Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

ATTACKERKB
ATTACKERKBadded 2026/05/04 12:43 a.m.0 views

CVE-2026-42367

A privilege escalation vulnerability exists in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to credentials leak. An attacker can visit a webpage to trigger this vulnerability...

6.5CVSS5.8AI score0.0003EPSS
Exploits0References3Affected Software1
EUVD
EUVDadded 2026/05/04 12:42 a.m.1 views

EUVD-2026-26857

Multiple reflected cross-site scripting xss vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerabili...

7.4CVSS5.9AI score0.00047EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/05/04 12:39 a.m.4 views

CVE-2026-7161

An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...

9.3CVSS5.8AI score0.00052EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologiesadded 2026/04/26 12:0 a.m.1 views

PT-2026-35277

Name of the Vulnerable Software and Affected Versions GeoVision GV-IP Device Utility version 9.0.5 Description Insufficient encryption in the Device Authentication functionality allows for the leakage of administrator credentials. When the utility sends privileged commands to devices over UDP...

9.3CVSS5.4AI score0.00046EPSS
Exploits0References14
RedhatCVE
RedhatCVEadded 2026/01/16 11:31 p.m.4 views

CVE-2021-47795

GeoVision GeoWebServer 5.3.3 contains multiple vulnerabilities including local file inclusion, cross-site scripting, and remote code execution through improper input sanitization. Attackers can exploit the WebStrings.srf endpoint by manipulating path traversal and injection parameters to access...

8.7CVSS8.4AI score0.0004EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/01/15 11:25 p.m.1 views

CVE-2021-47795

GeoVision GeoWebServer 5.3.3 contains multiple vulnerabilities including local file inclusion, cross-site scripting, and remote code execution through improper input sanitization. Attackers can exploit the WebStrings.srf endpoint by manipulating path traversal and injection parameters to access...

8.7CVSS6.2AI score0.0004EPSS
Exploits0References3Affected Software1
VulnCheck KEV
VulnCheck KEVadded 2025/10/20 12:0 a.m.2 views

VulnCheck KEV: CVE-2018-25118

GeoVision embedded IP devices, confirmed on GV-BX1500 and GV-MFD1501, contain a remote command injection vulnerability via /PictureCatch.cgi that enables an attacker to execute arbitrary commands on the device. The vulnerable models have been declared end-of-life EOL by the vendor. VulnCheck has...

10CVSS6.2AI score0.00599EPSS
In wildExploits0References32
Tenable Nessus
Tenable Nessusadded 2025/05/13 12:0 a.m.39 views

Geo Vision EoL Devices Improper Neutralization of Special Elements used in an OS Command (CVE-2024-6047)

Certain EOL GeoVision devices fail to properly filter user input for the specific functionality. Unauthenticated remote attackers can exploit this vulnerability to inject and execute arbitrary system commands on the device. This plugin only works with Tenable.ot. Please visit...

9.8CVSS9AI score0.72966EPSS
Exploits1References4
Rows per page
Query Builder