Vulnerabilities > Geovision > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-29 | CVE-2019-13408 | Path Traversal vulnerability in multiple products A relative path traversal vulnerability found in Advan VD-1 firmware versions up to 230. | 5.0 |
| 2019-08-29 | CVE-2019-13407 | Cross-site Scripting vulnerability in multiple products A XSS found in Advan VD-1 firmware versions up to 230. | 4.3 |
| 2019-08-29 | CVE-2019-11064 | Credentials Management vulnerability in multiple products A vulnerability of remote credential disclosure was discovered in Advan VD-1 firmware versions up to 230. | 5.0 |
| 2011-09-12 | CVE-2009-5087 | Path Traversal vulnerability in Geovision Digital Surveillance System 8.2 Directory traversal vulnerability in geohttpserver in Geovision Digital Video Surveillance System 8.2 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2005-05-14 | CVE-2005-1552 | Unspecified vulnerability in Geovision Digital Surveillance System 6.0.4/6.1/7.0 GeoVision Digital Video Surveillance System 6.04, 6.1 and 7.0, when set to create JPEG images, does not properly protect an image even when a password and username is assigned, which may allow remote attackers to gain sensitive information via a direct request to the image. | 5.0 |
| 2004-12-31 | CVE-2004-2101 | Denial-Of-Service vulnerability in Geohttpserver The sysinfo script in GeoHttpServer allows remote attackers to cause a denial of service (crash) via a long pwd parameter, possibly triggering a buffer overflow. | 5.0 |
| 2004-12-31 | CVE-2004-2100 | Security Bypass vulnerability in Geohttpserver GeoHttpServer, when configured to authenticate users, allows remote attackers to bypass authentication and access unauthorized files via a URL that contains %0a%0a (encoded newlines). | 5.0 |