Lucene search
K

235 matches found

EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42640

MERCURY MIPC252W IP camera v1.0.5 Build 230306 Rel.79931n does not implement nonce expiration in RTSP Digest authentication. An adjacent network attacker can capture a legitimate authentication exchange and replay the nonce and response values in a new connection to bypass authentication without...

6AI score0.00372EPSS
Exploits0References2
NVD
NVD
added 4 days ago8 views

CVE-2026-51597

MERCURY MIPC252W IP camera v1.0.5 Build 230306 Rel.79931n does not implement nonce expiration in RTSP Digest authentication. An adjacent network attacker can capture a legitimate authentication exchange and replay the nonce and response values in a new connection to bypass authentication without...

9.1CVSS0.00372EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-51597

MERCURY MIPC252W IP camera v1.0.5 Build 230306 Rel.79931n does not implement nonce expiration in RTSP Digest authentication. An adjacent network attacker can capture a legitimate authentication exchange and replay the nonce and response values in a new connection to bypass authentication without...

0.00372EPSS
Exploits0References1
CVE
CVE
added 4 days ago9 views

CVE-2026-51597

CVE-2026-51597 affects the Mercury MIPC252W IP camera, version 1.0.5 Build 230306 Rel.79931n. The issue is that RTSP Digest authentication does not expire nonces, enabling an adjacent network attacker to capture a legitimate authentication exchange and replay the nonce and response in a new conne...

9.1CVSS6AI score0.00372EPSS
Exploits0References1
NVD
NVD
added 2026/07/06 9:16 p.m.8 views

CVE-2026-55727

A flaw in the authentication mechanism for video stream requests in Genetec Security Center 5.14.0.0 prior to build 5.14.178.18 may allow an unauthenticated attacker to access live video streams...

7.5CVSS0.00291EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/06 8:0 p.m.34 views

CVE-2026-55727

A flaw in the authentication mechanism for video stream requests in Genetec Security Center 5.14.0.0 prior to build 5.14.178.18 may allow an unauthenticated attacker to access live video streams...

7.5CVSS0.00291EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:0 p.m.7 views

CVE-2026-55727

A flaw in the authentication mechanism for video stream requests in Genetec Security Center 5.14.0.0 prior to build 5.14.178.18 may allow an unauthenticated attacker to access live video streams...

7.5CVSS5.9AI score0.00291EPSS
Exploits0References2
CVE
CVE
added 2026/07/06 8:0 p.m.14 views

CVE-2026-55727

CVE-2026-55727 affects Genetec Security Center 5.14.0.0 (before build 5.14.178.18). A flaw in the authentication mechanism for video stream requests may allow an unauthenticated attacker to access live video streams. The CVSSv3.1 base score is 7.5 (HIGH) with network attack vector and no user int...

7.5CVSS5.9AI score0.00291EPSS
Exploits0References1
NVD
NVD
added 2026/06/18 2:17 p.m.15 views

CVE-2026-12527

A broken authorization boundary in the RTSP media delivery pipeline of Shenzhen Liandian Communication Technology LTD V380 IP Camera firmware AppFHE1V1.0.6.020230803 enables unauthenticated network actors to bypass the device’s credential-enforced live-view workflow and directly retrieve real-tim...

6CVSS0.00154EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.15 views

PT-2026-50675

Name of the Vulnerable Software and Affected Versions Shenzhen Liandian Communication Technology LTD V380 IP Camera firmware AppFHE1 V1.0.6.020230803 Description A broken authorization boundary in the RTSP Real Time Streaming Protocol, a network control protocol for delivering audio and video med...

6CVSS5.8AI score0.00154EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/15 9:30 p.m.10 views

EUVD-2026-36913

Unauthenticated PHP Object Injection in Broadcast Live Video 7.1.3 versions...

9.8CVSS5.3AI score0.00386EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 9:16 p.m.9 views

CVE-2026-27053

Unauthenticated PHP Object Injection in Broadcast Live Video 7.1.3 versions...

9.8CVSS0.00386EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/15 8:17 p.m.24 views

CVE-2026-27053 WordPress Broadcast Live Video plugin < 7.1.3 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Broadcast Live Video 7.1.3 versions...

9.8CVSS0.00386EPSS
Exploits0References1
CVE
CVE
added 2026/06/15 8:17 p.m.23 views

CVE-2026-27053

The CVE concerns WordPress plugin Broadcast Live Video (versions

9.8CVSS5.3AI score0.00386EPSS
Exploits0References1
ICS
ICS
added 2026/06/11 6:0 a.m.18 views

Brickcom Cameras

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow a remote unauthenticated attacker to gain unauthorized access to live video feeds, retrieve sensitive visual information from affected premises, and obtain administrative control of the device. 2. RECOMMENDED PRACTICES...

5.5AI score
Exploits0References13
Patchstack
Patchstack
added 2026/05/28 8:57 a.m.11 views

WordPress Broadcast Live Video plugin < 7.1.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Phat RiO in WordPress Plugin Broadcast Live Video versions 7.1.3...

9.8CVSS5.8AI score0.00386EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/05/25 11:16 p.m.17 views

CVE-2026-24937

Improper Control of Generation of Code 'Code Injection' vulnerability in VideoWhisper.Com Broadcast Live Video allows Code Injection. This issue affects Broadcast Live Video: from n/a before 7.1.3...

7.2CVSS0.00408EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/25 10:13 p.m.24 views

CVE-2026-24937 WordPress Broadcast Live Video plugin < 7.1.3 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in VideoWhisper.Com Broadcast Live Video allows Code Injection. This issue affects Broadcast Live Video: from n/a before 7.1.3...

7.2CVSS0.00408EPSS
Exploits0References1
CVE
CVE
added 2026/05/25 10:13 p.m.24 views

CVE-2026-24937

CVE-2026-24937 covers a Remote Code Execution in the VideoWhisper WordPress Broadcast Live Video plugin (versions before 7.1.3). The root cause is Improper Control of Generation of Code (Code Injection) in the Broadcast Live Video component, exposed via the plugin before version 7.1.3. Public ref...

7.2CVSS5.8AI score0.00408EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/25 10:13 p.m.9 views

CVE-2026-24937

Improper Control of Generation of Code 'Code Injection' vulnerability in VideoWhisper.Com Broadcast Live Video allows Code Injection. This issue affects Broadcast Live Video: from n/a before 7.1.3...

7.2CVSS5.8AI score0.00408EPSS
Exploits0References2
Rows per page
Query Builder