Sony Camera SNC-CX600W Cross-site scripting (CVE-2025-64730)

Cross-site scripting vulnerability exists in SNC-CX600W. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the product. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...

CVE-2025-54326

An issue was discovered in Camera in Samsung Mobile Processor Exynos 1280 and 2200. Unnecessary registration of a hardware IP address in the Camera device driver can lead to a NULL pointer dereference, resulting in a denial of service...

CVE-2025-54326

An issue was discovered in Camera in Samsung Mobile Processor Exynos 1280 and 2200. Unnecessary registration of a hardware IP address in the Camera device driver can lead to a NULL pointer dereference, resulting in a denial of service...

SAMSUNG Mobile Processor Exynos 安全漏洞

SAMSUNG Mobile Processor Exynos is a system-on-chip SoC from South Korea's Samsung SAMSUNG dedicated to smartphones and tablets. A security vulnerability exists in Samsung Mobile Processor Exynos 1280 and 2200, which originates from improper registration of the hardware IP address in the Camera...

CVE-2025-54326

An issue was discovered in Camera in Samsung Mobile Processor Exynos 1280 and 2200. Unnecessary registration of a hardware IP address in the Camera device driver can lead to a NULL pointer dereference, resulting in a denial of service...

CVE-2025-54326

CVE-2025-54326 affects Samsung Mobile Processor Exynos 1280 and 2200 Camera drivers. The root cause is the unnecessary registration of a hardware IP address in the Camera device driver, which can cause a NULL pointer dereference and result in denial of service. The publicly documented sources con...

PT-2025-48965

Name of the Vulnerable Software and Affected Versions Samsung Mobile Processor Exynos 1280 and 2200 affected versions not specified Description An issue exists in the Camera component of Samsung Mobile Processors Exynos 1280 and 2200. An unnecessary registration of a hardware IP address within th...

Everest Ransomware Claims ASUS Breach and 1TB Data Theft

Everest ransomware group claims it breached ASUS, stealing over 1TB of data including camera source code. ASUS has been given 21 hours to respond via Qtox...

PUB-A-369100626

In onCreateTasks of CameraActivity.java, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

EUVD-2020-30819

ESCAM QD-900 WIFI HD cameras contain an unauthenticated configuration disclosure vulnerability in the /web/cgi-bin/hi3510/backup.cgi endpoint. The endpoint allows remote download of a compressed configuration backup without requiring authentication or authorization. The exposed backup can include...

EUVD-2020-30821

Astak CM-818T3 2.4GHz wireless security surveillance cameras contain an unauthenticated configuration disclosure vulnerability in the /web/cgi-bin/hi3510/backup.cgi endpoint. The endpoint permits remote download of a compressed configuration backup without requiring authentication or authorizatio...

ABB Ability Camera Connect

SUMMARY ABB is aware of public reports of vulnerabilities in a 3rd party component VLC media player Version 2.2.4 which was delivered together with the installation package of Camera Connect Version 1.5.0.14 and below. An update is available that resolves a privately reported outdated 3rd party...

CVE-2020-36873 Astak CM-818T3 Unauthenticated Configuration Disclosure

Astak CM-818T3 2.4GHz wireless security surveillance cameras contain an unauthenticated configuration disclosure vulnerability in the /web/cgi-bin/hi3510/backup.cgi endpoint. The endpoint permits remote download of a compressed configuration backup without requiring authentication or authorizatio...

CVE-2020-36874

ACE SECURITY WIP-90113 HD cameras are affected by an unauthenticated configuration-disclosure vulnerability in the /web/cgi-bin/hi3510/backup.cgi endpoint. The endpoint allows remote download of a compressed configuration backup without authentication, risking exposure of administrative credentia...

CVE-2025-41017

Inadequate access control vulnerability in Davantis DDFUSION v6.177.7, which allows unauthorised actors to retrieve perspective parameters from security camera settings by accessing “/cameras//perspective”...

CVE-2025-41016

Inadequate access control vulnerability in Davantis DFUSION v6.177.7, which allows unauthorised actors to extract images and videos related to alarm events through access to “/alarms//”, where the “MEDIA” parameter can take the value of “snapshot” or “video.mp4”. These media files contain images...

CVE-2025-64770

The affected products allow unauthenticated access to Open Network Video Interface Forum ONVIF services, which may allow an attacker unauthorized access to camera configuration information...

CVE-2025-62674

The affected product allows unauthenticated access to Real Time Streaming Protocol RTSP services, which may allow an attacker unauthorized access to camera configuration information...

PT-2025-48194

Name of the Vulnerable Software and Affected Versions Astak CM-818T3 2.4GHz wireless security surveillance cameras affected versions not specified Description The cameras have an unauthenticated configuration disclosure issue in the /web/cgi-bin/hi3510/backup.cgi endpoint. This endpoint allows...

PT-2025-48192

Name of the Vulnerable Software and Affected Versions ESCAM QD-900 WIFI HD cameras affected versions not specified Description The ESCAM QD-900 WIFI HD cameras have an issue where the /web/cgi-bin/hi3510/backup.cgi endpoint allows the download of a compressed configuration backup without...