Lucene search
K

76 matches found

Cvelist
Cvelist
added 2023/11/27 12:0 a.m.37 views

CVE-2023-46480

An issue in OwnCast v.0.1.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via the authHost parameter of the indieauth function...

9.8AI score0.01619EPSS
Exploits0References2
OSV
OSV
added 2023/11/27 12:0 a.m.33 views

CVE-2023-46480

An issue in OwnCast v.0.1.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via the authHost parameter of the indieauth function...

9.8CVSS9.6AI score0.01619EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/11/27 12:0 a.m.2 views

OwnCast Security Breach

Owncast is an open source, self-hosted, decentralized, single-user real-time video streaming and chat server. A security vulnerability exists in OwnCast version v.0.1.1, which originated from a vulnerability that allows remote attackers to obtain sensitive information or execute arbitrary code vi...

9.8CVSS7.5AI score0.01619EPSS
Exploits0References1
CVE
CVE
added 2023/11/27 12:0 a.m.57 views

CVE-2023-46480

OwnCast v0.1.1 contains a remote code execution vulnerability exploitable via the authHost parameter in the indieauth function. Public sources (NVD/Red Hat/Veracode/GHSA) describe an in-the-wild risk with high impact, including arbitrary code execution and disclosure of sensitive information. The...

9.8CVSS9.5AI score0.01619EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/11/27 12:0 a.m.4 views

PT-2023-30044 · Owncast · Owncast

Name of the Vulnerable Software and Affected Versions: OwnCast version 0.1.1 Description: The issue allows a remote attacker to execute arbitrary code and obtain sensitive information via the authHost parameter of the indieauth function. Recommendations: For OwnCast version 0.1.1, consider...

9.8CVSS8.2AI score0.01619EPSS
Exploits0References6
HackRead
HackRead
added 2023/07/12 3:0 p.m.16 views

Oxeye warns of SSRF Vulnerability in Owncast, SQL Injection Flaws in EaseProbe

By Waqas Owncase is a self-hosted live video streaming software, while EaseProbe is a lightweight and standalone health status checking tool. This is a post from HackRead.com Read the original post: Oxeye warns of SSRF Vulnerability in Owncast, SQL Injection Flaws in EaseProbe...

7.8AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2023/06/10 2:15 a.m.5 views

CVE-2023-3188

Server-Side Request Forgery SSRF in GitHub repository owncast/owncast prior to 0.1.0...

8.3CVSS5.8AI score0.01356EPSS
Exploits1References4
NVD
NVD
added 2023/06/10 2:15 a.m.22 views

CVE-2023-3188

Server-Side Request Forgery SSRF in GitHub repository owncast/owncast prior to 0.1.0...

8.3CVSS7.1AI score0.01356EPSS
Exploits1References2
Prion
Prion
added 2023/06/10 2:15 a.m.20 views

Server side request forgery (ssrf)

Server-Side Request Forgery SSRF in GitHub repository owncast/owncast prior to 0.1.0...

7.5CVSS6.5AI score0.01356EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/10 12:0 a.m.10 views

CVE-2023-3188 Server-Side Request Forgery (SSRF) in owncast/owncast

Server-Side Request Forgery SSRF in GitHub repository owncast/owncast prior to 0.1.0...

8.3CVSS6.6AI score0.01356EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/06/10 12:0 a.m.4 views

Owncast 代码问题漏洞

Owncast is an open source, self-hosted, decentralized, single-user real-time video streaming and chat server. A code issue vulnerability exists in Owncast version 0.1.0. An attacker could exploit this vulnerability to perform server-side request forgery SSRF attacks...

8.3CVSS7.5AI score0.01356EPSS
Exploits1References3
OSV
OSV
added 2023/06/10 12:0 a.m.22 views

CVE-2023-3188 Server-Side Request Forgery (SSRF) in owncast/owncast

Server-Side Request Forgery SSRF in GitHub repository owncast/owncast prior to 0.1.0...

8.3CVSS7.6AI score0.01356EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/06/10 12:0 a.m.33 views

CVE-2023-3188 Server-Side Request Forgery (SSRF) in owncast/owncast

Server-Side Request Forgery SSRF in GitHub repository owncast/owncast prior to 0.1.0...

8.3CVSS6.7AI score0.01356EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/06/10 12:0 a.m.7 views

PT-2023-23502 · Owncast · Owncast

Name of the Vulnerable Software and Affected Versions: owncast/owncast versions prior to 0.1.0 Description: The issue is related to Server-Side Request Forgery SSRF in the owncast/owncast GitHub repository. This allows an attacker to make requests to internal services that are not intended for...

8.3CVSS7.1AI score0.01356EPSS
Exploits1References5
CVE
CVE
added 2023/06/10 12:0 a.m.183 views

CVE-2023-3188

Summary: CVE-2023-3188 is an SSRF vulnerability in the open-source server Owncast (owncast/owncast) prior to version 0.1.0. The issue arises in the remotefollow pathway via the GetWebfingerLinks logic, where user-supplied input (account) is used to construct a URL, enabling an attacker to trigger...

8.3CVSS6.8AI score0.01356EPSS
Exploits1References2Affected Software1
Huntr
Huntr
added 2023/06/07 1:13 p.m.45 views

Unauthenticated Blind SSRF

Description The Oxeye research team found Owncast vulnerable to an Unauthenticated Blind SSRF vulnerability. This vulnerability may allow an unauthenticated attacker to force the Owncast server to send HTTP requests to arbitrary locations using the GET HTTP method. This vulnerability also allows...

6.4CVSS7.5AI score0.01356EPSS
Exploits1
Veracode
Veracode
added 2022/12/01 5:17 a.m.33 views

SQL Injection

github.com/owncast/owncast is vulnerable to SQL Injection. A specifically crafted attack statement through the input parameters of persistence.go allows a malicious user to inject and execute arbitrary SQL queries on the target system...

9.8CVSS9.5AI score0.00903EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2022/11/30 12:0 a.m.20 views

Owncast SQL Injection Vulnerability

Git is a free, open source distributed version control system. A SQL injection vulnerability exists in versions prior to Owncast 0.0.13. An attacker can exploit this vulnerability to obtain sensitive database information...

9.8CVSS9.6AI score0.00903EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2022/11/29 9:30 p.m.24 views

owncast is vulnerable to SQL Injection

SQL Injection in GitHub repository owncast/owncast prior to 0.0.13...

9.8CVSS9.7AI score0.00903EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2022/11/29 9:30 p.m.78 views

GHSA-CVH4-CJC9-84QM owncast is vulnerable to SQL Injection

SQL Injection in GitHub repository owncast/owncast prior to 0.0.13...

9.8CVSS9.5AI score0.00903EPSS
Exploits0References6
Rows per page
Query Builder