Lucene search
K

7 matches found

Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.8 views

PT-2026-26777

Summary The objects/import.json.php endpoint accepts a user-controlled fileURI POST parameter with only a regex check that the value ends in .mp4. Unlike objects/listFiles.json.php, which was hardened with a realpath + directory prefix check to restrict paths to the videos/ directory,...

7.1CVSS6AI score0.00335EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-34971

Malicious code in bioql PyPI...

5.5CVSS6.6AI score0.00157EPSS
Exploits0References1
OSV
OSV
added 2024/11/06 3:15 a.m.5 views

CVE-2024-49404

Improper Access Control in Samsung Video Player prior to versions 7.3.29.1 in Android 12, 7.3.36.1 in Android 13, and 7.3.41.230 in Android 14 allows physical attackers to access video file of other users...

4.6CVSS5.8AI score0.00158EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/06 2:17 a.m.14 views

CVE-2024-49404

Improper Access Control in Samsung Video Player prior to versions 7.3.29.1 in Android 12, 7.3.36.1 in Android 13, and 7.3.41.230 in Android 14 allows physical attackers to access video file of other users...

5.5CVSS6.6AI score0.00158EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/06 12:0 a.m.5 views

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices, which stems from Samsung Video Player contains an improper access control vulnerability. A...

5.5CVSS6.5AI score0.00158EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/07 12:0 a.m.7 views

PT-2024-26093

Name of the Vulnerable Software and Affected Versions SamsungVideoPlayer versions prior to 7.3.29.1 SamsungVideoPlayer versions prior to 7.3.36.1 SamsungVideoPlayer versions prior to 7.3.41.230 Description The issue is related to improper input validation in SamsungVideoPlayer, allowing local...

5.5CVSS6.5AI score0.00157EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2023/10/09 9:15 p.m.4 views

CVE-2023-43271

Incorrect access control in 70mai a500s v1.2.119 allows attackers to directly access and delete the video files of the driving recorder through ftp and other protocols...

9.1CVSS5.8AI score0.00586EPSS
Exploits1References3
Rows per page
Query Builder