Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (4 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-50245 1 Brickcom 4 Box, Bullet, Cube and 1 more 2026-06-12 7.7 High
Brickcom cameras allow unauthenticated access to live snapshot images via the /ONVIF endpoint and no authentication is required to retrieve still images from the camera feed.
CVE-2026-50005 1 Brickcom 4 Box, Bullet, Cube and 1 more 2026-06-12 7.7 High
Brickcom cameras ship with default credentials that allows any unauthenticated remote attacker to silently access camera feeds.
CVE-2013-3690 1 Brickcom 7 100ap Device Firmware, Fb-100ap, Md-100ap and 4 more 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.1.0.8 and earlier, allows remote attackers to hijack the authentication of administrators for requests that add users.
CVE-2013-3689 1 Brickcom 7 100ap Device Firmware, Fb-100ap, Md-100ap and 4 more 2025-04-11 N/A
Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.0.6.16C1 and earlier, do not properly restrict access to configfile.dump, which allow remote attackers to obtain sensitive information (user names, passwords, and configurations) via a get action.