Lucene search
K

225 matches found

NVD
NVD
added 2026/06/26 8:16 a.m.11 views

CVE-2026-57881

An unauthenticated stack-based buffer overflow vulnerability exists in vlsvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient length validation when processing remote login data. A remote attacker may exploit this vulnerability by sending craft...

9.8CVSS0.00376EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:16 a.m.9 views

CVE-2026-57872

An unauthenticated directory traversal vulnerability exists in getfcont.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient validation of user-supplied file path input before the requested file is accessed by the CGI component. A remote attack...

7.5CVSS0.00969EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:16 a.m.9 views

CVE-2026-57878

An unauthenticated stack-based buffer overflow vulnerability exists in thttpd in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing web request parameters in a specific request path. A remote attacker may exploit this...

9.8CVSS0.00531EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:16 a.m.10 views

CVE-2026-57875

An unauthenticated NULL pointer dereference vulnerability exists in the HTTP request parsing logic of multiple CGI components in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by improper validation of required HTTP request metadata before it is used by the...

7.5CVSS0.01266EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:16 a.m.8 views

CVE-2026-57876

An unauthenticated out-of-bounds write vulnerability exists in onvif.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing HTTP request body data. A remote attacker may exploit this vulnerability by sending a...

7.5CVSS0.00313EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:16 a.m.10 views

CVE-2026-57877

An unauthenticated format string vulnerability exists in vlsvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by improper handling of externally controlled input during log message formatting in the login processing path. A remote attacker may exploit this...

8.6CVSS0.00247EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 7:17 a.m.8 views

EUVD-2026-39636

An unauthenticated stack-based buffer overflow vulnerability exists in ssvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when parsing RTSP Digest authentication fields. A remote attacker may exploit this vulnerability by...

9.8CVSS6.3AI score0.0053EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 7:17 a.m.18 views

CVE-2026-57879

CVE-2026-57879 is an unauthenticated, stack-based buffer overflow in the ssvr component of GeoVision GV-LPC2011 and GV-LPC2211 (versions 1.12 and earlier). The issue stems from insufficient bounds checking when processing RTSP custom authentication data. An attacker could send a crafted RTSP requ...

9.8CVSS6.1AI score0.0053EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 7:17 a.m.8 views

EUVD-2026-39635

An unauthenticated stack-based buffer overflow vulnerability exists in ssvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing RTSP custom authentication data. A remote attacker may exploit this vulnerability by...

9.8CVSS6.1AI score0.0053EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 7:17 a.m.38 views

CVE-2026-57877 GV-LPC2011/LPC2211 - unauthorized format string vulnerability (vlsvr)

An unauthenticated format string vulnerability exists in vlsvr in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by improper handling of externally controlled input during log message formatting in the login processing path. A remote attacker may exploit this...

8.6CVSS0.00247EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 7:17 a.m.16 views

CVE-2026-57876

The CVE-2026-57876 entry describes an unauthenticated out-of-bounds write in GeoVision GV-LPC2011/LPC2211 devices (onvif.cgi), affected firmware versions ≤ V1.12. The issue stems from insufficient bounds checking on HTTP request body data, allowing a remote attacker to send crafted input that cau...

7.5CVSS5.8AI score0.00313EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/26 7:17 a.m.6 views

CVE-2026-57876

An unauthenticated out-of-bounds write vulnerability exists in onvif.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing HTTP request body data. A remote attacker may exploit this vulnerability by sending a...

7.5CVSS5.8AI score0.00313EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/26 7:17 a.m.8 views

EUVD-2026-39631

An unauthenticated NULL pointer dereference vulnerability exists in the HTTP request parsing logic of multiple CGI components in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by improper validation of required HTTP request metadata before it is used by the...

7.5CVSS5.9AI score0.01266EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 7:17 a.m.6 views

EUVD-2026-39630

An unauthenticated buffer overflow vulnerability exists in IEEE8021xupload.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when parsing filename values in multipart upload data. A remote attacker may exploit this...

7.5CVSS5.9AI score0.00318EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 7:17 a.m.13 views

CVE-2026-57873

GeoVision GV-LPC2011 and GV-LPC2211 (V1.12 and earlier) are affected by CVE-2026-57873 due to an unauthenticated NULL pointer dereference in the IEEE8021x_upload.cgi handler. The root cause is improper validation of multipart upload headers when processing certificate-related upload fields, which...

7.5CVSS5.8AI score0.00206EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 7:17 a.m.37 views

CVE-2026-57872 GV-LPC2011/LPC2211 - unauthorized directory traversal vulnerability (get_fcont.cgi)

An unauthenticated directory traversal vulnerability exists in getfcont.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient validation of user-supplied file path input before the requested file is accessed by the CGI component. A remote attack...

7.5CVSS0.00969EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 7:17 a.m.7 views

EUVD-2026-39628

An unauthenticated directory traversal vulnerability exists in getfcont.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient validation of user-supplied file path input before the requested file is accessed by the CGI component. A remote attack...

7.5CVSS6AI score0.00969EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 7:17 a.m.13 views

CVE-2026-57872

CVE-2026-57872 affects GeoVision GV-LPC2011 and GV-LPC2211 (V1.12 and earlier) via an unauthenticated directory traversal in get_fcont.cgi. The root cause is insufficient validation of user-supplied file paths before file access by the CGI component, enabling an attacker to read arbitrary files a...

7.5CVSS6AI score0.00969EPSS
Exploits0References1
NVD
NVD
added 2026/06/24 5:17 a.m.8 views

CVE-2026-12486

Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution. An attacker can send a network request to trigger this vulnerability. libNetSetObj.so is an internal library...

9.1CVSS0.0172EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 5:17 a.m.16 views

CVE-2026-12485

GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the network can send messages to this service and interact with i...

10CVSS0.00436EPSS
Exploits0References2
Rows per page
Query Builder