CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-4978

Malware in sbrugna...

5.3CVSS5.6AI score0.0021EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-22820

Malware in sbrugna...

5.3CVSS5.6AI score0.00219EPSS

Exploits0References3

Positive Technologies•added 2025/07/01 12:0 a.m.•0 views

PT-2025-27536 · Avtech · Avtech Ip Cameras +2

Name of the Vulnerable Software and Affected Versions: AVTECH IP cameras, DVRs, and NVRs affected versions not specified Description: An unauthenticated information disclosure issue exists, allowing access to sensitive internal device information such as firmware version, MAC address, and codec...

6.9CVSS6.2AI score

Exploits0References7

RedhatCVE•added 2025/05/23 3:20 a.m.•2 views

CVE-2023-28811

There is a buffer overflow in the password recovery feature of Hikvision NVR/DVR models. If exploited, an attacker on the same local area network LAN could cause the device to malfunction by sending specially crafted packets to an unpatched device...

7.4CVSS7.2AI score0.00041EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:6 a.m.•5 views

CVE-2019-13523

In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the affected devices could allow remote attackers to obtain web configuration data in JSON format for IP cameras and NVRs Network Video Recorders, which can be accessed without authentication over the network...

5.3CVSS7.3AI score0.0021EPSS

Exploits0References1

Tenable Nessus•added 2024/07/22 12:0 a.m.•17 views

Hikvision NVRs Devices HTTP Buffer Overflow (CVE-2015-4409)

Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service service interruption via a crafted HTTP request, aka the SDK issue. This plugin only works with Tenable.ot. Please visit...

6.8CVSS6.6AI score0.00718EPSS

Exploits0References3

Tenable Nessus•added 2024/07/22 12:0 a.m.•10 views

Hikvision NVRs Devices HTTP Buffer Overflow (CVE-2015-4407)

Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service service interruption via a crafted HTTP request, aka the PSIA issue. This plugin only works with Tenable.ot. Please visit...

6.8CVSS6.6AI score0.00568EPSS

Exploits0References3

Tenable Nessus•added 2024/07/22 12:0 a.m.•6 views

Hikvision NVRs Devices HTTP Buffer Overflow (CVE-2015-4408)

Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service service interruption via a crafted HTTP request, aka the ISAPI issue. This plugin only works with Tenable.ot. Please visit...

6.8CVSS6.6AI score0.00568EPSS

Exploits0References3

NVD•added 2024/04/02 11:15 a.m.•8 views

CVE-2024-29948

There is an out-of-bounds read vulnerability in some Hikvision NVRs. An authenticated attacker could exploit this vulnerability by sending specially crafted messages to a vulnerable device, causing a service abnormality...

3.8CVSS4AI score0.00053EPSS

Exploits0References1

NVD•added 2024/04/02 11:15 a.m.•5 views

CVE-2024-29949

There is a command injection vulnerability in some Hikvision NVRs. This could allow an authenticated user with administrative rights to execute arbitrary commands...

7.2CVSS7.2AI score0.00152EPSS

Exploits0References1

Vulnrichment•added 2024/04/02 11:7 a.m.•29 views

CVE-2024-29949

There is a command injection vulnerability in some Hikvision NVRs. This could allow an authenticated user with administrative rights to execute arbitrary commands...

7.2CVSS7.8AI score0.00152EPSS

Exploits0References1

CVE•added 2024/04/02 11:7 a.m.•80 views

CVE-2024-29949

CVE-2024-29949 concerns Hikvision NVRs with a command injection vulnerability. The available documents consistently state that an authenticated user with administrative rights can execute arbitrary commands on affected devices. The vulnerability is tied to Hikvision’s advisories for NVR devices, ...

7.2CVSS7.7AI score0.00152EPSS

Exploits0References1

Cvelist•added 2024/04/02 11:7 a.m.•24 views

CVE-2024-29949

There is a command injection vulnerability in some Hikvision NVRs. This could allow an authenticated user with administrative rights to execute arbitrary commands...

7.2CVSS7.5AI score0.00152EPSS

Exploits0References1

Cvelist•added 2024/04/02 11:7 a.m.•13 views

CVE-2024-29948

3.8CVSS4.4AI score0.00053EPSS

Exploits0References1

Vulnrichment•added 2024/04/02 11:7 a.m.•6 views

CVE-2024-29948

3.8CVSS6.5AI score0.00053EPSS

Exploits0References1

Cvelist•added 2024/04/02 11:6 a.m.•23 views

CVE-2024-29947

There is a NULL dereference pointer vulnerability in some Hikvision NVRs. Due to an insufficient validation of a parameter in a message, an attacker may send specially crafted messages to an affected product, causing a process abnormality...

2.7CVSS4.1AI score0.00028EPSS

Exploits0References1

CVE•added 2024/04/02 11:6 a.m.•60 views

CVE-2024-29947

CVE-2024-29947 is a NULL pointer dereference vulnerability in some Hikvision NVRs caused by insufficient validation of a parameter in a message, leading to a process abnormality and potential denial of service. Affected products explicitly include Hikvision NVRs such as the DS-7604NI-K1 family (a...

2.7CVSS6.7AI score0.00028EPSS

Exploits0References1

The Hacker News•added 2023/11/23 10:47 a.m.•82 views

Mirai-based Botnet Exploiting Zero-Day Bugs in Routers and NVRs for Massive DDoS Attacks

An active malware campaign is leveraging two zero-day vulnerabilities with remote code execution RCE functionality to rope routers and video recorders into a Mirai-based distributed denial-of-service DDoS botnet. "The payload targets routers and network video recorder NVR devices with default adm...

8.8CVSS8AI score0.86746EPSS

Exploits1