Lucene search
K

92 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.8 views

Axis Communications AXIS OS Improper Validation of Syntactic Correctness of Input (CVE-2024-8160)

A researcher in the AXIS OS Bug Bounty Program has found that the VAPIX API ftptest.cgi did not have a sufficient input validation allowing for a possible command injection to transfer files to/from the Axis device. This flaw can only be exploited after authenticating with an...

3.8CVSS5.9AI score0.00614EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.6 views

Axis Communications AXIS OS Path Traversal (CVE-2024-0067)

A researcher in the AXIS OS Bug Bounty Program has found that the VAPIX API ledlimit.cgi was vulnerable for path traversal attacks allowing to list folder/file names on the local file system of the Axis device. Axis has released patched AXIS OS versions for this flaw. This plugin only works with...

4.3CVSS5.9AI score0.0038EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.8 views

Axis Communications AXIS OS Improper Validation of Specified Type of Input (CVE-2024-47262)

Dzmitry Lukyanenka, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API param.cgi was vulnerable to a race condition attack allowing for an attacker to block access to the web interface of the Axis device. Axis has released patched AXIS OS versions for this flaw. Endpoints not...

5.3CVSS6AI score0.00334EPSS
Exploits0References2
NVD
NVD
added 2026/02/10 6:15 a.m.6 views

CVE-2025-11142

The VAPIX API mediaclip.cgi that did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be exploited after authenticating with an operator- or administrator- privileged service account...

8.8CVSS0.00499EPSS
Exploits0References1
CVE
CVE
added 2026/02/10 5:32 a.m.14 views

CVE-2025-11142

The CVE-2025-11142 vulnerability affects the VAPIX API mediaclip.cgi and arises from insufficient input validation, enabling potential remote code execution. Exploitation requires authentication with an operator- or administrator-privileged service account, and the impact is rated high (CVSSv3.1:...

8.8CVSS6AI score0.00499EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/11/11 7:25 a.m.11 views

CVE-2025-9524

The VAPIX API port.cgi did not have sufficient input validation, which may result in process crashes and impact usability. This vulnerability can only be exploited after authenticating with a viewer- operator- or administrator-privileged service account...

4.3CVSS0.00246EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-25584

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00668EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-49553

Malicious code in bioql PyPI...

4.3CVSS6.6AI score0.00418EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-58083

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00684EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-54215

Malicious code in bioql PyPI...

3.5CVSS6.6AI score0.00555EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-54216

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00374EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-54217

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00334EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2023-25583

Malicious code in bioql PyPI...

8.1CVSS8AI score0.0059EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-25586

Malicious code in bioql PyPI...

7.1CVSS7AI score0.00668EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-57968

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.0056EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-47593

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00391EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-15868

Malicious code in bioql PyPI...

4.3CVSS6.6AI score0.0038EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-54390

Malicious code in bioql PyPI...

4.3CVSS6.6AI score0.00347EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/02 7:36 a.m.9 views

CVE-2025-0325

A Guard Tour VAPIX API parameter allowed the use of arbitrary values and can be incorrectly called, allowing an attacker to block access to the guard tour configuration page in the web interface of the Axis device...

4.3CVSS7AI score0.00322EPSS
Exploits0References1
CVE
CVE
added 2025/06/02 7:36 a.m.48 views

CVE-2025-0325

CVE-2025-0325 affects Axis devices with the Guard Tour VAPIX API. The vulnerability arises from a parameter that allows arbitrary values and can be invoked inappropriately, enabling an attacker to block access to the guard tour configuration page in the Axis device web interface. The primary impa...

4.3CVSS4.7AI score0.00322EPSS
Exploits0References1
Rows per page
Query Builder