Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

65 matches found

Nuclei
Nucleiadded 8 hours ago28 views

Uniview NVR301-04S2-P4 - Cross-Site Scripting

Uniview NVR301-04S2-P4 contains a reflected cross-site scripting vulnerability via the PATH of LAPI. CISA and Uniview state that this vulnerability needs to be authenticated. This is incorrect. Any PATH payload can cause XSS. A submission to Mitre has been sent to update the verbiage in the findi...

5.4CVSS5AI score0.11904EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/01/09 12:23 p.m.3 views

CVE-2018-14923

A vulnerability in uniview EZPlayer 1.0.6 could allow an attacker to execute arbitrary code on a targeted system via video playback...

9.3CVSS7.8AI score0.00233EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2020-14224

Malware in sbrugna...

9.8CVSS9.2AI score0.00433EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2018-6805

Malware in sbrugna...

9.3CVSS7.7AI score0.00233EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-12790

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00722EPSS
Exploits0References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2021-31836

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.02201EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-32418

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.11904EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 4:39 a.m.8 views

CVE-2023-0773

The vulnerability exists in Uniview IP Camera due to identification and authentication failure at its web-based management interface. A remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device. Successful exploitation of this vulnerabili...

9.8CVSS7.5AI score0.00722EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 3:18 p.m.5 views

CVE-2020-21452

An issue was discovered in uniview ISC2500-S. This is an upload vulnerability where an attacker can upload malicious code via /Interface/DevManage/EC.php?cmd=upload...

9.8CVSS7.2AI score0.00433EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2025/02/04 11:5 p.m.6 views

CVE-2024-0778

UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in Uniview ISC 2500-S up to 20210930. Affected by this issue is the function setNatConfig of the file /Interface/DevManage/VM.php. The manipulation of the argument natAddress/natPort/natServerPort leads to...

9.8CVSS9.8AI score0.49718EPSS
Exploits1References1
NVD
NVDadded 2024/06/10 5:16 p.m.18 views

CVE-2024-3850

Uniview NVR301-04S2-P4 is vulnerable to reflected cross-site scripting attack XSS. An attacker could send a user a URL that if clicked on could execute malicious JavaScript in their browser. This vulnerability also requires authentication before it can be exploited, so the scope and severity is...

5.4CVSS0.11904EPSS
Exploits0References2
OSV
OSVadded 2024/06/10 5:16 p.m.2 views

CVE-2024-3850

Uniview NVR301-04S2-P4 is vulnerable to reflected cross-site scripting attack XSS. An attacker could send a user a URL that if clicked on could execute malicious JavaScript in their browser. This vulnerability also requires authentication before it can be exploited, so the scope and severity is...

5.4CVSS5.7AI score0.11904EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/06/10 4:46 p.m.16 views

CVE-2024-3850 Uniview NVR301-04S2-P4 Cross-site Scripting

Uniview NVR301-04S2-P4 is vulnerable to reflected cross-site scripting attack XSS. An attacker could send a user a URL that if clicked on could execute malicious JavaScript in their browser. This vulnerability also requires authentication before it can be exploited, so the scope and severity is...

5.4CVSS6.4AI score0.11904EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/06/10 4:46 p.m.19 views

CVE-2024-3850 Uniview NVR301-04S2-P4 Cross-site Scripting

Uniview NVR301-04S2-P4 is vulnerable to reflected cross-site scripting attack XSS. An attacker could send a user a URL that if clicked on could execute malicious JavaScript in their browser. This vulnerability also requires authentication before it can be exploited, so the scope and severity is...

5.4CVSS0.11904EPSS
Exploits0References1
CVE
CVEadded 2024/06/10 4:46 p.m.68 views

CVE-2024-3850

Affected product: Uniview NVR301-04S2-P4. Vulnerability: reflected cross-site scripting (XSS) via the PATH of LAPI. Root cause: improper neutralization of input during web page generation (CWE-79), with XSS possible on pages under /LAPI/. Some sources note authentication is required; others indic...

5.4CVSS5.3AI score0.11904EPSS
Exploits0References2Affected Software1
CNNVD
CNNVDadded 2024/06/10 12:0 a.m.2 views

Uniview NVR301-04S2-P4 Cross-Site Scripting Vulnerability

Uniview NVR301-04S2-P4 is a camera from Uniview Technology China. The Uniview NVR301-04S2-P4 suffers from a cross-site scripting vulnerability that stems from susceptibility to reflective cross-site scripting attacks XSS...

5.4CVSS6.2AI score0.11904EPSS
Exploits0References2
ICS
ICSadded 2024/06/04 6:0 a.m.29 views

Uniview NVR301-04S2-P4 (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.1 ATTENTION : Exploitable remotely/low attack complexity/public exploits available Vendor : Uniview Equipment : NVR301-04S2-P4 Vulnerability : Cross-site Scripting 2. RISK EVALUATION An attacker could send a user a URL that if clicked on could execute...

5.4CVSS5.8AI score0.11904EPSS
Exploits0References10
VulnCheck KEV
VulnCheck KEVadded 2024/03/05 12:0 a.m.0 views

VulnCheck KEV: CVE-2024-0778

UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in Uniview ISC 2500-S up to 20210930. Affected by this issue is the function setNatConfig of the file /Interface/DevManage/VM.php. The manipulation of the argument natAddress/natPort/natServerPort...

9.8CVSS7AI score0.49718EPSS
Exploits1References1
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2024/02/29 12:0 a.m.16 views

JVN#77203800: OET-213H-BTS1 missing authorization check in the initial configuration

OET-213H-BTS1 is a digital temperature measurement and face recognition terminal, developed by Zhejiang Uniview Technologies Co.,Ltd and provided by Atsumi Electric Co., Ltd. The initial configuration of the product is ​insecure CWE-1188, it does not perform an authorization check when processing...

8.3CVSS6.1AI score0.00092EPSS
Exploits0
NVD
NVDadded 2024/01/22 4:15 p.m.16 views

CVE-2024-0778

UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in Uniview ISC 2500-S up to 20210930. Affected by this issue is the function setNatConfig of the file /Interface/DevManage/VM.php. The manipulation of the argument natAddress/natPort/natServerPort leads to...

9.8CVSS8.7AI score0.49718EPSS
Exploits1References3
Rows per page
Query Builder