2371
|
7.8 |
HIGH
Local
|
axis
|
ip_utility
|
AXIS IP Utility before 4.18.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. IPUtility.exe would attempt to load DLLs from its current working director…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2022-23410
|
2024-11-8 18:15 |
2022-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2372
|
8.8 |
HIGH
Network
|
axis
|
axis_os_2020 axis_os_2018 axis_os_2016 axis_os
|
A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) control characters and include arbitrary S…
|
CWE-74
Injection
|
CVE-2021-31988
|
2024-11-8 18:15 |
2021-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2373
|
6.5 |
MEDIUM
Adjacent
|
axis
|
a1001_firmware a1210_\(-b\)_firmware a1601_firmware a1610_\(-b\)_firmware axis_os
|
Knud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis Network
Intercoms when communicating over OSDP, highlighting that the OSDP message parser crashes
the pacsiod proc…
|
NVD-CWE-noinfo
|
CVE-2023-21405
|
2024-11-8 18:15 |
2023-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2374
|
7.5 |
HIGH
Network
|
axis
|
axis_os_2020 axis_os_2018 axis_os_2016 axis_os
|
A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients.
|
NVD-CWE-Other
|
CVE-2021-31987
|
2024-11-8 18:15 |
2021-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2375
|
6.8 |
MEDIUM
Network
|
axis
|
axis_os_2020 axis_os_2018 axis_os_2016 axis_os
|
User controlled parameters related to SMTP notifications are not correctly validated. This can lead to a buffer overflow resulting in crashes and data leakage.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-31986
|
2024-11-8 18:15 |
2021-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2376
|
5.3 |
MEDIUM
Network
|
axis
|
device_manager
|
A user with permission to log on to the machine hosting the AXIS Device Manager client could under certain conditions extract a memory dump from the built-in Windows Task Manager application. The mem…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2021-31989
|
2024-11-8 18:15 |
2021-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2377
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
udf: refactor inode_bmap() to handle error
Refactor inode_bmap() to handle error since udf_next_aext() can return
error now. On s…
|
-
|
CVE-2024-50211
|
2024-11-8 15:15 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2378
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
ring-buffer: Fix reader locking when changing the sub buffer order
The function ring_buffer_subbuf_order_set() updates each
ring_…
|
-
|
CVE-2024-50207
|
2024-11-8 15:15 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2379
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
fs: don't try and remove empty rbtree node
When copying a namespace we won't have added the new copy into the
namespace rbtree un…
|
-
|
CVE-2024-50204
|
2024-11-8 15:15 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2380
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
pinctrl: intel: platform: fix error path in device_for_each_child_node()
The device_for_each_child_node() loop requires calls to
…
|
-
|
CVE-2024-50197
|
2024-11-8 15:15 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|