35 matches found
EUVD-2021-10788
Malware in sbrugna...
EUVD-2022-43487
Malicious code in bioql PyPI...
EUVD-2022-43486
Malicious code in bioql PyPI...
CVE-2022-40184
Incomplete filtering of JavaScript code in different configuration fields of the web based interface of the VIDEOJET multi 4000 allows an attacker with administrative credentials to store JavaScript code which will be executed for all administrators accessing the same configuration option...
CVE-2022-40183
An error in the URL handler of the VIDEOJET multi 4000 may lead to a reflected cross site scripting XSS in the web-based interface. An attacker with knowledge of the encoder address can send a crafted link to a user, which will execute JavaScript code in the context of the user...
CVE-2022-32540
Information Disclosure in Operator Client application in BVMS 10.1.1, 11.0 and 11.1.0 and VIDEOJET Decoder VJD-7513 versions 10.23 and 10.30 allows man-in-the-middle attacker to compromise confidential video stream. This is only applicable for UDP encryption when target system contains cameras wi...
CVE-2022-40183
An error in the URL handler of the VIDEOJET multi 4000 may lead to a reflected cross site scripting XSS in the web-based interface. An attacker with knowledge of the encoder address can send a crafted link to a user, which will execute JavaScript code in the context of the user...
CVE-2022-40184
Incomplete filtering of JavaScript code in different configuration fields of the web based interface of the VIDEOJET multi 4000 allows an attacker with administrative credentials to store JavaScript code which will be executed for all administrators accessing the same configuration option...
CVE-2022-40184
Incomplete filtering of JavaScript code in different configuration fields of the web based interface of the VIDEOJET multi 4000 allows an attacker with administrative credentials to store JavaScript code which will be executed for all administrators accessing the same configuration option...
CVE-2022-40183
An error in the URL handler of the VIDEOJET multi 4000 may lead to a reflected cross site scripting XSS in the web-based interface. An attacker with knowledge of the encoder address can send a crafted link to a user, which will execute JavaScript code in the context of the user...
Design/Logic Flaw
Incomplete filtering of JavaScript code in different configuration fields of the web based interface of the VIDEOJET multi 4000 allows an attacker with administrative credentials to store JavaScript code which will be executed for all administrators accessing the same configuration option...
CVE-2022-40184
CVE-2022-40184 affects Bosch VIDEOJET multi 4000. The issue is incomplete filtering of JavaScript code in various fields of the web-based configuration interface. An attacker with administrative credentials can store JavaScript that will be executed for all administrators accessing the same confi...
CVE-2022-40183 Reflected Cross Site Scripting (XSS) in VIDEOJET multi 4000
An error in the URL handler of the VIDEOJET multi 4000 may lead to a reflected cross site scripting XSS in the web-based interface. An attacker with knowledge of the encoder address can send a crafted link to a user, which will execute JavaScript code in the context of the user...
CVE-2022-40184 Stored Cross Site Scripting (XSS) in VIDEOJET multi 4000
Incomplete filtering of JavaScript code in different configuration fields of the web based interface of the VIDEOJET multi 4000 allows an attacker with administrative credentials to store JavaScript code which will be executed for all administrators accessing the same configuration option...
CVE-2022-40184 Stored Cross Site Scripting (XSS) in VIDEOJET multi 4000
Incomplete filtering of JavaScript code in different configuration fields of the web based interface of the VIDEOJET multi 4000 allows an attacker with administrative credentials to store JavaScript code which will be executed for all administrators accessing the same configuration option...
CVE-2022-40183
CVE-2022-40183 affects Bosch VIDEOJET multi 4000: a vulnerability in the encoder’s URL handler enables reflected XSS in the web interface. An attacker who knows the encoder’s address can send a crafted link to a user, causing JavaScript to run in the user’s context. The issue is documented across...
CVE-2022-40183 Reflected Cross Site Scripting (XSS) in VIDEOJET multi 4000
An error in the URL handler of the VIDEOJET multi 4000 may lead to a reflected cross site scripting XSS in the web-based interface. An attacker with knowledge of the encoder address can send a crafted link to a user, which will execute JavaScript code in the context of the user...
Bosch VIDEOJET multi 4000 跨站脚本漏洞
Bosch VIDEOJET multi 4000 is a 16-channel CCTV video encoder from Bosch. It provides best-in-class IP video performance for security camera systems. A security vulnerability exists in the Bosch VIDEOJET multi 4000 version, which stems from an error in the URL handler that could lead to reflective...
PT-2022-25264 · Unknown · Videojet Multi 4000
Name of the Vulnerable Software and Affected Versions: VIDEOJET multi 4000 affected versions not specified Description: An error in the URL handler may lead to a reflected cross site scripting XSS in the web-based interface. An attacker with knowledge of the encoder address can send a crafted lin...
Bosch VIDEOJET multi 4000 跨站脚本漏洞
Bosch VIDEOJET multi 4000 is a 16-channel CCTV video encoder from Bosch. It provides best-in-class IP video performance for security camera systems. A security vulnerability exists in the Bosch VIDEOJET multi 4000 version, which stems from incomplete filtering of JavaScript code for different...