Search
Search Results (32 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-5087 | 1 Geovision | 1 Digital Surveillance System | 2025-04-11 | N/A |
| Directory traversal vulnerability in geohttpserver in Geovision Digital Video Surveillance System 8.2 allows remote attackers to read arbitrary files via a .. (dot dot) in a GET request. | ||||
| CVE-2004-2100 | 1 Geovision | 1 Geohttpserver | 2025-04-03 | N/A |
| GeoHttpServer, when configured to authenticate users, allows remote attackers to bypass authentication and access unauthorized files via a URL that contains %0a%0a (encoded newlines). | ||||
| CVE-2005-1552 | 1 Geovision | 1 Digital Surveillance System | 2025-04-03 | N/A |
| GeoVision Digital Video Surveillance System 6.04, 6.1 and 7.0, when set to create JPEG images, does not properly protect an image even when a password and username is assigned, which may allow remote attackers to gain sensitive information via a direct request to the image. | ||||
| CVE-2005-1553 | 1 Geovision | 1 Digital Surveillance System | 2025-04-03 | N/A |
| GeoVision Digital Video Surveillance System 6.04, 6.1 and 7.0 uses a weak encryption scheme to encrypt passwords, which allows remote attackers to obtain the password via sniffing. | ||||
| CVE-2004-2101 | 1 Geovision | 1 Geohttpserver | 2025-04-03 | N/A |
| The sysinfo script in GeoHttpServer allows remote attackers to cause a denial of service (crash) via a long pwd parameter, possibly triggering a buffer overflow. | ||||
| CVE-2023-23059 | 1 Geovision | 1 Gv-edge Recording Manager | 2025-01-29 | 9.8 Critical |
| An issue was discovered in GeoVision GV-Edge Recording Manager 2.2.3.0 for windows, which contains improper permissions within the default installation and allows attackers to execute arbitrary code and gain escalated privileges. | ||||
| CVE-2023-3638 | 1 Geovision | 2 Gv-adr2701, Gv-adr2701 Firmware | 2025-01-16 | 9.8 Critical |
| In GeoVision GV-ADR2701 cameras, an attacker could edit the login response to access the web application. | ||||
| CVE-2020-3931 | 1 Geovision | 12 Gv-as1010, Gv-as1010 Firmware, Gv-as210 and 9 more | 2024-11-21 | 9.8 Critical |
| Buffer overflow exists in Geovision Door Access Control device family, an unauthenticated remote attacker can execute arbitrary command. | ||||
| CVE-2020-3930 | 1 Geovision | 2 Gv-gf192x, Gv-gf192x Firmware | 2024-11-21 | 4 Medium |
| GeoVision Door Access Control device family improperly stores and controls access to system logs, any users can read these logs. | ||||
| CVE-2019-13408 | 2 Androvideo, Geovision | 6 Vd 1, Vd 1 Firmware, Gv-vd8700 and 3 more | 2024-11-21 | 7.5 High |
| A relative path traversal vulnerability found in Advan VD-1 firmware versions up to 230. It allows attackers to download arbitrary files via url cgibin/ExportSettings.cgi?Download=filepath, without any authentication. | ||||
| CVE-2019-13407 | 2 Androvideo, Geovision | 6 Vd 1, Vd 1 Firmware, Gv-vd8700 and 3 more | 2024-11-21 | N/A |
| A XSS found in Advan VD-1 firmware versions up to 230. VD-1 responses a path error message when a requested resource was not found in page cgibin/ssi.cgi. It leads to a reflected XSS because the error message does not escape properly. | ||||
| CVE-2019-11064 | 2 Androvideo, Geovision | 6 Vd 1, Vd 1 Firmware, Gv-vd8700 and 3 more | 2024-11-21 | 9.8 Critical |
| A vulnerability of remote credential disclosure was discovered in Advan VD-1 firmware versions up to 230. An attacker can export system configuration which is not encrypted to get the administrator’s account and password in plain text via cgibin/ExportSettings.cgi?Export=1 without any authentication. | ||||