1723 matches found
CVE-2025-11547
AXIS Camera Station Pro contained a flaw to perform a privilege escalation attack on the server as a non-admin user...
Axis Camera Station Pro 安全漏洞
Axis Camera Station Pro is a video management software developed by the Swedish company Axis. There is a security vulnerability in Axis Camera Station Pro, which allows non-administrator users to execute privilege escalation attacks on the server...
PT-2026-7229
Name of the Vulnerable Software and Affected Versions AXIS Camera Station Pro affected versions not specified Description AXIS Camera Station Pro contains a flaw that allows a non-administrative user to perform a privilege escalation attack on the server. Recommendations At the moment, there is n...
PT-2026-7230
An AXIS Camera Station Pro feature can be exploited in a way that allows a non-admin user to view information they are not permitted to...
Axis Camera Station Pro 安全漏洞
Axis Camera Station Pro is a video management software developed by the Swedish company Axis. There is a security vulnerability in Axis Camera Station Pro, which allows unauthorized users to access unauthorized information...
AXIS OS 安全漏洞
AXIS OS is an edge device operating system developed by AXIS, a company from Sweden. There is a security vulnerability in AXIS OS, which stems from insufficient input validation. This vulnerability may allow for the execution of remote code after authentication is performed using a service accoun...
AXIS Camera Station Pro 安全漏洞
AXIS Camera Station Pro is a video management software developed by the Swedish company Axis. There is a security vulnerability in AXIS Camera Station Pro, which allows malicious administrators to perform server-side injections, potentially leading to the execution of malicious scripts...
Security Bulletin: Multiple Vulnerabilities affects IBM Data Studio Client 4.2.0
Summary Security Fix of multiple Vulnerabilities of IBM Data Studio Client 4.2.0 Vulnerability Details CVEID:CVE-2021-2163 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high...
Cacti Graph Template authenticated RCE versions prior to 1.2.29
This module exploits an authenticated remote code execution vulnerability in Cacti versions prior to 1.2.29. Authenticated users can upload a graph template through the /graphtemplates.php endpoint. The rightaxislabel parameter is vulnerable to code injection, allowing attackers to execute...
📄 Cacti Graph Template Authenticated Remote Code Execution
This Metasploit module exploits an authenticated remote code execution vulnerability in Cacti versions prior to 1.2.29. Authenticated users can upload a graph template through the /graphtemplates.php endpoint. The rightaxislabel parameter is vulnerable to code injection, allowing attackers to...
@alithya-oss/backstage-plugin-aws-apps-backend (=0.4.7), @alithya-oss/backstage-plugin-changelog-backend (=1.0.3) +165 more potentially affected by CVE-2026-24048 via @backstage/backend-defaults (>=0.0.0-nightly-20240929023448 <=0.12.1-next.1)
@backstage/backend-defaults NPM version =0.0.0-nightly-20240929023448, =1.0.7, =0.1.8, =0.3.10, =0.3.6, =0.1.0, =0.4.0, =4.6.0, =0.10.0, =0.12.0 and more Source cves: CVE-2026-24048 Source advisory: OSV:GHSA-Q2X5-4XJX-C6P9...
MiracleLinux 7 : microcode_ctl-2.1-47.2.el7 (AXEA:2019-3880:01)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXEA:2019-3880:01 advisory. - Microarchitectural Store Buffer Data Sampling MSBDS: Store buffers on some microprocessors utilizing speculative execution may allow an...
MiracleLinux 4 : samba-3.6.9-168.AXS4.0.1 (AXSA:2014-176:02)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-176:02 advisory. CVE-2012-6150 The winbindnamelisttosidstringlist function in nsswitch/pamwinbind.c in Samba through 4.1.2 handles invalid requiremembershipof group...
MiracleLinux 4 : axis-1.2.1-7.3.AXS4 (AXSA:2013-129:01)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-129:01 advisory. Apache AXIS is an implementation of the SOAP Simple Object Access Protocol submission to W3C. From the draft W3C specification: SOAP is a lightweight protocol...
MiracleLinux 3 : axis-1.2.1-2jpp.8.AXS3 (AXSA:2014-536:01)
The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-536:01 advisory. Description : Apache AXIS is an implementation of the SOAP Simple Object Access Protocol submission to W3C. From the draft W3C specification: SOAP is a...
MiracleLinux 4 : axis-1.2.1-7.5.AXS4 (AXSA:2014-534:01)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-534:01 advisory. Description : Apache AXIS is an implementation of the SOAP Simple Object Access Protocol submission to W3C. From the draft W3C specification: SOAP is a...
MiracleLinux 4 : java-1.6.0-openjdk-1.6.0.33-1.13.5.0.AXS4 (AXSA:2014-605:05)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-605:05 advisory. Description : The OpenJDK runtime environment. Security issues fixed with this release: CVE-2014-6457 Unspecified vulnerability in Oracle Java SE...
CVE-2023-40743
UNSUPPORTED WHEN ASSIGNED When integrating Apache Axis 1.x in an application, it may not have been obvious that looking up a service through "ServiceFactory.getService" allows potentially dangerous lookup mechanisms such as LDAP. When passing untrusted input to this API method, this could expose...
CVE-2021-31989
A user with permission to log on to the machine hosting the AXIS Device Manager client could under certain conditions extract a memory dump from the built-in Windows Task Manager application. The memory dump may potentially contain credentials of connected Axis devices...
CVE-2021-41211
TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for QuantizeV2 can trigger a read outside of bounds of heap allocated array. This occurs whenever axis is a negative value less than -1. In this case, we are accessing data before the start o...