CVE-2026-3966

CVE-2026-3966 affects the 648540858 wvp-GB28181-pro package up to version 2.7.4-20260107. The issue lies in the getDownloadFilePath function of ABLMediaNodeServerService.java under the IP Address Handler; manipulating the MediaServer.streamIp argument triggers server-side request forgery (SSRF). ...

PT-2026-24897

A vulnerability was detected in 648540858 wvp-GB28181-pro up to 2.7.4-20260107. Affected by this vulnerability is the function getDownloadFilePath of the file /src/main/java/com/genersoft/iot/vmp/media/abl/ABLMediaNodeServerService.java of the component IP Address Handler. The manipulation of the...

WEB VIDEO PLATFORM 代码问题漏洞

WEB VIDEO PLATFORM is an open-source project developed by WVP-PRO, based on the GB28181-2016 standard. Version 2.7.4-20260107 and earlier of WEB VIDEO PLATFORM have code vulnerabilities. These vulnerabilities stem from operations on the parameter MediaServer.streamIp in the file...

EUVD-2021-13192

Malware in sbrugna...

EUVD-2021-13177

Malware in sbrugna...

EUVD-2021-33429

Malicious code in bioql PyPI...

CVE-2024-47020

Android before 2024-10-05 on Google Pixel devices allows information disclosure in the ABL component, A-331966488...

CVE-2024-47031

Android before 2024-10-05 on Google Pixel devices allows privilege escalation in the ABL component, A-329163861...

CVE-2024-47014

Android before 2024-10-05 on Google Pixel devices allows privilege escalation in the ABL component, A-330537292...

CVE-2024-7345

Local ABL Client bypass of the required PASOE security checks may allow an attacker to commit unauthorized code injection into Multi-Session Agents on supported OpenEdge LTS platforms up to OpenEdge LTS 11.7.18 and LTS 12.2.13 on all supported release platforms...

Google Android elevation of privilege vulnerability (CNVD-2025-03021)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to a flaw in the ABL component that can be exploited by an attacker to escalate privileges...

CVE-2024-47020

Android before 2024-10-05 on Google Pixel devices allows information disclosure in the ABL component, A-331966488...

CVE-2024-47020

Android before 2024-10-05 on Google Pixel devices allows information disclosure in the ABL component, A-331966488...

CVE-2024-7345 Direct local client connections to MS Agents can bypass authentication

Local ABL Client bypass of the required PASOE security checks may allow an attacker to commit unauthorized code injection into Multi-Session Agents on supported OpenEdge LTS platforms up to OpenEdge LTS 11.7.18 and LTS 12.2.13 on all supported release platforms...

CVE-2024-7345

CVE-2024-7345 involves a Local ABL Client bypassing PASOE security checks that can enable unauthorized code injection into OpenEdge Multi-Session Agents. Affected OpenEdge LTS platforms include versions up to 11.7.18 and 12.2.13 on all supported releases. Root cause: bypass of required PASOE secu...

CVE-2021-46772

Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, potentially resulting in memory corruption or denial of service...

CVE-2021-46772

Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, potentially resulting in memory corruption or denial of service...

CVE-2021-46772

Summary: CVE-2021-46772 describes insufficient input validation in the ABL that may allow a privileged attacker with BIOS/UEFI access to tamper with SPI ROM headers, causing out-of-bounds reads/writes and memory corruption or DoS. The Connected documents provide concrete mitigation details from A...

CVE-2021-46772

Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, potentially resulting in memory corruption or denial of service...

SUSE: Security Advisory (SUSE-SU-2023:4665-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...