CVE-2024-12504

The Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhisperhls' shortcode in all versions up to, and including, 6.1.9 due to insufficient input sanitization and output escaping on user...

CVE-2024-12504

The Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhisperhls' shortcode in all versions up to, and including, 6.1.9 due to insufficient input sanitization and output escaping on user...

CVE-2024-12504

CVE-2024-12504 concerns the WordPress plugin “Broadcast Live Video – Live Streaming” (VideoWhisper Live Streaming Integration). The vulnerability is a Stored Cross-Site Scripting (XSS) flaw in the plugin’s videowhisper_hls shortcode, present in all versions up to 6.1.9. Insufficient input sanitiz...

CVE-2024-12504 Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP <= 6.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Broadcast Live Video – Live Streaming : HTML5, WebRTC, HLS, RTSP, RTMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhisperhls' shortcode in all versions up to, and including, 6.1.9 due to insufficient input sanitization and output escaping on user...

Korenix JetNet Arbitrary Unauthenticated TFTP Actions (CVE-2020-12504)

Improper Authorization vulnerability of Korenix JetNet 5428G-20SFP, JetNet 5810G, JetNet 4706F, JetNet 4510, JetNet 5310, JetNet 4706, JetNet 5428G, JetNet 6095, JetNet 4706 use an active TFTP-Service. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-o...

Korenix CSRF / Backdoor Accounts / Command Injection / Missing Authentication Vulnerabilities

Multiple Korenix products are affected by unauthenticated device administration, backdoor accounts, cross site request forgery, unauthenticated tftp actions, and command injection vulnerabilities. Products affected include JetNet 5428G-20SFP, JetNet 5810G, JetNet 4706F, JetNet 4706, JetNet 4706,...

CVE-2020-12504

CVE-2020-12504 is an "Improper Authorization" vulnerability affecting Pepperl+Fuchs/P+F Comtrol RocketLinx devices and Korenix JetNet/JetWave products listed in the connected documents. The NVD entry notes an active TFTP service on affected models (firmware 1.2.3 and below for some Pepperl+Fuchs/...

CVE-2020-12504 Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT all versions and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an acti...

CVE-2020-12504

creationtimestamp| type| source ---|---|--- 2020-10-07 11:00:02+00:00| seen| https://t.me/SecLabNews/8977...

CVE-2019-12504

CVE-2019-12504 concerns the Inateck WP2002 2.4 GHz wearable wireless presenter. The connected documents confirm a vulnerability in data authenticity (CWE-345) where data from the receiver is not adequately validated, enabling keystroke injection attacks. The description notes unencrypted and unau...

CVE-2018-12504

tinyexr 0.9.5 has an assertion failure in ComputeChannelLayout in tinyexr.h...

CVE-2018-12504

CVE-2018-12504 affects tinyexr 0.9.5, with an assertion failure in ComputeChannelLayout in tinyexr.h. The issue is documented across multiple sources (NVD, Red Hat, CNVD, CNVD-like entries, OSV, etc.). The vulnerability centers on tinyexr 0.9.5 and its ComputeChannelLayout function; exploitation ...

CVE-2018-12504

tinyexr 0.9.5 has an assertion failure in ComputeChannelLayout in tinyexr.h...

CVE-2017-12504

A Remote Code Execution vulnerability in HPE Intelligent Management Center iMC PLAT version PLAT 7.3 E0504 was found. The problem was resolved in HPE Intelligent Management Center PLAT v7.3 E0506 or any subsequent version...

CVE-2017-12504

CVE-2017-12504 refers to a remote code execution vulnerability in Hewlett Packard Enterprise’s Intelligent Management Center (iMC) PLAT, specifically affecting version PLAT 7.3 (E0504) and resolved in PLAT 7.3 (E0506) or later. The issue has multiple corroborating sources (NVD/NVD mirror, CNVD, Z...

SuSE9 Security Update : libxml.rpm (YOU Patch Number 12504)

This update of libxml does not use pointers after they were freed anymore. CVE-2009-2416 Additionally a stack-based buffer overflow was fixed while parsing the root XML document. CVE-2009-2414 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, In...