VYPR

hisilicon/sec

by Hisilicon

CVEs (5)

  • CVE-2020-24215Oct 6, 2020
    risk 0.06cvss epss 0.19

    An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can use hard-coded credentials in HTTP requests to perform any administrative task on the device including retrieving the device's configuration (with the cleartext admin…

  • CVE-2024-41002Jul 12, 2024
    risk 0.00cvss epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec - Fix memory leak for sec resource release The AIV is one of the SEC resources. When releasing resources, it need to release the AIV resources at the same time. Otherwise, memory leakage…

  • CVE-2019-11560May 7, 2019
    risk 0.00cvss epss 0.02

    A buffer overflow vulnerability in the streaming server provided by hisilicon in HI3516 models allows an unauthenticated attacker to remotely run arbitrary code by sending a special RTSP over HTTP packet. The vulnerability was found in many cameras using hisilicon's hardware and…

  • CVE-2019-10711Apr 23, 2019
    risk 0.00cvss epss 0.01

    Incorrect access control in the RTSP stream and web portal on all IP cameras based on Hisilicon Hi3510 firmware (until Webware version V1.0.1) allows attackers to view an RTSP stream by connecting to the stream with hidden credentials (guest or user) that are neither displayed…

  • CVE-2019-10710Apr 23, 2019
    risk 0.00cvss epss 0.01

    Insecure permissions in the Web management portal on all IP cameras based on Hisilicon Hi3510 firmware allow authenticated attackers to receive a network's cleartext WiFi credentials via a specific HTTP request. This affects certain devices labeled as HI3510, HI3518, LOOSAFE,…