|
3031
|
7.8 |
HIGH
Local
|
axis
|
ip_utility
|
AXIS IP Utility before 4.18.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. IPUtility.exe would attempt to load DLLs from its current working director…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2022-23410
|
2024-11-8 18:15 |
2022-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3032
|
8.8 |
HIGH
Network
|
axis
|
axis_os_2020
axis_os_2018
axis_os_2016
axis_os
|
A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) control characters and include arbitrary S…
|
CWE-74
Injection
|
CVE-2021-31988
|
2024-11-8 18:15 |
2021-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3033
|
7.5 |
HIGH
Network
|
axis
|
axis_os_2020
axis_os_2018
axis_os_2016
axis_os
|
A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients.
|
NVD-CWE-Other
|
CVE-2021-31987
|
2024-11-8 18:15 |
2021-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3034
|
6.8 |
MEDIUM
Network
|
axis
|
axis_os_2020
axis_os_2018
axis_os_2016
axis_os
|
User controlled parameters related to SMTP notifications are not correctly validated. This can lead to a buffer overflow resulting in crashes and data leakage.
|
CWE-787
Out-of-bounds Write
|
CVE-2021-31986
|
2024-11-8 18:15 |
2021-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3035
|
6.5 |
MEDIUM
Adjacent
|
axis
|
a1001_firmware
a1210_\(-b\)_firmware
a1601_firmware
a1610_\(-b\)_firmware
axis_os
|
Knud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis Network
Intercoms when communicating over OSDP, highlighting that the OSDP message parser crashes
the pacsiod proc…
|
NVD-CWE-noinfo
|
CVE-2023-21405
|
2024-11-8 18:15 |
2023-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3036
|
5.3 |
MEDIUM
Network
|
axis
|
device_manager
|
A user with permission to log on to the machine hosting the AXIS Device Manager client could under certain conditions extract a memory dump from the built-in Windows Task Manager application. The mem…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2021-31989
|
2024-11-8 18:15 |
2021-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3037
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
pinctrl: intel: platform: fix error path in device_for_each_child_node()
The device_for_each_child_node() loop requires calls to
…
|
-
|
CVE-2024-50197
|
2024-11-8 15:15 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3038
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
x86/entry_32: Clear CPU buffers after register restore in NMI return
CPU buffers are currently cleared after call to exc_nmi, but…
|
-
|
CVE-2024-50193
|
2024-11-8 15:15 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3039
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
irqchip/gic-v4: Don't allow a VMOVP on a dying VPE
Kunkun Jiang reported that there is a small window of opportunity for
userspac…
|
-
|
CVE-2024-50192
|
2024-11-8 15:15 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3040
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
HID: amd_sfh: Switch to device-managed dmam_alloc_coherent()
Using the device-managed version allows to simplify clean-up in prob…
|
-
|
CVE-2024-50189
|
2024-11-8 15:15 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
