Vulnerabilities > Axis > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-26 | CVE-2018-10664 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Axis products An issue was discovered in the httpd process in multiple models of Axis IP Cameras. | 5.0 |
| 2018-06-26 | CVE-2018-10663 | Information Exposure vulnerability in Axis products An issue was discovered in multiple models of Axis IP Cameras. | 5.0 |
| 2018-06-26 | CVE-2018-10659 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Axis products There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction. | 5.0 |
| 2018-06-26 | CVE-2018-10658 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Axis products There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). | 5.0 |
| 2018-04-01 | CVE-2018-9158 | Improper Input Validation vulnerability in Axis M1033-W Firmware 5.40.5.1 An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. | 5.0 |
| 2017-10-25 | CVE-2017-15885 | Cross-site Scripting vulnerability in Axis 2100 Network Camera Firmware 2.03 Reflected XSS in the web administration portal on the Axis 2100 Network Camera 2.03 allows an attacker to execute arbitrary JavaScript via the conf_Layout_OwnTitle parameter to view/view.shtml. | 4.3 |
| 2017-08-04 | CVE-2017-12413 | Cross-site Scripting vulnerability in Axis 2100 Network Camera Firmware 2.43 AXIS 2100 devices 2.43 have XSS via the URI, possibly related to admin/admin.shtml. | 4.3 |
| 2017-04-17 | CVE-2015-8256 | Cross-site Scripting vulnerability in Axis Network Camera Firmware Multiple cross-site scripting (XSS) vulnerabilities in Axis network cameras. | 4.3 |
| 2017-04-10 | CVE-2015-8255 | Cross-Site Request Forgery (CSRF) vulnerability in Axis Communications Firmware AXIS Communications products allow CSRF, as demonstrated by admin/pwdgrp.cgi, vaconfig.cgi, and admin/local_del.cgi. | 6.8 |
| 2013-02-12 | CVE-2011-5261 | Cross-Site Scripting vulnerability in Axis products Cross-site scripting (XSS) vulnerability in serverreport.cgi in Axis M10 Series Network Cameras M1054 firmware 5.21 and earlier allows remote attackers to inject arbitrary web script or HTML via the pageTitle parameter to admin/showReport.shtml. | 4.3 |