19 matches found
EUVD-2025-6684
Malicious code in bioql PyPI...
EUVD-2025-6708
Malicious code in bioql PyPI...
EUVD-2025-5511
Malicious code in bioql PyPI...
Self-Driving Car Video Footage
Two articles crossed my path recently. First, a discussion of all the video Waymo has from outside its cars: in this case related to the LA protests. Second, a discussion of all the video Tesla has from inside its cars. Lots of things are collecting lots of video of lots of other things. How and...
CVE-2025-30111
On IROAD v9 devices, one can Remotely Dump Video Footage and the Live Video Stream. The dashcam exposes endpoints that allow unauthorized users, who gained access through other means, to list and download recorded videos, as well as access live video streams without proper authentication...
CVE-2025-30116
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Remotely Dumping of Video Footage and the Live Video Stream can occur. It allows remote attackers to access and download recorded video footage from the SD card via port 9091. Additionally, attackers can connect to port 90...
CVE-2025-30111
CVE-2025-30111 affects IROAD v9 dashcams. The issue arises from exposed endpoints that allow unauthorized users to list and download recorded videos and to access live video streams without proper authentication. Several sources (e.g., Red Hat advisory, NVD/NVD-linked entries, and CVE listings) d...
CVE-2025-30116
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Remotely Dumping of Video Footage and the Live Video Stream can occur. It allows remote attackers to access and download recorded video footage from the SD card via port 9091. Additionally, attackers can connect to port 90...
CVE-2025-30111
On IROAD v9 devices, one can Remotely Dump Video Footage and the Live Video Stream. The dashcam exposes endpoints that allow unauthorized users, who gained access through other means, to list and download recorded videos, as well as access live video streams without proper authentication...
CVE-2025-30141
The CVE-2025-30141 issue affects G-Net Dashcam BB GONX devices. It exposes API endpoints on ports 9091 and 9092 that allow remote access to recorded and live video feeds, enabling an attacker on the same network to retrieve stored recordings and pull live streams (RTSP on 9092). Some sources indi...
CVE-2025-30116
CVE-2025-30116 affects the Forvia Hella HELLA Driving Recorder DR 820. A vulnerability allows remote attackers to dump recorded video footage from the SD card via port 9091 and to stream the live video feed via port 9092 by bypassing the challenge–response authentication. Attack requires network ...
CVE-2025-30141
An issue was discovered on G-Net Dashcam BB GONX devices. One can Remotely Dump Video Footage and the Live Video Stream. It exposes API endpoints on ports 9091 and 9092 that allow remote access to recorded and live video feeds. An attacker who connects to the dashcam's network can retrieve all...
CVE-2025-1881
A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Video Footage/Live Video Stream. The manipulation leads to improper access controls. The attack can be launched remotel...
CVE-2025-1881 i-Drive i11/i12 Video Footage/Live Video Stream access control
A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Video Footage/Live Video Stream. The manipulation leads to improper access controls. The attack can be launched remotel...
How to secure body-worn cameras and protect footage from cyber threats
TL;DR Body-worn cameras are used by police and other security personnel Cameras are taken into the field but footage could be presented as evidence Cryptographic approaches are needed to ensure the confidentiality and integrity of captured video and audio Cybersecurity challenges of body-worn...
Friday Squid Blogging: Baby Colossal Squid
This video might be a juvenile colossal squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...
Adobe Prelude memory buffer out-of-bounds access vulnerability
Adobe Prelude is a video recording and capture tool designed for intuitive and efficient media organization and metadata entry to quickly tag and transcode video footage and quickly create rough cuts.Adobe Prelude 10.1 and earlier versions contain a memory buffer out-of-bounds access vulnerabilit...
Adobe Prelude memory out-of-bounds access vulnerability
Adobe Prelude is a video recording and capture tool designed for media finishing and metadata entry to quickly tag and transcode video footage and quickly create rough cuts. Adobe Prelude 10.0 and earlier versions are vulnerable to a memory out-of-bounds access vulnerability. An attacker could...
Friday Squid Blogging: Ram’s Horn Squid Video
This is the first video footage of a rams horn squid Spirula spirula . As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...