Medium
CVE-2025-12063
An insecure direct object reference allowed a non-admin user to modify or remove certain data objects without having the…
Medium
CVE-2025-12757
An AXIS Camera Station Pro feature can be exploited in a way that allows a non-admin user to view information they are n…
Medium
CVE-2025-13064
A server-side injection was possible for a malicious admin to manipulate the application to include a malicious script w…
High
CVE-2025-11142
The VAPIX API mediaclip.cgi that did not have a sufficient input validation allowing for a possible remote code executio…
Medium
CVE-2025-8108
An ACAP configuration file has improper permissions and lacks input validation, which could potentially lead to privileg…
Medium
CVE-2025-5718
The ACAP Application framework could allow privilege escalation through a symlink attack. This vulnerability can only be…