CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/05/04 12:47 a.m.•38 views

CVE-2026-7372 GeoVision GV-VMS V20 WebCam Server Login stack overflow vulnerability

9CVSS0.00463EPSS

CVE•added 2026/05/04 12:47 a.m.•10 views

CVE-2026-7372

CVE-2026-7372 affects GeoVision GV-VMS V20 20.0.2, specifically the WebCam Server Login functionality. A stack overflow is triggered by an unconstrained sscanf when parsing the Authorization string, where username or password extracted content may exceed 40 characters, overwriting the stack. The ...

Exploits0References2Affected Software1

EUVD•added 2026/05/04 12:47 a.m.•1 views

EUVD-2026-26864

ATTACKERKB•added 2026/05/04 12:47 a.m.•1 views

CVE-2026-7372

Exploits0References3Affected Software1

Vulnrichment•added 2026/05/04 12:47 a.m.•5 views

CVE-2026-7372 GeoVision GV-VMS V20 WebCam Server Login stack overflow vulnerability

Cvelist•added 2026/05/04 12:47 a.m.•27 views

CVE-2026-42369 GeoVision GV-VMS V20 WebCam Server stack overflow vulnerability

GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and manage other security devices. It is a native application accessed locally, but it is also possible to enable remote access via the "WebCam Server" feature. Once enabled, it is possible to access t...

10CVSS0.00514EPSS

EUVD•added 2026/05/04 12:47 a.m.•2 views

EUVD-2026-26860

10CVSS6.2AI score0.00514EPSS

ATTACKERKB•added 2026/05/04 12:47 a.m.•1 views

CVE-2026-42369

10CVSS6.2AI score0.00514EPSS

Exploits0References3Affected Software1

CVE•added 2026/05/04 12:47 a.m.•12 views

CVE-2026-42369

GV-VMS V20 WebCam Server contains a stack overflow in the b64decoder path of the gvapi flow. The decoded base64 string is copied into a 256-byte local Buffer without bounds checking, so if the decoded data exceeds 256 characters an attacker can trigger a stack overflow. The product is described a...

10CVSS6.2AI score0.00514EPSS

Tenable Nessus•added 2026/05/04 12:0 a.m.•2 views

RHEL 9 : .NET 9.0 (RHSA-2026:13282)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:13282 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

7.5CVSS6.4AI score0.0111EPSS

Exploits0References10

CNNVD•added 2026/05/04 12:0 a.m.•5 views

Yeapook WDR201A WiFi Extender 安全漏洞

The Yeapook WDR201A WiFi Extender is a wireless signal extension device produced by the Yeapook company. The Yeapook WDR201A WiFi Extender in the HW V2.1 version and FW LFMZX28040922V1.02 version contain security vulnerabilities. These vulnerabilities stem from stack-based buffer overflows in the...

8.3CVSS6AI score0.00396EPSS

Exploits0References1

Positive Technologies•added 2026/05/04 12:0 a.m.•4 views

PT-2026-36741

Name of the Vulnerable Software and Affected Versions GeoVision GV-VMS V20 version 20.0.2 Description A stack overflow exists in the WebCam Server Login functionality. An unauthenticated attacker can send a specially crafted HTTP request to trigger the issue, potentially leading to arbitrary code...

9CVSS6.4AI score0.00463EPSS

Exploits0References10

CNNVD•added 2026/05/04 12:0 a.m.•5 views

GeoVision GV-VMS 缓冲区错误漏洞

GeoVision GV-VMS is a video management system software developed by GeoVision Corporation in China. The version GV-VMS V20 20.0.2 contains a buffer error vulnerability. This vulnerability stems from a stack overflow issue in the WebCam Server login function, which may allow custom HTTP requests t...

9.8CVSS6.3AI score0.00534EPSS

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux – Vulnerability in dcmtk

A security vulnerability has been detected in DCMTK up to version 3.6.5. The affected element is the parseQuota function of the dcmqrscp component. Manipulating the StorageQuota argument leads to a stack-based buffer overflow. Access to local resources is required to exploit this vulnerability. T...

5.5CVSS5.7AI score0.00203EPSS

Exploits1References2

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Networks: Fixed a stack overflow issue when LRO is disabled for virtual interfaces. When the features of a virtual interface are updated, the updated features are synchronized with its underlying interfaces. This synchronization...

5.4AI score0.00191EPSS

Exploits0References1

7.5CVSS6.3AI score0.02015EPSS

Astra Linux – Vulnerability in libxstream-java

XStream is a simple library for serializing objects to XML and back again. This vulnerability may allow a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service—only by manipulating the processed input stream when XStream is configured to use th...

5.5CVSS5.8AI score0.00158EPSS

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rcu: Avoid stack overflow due to rcuirqenterchecktick being kprobed. Registering a kprobe for rcuirqenterchecktick can cause a kernel stack overflow, as shown below. This issue can be reproduced by enabling CONFIGNOHZFULL and...

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux – Vulnerability in libwoodstox-java

Those who use Woodstox to parse XML data may be vulnerable to Denial of Service attacks DOS if DTD support is enabled. If the parser is running on user-supplied input, an attacker may provide content that causes the parser to crash due to a stack overflow. This vulnerability could potentially all...

7.5CVSS6.5AI score0.19501EPSS

Exploits1References2

5.3CVSS6.4AI score0.02598EPSS

Astra Linux – Vulnerability in opensc

Buffer overflow issues were identified in Opensc before version 0.22.0 in various locations, which could potentially cause programs using the library to crash...