Total
10 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-14458 | 1 Vivotek | 1 Camera | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of service via a crafted HTTP header. | |||||
| CVE-2019-14457 | 1 Vivotek | 1 Camera | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| VIVOTEK IP Camera devices with firmware before 0x20x have a stack-based buffer overflow via a crafted HTTP header. | |||||
| CVE-2019-10256 | 1 Vivotek | 1 Camera | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An authentication bypass vulnerability in VIVOTEK IPCam versions prior to 0x13a was found. | |||||
| CVE-2018-18244 | 1 Vivotek | 1 Camera | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting in syslog.html in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript code via an HTTP Referer Header. | |||||
| CVE-2018-18005 | 1 Vivotek | 1 Camera | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting in event_script.js in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript via a URL query string parameter. | |||||
| CVE-2018-18004 | 1 Vivotek | 1 Camera | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Incorrect Access Control in mod_inetd.cgi in VIVOTEK Network Camera Series products with firmware before XXXXXX-VVTK-0X09a allows remote attackers to enable arbitrary system services via a URL parameter. | |||||
| CVE-2018-14771 | 1 Vivotek | 1 Camera | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 2 of 2) via eventscript.cgi. | |||||
| CVE-2018-14770 | 1 Vivotek | 1 Camera | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 1 of 2) via the ONVIF interface, (/onvif/device_service). | |||||
| CVE-2018-14769 | 1 Vivotek | 1 Camera | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow CSRF. | |||||
| CVE-2018-14768 | 1 Vivotek | 1 Camera | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| Various VIVOTEK FD8*, FD9*, FE9*, IB8*, IB9*, IP9*, IZ9*, MS9*, SD9*, and other devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code. | |||||