CVE-2026-12706

A use-after-free vulnerability was found in FFmpeg's RASC video decoder. The decodemove function initializes a read pointer into a decompressed buffer, but a subsequent reallocation of that same buffer during move-table processing leaves the pointer dangling. An attacker could exploit this by...

CVE-2026-12527

A broken authorization boundary in the RTSP media delivery pipeline of Shenzhen Liandian Communication Technology LTD V380 IP Camera firmware AppFHE1V1.0.6.020230803 enables unauthenticated network actors to bypass the device’s credential-enforced live-view workflow and directly retrieve real-tim...

CVE-2026-12527

CVE-2026-12527 affects Shenzhen Liandian Communication Technology LTD V380 IP Camera firmware AppFHE1_V1.0.6.020230803. Root cause: broken authorization boundary in the RTSP media delivery pipeline. This enables unauthenticated network actors to bypass the device’s credential-enforced live-view w...

AiOPMSD Final SQL注入漏洞

AiOPMSD Final is a video stream download tool developed by AiOPMSD Corporation. Version 1.0.0 of AiOPMSD Final contains a SQL injection vulnerability. This vulnerability arises from injecting malicious code through the actor parameter, potentially allowing unauthenticated attackers to execute...

CVE-2026-34120

A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the asynchronous parsing of local video stream content due to insufficient alignment and validation of buffer boundaries when processing streaming inputs.An attacker on the same network segment could...

CVE-2026-34120

A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the asynchronous parsing of local video stream content due to insufficient alignment and validation of buffer boundaries when processing streaming inputs.An attacker on the same network segment could...

CVE-2026-34120 Heap-based Buffer Overflow Vulnerability Leading to Denial-of-Service in TP-Link Tapo C520WS

A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the asynchronous parsing of local video stream content due to insufficient alignment and validation of buffer boundaries when processing streaming inputs.An attacker on the same network segment could...

CVE-2026-34120 Heap-based Buffer Overflow Vulnerability Leading to Denial-of-Service in TP-Link Tapo C520WS

A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the asynchronous parsing of local video stream content due to insufficient alignment and validation of buffer boundaries when processing streaming inputs.An attacker on the same network segment could...

CVE-2026-34120

A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the asynchronous parsing of local video stream content due to insufficient alignment and validation of buffer boundaries when processing streaming inputs.An attacker on the same network segment could...

PT-2026-29848

A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the asynchronous parsing of local video stream content due to insufficient alignment and validation of buffer boundaries when processing streaming inputs.An attacker on the same network segment could...

TP-Link Tapo C520WS 安全漏洞

The TP-Link Tapo C520WS is a WiFi camera produced by TP-Link Corporation. The TP-Link Tapo C520WS v2.6 version contains a security vulnerability. This vulnerability arises from insufficient buffer boundary alignment and validation during the asynchronous parsing of local video stream content, whi...

EUVD-2025-209098

BS Producten Petcam 33.1.0.0818 is vulnerable to Incorrect Access Control. An unauthenticated attacker in physical proximity can associate with this open network. Once connected, the attacker gains access to the camera's private network interface and can retrieve sensitive information, including...

CVE-2025-69988

BS Producten Petcam 33.1.0.0818 is vulnerable to Incorrect Access Control. An unauthenticated attacker in physical proximity can associate with this open network. Once connected, the attacker gains access to the camera's private network interface and can retrieve sensitive information, including...

📄 Tattile Cameras 1.181.5 Unauthenticated RTSP Stream Disclosure

Tattile Cameras version 1.181.5 suffer from an unauthenticated and unauthorized live RTSP video stream access. Tattile Cameras 1.181.5 Unauthenticated RTSP Stream Disclosure Vendor: Tattile s.r.l. Product web page: https://www.tattile.com Affected version: Smart+ family: Smart+ Tolling+ Smart+...

Tattile Cameras 1.181.5 Unauthenticated RTSP Stream Disclosure

Summary Tattile is an Italian manufacturer specializing in advanced ANPR/ALPR, traffic‑enforcement, and machine‑vision camera systems used across intelligent transportation networks, tolling infrastructures, access‑control environments, and industrial automation. Their portfolio includes...

Frigate 安全漏洞

Frigate is a complete native NVR designed by Blake Blackshear for home assistants with AI object detection capabilities. Versions of Frigate prior to 0.16.4 contained a security vulnerability. This vulnerability stemmed from uncleaned user input in video stream configurations, which could lead to...

FLIR Thermal Camera 访问控制错误漏洞

FLIR Thermal Camera F Series and others are a series of thermal imaging cameras from FLIR, USA. An access control error vulnerability exists in FLIR Thermal Camera F/FC/PT/D Stream version 8.0.0.64, which stems from a lack of authentication and could lead to unauthorized access to the live video...

CVE-2024-58336

Akuvox Smart Intercom S539 contains an unauthenticated vulnerability that allows remote attackers to access live video streams by requesting the video.cgi endpoint on port 8080. Attackers can retrieve video stream data without authentication by directly accessing the specified endpoint on affecte...

PT-2025-54256

Name of the Vulnerable Software and Affected Versions Akuvox Smart Intercom S539 affected versions not specified Description A flaw exists in Akuvox Smart Intercom S539 that permits remote attackers to gain access to live video streams without authentication. This is achieved by requesting the...

Akuvox S539 访问控制错误漏洞

Akuvox S539 is a business access control intercom terminal from China Ruiyunlian Akuvox. The Akuvox S539 suffers from an access control error vulnerability that originates from unauthenticated access to the video stream, which could lead to information disclosure...