Lucene search
K

35 matches found

CVE
CVE
added 7 hours ago9 views

CVE-2026-57278

GeoWebPlayer (Web Plugin/WS Player) vulnerable to a stack-based buffer overflow in the connectInfo handler, specifically in the ip field (conn_info.ip_or_host) with unbounded JSON input. TALOS confirms multiple CVEs in the same connectInfo codepath, including potential arbitrary code execution in...

8.3CVSS5.9AI score
Exploits0References2
EUVD
EUVD
added 7 hours ago5 views

EUVD-2026-41240

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.9AI score
Exploits0References2
CVE
CVE
added 7 hours ago6 views

CVE-2026-57277

CVE-2026-57277 affects GeoWebPlayer (Web Plugin/WS Player) GeoVision GeoWebPlayer Websocket Server connectInfo handler. The vulnerability is a stack-based buffer overflow in the key field (buffer key_blob[17]), caused by copying attacker-controlled JSON fields into fixed-size buffers without prop...

8.3CVSS5.9AI score
Exploits0References2
EUVD
EUVD
added 7 hours ago5 views

EUVD-2026-41239

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.9AI score
Exploits0References2
CVE
CVE
added 7 hours ago7 views

CVE-2026-57276

GeoWebPlayer’s Websocket Server connectInfo handler contains stack-based buffer overflow vulnerabilities in several fields (e.g., username/password/password_enc with key present; ip, key_blob) leading to potential arbitrary code execution. Affected product: GeoWebPlayer (GeoVision GV-VMS/GV-Cloud...

8.3CVSS5.9AI score
Exploits0References2
EUVD
EUVD
added 7 hours ago6 views

EUVD-2026-41238

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.9AI score
Exploits0References2
CVE
CVE
added 7 hours ago6 views

CVE-2026-57274

GeoWebPlayer’s CVE-2026-57274 is a buffer overflow in the connectInfo password handling of the Websocket Server (no key present) affecting GeoWebPlayer 1.1.1.0. A crafted websocket message can overflow the 64-byte password buffer, potentially enabling arbitrary code execution. Vendor patch releas...

8.3CVSS5.9AI score
Exploits0References2
CVE
CVE
added 7 hours ago6 views

CVE-2026-57273

GeoWebPlayer Websocket Server connectInfo handler in GeoVision software contains multiple stack-based buffer overflows in user-supplied JSON fields. Specifically, overflows occur in: username and password when key is absent (64-byte buffers), and username_enc, password_enc, key_blob, ip fields wh...

8.3CVSS5.9AI score
Exploits0References2
EUVD
EUVD
added 7 hours ago4 views

EUVD-2026-41235

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.9AI score
Exploits0References2
CVE
CVE
added 7 hours ago5 views

CVE-2026-57272

GeoWebPlayer/Websocket Server in GeoVision software (GV-VMS, GV-Cloud, etc.) uses an index parameter that is not validated, allowing out-of-bounds reads when handling localhost commands. This is the stated root cause and leads to the reported vulnerability (CVE-2026-57272). Impact is noted as hig...

8.3CVSS5.8AI score
Exploits0References2
EUVD
EUVD
added 7 hours ago6 views

EUVD-2026-41234

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.8AI score
Exploits0References2
CVE
CVE
added 7 hours ago8 views

CVE-2026-57271

GeoWebPlayer (GeoVision GeoWebPlayer/Web Plugin/WS Player) contains a WebSocket server component, and a discovered out-of-bounds read vulnerability affecting the pause command index, as reported in CVE-2026-57271. Connected records identify this as a WebSocket server issue within GeoVision softwa...

8.3CVSS5.7AI score
Exploits0References2
EUVD
EUVD
added 7 hours ago5 views

EUVD-2026-41233

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.7AI score
Exploits0References2
CVE
CVE
added 7 hours ago6 views

CVE-2026-57270

GeoWebPlayer (also called Web Plugin in GV-VMS and WS Player in VMS-Cloud) furnishes a websocket server that extends the Web interfaces of GeoVision software. The server processes commands from localhost, many of which use an index to access arrays and perform actions. The index value is not cons...

8.3CVSS5.8AI score
Exploits0References2
EUVD
EUVD
added 7 hours ago4 views

EUVD-2026-41232

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.8AI score
Exploits0References2
CVE
CVE
added 7 hours ago6 views

CVE-2026-57269

GeoWebPlayer (Web Plugin/WS Player) in GeoVision software exposes a websocket server where an unvalidated index can access multiple arrays out-of-bounds, leading to an out-of-bounds read. This affects the Websocket interface used by GV-VMS and GV-Cloud; CVSS 3.1 base score 8.3 (HIGH) with potenti...

8.3CVSS5.8AI score
Exploits0References2
EUVD
EUVD
added 7 hours ago5 views

EUVD-2026-41231

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.8AI score
Exploits0References2
CVE
CVE
added 7 hours ago4 views

CVE-2026-57268

GeoWebPlayer’s Websocket server exposes a saveVideo command where the provided index is not validated before it's used to access internal arrays and call a function pointer in CCriticalSection. This out-of-bounds access can reach the critical section and release path, potentially enabling code ex...

8.3CVSS5.8AI score
Exploits0References2
EUVD
EUVD
added 7 hours ago4 views

EUVD-2026-41230

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.8AI score
Exploits0References2
CVE
CVE
added 7 hours ago6 views

CVE-2026-57267

GeoWebPlayer (aka Web Plugin / WS Player) ships a websocket server that handles localhost commands. The index parameter used to access internal arrays is not consistently validated, enabling index-out-of-bounds reads in multiple arrays. This is documented as a GeoVision vulnerability (CVE-2026-57...

8.3CVSS5.8AI score
Exploits0References2
Rows per page
Query Builder