Vulnerabilities > Hikvision

DATE CVE VULNERABILITY TITLE RISK
2024-10-18 CVE-2024-47485 Improper Neutralization of Formula Elements in a CSV File vulnerability in Hikvision Hikcentral Master
There is a CSV injection vulnerability in some HikCentral Master Lite versions.
network
low complexity
hikvision CWE-1236
critical
9.8
2024-10-18 CVE-2024-47486 Cross-site Scripting vulnerability in Hikvision Hikcentral Master
There is an XSS vulnerability in some HikCentral Master Lite versions.
network
low complexity
hikvision CWE-79
6.1
2024-10-18 CVE-2024-47487 SQL Injection vulnerability in Hikvision Hikcentral Professional 2.0.0/2.5.1
There is a SQL injection vulnerability in some HikCentral Professional versions.
network
low complexity
hikvision CWE-89
8.8
2024-03-02 CVE-2024-25063 Unspecified vulnerability in Hikvision Hikcentral Professional 2.0.0/2.5.1
Due to insufficient server-side validation, a successful exploit of this vulnerability could allow an attacker to gain access to certain URLs that the attacker should not have access to.
network
low complexity
hikvision
7.5
2024-03-02 CVE-2024-25064 Unspecified vulnerability in Hikvision Hikcentral Professional 2.0.0
Due to insufficient server-side validation, an attacker with login privileges could access certain resources that the attacker should not have access to by changing parameter values.
network
low complexity
hikvision
4.3
2023-12-17 CVE-2023-6894 Unspecified vulnerability in Hikvision Intercom Broadcast System
A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK).
network
low complexity
hikvision
6.5
2023-12-17 CVE-2023-6895 Unspecified vulnerability in Hikvision Intercom Broadcast System
A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK).
network
low complexity
hikvision
critical
9.8
2023-12-17 CVE-2023-6893 Unspecified vulnerability in Hikvision Intercom Broadcast System
A vulnerability was found in Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK) and classified as problematic.
network
low complexity
hikvision
7.5
2023-11-23 CVE-2023-28812 Classic Buffer Overflow vulnerability in Hikvision Localservicecomponents 1.0.0.78
There is a buffer overflow vulnerability in a web browser plug-in could allow an attacker to exploit the vulnerability by sending crafted messages to computers installed with this plug-in, which could lead to arbitrary code execution or cause process exception of the plug-in.
network
low complexity
hikvision CWE-120
critical
9.8
2023-11-23 CVE-2023-28813 Unspecified vulnerability in Hikvision Localservicecomponents 1.0.0.78
An attacker could exploit a vulnerability by sending crafted messages to computers installed with this plug-in to modify plug-in parameters, which could cause affected computers to download malicious files.
network
low complexity
hikvision
7.5