Lucene search
K

45 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.8 views

Axis Communications AXIS OS Improper Validation of Syntactic Correctness of Input (CVE-2024-8160)

A researcher in the AXIS OS Bug Bounty Program has found that the VAPIX API ftptest.cgi did not have a sufficient input validation allowing for a possible command injection to transfer files to/from the Axis device. This flaw can only be exploited after authenticating with an...

3.8CVSS5.9AI score0.00614EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.6 views

Axis Communications AXIS OS Path Traversal (CVE-2024-0067)

A researcher in the AXIS OS Bug Bounty Program has found that the VAPIX API ledlimit.cgi was vulnerable for path traversal attacks allowing to list folder/file names on the local file system of the Axis device. Axis has released patched AXIS OS versions for this flaw. This plugin only works with...

4.3CVSS5.9AI score0.0038EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.5 views

Axis Communications AXIS OS Improper Validation of Syntactic Correctness of Input (CVE-2024-8772)

A researcher in the AXIS OS Bug Bounty Program has found that the VAPIX API managedoverlayimages.cgi was vulnerable to a race condition attack enabling an attacker to block access to the overlay configuration page in the web interface of the Axis device. Exploitation requires prior authentication...

4.3CVSS5.9AI score0.00418EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.6 views

Axis Communications AXIS OS Improper Restriction of Names for Files and Other Resources (CVE-2024-47260)

Lasse Trind, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API mediaclip.cgi did not have a sufficient input validation allowing for uploading more audio clips then designed resulting in the Axis device running out of memory. Axis has released patched AXIS OS versions for thi...

6.5CVSS5.9AI score0.00374EPSS
Exploits0References2
CNVD
CNVD
added 2025/11/14 12:0 a.m.3 views

Unspecified Vulnerability in AXIS OS

AXIS OS is an edge device operating system from Axis Sweden. AXIS OS suffers from a security vulnerability that stems from a third-party component exposing passwords in process parameters, which can be exploited by an attacker to cause low-privilege user access...

6CVSS6.9AI score0.00105EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.6 views

AXIS OS 安全漏洞

AXIS OS is an edge device operating system from Axis Sweden. AXIS OS suffers from a security vulnerability that stems from a symbolic link attack that could lead to elevation of privilege...

6.8CVSS6.7AI score0.00347EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.8 views

AXIS OS 安全漏洞

AXIS OS is an edge device operating system from Axis Sweden. AXIS OS has a security vulnerability that stems from insufficient validation of ACAP configuration file inputs, which could lead to arbitrary code execution...

6.7CVSS7.6AI score0.00145EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.5 views

AXIS OS 安全漏洞

AXIS OS is an edge device operating system from Swedish company Axis AXIS. AXIS OS has a security vulnerability that stems from improper configuration file permissions and insufficient input validation, which could lead to elevated privileges...

6.7CVSS6.8AI score0.00126EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.7 views

AXIS OS 安全漏洞

AXIS OS is an edge device operating system from Axis Sweden. AXIS OS suffers from a security vulnerability that stems from a third-party component exposing passwords in process parameters, which can be exploited by an attacker to cause low-privilege user access...

6CVSS6.7AI score0.00105EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.8 views

AXIS OS 安全漏洞

AXIS OS is an edge device operating system from Axis Sweden. AXIS OS has a security vulnerability that stems from insufficient input validation, which could lead to process crashes and affect availability...

4.3CVSS6.7AI score0.00246EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.4 views

AXIS OS 安全漏洞

AXIS OS is an edge device operating system from Axis Sweden. AXIS OS suffers from a security vulnerability that stems from an escalation of privilege issue that could result in a VAPIX Administrator privileged user gaining Linux Root privileges...

6.4CVSS7.2AI score0.00113EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.6 views

AXIS OS 安全漏洞

AXIS OS is an edge device operating system from Axis Sweden. AXIS OS has a security vulnerability that originates from a malicious ACAP application that can obtain administrator-level service account credentials used by a legitimate ACAP application, potentially resulting in elevated privileges f...

6.6CVSS6.8AI score0.00286EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.17 views

AXIS OS 安全漏洞

AXIS OS is an edge device operating system from Axis Sweden. AXIS OS has a security vulnerability that stems from insufficient validation of ACAP configuration file inputs, which could lead to path traversal attacks and elevation of privilege...

6.7CVSS6.7AI score0.00149EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-47313

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00391EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.5 views

PT-2025-32626 · Axis · Axis

Name of the Vulnerable Software and Affected Versions: Axis affected versions not specified Description: ACAP applications can be executed with elevated privileges, potentially leading to privilege escalation. This issue can only be exploited if the Axis device is configured to allow the...

6.7CVSS6.9AI score0.00146EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2025/06/09 12:0 a.m.6 views

The vulnerability of the Device Configuration component in the APIX application programming interface of the AXIS OS operating system allows a perpetrator to increase their privileges.

The vulnerability of the Device Configuration component in the APIX application programming interface of the AXIS OS operating system is related to incomplete filtering of specific elements. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...

9.7CVSS5.4AI score0.00338EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/06/02 12:0 a.m.7 views

AXIS OS 安全漏洞

AXIS OS is an edge device operating system from Axis Sweden AXIS. A security vulnerability exists in AXIS OS versions 6.50 through 12.3, which stems from a parameter that allows arbitrary values and could result in blocking access to the guard patrol configuration page of an Axis device...

4.3CVSS6.7AI score0.00322EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.5 views

AXIS OS 安全漏洞

AXIS OS is an edge device operating system from Axis Sweden. AXIS OS has a security vulnerability that originates from allowing an attacker to obtain a system username via the VAPIX Device Configuration SSH Management API...

4.3CVSS6.8AI score0.00304EPSS
Exploits0References3
OSV
OSV
added 2025/03/04 6:15 a.m.9 views

CVE-2025-0359

During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a flaw in the ACAP Application framework that allowed applications to access restricted D-Bus methods within the framework. Axis has released patched AXIS OS versions for the highlighted flaw. Please...

5.5CVSS5.8AI score0.00132EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/03/04 12:0 a.m.6 views

AXIS OS 代码问题漏洞

AXIS OS is an edge device operating system from Swedish company Axis AXIS. AXIS OS suffers from a security vulnerability that stems from insufficient input validation, which could lead to command injection and resource exhaustion...

3.5CVSS7.3AI score0.00555EPSS
Exploits0References3
Rows per page
Query Builder