Lucene search
+L

77 matches found

RedhatCVE
RedhatCVE
added 2025/11/12 7:47 a.m.9 views

CVE-2025-8108

An ACAP configuration file has improper permissions and lacks input validation, which could potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the...

6.7CVSS6.9AI score0.00126EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/12 6:59 a.m.12 views

CVE-2025-6298

ACAP applications can gain elevated privileges due to improper input validation, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim ...

6.7CVSS7AI score0.00133EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/12 6:59 a.m.18 views

CVE-2025-5454

An ACAP configuration file lacked sufficient input validation, which could allow a path traversal attack leading to potential privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker...

6.7CVSS6.8AI score0.00149EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/12 6:59 a.m.15 views

CVE-2025-5718

The ACAP Application framework could allow privilege escalation through a symlink attack. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP...

6.8CVSS7AI score0.00347EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/11 9:30 a.m.6 views

EUVD-2025-74043

ACAP applications can gain elevated privileges due to improper input validation, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim ...

6.7CVSS6.5AI score0.00133EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/11 9:30 a.m.7 views

EUVD-2025-74040

An ACAP configuration file has improper permissions, which could allow command injection and potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces th...

6.7CVSS7AI score0.01088EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/11 9:30 a.m.5 views

EUVD-2025-74046

An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a...

6.7CVSS7.2AI score0.00145EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/11 9:30 a.m.4 views

EUVD-2025-74042

A malicious ACAP application can gain access to admin-level service account credentials used by legitimate ACAP applications, leading to potential privilege escalation of the malicious ACAP application. This vulnerability can only be exploited if the Axis device is configured to allow the...

6.6CVSS6.7AI score0.00286EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/11 9:30 a.m.7 views

EUVD-2025-74044

The ACAP Application framework could allow privilege escalation through a symlink attack. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP...

6.8CVSS6.5AI score0.00347EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/11 9:30 a.m.7 views

EUVD-2025-74045

An ACAP configuration file lacked sufficient input validation, which could allow a path traversal attack leading to potential privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker...

6.4CVSS6.3AI score0.00149EPSS
Exploits0References2
OSV
OSV
added 2025/11/11 7:15 a.m.9 views

CVE-2025-8108

An ACAP configuration file has improper permissions and lacks input validation, which could potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the...

6.7CVSS5.8AI score0.00126EPSS
Exploits0References1
NVD
NVD
added 2025/11/11 7:15 a.m.8 views

CVE-2025-8108

An ACAP configuration file has improper permissions and lacks input validation, which could potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the...

6.7CVSS0.00126EPSS
Exploits0References1
NVD
NVD
added 2025/11/11 7:15 a.m.9 views

CVE-2025-6298

ACAP applications can gain elevated privileges due to improper input validation, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim ...

6.7CVSS0.00133EPSS
Exploits0References1
OSV
OSV
added 2025/11/11 7:15 a.m.7 views

CVE-2025-5718

The ACAP Application framework could allow privilege escalation through a symlink attack. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP...

6.8CVSS5.8AI score0.00347EPSS
Exploits0References1
NVD
NVD
added 2025/11/11 7:15 a.m.10 views

CVE-2025-6779

An ACAP configuration file has improper permissions, which could allow command injection and potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces th...

6.7CVSS0.01088EPSS
Exploits0References1
OSV
OSV
added 2025/11/11 7:15 a.m.6 views

CVE-2025-6779

An ACAP configuration file has improper permissions, which could allow command injection and potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces th...

6.7CVSS5.8AI score0.01088EPSS
Exploits0References1
OSV
OSV
added 2025/11/11 7:15 a.m.5 views

CVE-2025-6298

ACAP applications can gain elevated privileges due to improper input validation, potentially leading to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim ...

6.7CVSS5.8AI score0.00133EPSS
Exploits0References1
NVD
NVD
added 2025/11/11 7:15 a.m.4 views

CVE-2025-5452

A malicious ACAP application can gain access to admin-level service account credentials used by legitimate ACAP applications, leading to potential privilege escalation of the malicious ACAP application. This vulnerability can only be exploited if the Axis device is configured to allow the...

6.6CVSS0.00286EPSS
Exploits0References1
OSV
OSV
added 2025/11/11 7:15 a.m.6 views

CVE-2025-5454

An ACAP configuration file lacked sufficient input validation, which could allow a path traversal attack leading to potential privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker...

6.7CVSS5.8AI score0.00149EPSS
Exploits0References1
OSV
OSV
added 2025/11/11 7:15 a.m.6 views

CVE-2025-5452

A malicious ACAP application can gain access to admin-level service account credentials used by legitimate ACAP applications, leading to potential privilege escalation of the malicious ACAP application. This vulnerability can only be exploited if the Axis device is configured to allow the...

6.6CVSS5.8AI score0.00286EPSS
Exploits0References1
Rows per page
Query Builder