VYPR
Vendor

Winfrigate

Products
2
CVEs
10
Across products
11
Status
Private

Products

2

Recent CVEs

10
  • CVE-2020-37049HigJan 30, 2026
    risk 0.55cvss 8.4epss 0.00

    Frigate 3.36.0.9 contains a local buffer overflow vulnerability in the Command Line input field that allows attackers to execute arbitrary code. Attackers can craft a malicious payload to overflow the buffer, bypass DEP, and execute commands like launching calc.exe through a…

  • CVE-2020-37042HigJan 30, 2026
    risk 0.55cvss 8.4epss 0.00

    Frigate Professional 3.36.0.9 contains a local buffer overflow vulnerability in the 'Find Computer' feature that allows attackers to execute arbitrary code by overflowing the computer name input field. Attackers can craft a malicious payload that triggers a buffer overflow,…

  • CVE-2020-37039HigJan 30, 2026
    risk 0.49cvss 7.5epss 0.00

    Frigate 2.02 contains a denial of service vulnerability that allows attackers to crash the application by sending oversized input to the command line interface. Attackers can generate a payload of 8000 repeated characters and paste it into the application's command line field to…

  • CVE-2026-25643Feb 6, 2026
    risk 0.03cvss epss 0.03

    Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. Prior to 0.16.4, a critical Remote Command Execution (RCE) vulnerability has been identified in the Frigate integration with go2rtc. The application does not sanitize user input in the…

  • CVE-2026-33470Mar 26, 2026
    risk 0.00cvss epss 0.00

    Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. In version 0.17.0, a low-privilege authenticated user restricted to one camera can access snapshots from other cameras. This is possible through a chain of two authorization problems:…

  • CVE-2026-33469Mar 26, 2026
    risk 0.00cvss epss 0.00

    Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. In version 0.17.0, an authenticated non-admin user can retrieve the full raw Frigate configuration through `/api/config/raw`. This exposes sensitive values that are intentionally…

  • CVE-2026-33126Mar 20, 2026
    risk 0.00cvss epss 0.00

    Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. Prior to version 0.16.3, the /ffprobe endpoint accepts arbitrary user-controlled URLs without proper validation, allowing Server-Side Request Forgery (SSRF) attacks. An attacker can…

  • CVE-2026-33124Mar 20, 2026
    risk 0.00cvss epss 0.00

    Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. Versions prior to 0.17.0-beta1 allow any authenticated user to change their own password without verifying the current password through the /users/{username}/password endpoint.…

  • CVE-2023-45672Oct 30, 2023
    risk 0.00cvss epss 0.01

    Frigate is an open source network video recorder. Prior to version 0.13.0 Beta 3, an unsafe deserialization vulnerability was identified in the endpoints used to save configurations for Frigate. This can lead to unauthenticated remote code execution. This can be performed…

  • CVE-2010-3097Aug 20, 2010
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in WinFrigate Frigate 3 FTP client 3.36 and earlier allows remote FTP servers to overwrite arbitrary files via a "..\" (dot dot backslash) in a filename.