Lucene search
K

180 matches found

OSV
OSV
added 2023/06/12 4:30 p.m.28 views

CVE-2023-34105 SRS has command injection vulnerability in demonstration api-server for HTTP callback.

SRS is a real-time video server supporting RTMP, WebRTC, HLS, HTTP-FLV, SRT, MPEG-DASH, and GB28181. Prior to versions 5.0.157, 5.0-b1, and 6.0.48, SRS's api-server server is vulnerable to a drive-by command injection. An attacker may send a request to the /api/v1/snapshots endpoint containing an...

7.5CVSS7.7AI score0.0876EPSS
Exploits1References5
CVE
CVE
added 2023/06/12 4:30 p.m.92 views

CVE-2023-34105

SRS (Simple Real-time Server) api-server is vulnerable to drive-by command injection on POST /api/v1/snapshots in versions prior to 5.0.157, 5.0-b1, and 6.0.48, potentially leading to Remote Code Execution (RCE). Connected advisories confirm a fix in 5.0.157, 5.0-b1, and 6.0.48. Mitigate by updat...

7.5CVSS8.2AI score0.0876EPSS
In wildExploits1References3Affected Software1
CNNVD
CNNVD
added 2023/06/12 12:0 a.m.6 views

SRS 命令注入漏洞

SRS is a simple, efficient, real-time video server from SRS open source. SRS has a command injection vulnerability , the vulnerability stems from the api-server server has a command injection vulnerability...

7.5CVSS7.3AI score0.0876EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/06/07 12:0 a.m.5 views

PT-2023-3035 · Cisco · Cisco Telepresence Video Communication Server +1

Name of the Vulnerable Software and Affected Versions: Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS affected versions not specified Description: A vulnerability in the change password functionality could allow an authenticated, remote attacker with Read-only...

10CVSS6.4AI score0.00914EPSS
Exploits0References9
CNNVD
CNNVD
added 2023/02/06 12:0 a.m.5 views

NVS365 安全漏洞

NVS365 is a network video server from NVS365. A security vulnerability exists in NVS365 version V01, which stems from a command execution that can be triggered by the background network test function...

9.8CVSS8.5AI score0.25905EPSS
Exploits2References3
CNNVD
CNNVD
added 2023/02/03 12:0 a.m.5 views

NVS365 安全漏洞

NVS365 is a network video server from NVS365, Inc. A security vulnerability exists in NVS365 version V01 that stems from incorrect access control...

7.5CVSS7.3AI score0.00854EPSS
Exploits2References3
GithubExploit
GithubExploit
added 2023/02/02 9:33 a.m.9 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Nvs365 Nvs-365-V01_Firmware

NVS-365-Camera NVS-365-Camera NVS-365-Camera Two Vulnerab...

9.8CVSS7.6AI score0.25905EPSS
Exploits3
CNNVD
CNNVD
added 2022/10/05 12:0 a.m.7 views

Cisco Expressway Series和Cisco TelePresence Video Communication Server 信任管理问题漏洞

Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS are both products of Cisco, Inc.Cisco Expressway Series is software for accessing devices outside the firewall. The software provides simple, highly secure access for users outside the firewall, helping telecommuters wo...

7.4CVSS5.3AI score0.00897EPSS
Exploits0References1
OSV
OSV
added 2022/07/11 1:15 a.m.4 views

CVE-2022-31582

The shaolo1/VideoServer repository through 2019-09-21 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS5.8AI score0.01164EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/07/11 1:15 a.m.3 views

CVE-2022-31582

The shaolo1/VideoServer repository through 2019-09-21 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS5.3AI score0.01164EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/07/06 12:0 a.m.5 views

Cisco Expressway Series 和 Cisco TelePresence Video Communication Server 路径遍历漏洞

Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS are both products of Cisco, Inc.Cisco Expressway Series is software for accessing devices outside the firewall. The software provides simple, highly secure access for users outside the firewall, helping telecommuters wo...

9CVSS6.8AI score0.01795EPSS
Exploits0References6
NVD
NVD
added 2021/12/14 8:15 p.m.24 views

CVE-2021-39183

Owncast is an open source, self-hosted live video streaming and chat server. In affected versions inline scripts are executed when Javascript is parsed via a paste action. This issue is patched in 0.0.9 by blocking unsafe-inline Content Security Policy and specifying the script-src. The worker-sr...

8.2CVSS0.00747EPSS
Exploits1References1
CNVD
CNVD
added 2021/09/01 12:0 a.m.24 views

ZTE ZXV10 M910 code issue vulnerability

The ZTE ZXV10 M910 is a video conferencing HD video server from ZTE Corporation China.A security vulnerability exists in the ZTE ZXV10 M910, which can be exploited by attackers to execute arbitrary commands by sending deserialized payloads to port 5001...

9.8CVSS5.6AI score0.01942EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/08/30 12:0 a.m.4 views

ZTE ZXV10 M910 代码问题漏洞

The ZTE ZXV10 M910 is a video conferencing HD video server from ZTE Corporation China.A security vulnerability exists in the ZTE ZXV10 M910, which can be exploited by attackers to execute arbitrary commands by sending deserialized payloads to port 5001...

9.8CVSS6AI score0.01942EPSS
Exploits0References1
CNVD
CNVD
added 2021/07/15 12:0 a.m.16 views

Weak Password Vulnerability in Network Video Server of Shenzhen Longchamp Xintron Technology Co. Ltd (CNVD-2021-54075)

Ltd. is a leading provider of intelligent inspection robots and intelligent infrared thermal imaging products and solutions in China. Ltd. Network Video Server has a weak password vulnerability that can be exploited by attackers to obtain sensitive information...

7AI score
Exploits0
CNVD
CNVD
added 2021/06/28 12:0 a.m.11 views

Weak Password Vulnerability in Network Video Server of Shenzhen Longchamp Xintron Technology Co.

Shenzhen Longchamp Xintron Technology Co., Ltd. is a leading intelligent service robot solution provider in China. Ltd. Network Video Server has a weak password vulnerability that can be exploited by attackers to obtain sensitive information...

7AI score
Exploits0
CNVD
CNVD
added 2021/06/15 12:0 a.m.27 views

Unauthorized Access Vulnerability in AXIS 241Q Video Server

Axis is an IT company that specializes in providing web video solutions. An unauthorized access vulnerability exists in AXIS 241Q Video Server, which can be exploited by attackers to obtain sensitive information...

6.8AI score
Exploits0
CNVD
CNVD
added 2021/06/15 12:0 a.m.8 views

Unauthorized Access Vulnerability in AXIS 241S Video Server

Axis is an IT company that specializes in providing web video solutions. An unauthorized access vulnerability exists in AXIS 241S Video Server, which can be exploited by attackers to obtain sensitive information...

6.8AI score
Exploits0
CNVD
CNVD
added 2021/04/14 12:0 a.m.0 views

Network Video Server Weak Password Vulnerability in Network Video Server

Network Video Server is a network video server. A weak password vulnerability exists in Network Video Server, which can be exploited by an attacker to obtain sensitive information...

6.9AI score
Exploits0
ICS
ICS
added 2021/04/13 12:0 a.m.119 views

ICSA-20-070-01_Siemens and PKE SiNVR/SiVMS Video Server (Update B)

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendors: Siemens and PKE Equipment: SiNVR/SiVMS Video Server Vulnerabilities: Cleartext Storage in a File or on Disk, Path Traversal, Improper Input Validation, Weak Cryptography for Passwords 2. UPDATE...

9.9CVSS7.5AI score0.02735EPSS
Exploits0References12
Rows per page
Query Builder