Lucene search
+L

371882 matches found

cve
cve
added 2026/07/02 2:19 a.m.14 views

CVE-2026-57266

GeoWebPlayer (Websocket Server component used by GV-VMS/GV-Cloud) contains multiple index-out-of-bounds vulnerabilities in its websocket command handling, allowing an attacker-supplied index to access arrays and trigger out-of-bounds reads/writes or call out-of-bounds function pointers. Documente...

8.3CVSS5.8AI score0.00215EPSS
Exploits0References2
cve
cve
added 2026/07/02 2:18 a.m.16 views

CVE-2026-57265

GeoWebPlayer (Web Plugin/WS Player) Websocket Server vulnerabilities exist in GeoVision GeoWebPlayer 1.1.1.0 where an index value from websocket commands is not consistently validated, causing out-of-bounds reads/writes and potential code execution via critical sections and function pointers. Doc...

8.3CVSS5.8AI score0.00215EPSS
Exploits0References2
cve
cve
added 2026/07/02 2:18 a.m.20 views

CVE-2026-57264

GeoWebPlayer’s Websocket Server (used by GV-VMS/GV-Cloud) exposes a command interface where many commands accept an index that is not consistently validated. The Talos and CVE records describe multiple CVEs (e.g., CVE-2026-57264) across several commands (connectInfo, setStream, setPIP, audio, sna...

8.3CVSS5.8AI score0.00215EPSS
Exploits0References2
cve
cve
added 2026/07/02 2:17 a.m.17 views

CVE-2026-13132

GeoWebPlayer (Web Plugin/WS Player) Websocket Server in GeoVision software contains multiple out-of-bounds read/write vulnerabilities triggered by index values in websocket commands (notably setStream). The Talos report specifies exploitable out-of-bounds reads in GeoWebPlayer version 1.1.1.0, wi...

8.3CVSS5.8AI score0.00215EPSS
Exploits0References2
cve
cve
added 2026/07/02 2:14 a.m.15 views

CVE-2026-13131

GeoWebPlayer Websocket Server (GeoVision) has a concrete out-of-bounds read vulnerability in the connectInfo command (index not range-checked), enabling out-of-bounds access to viewer IPCams and potential code execution. Reported for GeoWebPlayer 1.1.1.0; CVSSv3.1 score 8.3 (NETWORK, HIGH impact)...

8.3CVSS5.8AI score0.00215EPSS
Exploits0References2
cve
cve
added 2026/07/02 2:14 a.m.12 views

CVE-2026-13125

GeoWebPlayer (GeoVision addon, also called Web Plugin/WS Player) exposes a websocket server with no authentication. Vulnerable component: GeoWebPlayer version 1.1.1.0. Root cause: missing authentication for critical websocket operations, enabling a malicious page to open a connection and issue pr...

8.8CVSS5.7AI score0.00227EPSS
Exploits0References2
cve
cve
added 2026/07/02 12:0 a.m.11 views

CVE-2026-55765

Technical details are not publicly available in the provided documents for CVE-2026-55765. No affected product, component, root cause, impact, or remediation is specified. Monitor for updates.

Exploits0References4
cve
cve
added 2026/07/02 12:0 a.m.14 views

CVE-2026-38970

The provided data confirms a concrete vulnerability in pdfcpu

7.5CVSS5.8AI score0.00451EPSS
Exploits0References3
cve
cve
added 2026/07/02 12:0 a.m.18 views

CVE-2026-38968

ntopng (through 6.6) is reported vulnerable to a Predictable Session Identifier flaw. The issue occurs in HTTPsession creation within src/HTTPserver.cpp, where time-seeded pseudo-randomness can yield deterministic or colliding cookies, enabling session hijacking under attacker-controlled timing. ...

9.8CVSS5.8AI score0.00379EPSS
Exploits0References2Affected Software1
cve
cve
added 2026/07/02 12:0 a.m.16 views

CVE-2026-38972

Notepad3 versions up to 6.25.822.1 are vulnerable to a DLL search-order hijack in the About-dialog code path (src/Notepad3.c). The application loads MSFTEDIT.DLL via LoadLibrary with a bare DLL name, enabling a local attacker to place a malicious MSFTEDIT.DLL in the application directory or anoth...

7.8CVSS6.4AI score0.00149EPSS
Exploits1References3Affected Software1
cve
cve
added 2026/07/02 12:0 a.m.15 views

CVE-2026-54707

Technical details for CVE-2026-54707 are not publicly available in the provided documents. No affected products, root cause, or remediation are disclosed. Monitor for updates.

Exploits0References6
cve
cve
added 2026/07/02 12:0 a.m.13 views

CVE-2026-55769

Technical details for CVE-2026-55769 are not publicly available in the provided documents. Monitor for updates to see if a concrete description, affected products, or remediation are released.

Exploits0References4
cve
cve
added 2026/07/02 12:0 a.m.33 views

CVE-2026-38969

CVE-2026-38969 entry is rejected/not used and does not represent an active vulnerability.

6.1AI score0.00352EPSS
Exploits0
cve
cve
added 2026/07/02 12:0 a.m.21 views

CVE-2026-54706

Technical details for CVE-2026-54706 are not publicly available in the provided documents. Monitor for updates.

Exploits0References6
cve
cve
added 2026/07/02 12:0 a.m.10 views

CVE-2026-52189

CVE-2026-52189 describes a buffer overflow in the UTT nv518G nv518GV3v3.2.7-210919-161313 stack/heap handling within the gohead/sub_487330 component. The issue allows a remote attacker to trigger a denial of service. Documented details are limited to the affected product/version and component nam...

7.5CVSS5.8AI score0.00452EPSS
Exploits0References2
cve
cve
added 2026/07/02 12:0 a.m.13 views

CVE-2026-52192

CVE-2026-52192 concerns an issue in UTT nv518G/nv518GV3v3.2.7-210919-161313 where a remote attacker can cause a denial of service via the gohead/sub_445C5C component. The primary available details identify the affected product family and the vulnerable component, with the CVSS v3.1 vector indicat...

7.5CVSS5.8AI score0.00409EPSS
Exploits0References2
cve
cve
added 2026/07/02 12:0 a.m.13 views

CVE-2026-52188

CVE-2026-52188 is a Buffer Overflow in UTT nv518G nv518GV3v3.2.7-210919-161313 affecting the gohead//sub_497498 component. Reported impact is remote denial of service (availability impact) with CVSS 3.1 base score 6.5 (Medium). Connected sources indicate a PoC exists and a potential partial techn...

6.5CVSS5.8AI score0.00237EPSS
Exploits0References2
cve
cve
added 2026/07/02 12:0 a.m.11 views

CVE-2026-52191

CVE-2026-52191 is a Buffer Overflow in the UTT nv518G nv518GV3v3.2.7-210919-161313, affecting the gohead/sub_444C8C component. The vulnerability enables a remote attacker to cause a denial of service. The provided documents do not specify a patch or remediation; no exploit details are described. ...

7.5CVSS5.8AI score0.00452EPSS
Exploits0References2
cve
cve
added 2026/07/02 12:0 a.m.12 views

CVE-2026-52187

CVE-2026-52187 describes a Buffer Overflow in the UTT nv518G family (nv518G nv518GV3v3.2.7-210919-161313) that allows a remote attacker to cause a denial of service via the gohead/sub_483ba0 component. The NVD entry lists a Network attack vector, no privileges required, no user interaction, and a...

7.5CVSS5.8AI score0.00452EPSS
Exploits0References2
cve
cve
added 2026/07/02 12:0 a.m.11 views

CVE-2026-55493

Technical details for CVE-2026-55493 are not publicly available in the provided documents. No affected products, impacts, or fixes can be determined. Monitor for updates.

Exploits0References1
Rows per page
Query Builder