CVE-2026-5909

Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. Chromium security severity: Low...

EUVD-2024-55372

Akuvox Smart Intercom S539 contains an unauthenticated vulnerability that allows remote attackers to access live video streams by requesting the video.cgi endpoint on port 8080. Attackers can retrieve video stream data without authentication by directly accessing the specified endpoint on affecte...

CVE-2024-58336

Akuvox Smart Intercom S539 contains an unauthenticated vulnerability that allows remote attackers to access live video streams by requesting the video.cgi endpoint on port 8080. Attackers can retrieve video stream data without authentication by directly accessing the specified endpoint on affecte...

CVE-2025-62613

VDO.Ninja is a tool that brings remote video feeds into OBS or other studio software via WebRTC. From versions 28.0 to before 28.4, a reflected Cross-Site Scripting XSS vulnerability exists on examples/control.html through the room parameter, which is improperly sanitized before being rendered in...

EUVD-2018-15711

Malware in sbrugna...

EUVD-2025-7896

Malicious code in bioql PyPI...

CVE-2025-30116

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Remotely Dumping of Video Footage and the Live Video Stream can occur. It allows remote attackers to access and download recorded video footage from the SD card via port 9091. Additionally, attackers can connect to port 90...

CVE-2025-30141

An issue was discovered on G-Net Dashcam BB GONX devices. One can Remotely Dump Video Footage and the Live Video Stream. It exposes API endpoints on ports 9091 and 9092 that allow remote access to recorded and live video feeds. An attacker who connects to the dashcam's network can retrieve all...

CVE-2025-30116

An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Remotely Dumping of Video Footage and the Live Video Stream can occur. It allows remote attackers to access and download recorded video footage from the SD card via port 9091. Additionally, attackers can connect to port 90...

CVE-2025-30111

On IROAD v9 devices, one can Remotely Dump Video Footage and the Live Video Stream. The dashcam exposes endpoints that allow unauthorized users, who gained access through other means, to list and download recorded videos, as well as access live video streams without proper authentication...

CVE-2025-30111

On IROAD v9 devices, one can Remotely Dump Video Footage and the Live Video Stream. The dashcam exposes endpoints that allow unauthorized users, who gained access through other means, to list and download recorded videos, as well as access live video streams without proper authentication...

CVE-2021-28192

The specific function in ASUS BMC’s firmware Web management page Remote video storage function does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web...

CVE-2021-28192 ASUS BMC's firmware: buffer overflow - Remote video storage function

The specific function in ASUS BMC’s firmware Web management page Remote video storage function does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web...

CVE-2021-28192

The CVE-2021-28192 entry describes a buffer overflow in ASUS BMC firmware's Web management page, specifically in the Remote video storage function, caused by insufficient validation of user-entered string lengths. This allows a remote attacker with privileged access to overflow a buffer and cause...

Daycare Webcam Service Exposes 12,000 User Accounts

NurseryCam, a webcam service used across 40 daycare centers in the U.K. by parents who want to keep a watchful eye on their babies, has shut down following a data breach. The breach exposed the personal data of about 12,000 users to an attacker who said he or she was trying to improve the service...

Basetech Ge-131 Bt-1837836 授权问题漏洞

The BASETech GE-131 BT-1837836 is a Wi-Fi IP CCTV camera. An information disclosure vulnerability exists in the BASETech GE-131 BT-1837836. An attacker can exploit the vulnerability to remotely access the video stream via an unrecorded user...

WordPress Colorbox Lightbox 1.1.2 Cross Site Scripting

Exploit Title: WordPress Colorbox Lightbox Plugin v1.1.2 - Persistent Cross-Site Scripting Date: 2020-08-14 Vendor Homepage: https://noorsplugin.com/ Vendor Changelog:https://wordpress.org/plugins/wp-colorbox/ /developers Exploit Author: Melbin K Mathew @melbinkm Author Advisory:...

CVE-2018-3925

An exploitable buffer overflow vulnerability exists in the remote video-host communication of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process insecurely parses the AWSELB cookie while communicating with remote video-hos...

CVE-2018-3925

An exploitable buffer overflow vulnerability exists in the remote video-host communication of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process insecurely parses the AWSELB cookie while communicating with remote video-hos...

CVE-2015-8287

CVE-2015-8287 affects Swann SRNVW-470LCD (firmware up to 0114) and SWNVW-470CAM (firmware up to 1022). Description: remote attackers can view live video by visiting an unspecified URL due to an authorization issue (authentication bypass via an alternate path). CERT/CC notes attempts by Swann to a...