12 matches found
QVIS NVR/DVR - Remote Code Execution
QVIS NVR DVR before 2021-12-13 is vulnerable to Remote Code Execution via Java deserialization. id: CVE-2021-41419 info: name: QVIS NVR/DVR - Remote Code Execution author: me9187 severity: critical description: | QVIS NVR DVR before 2021-12-13 is vulnerable to Remote Code Execution via Java...
EUVD-2021-28446
Malicious code in bioql PyPI...
EUVD-2021-31752
Malicious code in bioql PyPI...
CVE-2021-41419
QVIS NVR DVR before 2021-12-13 is vulnerable to Remote Code Execution via Java deserialization...
CVE-2021-44954
In QVIS NVR DVR before 2021-12-13, an attacker can escalate privileges from a qvisdvr user to the root user by abusing a Sudo misconfiguration...
CVE-2021-41419
QVIS NVR DVR before 2021-12-13 is vulnerable to Remote Code Execution via Java deserialization...
Design/Logic Flaw
In QVIS NVR DVR before 2021-12-13, an attacker can escalate privileges from a qvisdvr user to the root user by abusing a Sudo misconfiguration...
Deserialization of untrusted data
QVIS NVR DVR before 2021-12-13 is vulnerable to Remote Code Execution via Java deserialization...
CVE-2021-44954
CVE-2021-44954 affects QVIS NVR DVR prior to 2021-12-13. A sudo misconfiguration allows local privilege escalation from the qvisdvr user to root. The base score is 7.8 (HIGH) with LOCAL attack vector and no user interaction required. The provided documents do not specify a patch/version for remed...
CVE-2021-44954
In QVIS NVR DVR before 2021-12-13, an attacker can escalate privileges from a qvisdvr user to the root user by abusing a Sudo misconfiguration...
CVE-2021-41419
CVE-2021-41419 affects QVIS NVR/DVR firmware prior to 2021-12-13. The vulnerability stems from Java deserialization and permits remote code execution, enabling an attacker to execute arbitrary code with the device’s privileges, potentially leading to full system compromise. The CVSS v3.1 score is...
CVE-2021-41419
QVIS NVR DVR before 2021-12-13 is vulnerable to Remote Code Execution via Java deserialization...