2459829 matches found
CVE-2026-57879 GV-LPC2011/LPC2211 - unauthorized buffer overflow via AuthMode/AuthValue path (ssvr)
An unauthenticated stack-based buffer overflow vulnerability exists in ssvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing RTSP custom authentication data. A remote attacker may exploit this vulnerability by...
EUVD-2026-39635
An unauthenticated stack-based buffer overflow vulnerability exists in ssvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing RTSP custom authentication data. A remote attacker may exploit this vulnerability by...
CVE-2026-57879 GV-LPC2011/LPC2211 - unauthorized buffer overflow via AuthMode/AuthValue path (ssvr)
An unauthenticated stack-based buffer overflow vulnerability exists in ssvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing RTSP custom authentication data. A remote attacker may exploit this vulnerability by...
CVE-2026-57879
An unauthenticated stack-based buffer overflow vulnerability exists in ssvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing RTSP custom authentication data. A remote attacker may exploit this vulnerability by...
CVE-2026-57878 GV-LPC2011/LPC2211 - unauthorized buffer overflow vulnerability (thttpd)
An unauthenticated stack-based buffer overflow vulnerability exists in thttpd in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing web request parameters in a specific request path. A remote attacker may exploit this...
CVE-2026-57878 GV-LPC2011/LPC2211 - unauthorized buffer overflow vulnerability (thttpd)
An unauthenticated stack-based buffer overflow vulnerability exists in thttpd in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing web request parameters in a specific request path. A remote attacker may exploit this...
CVE-2026-57878
CVE-2026-57878 affects GeoVision thttpd on GV-LPC2011/LPC2211 (V1.12 and earlier). Root cause: insufficient bounds checking when processing web request parameters in a specific path. Impact: unauthenticated remote attack leading to memory corruption, denial of service, or potentially arbitrary co...
EUVD-2026-39634
An unauthenticated stack-based buffer overflow vulnerability exists in thttpd in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing web request parameters in a specific request path. A remote attacker may exploit this...
CVE-2026-57878
An unauthenticated stack-based buffer overflow vulnerability exists in thttpd in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing web request parameters in a specific request path. A remote attacker may exploit this...
CVE-2026-57872 GV-LPC2011/LPC2211 - unauthorized directory traversal vulnerability (get_fcont.cgi)
An unauthenticated directory traversal vulnerability exists in getfcont.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient validation of user-supplied file path input before the requested file is accessed by the CGI component. A remote attack...
CVE-2026-57872
CVE-2026-57872 affects GeoVision GV-LPC2011 and GV-LPC2211 (V1.12 and earlier) via an unauthenticated directory traversal in get_fcont.cgi. The root cause is insufficient validation of user-supplied file paths before file access by the CGI component, enabling an attacker to read arbitrary files a...
EUVD-2026-39628
An unauthenticated directory traversal vulnerability exists in getfcont.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient validation of user-supplied file path input before the requested file is accessed by the CGI component. A remote attack...
CVE-2026-57872 GV-LPC2011/LPC2211 - unauthorized directory traversal vulnerability (get_fcont.cgi)
An unauthenticated directory traversal vulnerability exists in getfcont.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient validation of user-supplied file path input before the requested file is accessed by the CGI component. A remote attack...
CVE-2026-57872
An unauthenticated directory traversal vulnerability exists in getfcont.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient validation of user-supplied file path input before the requested file is accessed by the CGI component. A remote attack...
CVE-2026-8380
The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly verify ownership of every targeted post before permanent deletion, allowing authenticated users with author-level access and above to permanently delete arbitrary posts and pages. When the Frontend File Manager Plugi...
CVE-2025-10268
The Printcart Web to Print Product Designer for WooCommerce WordPress plugin through 2.4.8 is vulnerable to path traversal which makes it possible for the attacker to retrieve the directory listing for arbitrary directories on the server...
Google Details Turla's New STOCKSTAY Backdoor Used in Ukraine Espionage Attacks
The Russian state-sponsored threat actor known as Turla has been attributed to a previously undocumented .NET backdoor called STOCKSTAY that has been deployed against government and military organizations in Ukraine, and entities that have an interest in Italian foreign policy. Describing the...
CVE-2026-54232
A flaw was found in vLLM, an inference and serving engine for large language models LLMs. This vulnerability, a dependency confusion attack, allows a remote attacker to execute arbitrary code with root privileges during the Docker build process. By exploiting this, an attacker can compromise the...
CVE-2026-40083
A flaw was found in Cacti. This vulnerability, a SQL Injection, allows a remote attacker with SNMP Simple Network Management Protocol agent management permissions to execute arbitrary SQL commands. The flaw occurs due to unsanitized deserialization of user-controlled input in the managers.php fil...
Open Redirect
Nuxt is vulnerable to Open Redirect. The vulnerability is due to improper validation of protocol-relative URLs in the reloadNuxtApp function, where paths such as //evil.com bypass URL validation and resolve to attacker-controlled domains, allowing attackers to redirect users to malicious websites...