CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

RedhatCVE•added 2025/12/31 12:2 a.m.•5 views

CVE-2025-66824

A Stored Cross-Site Scripting XSS vulnerability exists in the Meeting location field of the Create/Edit Conference functionality in TrueConf Server v5.5.2.10813. The injected payload is stored via the meetingroom parameter and executed when users visit the Conference Info page, allowing attackers...

8.7CVSS5.2AI score0.00261EPSS

Exploits1References1

EUVD•added 2025/12/30 9:30 p.m.•3 views

EUVD-2025-205838

4.8AI score0.00261EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2012-5363

Malware in sbrugna...

5CVSS6.4AI score0.01046EPSS

Exploits0References2

BDU FSTEC•added 2025/05/29 12:0 a.m.•3 views

The vulnerability of VideoGrace software-related video conferencing systems lies in insufficient validation of input data, allowing attackers to create conferences under the identity of arbitrary users.

The vulnerability of VideoGrace video conferencing software is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to create conferences under the identity of any user...

4.3CVSS5.5AI score

Exploits0Affected Software1

Positive Technologies•added 2024/03/29 12:0 a.m.•2 views

PT-2024-41419 · Ооо "Ивс" · Videograce

Уязвимость функции создания конференции клиента программного обеспечения видеоконференцсвязи VideoGrace связана с непринятием мер по защите структуры веб-страницы. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, провести атаку межсайтового скриптинга XSS...

5.5CVSS7.3AI score

Exploits0References1

NVD•added 2013/01/17 3:55 p.m.•16 views

CVE-2012-5444

Cisco TelePresence Video Communication Server VCS X7.0.3 does not properly process certain search rules, which allows remote attackers to create conferences via an unspecified Conductor request, aka Bug ID CSCub67989...

5CVSS6.8AI score0.01046EPSS

Exploits0References1