25 matches found
CVE-2026-33126
Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Prior to version 0.16.3, the /ffprobe endpoint accepts arbitrary user-controlled URLs without proper validation, allowing Server-Side Request Forgery SSRF attacks. An attacker can use the Frigate server t...
CVE-2026-33125
Frigate is a network video recorder NVR with realtime local object detection for IP cameras. In versions 0.16.2 and below, users with the viewer role can delete admin and low-privileged user accounts. Exploitation can lead to DoS and affect data integrity. This issue has been patched in version...
CVE-2026-33126
Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Prior to version 0.16.3, the /ffprobe endpoint accepts arbitrary user-controlled URLs without proper validation, allowing Server-Side Request Forgery SSRF attacks. An attacker can use the Frigate server t...
CVE-2026-33126 Frigate has SSRF vulnerability in /ffprobe endpoint
Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Prior to version 0.16.3, the /ffprobe endpoint accepts arbitrary user-controlled URLs without proper validation, allowing Server-Side Request Forgery SSRF attacks. An attacker can use the Frigate server t...
CVE-2026-33126
Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Prior to version 0.16.3, the /ffprobe endpoint accepts arbitrary user-controlled URLs without proper validation, allowing Server-Side Request Forgery SSRF attacks. An attacker can use the Frigate server t...
CVE-2026-33125
Frigate is a network video recorder NVR with realtime local object detection for IP cameras. In versions 0.16.2 and below, users with the viewer role can delete admin and low-privileged user accounts. Exploitation can lead to DoS and affect data integrity. This issue has been patched in version...
CVE-2026-33125 Frigate Broken Access Control: Users assigned the viewer role can delete admin and other low-privileged accounts
Frigate is a network video recorder NVR with realtime local object detection for IP cameras. In versions 0.16.2 and below, users with the viewer role can delete admin and low-privileged user accounts. Exploitation can lead to DoS and affect data integrity. This issue has been patched in version...
PT-2026-26667
Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Prior to version 0.16.3, the /ffprobe endpoint accepts arbitrary user-controlled URLs without proper validation, allowing Server-Side Request Forgery SSRF attacks. An attacker can use the Frigate server t...
📄 Frigate NVR 0.16.3 Remote Code Execution
This Metasploit module exploits a remote code execution vulnerability in Frigate NVR versions 0.16.3 and below by manipulating the application's configuration through the go2rtc stream settings. The module retrieves the current configuration, safely parses and modifies it to introduce a controlle...
Fedora 43 : rust-lru (2026-cd2a3ce9e6)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-cd2a3ce9e6 advisory. Update to version 0.16.3. Includes the fix for RUSTSEC-2026-0002. Tenable has extracted the preceding description block directly from the Fedora security...
Fedora: Security Advisory (FEDORA-2026-e153bc6b6a)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 42 : rust-lru (2026-e153bc6b6a)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e153bc6b6a advisory. Update to version 0.16.3. Includes the fix for RUSTSEC-2026-0002. Tenable has extracted the preceding description block directly from the Fedora security...
EUVD-2022-44883
Malicious code in bioql PyPI...
[SECURITY] [DLA 4237-1] xmedcon security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4237-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk July 06, 2025 https://wiki.debian.org/LTS -...
WordPress Plugin If Menu 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...
DEBIAN-CVE-2023-29479
Ribose RNP before 0.16.3 may hang when the input is malformed...
Ribose RNP 安全漏洞
Ribose RNP is an application from Ribose, Inc. A security vulnerability exists in Ribose RNP versions prior to 0.16.3 that stems from a key remaining unlocked after use...
CVE-2023-29479
Ribose RNP before 0.16.3 may hang when the input is malformed...
PT-2023-22275 · Ribose · Ribose Rnp
Name of the Vulnerable Software and Affected Versions: Ribose RNP versions prior to 0.16.3 Description: The issue allows secret keys to remain unlocked after use. Recommendations: For versions prior to 0.16.3, update to version 0.16.3 or later to resolve the issue...
SUSE CVE-2010-4654
poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack...