371882 matches found
CVE-2026-57266
GeoWebPlayer (Websocket Server component used by GV-VMS/GV-Cloud) contains multiple index-out-of-bounds vulnerabilities in its websocket command handling, allowing an attacker-supplied index to access arrays and trigger out-of-bounds reads/writes or call out-of-bounds function pointers. Documente...
CVE-2026-57265
GeoWebPlayer (Web Plugin/WS Player) Websocket Server vulnerabilities exist in GeoVision GeoWebPlayer 1.1.1.0 where an index value from websocket commands is not consistently validated, causing out-of-bounds reads/writes and potential code execution via critical sections and function pointers. Doc...
CVE-2026-57264
GeoWebPlayer’s Websocket Server (used by GV-VMS/GV-Cloud) exposes a command interface where many commands accept an index that is not consistently validated. The Talos and CVE records describe multiple CVEs (e.g., CVE-2026-57264) across several commands (connectInfo, setStream, setPIP, audio, sna...
CVE-2026-13132
GeoWebPlayer (Web Plugin/WS Player) Websocket Server in GeoVision software contains multiple out-of-bounds read/write vulnerabilities triggered by index values in websocket commands (notably setStream). The Talos report specifies exploitable out-of-bounds reads in GeoWebPlayer version 1.1.1.0, wi...
CVE-2026-13131
GeoWebPlayer Websocket Server (GeoVision) has a concrete out-of-bounds read vulnerability in the connectInfo command (index not range-checked), enabling out-of-bounds access to viewer IPCams and potential code execution. Reported for GeoWebPlayer 1.1.1.0; CVSSv3.1 score 8.3 (NETWORK, HIGH impact)...
CVE-2026-13125
GeoWebPlayer (GeoVision addon, also called Web Plugin/WS Player) exposes a websocket server with no authentication. Vulnerable component: GeoWebPlayer version 1.1.1.0. Root cause: missing authentication for critical websocket operations, enabling a malicious page to open a connection and issue pr...
CVE-2026-55765
Technical details are not publicly available in the provided documents for CVE-2026-55765. No affected product, component, root cause, impact, or remediation is specified. Monitor for updates.
CVE-2026-38970
The provided data confirms a concrete vulnerability in pdfcpu
CVE-2026-38968
ntopng (through 6.6) is reported vulnerable to a Predictable Session Identifier flaw. The issue occurs in HTTPsession creation within src/HTTPserver.cpp, where time-seeded pseudo-randomness can yield deterministic or colliding cookies, enabling session hijacking under attacker-controlled timing. ...
CVE-2026-38972
Notepad3 versions up to 6.25.822.1 are vulnerable to a DLL search-order hijack in the About-dialog code path (src/Notepad3.c). The application loads MSFTEDIT.DLL via LoadLibrary with a bare DLL name, enabling a local attacker to place a malicious MSFTEDIT.DLL in the application directory or anoth...
CVE-2026-54707
Technical details for CVE-2026-54707 are not publicly available in the provided documents. No affected products, root cause, or remediation are disclosed. Monitor for updates.
CVE-2026-55769
Technical details for CVE-2026-55769 are not publicly available in the provided documents. Monitor for updates to see if a concrete description, affected products, or remediation are released.
CVE-2026-38969
CVE-2026-38969 entry is rejected/not used and does not represent an active vulnerability.
CVE-2026-54706
Technical details for CVE-2026-54706 are not publicly available in the provided documents. Monitor for updates.
CVE-2026-52189
CVE-2026-52189 describes a buffer overflow in the UTT nv518G nv518GV3v3.2.7-210919-161313 stack/heap handling within the gohead/sub_487330 component. The issue allows a remote attacker to trigger a denial of service. Documented details are limited to the affected product/version and component nam...
CVE-2026-52192
CVE-2026-52192 concerns an issue in UTT nv518G/nv518GV3v3.2.7-210919-161313 where a remote attacker can cause a denial of service via the gohead/sub_445C5C component. The primary available details identify the affected product family and the vulnerable component, with the CVSS v3.1 vector indicat...
CVE-2026-52188
CVE-2026-52188 is a Buffer Overflow in UTT nv518G nv518GV3v3.2.7-210919-161313 affecting the gohead//sub_497498 component. Reported impact is remote denial of service (availability impact) with CVSS 3.1 base score 6.5 (Medium). Connected sources indicate a PoC exists and a potential partial techn...
CVE-2026-52191
CVE-2026-52191 is a Buffer Overflow in the UTT nv518G nv518GV3v3.2.7-210919-161313, affecting the gohead/sub_444C8C component. The vulnerability enables a remote attacker to cause a denial of service. The provided documents do not specify a patch or remediation; no exploit details are described. ...
CVE-2026-52187
CVE-2026-52187 describes a Buffer Overflow in the UTT nv518G family (nv518G nv518GV3v3.2.7-210919-161313) that allows a remote attacker to cause a denial of service via the gohead/sub_483ba0 component. The NVD entry lists a Network attack vector, no privileges required, no user interaction, and a...
CVE-2026-55493
Technical details for CVE-2026-55493 are not publicly available in the provided documents. No affected products, impacts, or fixes can be determined. Monitor for updates.