718 matches found
CVE-2026-7372
A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability. Stack-overflow via...
CVE-2026-7372 GeoVision GV-VMS V20 WebCam Server Login stack overflow vulnerability
A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability. Stack-overflow via...
CVE-2026-42369
GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and manage other security devices. It is a native application accessed locally, but it is also possible to enable remote access via the "WebCam Server" feature. Once enabled, it is possible to access t...
GeoVision GV-VMS 缓冲区错误漏洞
GeoVision GV-VMS is a video management system software developed by GeoVision Corporation in China. The version GV-VMS V20 20.0.2 contains a buffer error vulnerability. This vulnerability stems from a stack overflow issue in the WebCam Server login function, which may allow custom HTTP requests t...
GeoVision GV-VMS 缓冲区错误漏洞
GeoVision GV-VMS is a video management system software developed by GeoVision Corporation in China. The GeoVision GV-VMS V20 20.0.2 version contains a buffer error vulnerability. This vulnerability arises from the unbounded copying of base64-encoded strings in the WebCam Server function, leading ...
PT-2026-36741
Name of the Vulnerable Software and Affected Versions GeoVision GV-VMS V20 version 20.0.2 Description A stack overflow exists in the WebCam Server Login functionality. An unauthenticated attacker can send a specially crafted HTTP request to trigger the issue, potentially leading to arbitrary code...
CLSA-2026-1777059908 binutils: Fix of 4 CVEs
CVE-2022-47673: fix out-of-bounds reads in parsemodule bfd/vms-alpha.c, combined backport of upstream commits c9178f28, 942fa4fb, 77c225bd, 65cf035b and c093f5ee patch also covers CVE-2023-25584 - CVE-2022-47695: fix segfault in objdump comparesymbols on synthetic plt symbols - CVE-2022-47696:...
CLSA-2026-1776430866 binutils: Fix of 5 CVEs
CVE-2022-44840: fix heap buffer overflow in findsectioninset in dwarf.c - CVE-2023-25584: fix lack of bounds checking in vms-alpha.c parsemodule - CVE-2022-47673: fix OOB reads in parsemodule - CVE-2022-47696: fix uninitialised thebfd field in mach-o.c synthetic symbols - CVE-2022-45703: fix heap...
EUVD-2024-55542
Uncontrolled Resource Consumption in Bosch VMS Central Server in Bosch VMS 12.0.1 allows attackers to consume excessive amounts of disk space via network interface...
CVE-2024-33618
Uncontrolled Resource Consumption in Bosch VMS Central Server in Bosch VMS 12.0.1 allows attackers to consume excessive amounts of disk space via network interface...
CVE-2024-33618
CVE-2024-33618 affects Bosch VMS Central Server (Bosch VMS 12.0.1). The issue is uncontrolled resource consumption that can cause excessive disk-space usage over the network interface. The provided documents do not specify the root cause details, vulnerable component version ranges beyond 12.0.1,...
Bosch VMS Central Server 安全漏洞
Bosch VMS Central Server is a core server component of the video management system developed by the German company Bosch. Version 12.0.1 of Bosch VMS Central Server contains a security vulnerability. This vulnerability stems from uncontrolled consumption of network interface resources, which coul...
CVE-2026-26141 Hybrid Worker Extension (Arc‑enabled Windows VMs) Elevation of Privilege Vulnerability
...
CVE-2026-20801
Cleartext Transmission of Sensitive Information CWE-319 in a component used in the Gallagher Hanwha VMS and Gallagher NxWitness VMS integrations allows unprivileged users with local network access to view live video streams. This issue affects all versions of Gallagher NxWitness VMS integration...
CVE-2026-20801
CVE-2026-20801 describes a cleartext transmission flaw (CWE-319) in a component used by Gallagher Hanwha VMS and Gallagher NxWitness VMS integrations. Unprivileged users on the local network could view live video streams due to this issue. Affected are Gallagher NxWitness VMS integration versions...
OPENSUSE-SU-2026:20281-1 Security update for kubevirt
This update for kubevirt fixes the following issues: Update to version 1.7.0 bsc1257128. Security issues fixed: - CVE-2025-64435: logic flaw in the virt-controller can lead to incorrect status updates and potentially causing a DoS bsc1253189. - CVE-2024-45310: kubevirt vendored...
Intel Trust Domain Extensions 安全漏洞
Intel Trust Domain Extensions is a confidential virtualization solution developed by Intel Corporation in the United States. It aims to isolate confidential virtual machines from non-confidential domain software stacks including hypervisors, VMMs, and other non-trusted domain software stacks,...
Oracle VM VirtualBox (CVE-2026-21986) (January 2026 CPU)
The 7.1.14 and 7.2.4 versions of VM VirtualBox installed on the remote host are affected by a vulnerability as referenced in the January 2026 CPU advisory. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.14...
UBUNTU-CVE-2026-21986
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...
CVE-2026-21986
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...