Vulnerabilities > Vivotek > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-03 | CVE-2024-7443 | Command Injection vulnerability in Vivotek Ib8367A Firmware ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in Vivotek IB8367A VVTK-0100b. | 9.8 |
| 2024-08-03 | CVE-2024-7441 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Vivotek Sd9364 Firmware ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek SD9364 VVTK-0103f. | 9.8 |
| 2024-08-03 | CVE-2024-7442 | Command Injection vulnerability in Vivotek Sd9364 Firmware ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek SD9364 VVTK-0103f. | 9.8 |
| 2024-08-03 | CVE-2024-7440 | Command Injection vulnerability in Vivotek Cc8160 Firmware ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek CC8160 VVTK-0100d. | 9.8 |
| 2024-08-03 | CVE-2024-7439 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Vivotek Cc8160 Firmware ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek CC8160 VVTK-0100d and classified as critical. | 9.8 |
| 2020-05-28 | CVE-2020-11950 | OS Command Injection vulnerability in Vivotek products VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to upload and execute a script (with resultant execution of OS commands). | 9.0 |
| 2020-01-24 | CVE-2013-1598 | OS Command Injection vulnerability in Vivotek Pt7135 Firmware 0300A/0400A A Command Injection vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via the system.ntp parameter to the farseer.out binary file, which cold let a malicious user execute arbitrary code. | 9.0 |
| 2019-07-10 | CVE-2018-14496 | Out-of-bounds Write vulnerability in Vivotek Fd8136 Firmware 0301A Vivotek FD8136 devices allow remote memory corruption and remote code execution because of a stack-based buffer overflow, related to sprintf, vlocal_buff_4326, and set_getparam.cgi. | 9.8 |
| 2019-07-10 | CVE-2018-14495 | OS Command Injection vulnerability in Vivotek Fd8136 Firmware 0301A Vivotek FD8136 devices allow Remote Command Injection, aka "another command injection vulnerability in our target device," a different issue than CVE-2018-14494. | 9.8 |
| 2019-07-10 | CVE-2018-14494 | OS Command Injection vulnerability in Vivotek Fd8136 Firmware 0301A Vivotek FD8136 devices allow Remote Command Injection, related to BusyBox and wget. | 9.8 |