159 matches found
CVE-2025-11142
The VAPIX API mediaclip.cgi that did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account...
CVE-2025-11142
The CVE-2025-11142 vulnerability affects the VAPIX API mediaclip.cgi and arises from insufficient input validation, enabling potential remote code execution. Exploitation requires authentication with an operator- or administrator-privileged service account, and the impact is rated high (CVSSv3.1:...
CVE-2025-11142
The VAPIX API mediaclip.cgi that did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account...
PT-2026-7228
Name of the Vulnerable Software and Affected Versions VAPIX API affected versions not specified Description The VAPIX API’s mediaclip.cgi component lacks proper input validation, potentially allowing for remote code execution. Exploitation requires authentication with an operator- or...
CVE-2025-9524
The VAPIX API port.cgi did not have sufficient input validation, which may result in process crashes and impact usability. This vulnerability can only be exploited after authenticating with a viewer- operator- or administrator-privileged service account...
CVE-2025-9055
The VAPIX Edge storage API that allowed a privilege escalation, enabling a VAPIX administrator-privileged user to gain Linux Root privileges. This flaw can only be exploited after authenticating with an administrator-privileged service account...
EUVD-2025-74035
The VAPIX API port.cgi did not have sufficient input validation, which may result in process crashes and impact usability. This vulnerability can only be exploited after authenticating with a viewer- operator- or administrator-privileged service account...
EUVD-2025-74036
The VAPIX Edge storage API that allowed a privilege escalation, enabling a VAPIX administrator-privileged user to gain Linux Root privileges. This flaw can only be exploited after authenticating with an administrator-privileged service account...
CVE-2025-9524
The VAPIX API port.cgi did not have sufficient input validation, which may result in process crashes and impact usability. This vulnerability can only be exploited after authenticating with a viewer- operator- or administrator-privileged service account...
CVE-2025-9055
The VAPIX Edge storage API that allowed a privilege escalation, enabling a VAPIX administrator-privileged user to gain Linux Root privileges. This flaw can only be exploited after authenticating with an administrator-privileged service account...
CVE-2025-9055
The VAPIX Edge storage API that allowed a privilege escalation, enabling a VAPIX administrator-privileged user to gain Linux Root privileges. This flaw can only be exploited after authenticating with an administrator-privileged service account...
CVE-2025-9055
The VAPIX Edge storage API that allowed a privilege escalation, enabling a VAPIX administrator-privileged user to gain Linux Root privileges. This flaw can only be exploited after authenticating with an administrator-privileged service account...
CVE-2025-9055
CVE-2025-9055 relates to Axis VAPIX Edge storage API. A privilege-escalation flaw allows an administrator-privileged VAPIX user to gain Linux root privileges after authenticating with an administrator-privileged service account. Exploitation is local and requires high privileges, with the root ou...
CVE-2025-9524
CVE-2025-9524 affects Axis VAPIX API port.cgi. Root cause: insufficient input validation in port.cgi, leading to process crashes and potential availability impact. Exploitation requires authentication with a viewer/operator/admin service account. CVSS~3.1: 4.3 (NETWORK, LOW attacker interaction, ...
CVE-2025-9524
The VAPIX API port.cgi did not have sufficient input validation, which may result in process crashes and impact usability. This vulnerability can only be exploited after authenticating with a viewer- operator- or administrator-privileged service account...
CVE-2025-9524
The VAPIX API port.cgi did not have sufficient input validation, which may result in process crashes and impact usability. This vulnerability can only be exploited after authenticating with a viewer- operator- or administrator-privileged service account...
AXIS OS 安全漏洞
AXIS OS is an edge device operating system from Axis Sweden. AXIS OS suffers from a security vulnerability that stems from an escalation of privilege issue that could result in a VAPIX Administrator privileged user gaining Linux Root privileges...
PT-2025-46313
Name of the Vulnerable Software and Affected Versions VAPIX Edge affected versions not specified Description The VAPIX Edge storage API contains a flaw that allows privilege escalation. An authenticated VAPIX administrator-privileged user can gain Linux Root privileges. Exploitation requires...
PT-2025-46314
Name of the Vulnerable Software and Affected Versions VAPIX API affected versions not specified Description The VAPIX API’s port.cgi component lacks adequate input validation. This can lead to process crashes and negatively affect usability. Exploitation requires authentication with a viewer,...
EUVD-2023-25584
Malicious code in bioql PyPI...