 reward for any information that leads to the arrest of the heads of the infamous hacking group Syrian...

7AI score
Exploits0
Rows per page
Query Builder