7 matches found
PT-2026-26777
Summary The objects/import.json.php endpoint accepts a user-controlled fileURI POST parameter with only a regex check that the value ends in .mp4. Unlike objects/listFiles.json.php, which was hardened with a realpath + directory prefix check to restrict paths to the videos/ directory,...
EUVD-2024-34971
Malicious code in bioql PyPI...
CVE-2024-49404
Improper Access Control in Samsung Video Player prior to versions 7.3.29.1 in Android 12, 7.3.36.1 in Android 13, and 7.3.41.230 in Android 14 allows physical attackers to access video file of other users...
CVE-2024-49404
Improper Access Control in Samsung Video Player prior to versions 7.3.29.1 in Android 12, 7.3.36.1 in Android 13, and 7.3.41.230 in Android 14 allows physical attackers to access video file of other users...
SAMSUNG Mobile devices 安全漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices, which stems from Samsung Video Player contains an improper access control vulnerability. A...
PT-2024-26093
Name of the Vulnerable Software and Affected Versions SamsungVideoPlayer versions prior to 7.3.29.1 SamsungVideoPlayer versions prior to 7.3.36.1 SamsungVideoPlayer versions prior to 7.3.41.230 Description The issue is related to improper input validation in SamsungVideoPlayer, allowing local...
CVE-2023-43271
Incorrect access control in 70mai a500s v1.2.119 allows attackers to directly access and delete the video files of the driving recorder through ftp and other protocols...