CVE-2025-47405 Untrusted Pointer Dereference in Camera

Memory corruption when processing camera sensor input/output control codes with invalid output buffers...

CVE-2024-54012

Penetration Testing engineers at Amazon discovered a vulnerability where the camera system failed to properly validate input, allowing specially crafted requests containing malicious commands to be executed on the device. The manufacturer has released patch firmware for the flaw; please refer to...

EUVD-2024-55559

Penetration Testing engineers at Amazon discovered a vulnerability where the camera system failed to properly validate input, allowing specially crafted requests containing malicious commands to be executed on the device. The manufacturer has released patch firmware for the flaw; please refer to...

Exploit for CVE-2025-1739

CVE-2025-1738 & CVE-2025-1739 — Trivision Camera NC227WF PoC...

CVE-2024-51347

A buffer overflow vulnerability in the dgiot binary in LSC Smart Indoor IP Camera V7.6.32. The flaw exists in the handling of the Time Zone TZ parameter within the ONVIF configuration interface. The time zone TZ parameter does not have its length properly validated before being copied into a...

CVE-2024-51347

A buffer overflow vulnerability in the dgiot binary in LSC Smart Indoor IP Camera V7.6.32. The flaw exists in the handling of the Time Zone TZ parameter within the ONVIF configuration interface. The time zone TZ parameter does not have its length properly validated before being copied into a...

EUVD-2026-13600

A vulnerability was determined in Yi Technology YI Home Camera 2 2.1.120171024151200. This affects an unknown function of the component WPA/WPS. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack can only be done within the local network. This attack is...

CVE-2026-4476

Summary of CVE-2026-4476 Affected product: Yi Technology YI Home Camera 2, version 2.1.1_20171024151200. The vulnerability is in an unknown function within home/web/ipc of the CGI Endpoint component. Root cause: manipulation of that function results in missing authentication. Impact: attacker on ...

FLIR Systems AX8 Cameras Use of Hard-coded Credentials (CVE-2018-25138)

FLIR AX8 Thermal Camera 1.32.16 contains hard-coded SSH and web panel credentials that cannot be changed through normal camera operations. Attackers can exploit these persistent credentials to gain unauthorized shell access and login to multiple camera interfaces using predefined username and...

CVE-2020-37146 Aptina AR0130 960P 1.3MP Camera - Remote Configuration Disclosure

ACE Security WiP-90113 HD Camera contains a configuration disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration files. Attackers can access the camera's configuration backup by sending a GET request to the /configbackup.bin endpoint, exposing credentia...

CVE-2020-37146 Aptina AR0130 960P 1.3MP Camera - Remote Configuration Disclosure

ACE Security WiP-90113 HD Camera contains a configuration disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration files. Attackers can access the camera's configuration backup by sending a GET request to the /configbackup.bin endpoint, exposing credentia...

CVE-2025-47399

CVE-2025-47399 describes memory corruption occurring when processing an IOCTL to update sensor property settings with invalid input parameters. The CVE is linked to Qualcomm-reported data with a CVSS v3.1 base score of 7.8 (HIGH) and a LOCAL attack vector, requiring LOW privileges and no user int...

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2026-1050)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : media: uvcvideo: Handle cameras with invalid descriptorsCVE-2023-53437 scsi: target: iscsi: Fix a race condition between loginwork and the login...

FLIR Thermal Camera FC Series和FLIR Thermal Camera PT Series 操作系统命令注入漏洞

FLIR Thermal Camera FC Series and FLIR Thermal Camera PT Series are a series of thermal imaging cameras from FLIR Corporation. An operating system command injection vulnerability exists in FLIR Thermal Camera FC Series and FLIR Thermal Camera PT Series version 8.0.0.64, which stems from unvalidat...

CVE-2025-47380 Untrusted Pointer Dereference in Camera

Memory corruption while preprocessing IOCTLs in sensors...

PT-2026-1529

Name of the Vulnerable Software and Affected Versions versions prior to 2025-47334 Description A memory corruption issue exists when processing shared command buffer packets between the camera userspace and kernel. This can potentially lead to system instability or compromise. The issue involves ...

CVE-2025-52516

An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, 2500. An invalid kernel address dereference in the issimian device driver leads to a denial of service...

CVE-2025-52515

An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, 2500. A race condition in the issimian device driver results in an out-of-bounds access, leading to a denial of service...

CVE-2025-52516

An issue was discovered in the Camera in Samsung Mobile Processor and Wearable Processor Exynos 1330, 1380, 1480, 2400, 1580, 2500. An invalid kernel address dereference in the issimian device driver leads to a denial of service...

CVE-2021-47729

Selea Targa IP OCR-ANPR Camera contains a stored cross-site scripting vulnerability in the 'fileslist' parameter that allows attackers to inject malicious HTML and script code. Attackers can send a POST request to /cgi-bin/getfile.php with crafted payload to execute arbitrary scripts in victim's...