Vulnerabilities > Axis
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-26 | CVE-2018-10659 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Axis products There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction. | 7.5 |
| 2018-06-26 | CVE-2018-10658 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Axis products There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). | 7.5 |
| 2018-04-01 | CVE-2018-9158 | Improper Input Validation vulnerability in Axis M1033-W Firmware 5.40.5.1 An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. | 7.5 |
| 2018-04-01 | CVE-2018-9157 | Unrestricted Upload of File with Dangerous Type vulnerability in Axis M1033-W Firmware 5.40.5.1 An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. | 7.5 |
| 2018-04-01 | CVE-2018-9156 | Unrestricted Upload of File with Dangerous Type vulnerability in Axis P1354 Firmware 5.90.1.1 An issue was discovered on AXIS P1354 (IP camera) Firmware version 5.90.1.1 devices. | 7.5 |
| 2017-10-25 | CVE-2017-15885 | Cross-site Scripting vulnerability in Axis 2100 Network Camera Firmware 2.03 Reflected XSS in the web administration portal on the Axis 2100 Network Camera 2.03 allows an attacker to execute arbitrary JavaScript via the conf_Layout_OwnTitle parameter to view/view.shtml. | 6.1 |
| 2017-08-04 | CVE-2017-12413 | Cross-site Scripting vulnerability in Axis 2100 Network Camera Firmware 2.43 AXIS 2100 devices 2.43 have XSS via the URI, possibly related to admin/admin.shtml. | 6.1 |
| 2017-05-02 | CVE-2015-8257 | Command Injection vulnerability in Axis Network Camera Firmware The devtools.sh script in AXIS network cameras allows remote authenticated users to execute arbitrary commands via shell metacharacters in the app parameter to (1) app_license.shtml, (2) app_license_custom.shtml, (3) app_index.shtml, or (4) app_params.shtml. | 8.8 |
| 2017-04-17 | CVE-2015-8256 | Cross-site Scripting vulnerability in Axis Network Camera Firmware Multiple cross-site scripting (XSS) vulnerabilities in Axis network cameras. | 6.1 |
| 2017-04-10 | CVE-2015-8258 | Injection vulnerability in Axis Communications Firmware 5.80.3 AXIS Communications products with firmware through 5.80.x allow remote attackers to modify arbitrary files as root via vectors involving Open Script Editor, aka a "resource injection vulnerability." | 7.5 |