|
247481
|
5.4 |
MEDIUM
Network
|
sv3c
|
h.264_poe_ip_camera_firmware
|
The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B) does not perform proper validation on user-supplied input and is vulnerable to cross-site scripting attacks. If proper authorization was i…
|
CWE-79
Cross-site Scripting
|
CVE-2018-12672
|
2024-11-21 12:45 |
2018-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247482
|
9.8 |
CRITICAL
Network
|
sv3c
|
h.264_poe_ip_camera_firmware
|
An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) web interface can disclose information about the camera including all…
|
CWE-200
Information Exposure
|
CVE-2018-12671
|
2024-11-21 12:45 |
2018-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247483
|
9.8 |
CRITICAL
Network
|
sv3c
|
h.264_poe_ip_camera_firmware
|
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow OS Command Injection.
|
CWE-78
OS Command
|
CVE-2018-12670
|
2024-11-21 12:45 |
2018-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247484
|
8.8 |
HIGH
Network
|
sv3c
|
h.264_poe_ip_camera_firmware
|
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow remote authenticated users to reset arbitrary accounts via a request to web/cgi-bin/hi3510/para…
|
NVD-CWE-noinfo
|
CVE-2018-12669
|
2024-11-21 12:45 |
2018-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247485
|
9.8 |
CRITICAL
Network
|
sv3c
|
h.264_poe_ip_camera_firmware
|
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices have a Hard-coded Password.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2018-12668
|
2024-11-21 12:45 |
2018-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247486
|
9.8 |
CRITICAL
Network
|
sv3c
|
h.264_poe_ip_camera_firmware
|
The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) is affected by an improper authentication vulnerability that allows requests to be made to back-end CGI…
|
CWE-287
Improper Authentication
|
CVE-2018-12667
|
2024-11-21 12:45 |
2018-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247487
|
9.8 |
CRITICAL
Network
|
sv3c
|
h.264_poe_ip_camera_firmware
|
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B devices improperly identifies users only by the authentication level sent in the cookies, which allow remote attackers to bypass authentication …
|
CWE-287
Improper Authentication
|
CVE-2018-12666
|
2024-11-21 12:45 |
2018-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247488
|
5.3 |
MEDIUM
Network
|
mozilla
|
firefox
|
The displayed addressbar URL can be spoofed on Firefox for Android using a javascript: URI in concert with JavaScript to insert text before the loaded domain name, scrolling the loaded domain out of …
|
CWE-20
Improper Input Validation
|
CVE-2018-12382
|
2024-11-21 12:45 |
2018-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247489
|
5.3 |
MEDIUM
Network
|
mozilla
|
firefox
firefox_esr
|
Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. *Note: this issue only af…
|
CWE-610
Externally Controlled Reference to a Resource in Another Sphere
|
CVE-2018-12381
|
2024-11-21 12:45 |
2018-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247490
|
8.8 |
HIGH
Network
|
mozilla
canonical
|
firefox
ubuntu_linux
|
Memory safety bugs present in Firefox 61. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. T…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-12375
|
2024-11-21 12:45 |
2018-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
