Lucene search
+L

15 matches found

EUVD
EUVD
added 2026/07/09 8:31 a.m.8 views

EUVD-2026-42550

The Hydra Booking – Appointment Scheduling & Booking Calendar plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 1.2.1 via the /wp-json/hydra-booking/v1/booking/details/id REST endpoint. This is due to the getBookingDetails callback only...

4.3CVSS5.9AI score0.00435EPSS
Exploits0References10
Malwarebytes
Malwarebytes
added 2026/01/21 12:32 p.m.9 views

Malicious Google Calendar invites could expose private data

Researchers found a way to weaponize calendar invites. They uncovered a vulnerability that allowed them to bypass Google Calendar’s privacy controls using a dormant payload hidden inside an otherwise standard calendar invite. Image courtesy of Miggo An attacker creates a Google Calendar event and...

5.7AI score
Exploits0
EUVD
EUVD
added 2026/01/10 1:7 a.m.6 views

EUVD-2026-1882

OpenProject is an open-source, web-based project management software. OpenProject versions prior to version 16.6.3, allowed users with the View Meetings permission on any project, to access meeting details of meetings that belonged to projects, the user does not have access to. This issue has bee...

4.3CVSS6.2AI score0.00193EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/10 12:0 a.m.5 views

OpenProject 访问控制错误漏洞

OpenProject is a Web-based project management software from OpenProject Open Source. An Access Control Error vulnerability exists in versions prior to OpenProject 16.6.3, which stems from improper access control and could lead to unauthorized access to meeting details...

4.3CVSS6.5AI score0.00193EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 4:51 p.m.7 views

CVE-2020-8216

An information disclosure vulnerability in meeting of Pulse Connect Secure 9.1R8 allowed an authenticated end-users to find meeting details, if they know the Meeting ID...

4.3CVSS6.2AI score0.02283EPSS
Exploits0References1
OSV
OSV
added 2020/07/30 1:15 p.m.5 views

CVE-2020-8216

An information disclosure vulnerability in meeting of Pulse Connect Secure 9.1R8 allowed an authenticated end-users to find meeting details, if they know the Meeting ID...

4.3CVSS6AI score0.02283EPSS
Exploits0References1
Prion
Prion
added 2020/07/30 1:15 p.m.21 views

Information disclosure

An information disclosure vulnerability in meeting of Pulse Connect Secure 9.1R8 allowed an authenticated end-users to find meeting details, if they know the Meeting ID...

4CVSS4.2AI score0.02283EPSS
Exploits0References1Affected Software4
Cvelist
Cvelist
added 2020/07/30 12:53 p.m.24 views

CVE-2020-8216

An information disclosure vulnerability in meeting of Pulse Connect Secure 9.1R8 allowed an authenticated end-users to find meeting details, if they know the Meeting ID...

5.2AI score0.02283EPSS
Exploits0References1
CVE
CVE
added 2020/07/30 12:53 p.m.58 views

CVE-2020-8216

CVE-2020-8216 describes an information-disclosure vulnerability in Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS) prior to version 9.1R8, where an authenticated end-user can reveal meeting details if they know the Meeting ID. Public sources in the provided documents confirm the affected...

4.3CVSS4.2AI score0.02283EPSS
Exploits0References1Affected Software2
CNVD
CNVD
added 2020/07/30 12:0 a.m.4 views

Pulse Secure Pulse Connect Secure and Pulse Policy Secure Information Disclosure Vulnerabilities

Pulse Secure Pulse Connect Secure a.k.a. PCS, formerly known as Juniper Junos Pulse and Pulse Policy Secure are both products of Pulse Secure, Inc.Pulse Connect Secure is an SSL VPN solution. Pulse Connect Secure is an SSL VPN solution. Pulse Policy Secure is a network access control solution. A...

4.3CVSS7AI score0.02283EPSS
Exploits0References1
NVD
NVD
added 2014/01/26 8:55 p.m.23 views

CVE-2014-1664

The Citrix GoToMeeting application 5.0.799.1238 for Android logs HTTP requests containing sensitive information, which allows attackers to obtain user IDs, meeting details, and authentication tokens via an application that reads the system log file...

5CVSS6.5AI score0.02984EPSS
Exploits3References4
Prion
Prion
added 2014/01/26 8:55 p.m.13 views

Authentication flaw

The Citrix GoToMeeting application 5.0.799.1238 for Android logs HTTP requests containing sensitive information, which allows attackers to obtain user IDs, meeting details, and authentication tokens via an application that reads the system log file...

5CVSS7AI score0.02984EPSS
Exploits3References4Affected Software1
Cvelist
Cvelist
added 2014/01/26 8:0 p.m.30 views

CVE-2014-1664

The Citrix GoToMeeting application 5.0.799.1238 for Android logs HTTP requests containing sensitive information, which allows attackers to obtain user IDs, meeting details, and authentication tokens via an application that reads the system log file...

6.5AI score0.02984EPSS
Exploits3References4
CVE
CVE
added 2014/01/26 8:0 p.m.50 views

CVE-2014-1664

The CVE-2014-1664 entry concerns Citrix GoToMeeting for Android version 5.0.799.1238, which logs HTTP requests containing sensitive data. The underlying issue is information disclosure via logs read by other Android apps with system log access, enabling leakage of user IDs, meeting details, and a...

5CVSS6.6AI score0.02984EPSS
Exploits3References4Affected Software1
Packet Storm
Packet Storm
added 2014/01/26 12:0 a.m.42 views

GoToMeeting Information Disclosure

ADVISORY INFORMATION ======================== Title: GoToMeeting Information Disclosure via Logging Output Android CVE: CVE-2014-1664 CVE Information: ASSIGNED Date published: PUBLIC Date of last update: 01/23/2014 Vendor Contacted: Citrix Release mode: Coordinated Release 2. VULNERABILITY...

5CVSS6.7AI score0.02984EPSS
Exploits3
Rows per page
Query Builder