CVE-2025-53470

Out-of-bounds Read vulnerability in Apache NimBLE HCI H4 driver. Specially crafted HCI event could lead to invalid memory read in H4 driver. This issue affects Apache NimBLE: through 1.8. This issue requires a broken or bogus Bluetooth controller and thus severity is considered low. Users are...

CVE-2019-25236

iSeeQ Hybrid DVR WH-H4 1.03R contains an unauthenticated vulnerability in the getjpeg script that allows unauthorized access to live video streams. Attackers can retrieve video snapshots from specific camera channels by sending requests to the /cgi-bin/getjpeg endpoint without authentication...

MAL-2025-10064 Malicious code in @zalastax/nolb-_h4 (npm)

The package @zalastax/nolb-h4 was found to contain malicious code...

Malicious code in @zalastax/nolb-_h4 (npm)

The package @zalastax/nolb-h4 was found to contain malicious code...

QNAP QuTS hero Multiple OS Command Injection Vulnerabilities (QSA-23-57) - Version Check

QNAP QuTS hero is prone to multiple OS command injection vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Palo Alto Networks PAN-OS Security Vulnerability

Palo Alto Networks PAN-OS is a next-generation firewall software from Palo Alto Networks, USA. A security vulnerability exists in Palo Alto Networks PAN-OS that stems from the presence of a stored cross-site scripting XSS vulnerability. Affected products and versions: Palo Alto Networks PAN-OS...

SUSE CVE-2012-5566

Multiple cross-site scripting XSS vulnerabilities in Horde Kronolith Calendar Application H4 before 3.0.17, as used in Horde Groupware Webmail Edition before 4.0.8, allow remote attackers to inject arbitrary web script or HTML via the 1 tasks view or 2 search view...

iSeeQ Hybrid DVR WH-H4 1.03R / 2.0.0.P (get_jpeg) Stream Disclosure

!/bin/bash iSeeQ Hybrid DVR WH-H4 1.03R / 2.0.0.P getjpeg Stream Disclosure Vendor: iSeeQ Product web page: http://www.iseeq.co.kr Affected version: WH-H4 1.03R / 2.0.0.P Summary: The 4/8/16 channel hybrid standalone DVR delivers high quality pictures which adopts high performance video processin...

iSeeQ Hybrid DVR WH-H4 2.0.0.P - (get_jpeg) Stream Disclosure

iSeeQ Hybrid DVR WH-H4 2.0.0.P - getjpeg Stream Disclosure Title: iSeeQ Hybrid DVR WH-H4 2.0.0.P - getjpeg Stream Disclosure Date: 2019-10-29 Author: LiquidWorm Vendor:iSeeQ Link: http://www.iseeq.co.kr CVE: N/A !/bin/bash iSeeQ Hybrid DVR WH-H4 1.03R / 2.0.0.P getjpeg Stream Disclosure Vendor:...

iSeeQ Hybrid DVR WH-H4 2.0.0.P - (get_jpeg) Stream Disclosure

Title: iSeeQ Hybrid DVR WH-H4 2.0.0.P - getjpeg Stream Disclosure Date: 2019-10-29 Author: LiquidWorm Vendor:iSeeQ Link: http://www.iseeq.co.kr CVE: N/A !/bin/bash iSeeQ Hybrid DVR WH-H4 1.03R / 2.0.0.P getjpeg Stream Disclosure Vendor: iSeeQ Product web page: http://www.iseeq.co.kr Affected...

iSeeQ Hybrid DVR WH-H4 1.03R / 2.0.0.P (get_jpeg) Stream Disclosure

Summary The 4/8/16 channel hybrid standalone DVR delivers high quality pictures which adopts high performance video processing chips and embedded Linux system. This advanced video digital platform is very useful to identify an object from a long distance. Description The DVR suffers from an...

Confixx Pro <= 3.3.1 - (saveserver.php) Remote File Inclusion Vulnerability

No description provided by source. Confixx = PRO 3.3.1 Remote File Inclusion Vulnerability ! Application homepage : http://www.swsoft.com/de/products/confixx/ ! Author : H4 / XPK ! Contact : http://xpkzxc.com/ ! Bug discovered : 2007-07-21 ! Bug published : 2007-07-24 ! Risk : Moderate Do not...

CVE-2012-5566

Multiple cross-site scripting XSS vulnerabilities in Horde Kronolith Calendar Application H4 before 3.0.17, as used in Horde Groupware Webmail Edition before 4.0.8, allow remote attackers to inject arbitrary web script or HTML via the 1 tasks view or 2 search view...

CVE-2012-6620

Multiple cross-site scripting XSS vulnerabilities in the 1 tasks and 2 search views in Horde Kronolith H4 before 3.0.17 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-6620

Multiple cross-site scripting XSS vulnerabilities in the 1 tasks and 2 search views in Horde Kronolith H4 before 3.0.17 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the 1 tasks and 2 search views in Horde Kronolith H4 before 3.0.17 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-6620

Multiple cross-site scripting XSS vulnerabilities in the 1 tasks and 2 search views in Horde Kronolith H4 before 3.0.17 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-6620

CVE-2012-6620 describes multiple XSS vulnerabilities in Horde Kronolith H4’s web views (tasks and search). The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in Kronolith before version 3.0.17. root cause is improper sanitization of user input in the ...

CVE-2012-6620

Multiple cross-site scripting XSS vulnerabilities in the 1 tasks and 2 search views in Horde Kronolith H4 before 3.0.17 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-1808

The web server in the ECOM Ethernet module in Koyo H0-ECOM, H0-ECOM100, H2-ECOM, H2-ECOM-F, H2-ECOM100, H4-ECOM, H4-ECOM-F, and H4-ECOM100 does not require authentication, which allows remote attackers to perform unspecified functions via unknown vectors...