24 matches found
CISA Flags Actively Exploited Digiever NVR Vulnerability Allowing Remote Code Execution
The U.S. Cybersecurity and Infrastructure Security Agency CISA added a security flaw impacting Digiever DS-2105 Pro network video recorders NVRs to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2023-52163 CVSS score: 8.8...
EUVD-2020-26895
Malware in sbrugna...
EUVD-2024-38911
Malicious code in bioql PyPI...
EUVD-2024-26922
Malicious code in bioql PyPI...
EUVD-2024-26923
Malicious code in bioql PyPI...
EUVD-2024-38909
Malicious code in bioql PyPI...
EUVD-2024-26921
Malicious code in bioql PyPI...
EUVD-2024-38910
Malicious code in bioql PyPI...
EUVD-2023-44340
Malicious code in bioql PyPI...
EUVD-2024-38908
Malicious code in bioql PyPI...
CVE-2025-34052
An unauthenticated information disclosure vulnerability exists in AVTECH IP cameras, DVRs, and NVRs via Machine.cgi?action=getcapability. Sensitive internal device information such as firmware version, MAC address, and codec support can be accessed without authentication...
CVE-2025-34065
An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd web server. The strstr function allows unauthenticated access to any request containing "/nobody" in the URL, bypassing login controls...
CVE-2024-29947
There is a NULL dereference pointer vulnerability in some Hikvision NVRs. Due to an insufficient validation of a parameter in a message, an attacker may send specially crafted messages to an affected product, causing a process abnormality...
CVE-2024-29948
There is an out-of-bounds read vulnerability in some Hikvision NVRs. An authenticated attacker could exploit this vulnerability by sending specially crafted messages to a vulnerable device, causing a service abnormality...
CVE-2024-32874
Frigate is a network video recorder NVR with realtime local object detection for IP cameras. Below 0.13.2 Release, when uploading a file or retrieving the filename, a user may intentionally use a large Unicode filename which would lead to a application-level denial of service. This is due to no...
CVE-2020-5736
Amcrest cameras and NVR are vulnerable to a null pointer dereference over port 37777. An authenticated remote attacker can abuse this issue to crash the device...
CVE-2025-3403
A vulnerability was found in Vivotek NVR ND8422P, NVR ND9525P and NVR ND9541P 2.4.0.204/3.3.0.104/4.2.0.101. It has been classified as problematic. Affected is an unknown function of the component HTML Form Handler. The manipulation leads to inclusion of sensitive information in source code. It i...
CVE-2025-3403 Vivotek NVR ND8422P/NVR ND9525P/NVR ND9541P HTML Form sensitive information in source
A vulnerability was found in Vivotek NVR ND8422P, NVR ND9525P and NVR ND9541P 2.4.0.204/3.3.0.104/4.2.0.101. It has been classified as problematic. Affected is an unknown function of the component HTML Form Handler. The manipulation leads to inclusion of sensitive information in source code. It i...
PT-2025-15329 · Vivotek · Vivotek Nvr Nd8422P +2
Name of the Vulnerable Software and Affected Versions: Vivotek NVR ND8422P, NVR ND9525P and NVR ND9541P versions 2.4.0.204/3.3.0.104/4.2.0.101 Description: A vulnerability was found in the HTML Form Handler component of Vivotek NVR devices. The manipulation leads to the inclusion of sensitive...
CVE-2024-41884 Null Pointer Dereference
Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR. If an attacker does not enter any value for a specific URL parameter, NULL pointer references will occur and the NVR will reboot. The manufacturer has released patch firmware for the flaw,...