4 matches found
Axis Communications AXIS OS Improper Validation of Syntactic Correctness of Input (CVE-2024-8772)
A researcher in the AXIS OS Bug Bounty Program has found that the VAPIX API managedoverlayimages.cgi was vulnerable to a race condition attack enabling an attacker to block access to the overlay configuration page in the web interface of the Axis device. Exploitation requires prior authentication...
CVE-2026-8879
Version 3.0.7 of the Securly Chrome Extension dynamically registers content13.min.js as a content script via chrome.scripting.registerContentScripts at runtime. This script is NOT declared in manifest.json and bypasses Chrome Web Store static security review. It runs on all URLs and immediately...
CVE-2026-8879
Version 3.0.7 of the Securly Chrome Extension dynamically registers content13.min.js as a content script via chrome.scripting.registerContentScripts at runtime. This script is NOT declared in manifest.json and bypasses Chrome Web Store static security review. It runs on all URLs and immediately...
AXIS OS Security Vulnerability
AXIS Os is an edge device operating system from the Swedish company Axis. AXIS OS suffers from a security vulnerability that stems from the VAPIX API dynamicoverlay.cgi being susceptible to a denial of service attack, which could allow an attacker to block access to the overlay configuration page...