EUVD-2025-19719

Malicious code in bioql PyPI...

VulnCheck KEV: CVE-2025-34067

An unauthenticated remote command execution vulnerability exists in the applyCT component of the Hikvision Integrated Security Management Platform due to the use of a vulnerable version of the Fastjson library. The endpoint /bic/ssoService/v1/applyCT deserializes untrusted user input, allowing an...

CVE-2025-45851

An issue in Hikvision DS-2CD1321-I V5.7.21 build 230819 allows attackers to cause a Denial of Service DoS via sending a crafted POST request to the endpoint /ISAPI/Security/challenge. The vendor has stated that upgrading to V5.7.23SP2 fixes the issue...

CVE-2025-45851

The CVE-2025-45851 entry concerns Hikvision DS-2CD1321-I devices running V5.7.21 build 230819, where a crafted POST to /ISAPI/Security/challenge can cause a Denial of Service (DoS). The issue is documented with a CVSS v3.1 base score of 7.5 (Network attack, no privileges required, high impact on ...

CVE-2025-45851

An issue in Hikvision DS-2CD1321-I V5.7.21 build 230819 allows attackers to cause a Denial of Service DoS via sending a crafted POST request to the endpoint /ISAPI/Security/challenge. The vendor has stated that upgrading to V5.7.23SP2 fixes the issue...

Command Execution Vulnerability in Hikvision Integrated Security Management Platform of Hangzhou Hikvision Digital Technology Co.

Hangzhou Hikvision Digital Technology Co., Ltd. is a technology company that focuses on technological innovation. Command execution vulnerability exists in the Hikvision Integrated Security Management Platform of Hangzhou Hikvision Digital Technology Co. Ltd, which can be exploited by an attacker...