EUVD-2025-205423

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has found a flaw that camera's client service does not perform certificate validation. The manufacturer has released patch firmware for the flaw, please refer to the...

CVE-2025-52598 Insufficient certificate validation

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has found a flaw that camera's client service does not perform certificate validation. The manufacturer has released patch firmware for the flaw, please refer to the...

CVE-2025-52598

CVE-2025-52601 involves Hanwha Vision cameras where the Device Manager contains a hard-coded cryptographic key used for sensitive data. This design flaw enables an attacker to decrypt protected information. The Tenable/ Nessus entries summarize the issue and note that the manufacturer has release...

PT-2025-53444

Name of the Vulnerable Software and Affected Versions Nozomi Networks affected versions not specified Description The camera client service does not perform certificate validation. This could allow for potential security risks. Recommendations Apply the patch firmware released by the manufacturer...

PT-2025-53450

Name of the Vulnerable Software and Affected Versions Nozomi Networks affected versions not specified Description Inadequate validation of incoming XML format request messages can allow for cross-site scripting XSS attacks on a user's browser. The vulnerability affects Industrial Control Systems...

PT-2025-48774

ASUS warns of a critical flaw in AiCloud routers CVE-2025-593656. Attackers can remotely run OS commands no login needed. • Update firmware • Disable AiCloud/Samba/WAN access if no patch • Replace end-of-life devices • Strengthen passwords https://t.co/Dt2oT0g298...

CVE-2025-2486

The CVE-2025-2486 issue affects Ubuntu edk2 UEFI firmware packages where the UEFI Shell could be accessed with Secure Boot enabled, potentially bypassing Secure Boot constraints. Affected firmware versions are 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3, which disable the Shell; prior versions repo...

EUVD-2018-2187

Malware in sbrugna...

EUVD-2023-46592

Malicious code in bioql PyPI...

EUVD-2022-49615

Malicious code in bioql PyPI...

CVE-2024-41886

Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR. An attacker could inject malformed data into url input parameters to reboot the NVR. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for...

CVE-2023-5747

Bashis, a Security Researcher at IPVM has found a flaw that allows for a remote code execution during the installation of Wave on the camera device. The Wave server application in camera device was vulnerable to command injection allowing an attacker to run arbitrary code. HanwhaVision has releas...

CVE-2024-41884

Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR. If an attacker does not enter any value for a specific URL parameter, NULL pointer references will occur and the NVR will reboot. The manufacturer has released patch firmware for the flaw,...

CVE-2024-41887

Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR. An attacker can create an NVR log file in a directory one level higher on the system, which can be used to corrupt files in the directory. The manufacturer has released patch firmware for the...

CVE-2024-41882

Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR. An attacker can cause a stack overflow by entering large data into URL parameters, which will result in a system reboot. The manufacturer has released patch firmware for the flaw, please refer...

CVE-2024-41882 Stack based buffer overflow

Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR. An attacker can cause a stack overflow by entering large data into URL parameters, which will result in a system reboot. The manufacturer has released patch firmware for the flaw, please refer...

CVE-2024-41883 Null Pointer Dereference

Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR . An attacker enters a special value for a specific URL parameter, resulting in a NULL pointer reference and a reboot of the NVR. The manufacturer has released patch firmware for the flaw, plea...

CVE-2024-41883 Null Pointer Dereference

Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR . An attacker enters a special value for a specific URL parameter, resulting in a NULL pointer reference and a reboot of the NVR. The manufacturer has released patch firmware for the flaw, plea...

CVE-2024-41884 Null Pointer Dereference

Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR. If an attacker does not enter any value for a specific URL parameter, NULL pointer references will occur and the NVR will reboot. The manufacturer has released patch firmware for the flaw,...

CVE-2024-41884

CVE-2024-41884 corresponds to a remote code execution risk on an NVR exposed over the network. The flaw is triggered when a URL parameter is left empty, causing NULL pointer references that can lead to a reboot. The CVSS shows a Network attack vector, high privileges required, no user interaction...