3 matches found
CVE-2025-41016 Multiple vulnerabilities in DFUSION by Davantis
Inadequate access control vulnerability in Davantis DFUSION v6.177.7, which allows unauthorised actors to extract images and videos related to alarm events through access to “/alarms//”, where the “MEDIA” parameter can take the value of “snapshot” or “video.mp4”. These media files contain images...
DEBIAN-CVE-2018-18839
An issue was discovered in Netdata 1.10.0. Full Path Disclosure FPD exists via api/v1/alarms. NOTE: the vendor says "is intentional...
PT-2019-9647 · Netdata +2 · Netdata +2
Name of the Vulnerable Software and Affected Versions: Netdata version 1.10.0 Description: An issue exists in the software, potentially allowing Full Path Disclosure FPD via the "api/v1/alarms" endpoint. The vendor considers this behavior intentional. Recommendations: For Netdata version 1.10.0, ...