14 matches found
EUVD-2022-49848
Malicious code in bioql PyPI...
CVE-2022-47070
NVS365 V01 is vulnerable to Incorrect Access Control. After entering a wrong password, the url will be sent to the server twice. In the second package, the server will return the correct password information...
CVE-2022-47071
In NVS365 V01, the background network test function can trigger command execution...
Command injection
In NVS365 V01, the background network test function can trigger command execution...
PT-2023-15152 · Nvs365 · Nvs365
Name of the Vulnerable Software and Affected Versions: NVS365 version V01 Description: The background network test function in NVS365 can trigger command execution, potentially leading to unauthorized access or control. Recommendations: For NVS365 version V01, as a temporary workaround, consider...
CVE-2022-47071
CVE-2022-47071 affects NVS365 V01; the background network test function can trigger command execution, enabling high-impact remote control. CVSSv3.1 base score 9.8 (Network, Privileges None, User Interaction None; Confidentiality/Integrity/Availability High). Some sources recommend temporarily di...
CVE-2022-47071
In NVS365 V01, the background network test function can trigger command execution...
CVE-2022-47070
NVS365 V01 is vulnerable to Incorrect Access Control. After entering a wrong password, the url will be sent to the server twice. In the second package, the server will return the correct password information...
Design/Logic Flaw
NVS365 V01 is vulnerable to Incorrect Access Control. After entering a wrong password, the url will be sent to the server twice. In the second package, the server will return the correct password information...
CVE-2022-47070
NVS365 V01 is vulnerable to Incorrect Access Control. After entering a wrong password, the url will be sent to the server twice. In the second package, the server will return the correct password information...
CVE-2022-47070
NVS365 V01 is vulnerable to Incorrect Access Control. After entering a wrong password, the url will be sent to the server twice. In the second package, the server will return the correct password information...
CVE-2022-47070
CVE-2022-47070 affects NVS365 V01 Network Video Server. The root cause is Incorrect Access Control: after a wrong password input, a request is sent twice and the second response exposes password information. NVD metrics assign CVSSv3.1 base score 7.5 (HIGH) with network attack vector, low attack ...
Cross site scripting
Cross-site scripting XSS vulnerability Fujitsu e-Pares V01 L01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Fujitsu e-Pares V01 L01 V01 L01, L03, L10, L20, L30, and L40 allows remote attackers to hijack the authentication of users for requests that modify "facility reservation data" via unknown vectors...