CVE-2020-12443

BigBlueButton before 2.2.6 allows remote attackers to read arbitrary files because the presfilename lowercase value can be a .pdf filename while the presFilename mixed case value has a ../ sequence. This can be leveraged for privilege escalation via a directory traversal to...

CVE-2023-43798

BigBlueButton is an open-source virtual classroom. BigBlueButton prior to versions 2.6.12 and 2.7.0-rc.1 is vulnerable to Server-Side Request Forgery SSRF. This issue is a bypass of CVE-2023-33176. A patch in versions 2.6.12 and 2.7.0-rc.1 disabled follow redirect at httpclient.execute since the...

CVE-2022-31039

Greenlight is a simple front-end interface for your BigBlueButton server. In affected versions an attacker can view any room's settings even though they are not authorized to do so. Only the room owner and administrator should be able to view a room's settings. This issue has been patched in...

PT-2025-41489

Name of the Vulnerable Software and Affected Versions BigBlueButton versions prior to 3.0.13 Description BigBlueButton is an open-source virtual classroom. A Denial of Service DoS issue exists that allows any authenticated user to freeze or crash the server by abusing the polling feature's Choice...

EUVD-2020-4428

Malware in sbrugna...

EUVD-2020-20111

Malware in sbrugna...

EUVD-2020-4754

Malware in sbrugna...

EUVD-2020-20112

Malware in sbrugna...

EUVD-2020-18788

Malware in sbrugna...

EUVD-2020-20115

Malware in sbrugna...

EUVD-2020-21425

Malware in sbrugna...

EUVD-2023-48170

Malicious code in bioql PyPI...

EUVD-2022-33571

Malicious code in bioql PyPI...

EUVD-2023-47230

Malicious code in bioql PyPI...

EUVD-2022-33593

Malicious code in bioql PyPI...

EUVD-2023-48169

Malicious code in bioql PyPI...

EUVD-2022-45069

Malicious code in bioql PyPI...

EUVD-2022-33595

Malicious code in bioql PyPI...

EUVD-2023-47231

Malicious code in bioql PyPI...

EUVD-2022-33592

Malicious code in bioql PyPI...