📄 AVideo 14.3.1 notify.ffmpeg.json.php Remote Code Execution

AVideo version 14.3.1 unauthenticated remote code execution exploit that leverages notify.ffmpeg.json.php. ============================================================================================================================================= | Title : AVideo 14.3.1 via notify.ffmpeg.json.p...

CVE-2025-34433

creationtimestamp| type| source ---|---|--- 2025-12-19 17:01:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mae65ijor42o 2025-12-20 05:35:12+00:00| seen| https://infosec.exchange/users/offseq/statuses/115750267184627637 2025-12-20 05:35:13+00:00| seen|...

CVE-2021-34433

In Eclipse Californium version 2.0.0 to 2.6.4 and 3.0.0-M1 to 3.0.0-M3, the certificate based x509 and RPK DTLS handshakes accidentally succeeds without verifying the server side's signature on the client side, if that signature is not included in the server's ServerKeyExchange...

CVE-2024-34433

Deserialization of Untrusted Data vulnerability in OCDI One Click Demo Import.This issue affects One Click Demo Import: from n/a through 3.2.0...

CVE-2024-34433

Deserialization of Untrusted Data vulnerability in OCDI One Click Demo Import.This issue affects One Click Demo Import: from n/a through 3.2.0...

CVE-2024-34433 WordPress One Click Demo Import plugin <=3.2.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in OCDI One Click Demo Import.This issue affects One Click Demo Import: from n/a through 3.2.0...

WordPress One Click Demo Import Plugin <= 3.2.0 is vulnerable to PHP Object Injection

Software One Click Demo Import Type Plugin Vulnerable versions = 3.2.0 Fixed in 3.2.1 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-34433 Patch priority Low CVSS severity Low 4.4 Developer Claim ownership PSID a0133f0acd1f Credits ngductung Patchstack Alliance Requir...

CVE-2023-34433

creationtimestamp| type| source ---|---|--- 2023-07-07 07:25:52+00:00| seen| https://t.me/cibsecurity/66172...

CVE-2023-34433

PiiGAB M-Bus stores passwords using a weak hash algorithm (CVE-2023-34433). Affected product area: M-Bus SoftwarePack 900S. Root cause: password storage using an insufficient computational hash. Impact is substantial (confidentiality, integrity, and availability concerns) per documented CVSS vect...

CVE-2021-34433

creationtimestamp| type| source ---|---|--- 2021-08-20 20:19:26+00:00| seen| https://t.me/cibsecurity/27649...

CVE-2021-34433

The CVE concerns Eclipse Californium where certificate-based DTLS handshakes (X.509 and RPK) can accidentally succeed without verifying the client-side signature on the server, if the signature is not included in the server’s ServerKeyExchange. Affected versions are 2.0.0–2.6.4 and 3.0.0-M1–3.0.0...