13 matches found
CVE-2026-27470
ZoneMinder is a free, open source closed-circuit television software application. In versions 1.36.37 and below and 1.37.61 through 1.38.0, there is a second-order SQL Injection vulnerability in the web/ajax/status.php file within the getNearEvents function. Event field values specifically Name a...
EUVD-2023-29715
Malicious code in bioql PyPI...
EUVD-2024-40248
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2016-10140
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Information disclosure and authentication bypass vulnerability exists in the Apache HTTP Server configuration bundled with ZoneMinder v1.30 and v1.29, which...
CVE-2023-26037
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain an SQL Injection. The minTime and maxTime request parameters are not properly validated and could be used execute...
CVE-2023-0506
The web service of ByDemes Group Airspace CCTV Web Service in its 2.616.BY00.11 version, contains a privilege escalation vulnerability, detected in the Camera Control Panel, whose exploitation could allow a low-privileged attacker to gain administrator access...
CVE-2023-26037 ZoneMinder contains SQL Injection via report_event_audit
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain an SQL Injection. The minTime and maxTime request parameters are not properly validated and could be used execute...
CVE-2023-26034 ZoneMinder SQL Injection
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are affected by a SQL Injection vulnerability. The blind SQL Injection vulnerability is present within the...
Code Execution Vulnerability in CCTV Video PC Version
CCTV for PC is a live network TV broadcasting software. A code execution vulnerability exists in CCTV Video for PC. An attacker can exploit the vulnerability to execute arbitrary code...
Attackers Can Use Sonic and Ultrasonic Signals to Crash Hard Drives
Researchers have demonstrated how sonic and ultrasonic signals inaudible to human can be used to cause physical damage to hard drives just by playing ultrasonic sounds through a target computer's own built-in speaker or by exploiting a speaker near the targeted device. Similar research was...
IoT Botnet Uses HTTP Traffic to DDoS Targets
The IoT botnet behind some of the largest publicly recorded DDoS attacks is flooding its targets with HTTP traffic, generating more than one million requests per second in some cases, in order to bring down web applications. The attacks were recorded prior to the release of the source code fuelin...
Researchers Warn of Prison Hacks, Opening Cell Doors
Remote hackers springing inmates from their jail cells — it sounds like a plot lifted from an old episode of “24” or “Prison Break.” But authorities are concerned by new research that claims such an attack is feasible. Research presented at the Hacker Halted conference in Miami last month by John...
Researchers Warn of Prison Hacks, Opening Cell Doors
In news that seems like it could be lifted from an old 24 or Prison Break plotline, authorities are concerned by new research that claims hackers could remotely open the cell doors of federal prisons. In addition to staging a jailbreak, hackers could sabotage a prison’s intercom system and...