CVE-2026-27466

BigBlueButton is an open-source virtual classroom. In versions 3.0.21 and below, the official documentation for "Server Customization" on Support for ClamAV as presentation file scanner contains instructions that leave a BBB server vulnerable for Denial of Service. The flawed command exposes both...

CVE-2026-27466 BigBlueButton: Exposed ClamAV port enables Denial of Service

BigBlueButton is an open-source virtual classroom. In versions 3.0.21 and below, the official documentation for "Server Customization" on Support for ClamAV as presentation file scanner contains instructions that leave a BBB server vulnerable for Denial of Service. The flawed command exposes both...

PT-2026-21364

BigBlueButton is an open-source virtual classroom. In versions 3.0.21 and below, the official documentation for "Server Customization" on Support for ClamAV as presentation file scanner contains instructions that leave a BBB server vulnerable for Denial of Service. The flawed command exposes both...

CVE-2026-25441

Missing Authorization vulnerability in varunvairavanlc LeadConnector leadconnector allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LeadConnector: from n/a through = 3.0.21...

CVE-2026-25441

Missing Authorization vulnerability in LeadConnector LeadConnector leadconnector allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LeadConnector: from n/a through = 3.0.21...

WordPress plugin LeadConnector 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...

VLC Media Player DoS Vulnerability (Oct 2024) - Linux

VLC Media Player is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

VLC Media Player DoS Vulnerability (Oct 2024) - Mac OS X

VLC Media Player is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

VLC Media Player DoS Vulnerability (Oct 2024) - Windows

VLC Media Player is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

PT-2024-19796 · Cybozu · Cybozu Kunai For Android

Name of the Vulnerable Software and Affected Versions: Cybozu KUNAI for Android versions 3.0.20 through 3.0.21 Description: The issue allows a remote unauthenticated attacker to cause a denial-of-service DoS condition by performing certain operations. Recommendations: For versions 3.0.20 through...

CVE-2021-41599

A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This...

Samba lsa_io_trans_names Heap Overflow

No description provided by source. $Id: lsatransnamesheap.rb 9021 2010-04-05 23:34:10Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

PHP Quick Arcade SQL Injection and Cross Site Scripting Vulnerabilities

This host is running PHP Quick Arcade and is prone to SQL injection and cross site scripting Vulnerabilities. OpenVAS Vulnerability Test $Id: gbphpquickarcadesqlinjectionnxssvuln.nasl 5373 2017-02-20 16:27:48Z teissa $ PHP Quick Arcade SQL Injection and Cross Site Scripting Vulnerabilities Author...

PHP Quick Arcade <= 3.0.21 Multiple Vulnerabilities

PHP Quick Arcade is prone to SQL injection SQLi and cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Samba lsa_io_trans_names Heap Overflow

This module triggers a heap overflow in the LSA RPC service of the Samba daemon. This module uses the TALLOC chunk overwrite method credit Ramon and Adriano, which only works with Samba versions 3.0.21-3.0.24. Additionally, this module will not work when the Samba "log level" parameter is higher...

Samba 3.0.21 &lt; 3.0.24 - LSA trans names Heap Overflow (Metasploit)

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Samba...