CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

48 matches found

CNNVD•added 2025/05/07 12:0 a.m.•1 views

BrightSign Players 安全漏洞

BrightSign Players is a series of professional-grade digital signage player hardware from BrightSign, powered by BrightSign OS, which supports 4K Ultra HD content playback and interactive control. A security vulnerability exists in BrightSign Players versions prior to v8.5.53.1 and prior to...

8.5CVSS6.5AI score0.00159EPSS

Exploits0References2

CISA•added 2025/05/06 12:0 p.m.•4 views

CISA Releases Three Industrial Control Systems Advisories

CISA released three Industrial Control Systems ICS advisories on May 6, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-126-01 Optigo Networks ONS NC600 ICSA-25-126-02 Milesight UG65-868M-EA ICSA-25-126-03...

7AI score

Exploits0References3

ICS•added 2025/05/06 6:0 a.m.•8 views

BrightSign Players (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could allow for privilege escalation on the device, easily guessed passwords, or for arbitrary code to be executed on the underlying operating system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize...

6.2AI score

Exploits0References11

Positive Technologies•added 2025/05/06 12:0 a.m.•2 views

PT-2025-19997 · Brightsign · Brightsign Os Series 4 +1

Name of the Vulnerable Software and Affected Versions: BrightSign OS series 4 versions prior to 8.5.53.1 BrightSign OS series 5 versions prior to 9.0.166 Description: The issue allows for privilege escalation on the device once code execution has been obtained, due to execution with unnecessary...

8.5CVSS7.3AI score0.00159EPSS

Exploits0References9

Packet Storm•added 2020/10/01 12:0 a.m.•265 views

BrightSign Digital Signage Diagnostic Web Server 8.2.26 Server-Side Request Forgery

BrightSign Digital Signage Diagnostic Web Server 8.2.26 Unauthenticated SSRF Vendor: BrightSign, LLC Product web page: https://www.brightsign.biz Affected version: Model: XT, XD, HD, LS Firmware / OS version: =8.2.26 Summary: BrightSign designs media players and provides free software and cloud...

7.4AI score

Exploits0

Exploit DB•added 2020/10/01 12:0 a.m.•196 views

BrightSign Digital Signage Diagnostic Web Server 8.2.26 - Server-Side Request Forgery (Unauthenticated)

Exploit Title: BrightSign Digital Signage Diagnostic Web Server 8.2.26 - Server-Side Request Forgery Unauthenticated Date: 2020-09-30 Exploit Author: LiquidWorm Vendor Homepage: https://www.brightsign.biz Version: = 8.2.26 BrightSign Digital Signage Diagnostic Web Server 8.2.26 Unauthenticated SS...

7.4AI score

Exploits0

Zero Science Lab•added 2020/09/30 12:0 a.m.•200 views

BrightSign Digital Signage Diagnostic Web Server 8.2.26 Unauthenticated SSRF

Summary BrightSign designs media players and provides free software and cloud networking solutions for the commercial digital signage market worldwide, serving all vertical segments of the marketplace. Description Unauthenticated Server-Side Request Forgery SSRF vulnerability exists in the...

6AI score

Exploits0

CNVD•added 2017/12/20 12:0 a.m.•3 views

BrightSign Digital Signage (4k242) Cross-Site Scripting Vulnerability

BrightSign Digital Signage 4k242 is a set of digital signage multimedia playback devices from BrightSign USA. A cross-site scripting vulnerability exists in BrightSign Digital Signage 4k242 using firmware version 6.2.63 and earlier, which stems from the program failing to validate user input. A...

6.1CVSS6.7AI score0.02079EPSS

Exploits3References1

CNVD•added 2017/12/20 12:0 a.m.•4 views

BrightSign Digital Signage (4k242) Directory Traversal Vulnerability

The BrightSign Digital Signage 4k242 is a multimedia playback device from BrightSign USA. A directory traversal vulnerability exists in the BrightSign Digital Signage 4k242 using firmware version 6.2.63 and earlier. An attacker can exploit the vulnerability by sending the 'rp' parameter to the...

9.8CVSS6.9AI score0.1189EPSS

Exploits3References1

CNVD•added 2017/12/20 12:0 a.m.•3 views

BrightSign Digital Signage (4k242) File Upload Vulnerability

The BrightSign Digital Signage 4k242 is a multimedia playback device from BrightSign USA. A security vulnerability exists in BrightSign Digital Signage 4k242 using firmware version 6.2.63 and earlier. The vulnerability can be exploited to rename and modify files via the /tools.html web page...

7.5CVSS6.9AI score0.05764EPSS

Exploits3References1

Packet Storm•added 2017/12/19 12:0 a.m.•74 views

BrightSign Digital Signage XSS / Traversal / File Upload

Exploit Title: BrightSign Digital Signage Multiple Vulnerabilities Date: 12/15/17 Exploit Author: [email protected] Vectors: XSS, Directory Traversal, File Modification, Information Leakage The BrightSign Digital Signage 4k242 device Firmware 6.2.63 and below suffers from multiple...

0.1189EPSS

Exploits5

exploitpack•added 2017/12/19 12:0 a.m.•21 views

BrightSign Digital Signage - Multiple Vulnerablities

BrightSign Digital Signage - Multiple Vulnerablities Exploit Title: BrightSign Digital Signage Multiple Vulnerabilities Date: 12/15/17 Exploit Author: [email protected] Vectors: XSS, Directory Traversal, File Modification, Information Leakage The BrightSign Digital Signage 4k242 device...

0.3AI score

Exploits0

0day.today•added 2017/12/19 12:0 a.m.•57 views

BrightSign Digital Signage - Multiple Vulnerablities

Exploit for hardware platform in category web applications Exploit Title: BrightSign Digital Signage Multiple Vulnerabilities Date: 12/15/17 Exploit Author: email protected Vectors: XSS, Directory Traversal, File Modification, Information Leakage The BrightSign Digital Signage 4k242 device Firmwa...

7.5CVSS0.1AI score0.1189EPSS

Exploits5

Exploit DB•added 2017/12/19 12:0 a.m.•57 views

BrightSign Digital Signage - Multiple Vulnerablities

7.4AI score

Exploits0

Prion•added 2017/12/18 6:29 a.m.•15 views

Design/Logic Flaw

The BrightSign Digital Signage 4k242 device Firmware 6.2.63 and below allows renaming and modifying files via /tools.html...

6.4CVSS7.6AI score0.05764EPSS

Exploits3References2Affected Software1

OSV•added 2017/12/18 6:29 a.m.•1 views

CVE-2017-17739

The BrightSign Digital Signage 4k242 device Firmware 6.2.63 and below has directory traversal via the /storage.html rp parameter, allowing an attacker to read or write to files...

9.8CVSS5.8AI score0.1189EPSS

Exploits3References2

OSV•added 2017/12/18 6:29 a.m.•3 views

CVE-2017-17738

The BrightSign Digital Signage 4k242 device Firmware 6.2.63 and below allows renaming and modifying files via /tools.html...

7.5CVSS5.8AI score0.05764EPSS

Exploits3References2

OSV•added 2017/12/18 6:29 a.m.•2 views

CVE-2017-17737

The BrightSign Digital Signage 4k242 device Firmware 6.2.63 and below has XSS via the REF parameter to /networkdiagnostics.html or /storageinfo.html...

6.1CVSS5.8AI score0.02079EPSS

Exploits3References2

Prion•added 2017/12/18 6:29 a.m.•20 views

Code injection

The BrightSign Digital Signage 4k242 device Firmware 6.2.63 and below has XSS via the REF parameter to /networkdiagnostics.html or /storageinfo.html...

4.3CVSS5.9AI score0.02079EPSS

Exploits3References2Affected Software1

NVD•added 2017/12/18 6:29 a.m.•21 views

CVE-2017-17737

The BrightSign Digital Signage 4k242 device Firmware 6.2.63 and below has XSS via the REF parameter to /networkdiagnostics.html or /storageinfo.html...

6.1CVSS6.1AI score0.02079EPSS

Exploits3References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by