CVE-2023-53773

MiniDVBLinux 5.4 contains an unauthenticated vulnerability in the tv_action.sh script that lets remote attackers trigger the Simple VDR Protocol to generate a live TV screenshot stored at /var/www/images/tv.jpg via the /tpl/tv_action.sh endpoint without authentication. This affects the component ...

SUSE CVE-2013-3713

The image creation configuration in aaabase before 16.26.1 for openSUSE 13.1 KDE adds the root user to the "users" group when installing from a live image, which allows local users to obtain sensitive information and possibly have other unspecified impacts, as demonstrated by reading /etc/shadow...

CVE-2021-26627 EDrhyme QCP 200W Information Exposure Vulnerability

Real-time image information exposure is caused by insufficient authentication for activated RTSP port. This vulnerability could allow to remote attackers to send the RTSP requests using ffplay command and lead to leakage a live image...

EDrhyme QCP 200W 授权问题漏洞

The EDrhyme QCP 200W is a camera from the Korean company EDrhyme. The EDrhyme QCP 200W suffers from an authorization issue vulnerability that stems from insufficient authentication of the activated RTSP port. An attacker sending an RTSP request using the ffplay command could result in leaking liv...

CVE-2020-10278

The BIOS onboard MiR's Computer is not protected by password, therefore, it allows a Bad Operator to modify settings such as boot order. This can be leveraged by a Malicious operator to boot from a Live Image...

CVE-2020-10278

The BIOS onboard MiR's Computer is not protected by password, therefore, it allows a Bad Operator to modify settings such as boot order. This can be leveraged by a Malicious operator to boot from a Live Image...

Design/Logic Flaw

The BIOS onboard MiR's Computer is not protected by password, therefore, it allows a Bad Operator to modify settings such as boot order. This can be leveraged by a Malicious operator to boot from a Live Image...

CVE-2020-10277 RVD#2562: Booting from a live image leads to exfiltration of sensible information and privilege escalation

There is no mechanism in place to prevent a bad operator to boot from a live OS image, this can lead to extraction of sensible files such as the shadow file or privilege escalation by manually adding a new user with sudo privileges on the machine...

CVE-2013-3713

The image creation configuration in aaabase before 16.26.1 for openSUSE 13.1 KDE adds the root user to the "users" group when installing from a live image, which allows local users to obtain sensitive information and possibly have other unspecified impacts, as demonstrated by reading /etc/shadow...