EUVD-2025-203494

A vulnerability has been found in Ningyuanda TC155 57.0.2.0. The affected element is an unknown function of the component RTSP Live Video Stream Endpoint. Such manipulation leads to improper authentication. The attack must be carried out from within the local network. The exploit has been disclos...

EUVD-2019-2505

Malware in sbrugna...

EUVD-2010-4345

Malware in sbrugna...

EUVD-2025-22739

Malicious code in bioql PyPI...

EUVD-2025-6708

Malicious code in bioql PyPI...

CVE-2025-30135

An issue was discovered on IROAD Dashcam FX2 devices. Dumping Files Over HTTP and RTSP Without Authentication can occur. It lacks authentication controls on its HTTP and RTSP interfaces, allowing attackers to retrieve sensitive files and video recordings. By connecting to...

CVE-2025-6532

A vulnerability classified as problematic was found in NOYAFA/Xiami LF9 Pro up to 20250611. Affected by this vulnerability is an unknown functionality of the component RTSP Live Video Stream Endpoint. The manipulation leads to improper access controls. The attack can only be initiated within the...

CVE-2025-30141

An issue was discovered on G-Net Dashcam BB GONX devices. One can Remotely Dump Video Footage and the Live Video Stream. It exposes API endpoints on ports 9091 and 9092 that allow remote access to recorded and live video feeds. An attacker who connects to the dashcam's network can retrieve all...

PT-2025-11644 · G Net · G-Net Dashcam Bb Gonx

Name of the Vulnerable Software and Affected Versions: G-Net Dashcam BB GONX devices affected versions not specified Description: The issue allows remote access to recorded and live video feeds on the G-Net Dashcam BB GONX devices. It exposes API endpoints on ports 9091 and 9092, enabling an...

Ubuntu 16.04 ESM / 18.04 ESM : liveMedia vulnerabilities (USN-4853-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4853-1 advisory. It was discovered that liveMedia incorrectly handled certain network packets. An attacker could possibly use this issue to execute arbitrary...

SUSE CVE-2006-6172

Buffer overflow in the asmrpeval function in the RealMedia RTSP stream handler asmrp.c for Real Media input plugin, as used in 1 xine/xine-lib, 2 MPlayer 1.0rc1 and earlier, and possibly others, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a ruleboo...

Compro Technology IP Camera RTSP Stream Disclosure

Exploit Title: Compro Technology IP Camera - RTSP stream disclosure Unauthenticated Date: 2021-09-30 Exploit Author: icekam,xiao13,Rainbow,tfsec Software Link: http://www.comprotech.com.hk/ Version: Compro IP70 2.087130218, IP570 2.087130520, IP60, TN540 CVE : CVE-2021-40379 Some devices have...

COMMAX CVD-Axx DVR 5.1.4 Weak Default Credentials Stream Disclosure

COMMAX CVD-Axx DVR 5.1.4 Weak Default Credentials Stream Disclosure Vendor: COMMAX Co., Ltd. Prodcut web page: https://www.commax.com Affected version: CVD-AH04 DVR 4.4.1 CVD-AF04 DVR 4.4.1 CVD-AH16 DVR 5.1.4 CVD-AF16 DVR 4.4.1 CVD-AF08 DVR 5.1.2 CVD-AH08 DVR 5.1.2 Summary: COMMAX offers a wide...

COMMAX CVD-Axx DVR 5.1.4 - Weak Default Credentials Stream Disclosure

Exploit Title: COMMAX CVD-Axx DVR 5.1.4 - Weak Default Credentials Stream Disclosure Date: 02.08.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.commax.com COMMAX CVD-Axx DVR 5.1.4 Weak Default Credentials Stream Disclosure Vendor: COMMAX Co., Ltd. Prodcut web page:...

COMMAX CVD-Axx DVR 5.1.4 - Weak Default Credentials Stream Disclosure Vulnerability

Exploit Title: COMMAX CVD-Axx DVR 5.1.4 - Weak Default Credentials Stream Disclosure Exploit Author: LiquidWorm Vendor Homepage: https://www.commax.com COMMAX CVD-Axx DVR 5.1.4 Weak Default Credentials Stream Disclosure Vendor: COMMAX Co., Ltd. Prodcut web page: https://www.commax.com Affected...

COMMAX CVD-Axx DVR 5.1.4 Weak Default Credentials Stream Disclosure

Summary COMMAX offers a wide range of proven AHD CCTV systems to meet customer needs and convenience in single or multi-family homes. Description The web control panel uses weak set of default administrative credentials that can be easily guessed in remote password attacks and disclose RTSP strea...

GLSA-202003-33 : GStreamer Base Plugins: Heap-based buffer overflow

The remote host is affected by the vulnerability described in GLSA-202003-33 GStreamer Base Plugins: Heap-based buffer overflow It was discovered that GStreamer Base Plugins did not correctly handle certain malformed RTSP streams. Impact : A remote attacker could entice a user to open a specially...

Security update for live555 (moderate)

openSUSE Security Update: Security update for live555 Announcement ID: openSUSE-SU-2019:1880-1 Rating: moderate References: 1121995 1124159 1127341 Cross-References: CVE-2019-7314 CVE-2019-9215 Affected Products: openSUSE Backports SLE-15-SP1 An update that solves two vulnerabilities and has one...

CVE-2019-10711

Incorrect access control in the RTSP stream and web portal on all IP cameras based on Hisilicon Hi3510 firmware until Webware version V1.0.1 allows attackers to view an RTSP stream by connecting to the stream with hidden credentials guest or user that are neither displayed nor configurable in the...

CVE-2019-10711

Incorrect access control in the RTSP stream and web portal on all IP cameras based on Hisilicon Hi3510 firmware until Webware version V1.0.1 allows attackers to view an RTSP stream by connecting to the stream with hidden credentials guest or user that are neither displayed nor configurable in the...