|
791
|
9.3 |
CRITICAL
Network
|
geovision
|
gv-ip_device_utility
|
An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An att…
New
|
CWE-656
Reliance on Security Through Obscurity
|
CVE-2026-7161
|
2026-05-5 11:39 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
792
|
6.1 |
MEDIUM
Network
|
geovision
|
gv-lpc2011_firmware
gv-lpc2211_firmware
|
Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an ar…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-7371
|
2026-05-5 11:39 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
793
|
9.0 |
CRITICAL
Network
|
geovision
|
gv-vms_firmware
|
A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker ca…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-7372
|
2026-05-5 11:38 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
794
|
7.5 |
HIGH
Network
|
apache
|
http_server
|
A NULL pointer dereference in mod_dav_lock in Apache HTTP Server 2.4.66 and earlier may allow an attacker to crash the server with a malicious request.mod_dav_lock is not used internally by mod_dav o…
New
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-29169
|
2026-05-5 11:36 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
795
|
6.5 |
MEDIUM
Network
|
absolute
|
secure_access
|
CVE-2026-40950 is a buffer overflow vulnerability in the Secure Access
server prior to 14.50. Attackers with control of a modified client can
send a specially crafted message to the server and caus…
Update
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-40950
|
2026-05-5 11:32 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
796
|
4.4 |
MEDIUM
Local
|
absolute
|
secure_access
|
CVE-2026-40949 is a buffer overflow vulnerability in the Secure Access
Windows client prior to 14.50. Attackers with local control of the
Windows client can use it to trigger a denial of service.
Update
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-40949
|
2026-05-5 11:32 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
797
|
5.5 |
MEDIUM
Local
|
absolute
|
secure_access
|
CVE-2026-33452 is a buffer overflow vulnerability in the Secure Access
Windows client prior to 14.50. Attackers with local control of the
Windows client can use it to ‘blue screen’ the system.
Update
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-33452
|
2026-05-5 11:31 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
798
|
7.8 |
HIGH
Local
|
absolute
|
secure_access
|
CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure
Access Windows client prior to 14.50. Attackers with local control of
the Windows client can send malformed data to an API and …
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2026-33451
|
2026-05-5 11:31 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
799
|
5.5 |
MEDIUM
Local
|
absolute
|
secure_access
|
CVE-2026-33450 is an out of bounds read vulnerability in the Secure
Access MacOS client prior to 14.50. Attackers with control of a modified
server can send a malformed packet to the client causing…
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2026-33450
|
2026-05-5 11:31 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
800
|
7.5 |
HIGH
Network
|
absolute
|
secure_access
|
CVE-2026-33449 is a buffer overflow in a message handling function of
the Secure Access client prior to 14.50. Attackers with control of
a modified server can send a cryptographically valid message…
Update
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-33449
|
2026-05-5 11:27 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
