Lucene search
K

8 matches found

Positive Technologies
Positive Technologies
added 2023/04/25 12:0 a.m.5 views

PT-2023-20025 · Avideo · Avideo

Name of the Vulnerable Software and Affected Versions: AVideo versions prior to 12.4 Description: The issue allows attackers to gain sensitive information via the success parameter to the "/user" API endpoint. This is a Cross Site Scripting XSS vulnerability, which means attackers can inject...

6.1CVSS6AI score0.00395EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/04/25 12:0 a.m.4 views

WWBN AVideo 跨站脚本漏洞

WWBN AVideo is a video platform builder written in PHP by the WWBN team. A security vulnerability exists in World Wide Broadcast Network AVideo WWBN AVideo versions prior to 12.4. An attacker can exploit this vulnerability to obtain sensitive information via the /user success parameter...

6.1CVSS6.3AI score0.00395EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/05/16 12:0 a.m.5 views

PT-2022-6992 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.6.6 macOS versions prior to 12.4 Description: The issue is related to the PackageKit component in macOS, which has insufficient access controls. Exploitation of this issue may allow an attacker to execute arbitrary...

7.8CVSS7.5AI score0.00941EPSS
Exploits0References22
OSV
OSV
added 2021/09/13 7:15 p.m.3 views

UBUNTU-CVE-2021-40823

A logic error in the room key sharing functionality of matrix-js-sdk aka Matrix Javascript SDK before 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys via crafted Matrix protocol messages that were originally sent by affected Matrix clients...

5.9CVSS6.2AI score0.00662EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/09/13 12:0 a.m.24 views

Matrix 加密问题漏洞

Matrix is an ambitious new ecosystem for open federated instant messaging and VoIP. A cryptographic issue vulnerability exists in versions of Matrix Javascript SDK prior to 12.4.1, which stems from a logic error in a device's room key sharing functionality that results in insufficient...

5.9CVSS5.9AI score0.00662EPSS
Exploits0References3
OSV
OSV
added 2019/11/26 5:15 p.m.1 views

UBUNTU-CVE-2019-18450

An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the Project labels feature. It has Insecure Permissions...

4.3CVSS5.8AI score0.00659EPSS
Exploits0References3
CNVD
CNVD
added 2016/05/21 12:0 a.m.6 views

Apple iTunes Arbitrary Code Execution Vulnerability

Apple iTunes is a suite of media player applications from the American company Apple. A security vulnerability exists in Apple iTunes versions prior to 12.4, which can be exploited by an attacker to execute arbitrary code...

7.8CVSS7.1AI score0.00424EPSS
Exploits0References1
OSV
OSV
added 2016/04/22 6:59 p.m.6 views

CVE-2016-1917

Cross-site scripting XSS vulnerability in the Management Console in BlackBerry Enterprise Server BES 12 before 12.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2016-1918...

6.1CVSS5.9AI score0.01018EPSS
Exploits0References2
Rows per page
Query Builder