Lucene search
K

246 matches found

CVE
CVE
added 2024/11/21 1:30 a.m.89 views

CVE-2024-52797

CVE-2024-52797 affects Opencast (open-source video capture/distribution platform). The issue arises from Elasticsearch query construction that can become syntactically invalid in relation to valid prior queries, triggering a retry loop that repeatedly reissues the same invalid query. This infinit...

7.5CVSS6.5AI score0.00884EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2024/11/21 12:0 a.m.6 views

Opencast 安全漏洞

Opencast is a live video support software for large-scale automated video capture, management and distribution from the Opencast organization. A security vulnerability exists in Opencast that stems from generating syntactically invalid Elasticsearch query statements, which can lead to a denial of...

7.5CVSS6.4AI score0.00884EPSS
Exploits0References5
OSV
OSV
added 2024/11/20 10:46 p.m.5 views

GHSA-JH6X-7XFG-9CQ2 Searching Opencast may cause a denial of service

Impact First noticed in Opencast 13 and 14, Opencast's Elasticsearch integration may generate syntactically invalid Elasticsearch queries in relation to previously acceptable search queries. From Opencast version 11.4 and newer, Elasticsearch queries are retried a configurable number of times in...

6.5CVSS5.8AI score0.00884EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2024/11/20 10:46 p.m.33 views

Searching Opencast may cause a denial of service

Impact First noticed in Opencast 13 and 14, Opencast's Elasticsearch integration may generate syntactically invalid Elasticsearch queries in relation to previously acceptable search queries. From Opencast version 11.4 and newer, Elasticsearch queries are retried a configurable number of times in...

7.5CVSS6.5AI score0.00884EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2023/12/12 5:15 p.m.14 views

CVE-2018-16153

An issue was discovered in Apereo Opencast 4.x through 10.x before 10.6. It sends system digest credentials during authentication attempts to arbitrary external services in some situations...

7.5CVSS7.2AI score
Exploits0References4
NVD
NVD
added 2023/12/12 5:15 p.m.27 views

CVE-2018-16153

An issue was discovered in Apereo Opencast 4.x through 10.x before 10.6. It sends system digest credentials during authentication attempts to arbitrary external services in some situations...

7.5CVSS0.00829EPSS
Exploits0References4
Prion
Prion
added 2023/12/12 5:15 p.m.21 views

Design/Logic Flaw

An issue was discovered in Apereo Opencast 4.x through 10.x before 10.6. It sends system digest credentials during authentication attempts to arbitrary external services in some situations...

5CVSS7.5AI score0.00829EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2023/12/12 12:0 a.m.30 views

CVE-2018-16153

An issue was discovered in Apereo Opencast 4.x through 10.x before 10.6. It sends system digest credentials during authentication attempts to arbitrary external services in some situations...

7.7AI score0.00829EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/12/12 12:0 a.m.7 views

Opencast Security Vulnerabilities

Opencast is a live video support software for large-scale automated video capture, management and distribution from the Opencast organization. A security vulnerability exists in Opencast versions 4.x through 10.x prior to 10.6, which originates from sending system digest credentials during an...

7.5CVSS7AI score0.00829EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2023/12/12 12:0 a.m.5 views

CVE-2018-16153

An issue was discovered in Apereo Opencast 4.x through 10.x before 10.6. It sends system digest credentials during authentication attempts to arbitrary external services in some situations...

7.1AI score0.00829EPSS
Exploits0References4
CVE
CVE
added 2023/12/12 12:0 a.m.75 views

CVE-2018-16153

CVE-2018-16153 affects Opencast 4.x–10.x prior to 10.6, where authentication attempts to external services may transmit system digest credentials. The issue arises when Opencast sends credentials during authentication against arbitrary external services inside some workflows, potentially exposing...

7.5CVSS7.6AI score0.00829EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2022/12/02 12:0 a.m.8 views

Opencast < 12.5 Open Redirect Vulnerability

Opencast is prone to an open redirect vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1CVSS6.3AI score0.00347EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2022/11/30 9:22 p.m.29 views

Authenticated OpenRedirect Vulnerability

Description Prior to Opencast 12.5 Opencast's Paella authentication page could be used to redirect to an arbitrary URL for authenticated users. Impact The vulnerability allows attackers to redirect users to sites outside of your Opencast install, potentially facilitating phishing attacks or other...

6.1CVSS6.1AI score0.00347EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/11/30 9:22 p.m.26 views

GHSA-R3QR-VWVG-43F7 Authenticated OpenRedirect Vulnerability

Description Prior to Opencast 12.5 Opencast's Paella authentication page could be used to redirect to an arbitrary URL for authenticated users. Impact The vulnerability allows attackers to redirect users to sites outside of your Opencast install, potentially facilitating phishing attacks or other...

6.1CVSS5.8AI score0.00347EPSS
Exploits0References4
Veracode
Veracode
added 2022/11/29 2:41 a.m.15 views

Open Redirect

Opencast is vulnerable to open redirect. The vulnerability exists due to improper sanitization of user-supplied data which allows an attacker to redirect the user to an arbitrary website...

6.1CVSS6.2AI score0.00347EPSS
Exploits0References2Affected Software2
NVD
NVD
added 2022/11/28 9:15 p.m.23 views

CVE-2022-41965

Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to Opencast 12.5, Opencast's Paella authentication page could be used to redirect to an arbitrary URL for authenticated users. The vulnerability allows attackers to redirect users to...

6.1CVSS0.00347EPSS
Exploits0References2
Prion
Prion
added 2022/11/28 9:15 p.m.14 views

Double free

Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to Opencast 12.5, Opencast's Paella authentication page could be used to redirect to an arbitrary URL for authenticated users. The vulnerability allows attackers to redirect users to...

5.8CVSS6.1AI score0.00347EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/11/28 12:0 a.m.23 views

CVE-2022-41965 Opencast Authenticated OpenRedirect Vulnerability

Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to Opencast 12.5, Opencast's Paella authentication page could be used to redirect to an arbitrary URL for authenticated users. The vulnerability allows attackers to redirect users to...

5.7CVSS6.3AI score0.00347EPSS
Exploits0References2
CVE
CVE
added 2022/11/28 12:0 a.m.92 views

CVE-2022-41965

Opencast prior to version 12.5 is affected by an authenticated open-redirect vulnerability in the Paella authentication page. An attacker could redirect authenticated users to arbitrary external URLs, potentially enabling phishing or other security issues. The issue is fixed in Opencast 12.5 and ...

6.1CVSS5.8AI score0.00347EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/11/28 12:0 a.m.3 views

PT-2022-26189 · Opencast · Opencast

Name of the Vulnerable Software and Affected Versions: Opencast versions prior to 12.5 Description: The vulnerability in Opencast's Paella authentication page allows attackers to redirect authenticated users to arbitrary URLs, potentially facilitating phishing attacks or other security issues. Th...

6.1CVSS6.2AI score0.00347EPSS
Exploits0References7
Rows per page
Query Builder