CVE-2024-54012 Command Injection

Penetration Testing engineers at Amazon discovered a vulnerability where the camera system failed to properly validate input, allowing specially crafted requests containing malicious commands to be executed on the device. The manufacturer has released patch firmware for the flaw; please refer to...

EUVD-2024-55559

Penetration Testing engineers at Amazon discovered a vulnerability where the camera system failed to properly validate input, allowing specially crafted requests containing malicious commands to be executed on the device. The manufacturer has released patch firmware for the flaw; please refer to...

CVE-2024-54012 Command Injection

Penetration Testing engineers at Amazon discovered a vulnerability where the camera system failed to properly validate input, allowing specially crafted requests containing malicious commands to be executed on the device. The manufacturer has released patch firmware for the flaw; please refer to...

CVE-2024-54012

Penetration Testing engineers at Amazon discovered a vulnerability where the camera system failed to properly validate input, allowing specially crafted requests containing malicious commands to be executed on the device. The manufacturer has released patch firmware for the flaw; please refer to...

CVE-2024-54012

CVE-2024-54012 affects Hanwha Vision camera systems. The vulnerability stems from improper input validation, allowing specially crafted requests to execute commands on the device. Underlying impact is high across confidentiality, integrity, and availability, with an 8.5 CVSS v4.0 base score (AV: ...

Apache Thrift 输入验证错误漏洞

Apache Thrift is a framework for cross-platform development developed by the Apache Foundation in the United States. Prior to Apache Thrift 0.23.0, there was a vulnerability related to input validation errors. This vulnerability stemmed from integer overflows or circularity issues in the...

Hanwha Vision QND-8080R 输入验证错误漏洞

Hanwha Vision QND-8080R is a network infrared surveillance camera device produced by Hanwha Vision in South Korea. The Hanwha Vision QND-8080R has a vulnerability related to input validation errors. This vulnerability arises from improper handling of data in specific requests, which may lead to...

NVIDIA FLARE SDK 输入验证错误漏洞

NVIDIA FLARE SDK is a federal learning application development toolkit provided by NVIDIA Corporation in the United States. The NVIDIA Flare SDK has a vulnerability related to input validation errors. This vulnerability stems from path traversal, which leads to improper input validation,...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.138 contained a vulnerability related to input validation. This vulnerability stemmed from insufficient input validation by the compositing component, which could allow a remote attacker with...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.8 contained security vulnerabilities. These vulnerabilities stemmed from improper input validation in the base64 decoding process. By allocating memory before enforcing a size...

PT-2026-35674

Penetration Testing engineers at Amazon discovered a vulnerability where the camera system failed to properly validate input, allowing specially crafted requests containing malicious commands to be executed on the device. The manufacturer has released patch firmware for the flaw; please refer to...

Hanwha Vision QND-8080R 操作系统命令注入漏洞

Hanwha Vision QND-8080R is a network infrared surveillance camera device produced by Hanwha Vision in South Korea. The Hanwha Vision QND-8080R has a vulnerability related to operating system command injection. This vulnerability arises from insufficient input validation, which may allow specially...

Grav CMS 输入验证错误漏洞

Grav CMS is a file-based content management system developed under the open-source Grave project. Versions of Grav CMS prior to 1.7.49.5 and 2.0.0-beta.1 contain a vulnerability related to input validation errors. This vulnerability stems from a function in the component Cache Value Handler,...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.138 contained a vulnerability related to input validation. This vulnerability stemmed from insufficient input validation in the Feedback component, which could allow a remote attacker with access...

PT-2026-35755

NVIDIA Flare SDK contains a vulnerability where an Attacker may cause an Improper Input Validation by path traversing. A successful exploit of this vulnerability may lead to information disclosure...

Apache Thrift 输入验证错误漏洞

Apache Thrift is a framework for cross-platform development developed by the Apache Foundation in the United States. Versions of Apache Thrift prior to 0.23.0 contained a vulnerability related to input validation errors, which were caused by integer overflows or circular errors...

Exploit for Improper Input Validation in Microsoft

No d...

webkitgtk: Processing maliciously crafted web content may bypass Same Origin Policy

A flaw was found in WebKitGTK. Processing malicious web content can cause a cross-origin issue in the Navigation API due to improper input validation and result in a bypass of the same origin policy...

/dev/push 输入验证错误漏洞

/dev/push is an open-source application hosting platform developed by Ronan Berder, designed for zero-downtime deployment and real-time monitoring. Version 0.3.2 of /dev/push contains a vulnerability related to input validation. This vulnerability stems from an open redirection in...

Foxit PDF Reader和Foxit PDF Editor 输入验证错误漏洞

Foxit PDF Reader and Foxit PDF Editor are products of Foxit Corporation, a Chinese company. Foxit PDF Reader is a PDF reader. Foxit PDF Editor is a PDF editor. There is a vulnerability in input validation between Foxit PDF Editor and Foxit PDF Reader. This vulnerability stems from parsing logic...