Lucene search
K

654 matches found

Vulnrichment
Vulnrichment
added 2026/05/04 12:47 a.m.6 views

CVE-2026-42369 GeoVision GV-VMS V20 WebCam Server stack overflow vulnerability

GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and manage other security devices. It is a native application accessed locally, but it is also possible to enable remote access via the "WebCam Server" feature. Once enabled, it is possible to access t...

10CVSS6.2AI score0.00514EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/04 12:47 a.m.3 views

CVE-2026-42369

GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and manage other security devices. It is a native application accessed locally, but it is also possible to enable remote access via the "WebCam Server" feature. Once enabled, it is possible to access t...

10CVSS6.2AI score0.00514EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/04 12:47 a.m.33 views

CVE-2026-42369 GeoVision GV-VMS V20 WebCam Server stack overflow vulnerability

GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and manage other security devices. It is a native application accessed locally, but it is also possible to enable remote access via the "WebCam Server" feature. Once enabled, it is possible to access t...

10CVSS0.00514EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/04 12:47 a.m.7 views

EUVD-2026-26860

GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and manage other security devices. It is a native application accessed locally, but it is also possible to enable remote access via the "WebCam Server" feature. Once enabled, it is possible to access t...

10CVSS6.2AI score0.00514EPSS
Exploits0References2
CVE
CVE
added 2026/05/04 12:47 a.m.19 views

CVE-2026-42369

GV-VMS V20 WebCam Server contains a stack overflow in the b64decoder path of the gvapi flow. The decoded base64 string is copied into a 256-byte local Buffer without bounds checking, so if the decoded data exceeds 256 characters an attacker can trigger a stack overflow. The product is described a...

10CVSS6.2AI score0.00514EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.15 views

PT-2026-36741

Name of the Vulnerable Software and Affected Versions GeoVision GV-VMS V20 version 20.0.2 Description A stack overflow exists in the WebCam Server Login functionality. An unauthenticated attacker can send a specially crafted HTTP request to trigger the issue, potentially leading to arbitrary code...

9CVSS6.4AI score0.00463EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.9 views

GeoVision GV-VMS 缓冲区错误漏洞

GeoVision GV-VMS is a video management system software developed by GeoVision Corporation in China. The version GV-VMS V20 20.0.2 contains a buffer error vulnerability. This vulnerability stems from a stack overflow issue in the WebCam Server login function, which may allow custom HTTP requests t...

9.8CVSS6.3AI score0.00534EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.10 views

GeoVision GV-VMS 缓冲区错误漏洞

GeoVision GV-VMS is a video management system software developed by GeoVision Corporation in China. The GeoVision GV-VMS V20 20.0.2 version contains a buffer error vulnerability. This vulnerability arises from the unbounded copying of base64-encoded strings in the WebCam Server function, leading ...

10CVSS6.5AI score0.00514EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.15 views

PT-2026-36737

Name of the Vulnerable Software and Affected Versions GV-VMS version V20 Description A stack overflow exists in the WebCam Server component of the video monitoring software. When remote access is enabled, the gvapi endpoint utilizes a specific authentication mechanism via an HTTP Authorization...

10CVSS6.1AI score0.00514EPSS
Exploits0References17
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.10 views

GeoVision GV-VMS 缓冲区错误漏洞

GeoVision GV-VMS is a video management system software developed by GeoVision Corporation in China. The GeoVision GV-VMS V20 20.0.2 version contains a buffer error vulnerability. This vulnerability stems from the sscanf function in the WebCam Server login feature, which does not limit the size of...

9CVSS6.5AI score0.00463EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/04 12:0 a.m.13 views

PT-2026-36738

Name of the Vulnerable Software and Affected Versions GeoVision GV-VMS V20 version 20.0.2 Description A stack overflow in the WebCam Server Login functionality allows an unauthenticated attacker to execute arbitrary code by sending a specially crafted HTTP request. Recommendations At the moment,...

9.8CVSS6.2AI score0.00534EPSS
Exploits0References11
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/17 10:53 a.m.9 views

Malicious code in lixxyly (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e3c0a4fef6764ec743cc96d88d10dbc9a33197300a3b916746ab5f5391ad6e96 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...

6.2AI score
Exploits0References1
OSV
OSV
added 2026/04/17 10:53 a.m.5 views

MAL-2026-2841 Malicious code in lixxyly (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e3c0a4fef6764ec743cc96d88d10dbc9a33197300a3b916746ab5f5391ad6e96 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...

6.2AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/17 10:52 a.m.9 views

Malicious code in shelipp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c745f1c7897e6075520af7c8d838b496c8af8814810ba86dafd64d09b3d24b97 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...

6.2AI score
Exploits0References1
OSV
OSV
added 2026/04/17 10:52 a.m.8 views

MAL-2026-2844 Malicious code in shelipp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c745f1c7897e6075520af7c8d838b496c8af8814810ba86dafd64d09b3d24b97 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...

6.2AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/17 10:50 a.m.8 views

Malicious code in looopiw (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9d2af7de30ed37363dcd3ac8e41e0ff2987d97ec742dd973a2f95158c6f0f185 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...

6.2AI score
Exploits0References1
OSV
OSV
added 2026/04/17 10:50 a.m.6 views

MAL-2026-2842 Malicious code in looopiw (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9d2af7de30ed37363dcd3ac8e41e0ff2987d97ec742dd973a2f95158c6f0f185 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...

6.2AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/17 10:45 a.m.9 views

Malicious code in sher-net (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f87dc8302df47889be1acee83b535b423d7f04e597ed61cca62dc2727f4d5d46 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...

6.2AI score
Exploits0References1
OSV
OSV
added 2026/04/17 10:45 a.m.7 views

MAL-2026-2839 Malicious code in sher-net (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f87dc8302df47889be1acee83b535b423d7f04e597ed61cca62dc2727f4d5d46 Starting the module activates a hardcoded telegram bot allowing remote code execution, data exfiltration, collecting webcam photos, clipboard data, etc. ---...

6.2AI score
Exploits0References1
The Hacker News
The Hacker News
added 2026/03/16 9:7 a.m.7 views

DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

Ukrainian entities have emerged as the target of a new campaign likely orchestrated by threat actors linked to Russia, according to a report from S2 Grupo's LAB52 threat intelligence team. The campaign, observed in February 2026, has been assessed to share overlaps with a prior campaign mounted b...

6.1AI score
Exploits0
Rows per page
Query Builder