57 matches found
CVE-2021-40381
CVE-2021-40381 affects Compro IP70 (2.08_7130218), IP570 (2.08_7130520), IP60, and TN540 devices. The vulnerability stems from index_MJpeg.cgi, which allows access to the camera video page, enabling unauthorized video access. Public references (including exploit mentions) corroborate unauthorized...
Weak Password Vulnerability in RG-UAC 6000-ISG Video Access Security Gateway
RG-UAC 6000-ISG series video surveillance security gateway is a video surveillance network security reinforcement product independently developed by Ruijie Networks. The RG-UAC 6000-ISG video access security gateway has a weak password vulnerability, which can be exploited by attackers to obtain...
CVE-2020-27929
A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management. This issue is fixed in iOS 12.4.9. A user may send video in Group FaceTime calls without knowing that they have done so...
Basetech Ge-131 Bt-1837836 授权问题漏洞
The BASETech GE-131 BT-1837836 is a Wi-Fi IP CCTV camera. An information disclosure vulnerability exists in the BASETech GE-131 BT-1837836. An attacker can exploit the vulnerability to remotely access the video stream via an unrecorded user...
4 Ring Employees Fired For Spying on Customers
Smart doorbell company Ring said that it has fired four employees over the past four years for inappropriately accessing customer video footage. The disclosure comes in a recent letter to senators in response to a November inquiry into the company’s data policies from Amazon-owned Ring as it...
Unspecified Vulnerability in SHEKAR Technology Endoscope
SHEKAR Technology Endoscope is a portable endoscopic device from SHEKAR Technology, China. A security vulnerability exists in the SHEKAR Technology Endoscope. An attacker could exploit the vulnerability to obtain video content and images or cause other harm...
CVE-2019-9483
Amazon Ring Doorbell before 3.4.7 mishandles encryption, which allows attackers to obtain audio and video data, or insert spoofed video that does not correspond to the actual person at the door...
Code injection
A design flaw in the BlinkForHome aka Blink For Home Sync Module 2.10.4 and earlier allows attackers to disable cameras via Wi-Fi, because incident clips triggered by the motion sensor are not saved if the attacker's traffic such as Dot11Deauth successfully disconnects the Sync Module from the...
CVE-2017-10796
On TP-Link NC250 devices with firmware through 1.2.1 build 170515, anyone can view video and audio without authentication via an rtsp://admin@yourip:554/h264hd.sdp URL...
CVE-2010-5321
Memory leak in drivers/media/video/videobuf-core.c in the videobuf subsystem in the Linux kernel 2.6.x through 4.x allows local users to cause a denial of service memory consumption by leveraging /dev/video access for a series of mmap calls that require new allocations, a different vulnerability...
CVE-2010-5321
Memory leak in drivers/media/video/videobuf-core.c in the videobuf subsystem in the Linux kernel 2.6.x through 4.x allows local users to cause a denial of service memory consumption by leveraging /dev/video access for a series of mmap calls that require new allocations, a different vulnerability...
CVE-2010-5321
CVE-2010-5321 affects the Linux kernel videobuf subsystem (videobuf-core.c and related via videobuf-vmalloc.c) with a memory-leak vulnerability that can be exploited by local users via /dev/video mmap calls to trigger memory allocations and cause a denial of service. Public sources in the connect...
CVE-2015-8287
CVE-2015-8287 affects Swann SRNVW-470LCD (firmware up to 0114) and SWNVW-470CAM (firmware up to 1022). Description: remote attackers can view live video by visiting an unspecified URL due to an authorization issue (authentication bypass via an alternate path). CERT/CC notes attempts by Swann to a...
Google Chrome Inbuilt Flash player allows Webcam Hacking
No longer limited to Hollywood movies about cybercrime, webcam hacking has stealthily and aggressively broken into average households "I've heard a hacker could access my webcam and watch me in front of my computer. Could this really happen?" YES, other than using a Remote administration tools, i...
CVE-2010-4483
Google Chrome before 8.0.552.215 does not properly restrict read access to videos derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data via a crafted web site...
Design/Logic Flaw
Google Chrome before 8.0.552.215 does not properly restrict read access to videos derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data via a crafted web site...
CVE-2010-4483
Google Chrome before 8.0.552.215 does not properly restrict read access to videos derived from CANVAS elements, which allows remote attackers to bypass the Same Origin Policy and obtain potentially sensitive video data via a crafted web site...