Lucene search
+L

69 matches found

EUVD
EUVD
added 4 days ago4 views

EUVD-2026-43608

SQL Injection vulnerability in Shenzhou Shihan Video Conference System v.1.0 allows a remote attacker to execute arbitrary code via the /user/getUserLogin endpoint...

9.8CVSS6.4AI score0.00527EPSS
Exploits0References3
NVD
NVD
added 5 days ago6 views

CVE-2026-51821

SQL Injection vulnerability in Shenzhou Shihan Video Conference System v.1.0 allows a remote attacker to execute arbitrary code via the /user/getUserLogin endpoint...

9.8CVSS0.00527EPSS
Exploits0References2
Cvelist
Cvelist
added 5 days ago30 views

CVE-2026-51821

SQL Injection vulnerability in Shenzhou Shihan Video Conference System v.1.0 allows a remote attacker to execute arbitrary code via the /user/getUserLogin endpoint...

0.00527EPSS
Exploits0References2
CVE
CVE
added 5 days ago7 views

CVE-2026-51821

Affected software: Shenzhou Shihan Video Conference System v1.0. Vulnerability: SQL Injection in the /user/getUserLogin endpoint. Root cause: Unsafely constructed SQL queries allow an attacker to inject arbitrary SQL. Impact: Remote attacker can execute arbitrary code with the system’s privileges...

9.8CVSS6.4AI score0.00527EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.5 views

PT-2026-31217

Missing Authorization vulnerability in Deepen Bajracharya Video Conferencing with Zoom video-conferencing-with-zoom-api allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Video Conferencing with Zoom: from n/a through = 4.6.6...

5.9AI score0.00185EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-4485

Malware in sbrugna...

8.5CVSS6.4AI score0.01065EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2020-14305

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds memory write flaw was found in how the Linux kernel's Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port...

8.3CVSS6.6AI score0.05114EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2025/07/22 12:0 a.m.7 views

The vulnerability of the "Yandex.Telemost" video conference software for macOS allows a hacker to elevate their privileges and gain access to the device’s hardware resources.

The vulnerability of the "Yandex.Telemost" video conference software lies in the use of an unreliable search path. Exploiting this vulnerability can allow attackers to enhance their privileges and gain access to the device’s hardware resources...

8.8CVSS5.5AI score0.00156EPSS
Exploits0References2Affected Software1
Packet Storm News
Packet Storm News
added 2025/06/24 12:0 a.m.6 views

An ETSI GS QKD Compliant TLS Implementation

A modification of the TLS protocol is presented, using our implementation of the Quantum Key Distribution QKD standard ETSI GS QKD 014 v1.1.1. We rely on the Rustls library for this. The TLS protocol is modified while maintaining backward compatibility on the client and server side. We thus wish ...

6.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/06/16 12:0 a.m.7 views

The vulnerability of the Vinteo video conference software server lies in the lack of protective measures for website structures. This allows attackers to carry out XSS attacks and execute arbitrary requests.

The vulnerability of the Vinteo video conference software server lies in the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely and execute arbitrary requests...

8CVSS5.8AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/29 12:0 a.m.25 views

The vulnerability of VideoGrace video conference software, related to insufficient validation of input data, allows a perpetrator to cause service failures.

The vulnerability of VideoGrace video conferencing software is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...

4CVSS5.5AI score
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/29 12:0 a.m.7 views

The vulnerability of VideoGrace video conference software, related to insufficient validation of input data, allows a intruder to trigger a service failure.

The vulnerability of VideoGrace video conferencing software is related to insufficient verification of input data. Exploiting this vulnerability can allow attackers to cause service failures...

2.8CVSS5.5AI score
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 2:29 a.m.7 views

CVE-2013-4629

The Huawei viewpoint VP9610 and VP9620 units for the Huawei Video Conference system do not update the Session ID upon successful establishment of a login session, which allows remote authenticated users to hijack sessions via an unspecified interception method...

8.5CVSS6.7AI score0.01065EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/05/19 12:0 a.m.10 views

The vulnerability of the "Yandex.Telemost" video conference software lies in its use of an unreliable search path, allowing a hacker to execute arbitrary code.

The vulnerability of the "Yandex.Telemost" video conference software lies in the use of an unreliable search path. Exploiting this vulnerability could allow a hacker to execute arbitrary code...

8.2CVSS5.8AI score0.00134EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/09 12:0 a.m.10 views

The vulnerability of the Crestron Automate VX video conference management system, related to the transmission of accounting data in unencrypted form, allows a intruder to disclose the transmitted accounting data and gain unauthorized access to the system.

The vulnerability of the Crestron Automate VX video conference system lies in the transmission of account information in an unencrypted form. Exploiting this vulnerability could allow a malicious actor to disclose the transmitted account information and gain unauthorized access to the system...

10CVSS5.5AI score0.00248EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2025/04/01 12:0 a.m.2 views

Shenzhen Qixin Haozitong Cloud Computing Co., Ltd. Haozitong-Cloud Conference has file upload vulnerability

GoodView-Cloud Conference is a network video conference product based on cloud computing technology. Shenzhen Qixin Haozitong Cloud Computing Co., Ltd Haozitong-Cloud Conference has a file upload vulnerability that can be exploited by an attacker to gain control of the server...

7.4AI score
Exploits0
Hewlett-Packard
Hewlett-Packard
added 2024/11/04 12:0 a.m.13 views

Certain Poly Video Conference Devices – Potential Remote Code Execution

A potential vulnerability was discovered in certain Poly video conferencing devices. The firmware flaw does not properly sanitize user input. The exploitation of this vulnerability is dependent on a layered attack and cannot be exploited by itself. The recommendation is to update an impacted devi...

7.5CVSS6.8AI score0.0039EPSS
Exploits0
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.143 views

D-Link I2eye Video Conference AutoAnswer (WDBRPC)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'D-Link i2eye Video Conference AutoAnswer WDBRPC', 'Description' = %q This module can be used to enable auto-answer mode for the D-Link i2eye vide...

7.4AI score
Exploits0
CVE
CVE
added 2024/03/29 5:22 p.m.86 views

CVE-2024-30437

CVE-2024-30437 affects WPPOOL Webinar and Video Conference with Jitsi Meet: Improper neutralization of input in web page generation leads to Stored XSS. Affected: Webinar and Video Conference with Jitsi Meet from n/a through version 2.6.3. No exploitation status or patch details are provided in t...

6.5CVSS8.6AI score0.0036EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/29 5:22 p.m.31 views

CVE-2024-30437 WordPress Webinar and Video Conference with Jitsi Meet plugin <= 2.6.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPPOOL Webinar and Video Conference with Jitsi Meet allows Stored XSS.This issue affects Webinar and Video Conference with Jitsi Meet: from n/a through 2.6.3...

6.5CVSS6.6AI score0.0036EPSS
Exploits0References1
Rows per page
Query Builder