149 matches found
Malicious code in art19-web-player (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 833f7a38c823fdd26727d7a6aec9c75365b96860e4723badca46db54163128da Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-29788
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Podlove Podlove Web Player allows Stored XSS.This issue affects Podlove Web Player: from n/a through 5.7.1...
CVE-2015-9288
The Unity Web Player plugin before 4.6.6f2 and 5.x before 5.0.3f2 allows attackers to read messages or access online services via a victim's credentials...
The vulnerabilities of the Analyst component, Web Player, and Automation Services of the Spotfire Analyst platform, as well as the Spotfire Server and AWS Spotfire for AWS Marketplace analytical platforms, allow attackers to execute arbitrary code.
The vulnerabilities of the Analyst component, Web Player, and Automation Services of the Spotfire Analyst platform, as well as the Spotfire Server and the analytics platform based on cloud services AWS Spotfire for AWS Marketplace, are related to insufficient validation of input data. Exploiting...
CVE-2024-3330
Vulnerability in Spotfire Spotfire Analyst, Spotfire Spotfire Server, Spotfire Spotfire for AWS Marketplace allows In the case of the installed Windows client: Successful execution of this vulnerability will result in an attacker being able to run arbitrary code.This requires human interaction fr...
CVE-2024-3330 Spotfire Remote Code Execution Vulnerability
Vulnerability in Spotfire Spotfire Analyst, Spotfire Spotfire Server, Spotfire Spotfire for AWS Marketplace allows In the case of the installed Windows client: Successful execution of this vulnerability will result in an attacker being able to run arbitrary code.This requires human interaction fr...
CVE-2024-3330 Spotfire Remote Code Execution Vulnerability
Vulnerability in Spotfire Spotfire Analyst, Spotfire Spotfire Server, Spotfire Spotfire for AWS Marketplace allows In the case of the installed Windows client: Successful execution of this vulnerability will result in an attacker being able to run arbitrary code.This requires human interaction fr...
CVE-2024-35710
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Podlove Podlove Web Player.This issue affects Podlove Web Player: from n/a through 5.7.3...
CVE-2024-35710 WordPress Podlove Web Player plugin <= 5.7.3 - Sensitive Data Exposure vulnerability
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Podlove Podlove Web Player.This issue affects Podlove Web Player: from n/a through 5.7.3...
CVE-2024-35710 WordPress Podlove Web Player plugin <= 5.7.3 - Sensitive Data Exposure vulnerability
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Podlove Podlove Web Player.This issue affects Podlove Web Player: from n/a through 5.7.3...
CVE-2024-35710
Technical details for CVE-2024-35710 are not provided in the connected documents. Public information here is limited to Podlove Web Player exposure and CVSS data. Monitor official advisories for updates and patches as they become available.
WordPress plugin Podlove Web Player Information Disclosure Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. An information disclosure...
WordPress Podlove Web Player plugin <= 5.7.3 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Podlove Web Player versions = 5.7.3...
WordPress Podlove Web Player Plugin <= 5.7.3 is vulnerable to Sensitive Data Exposure
Software Podlove Web Player Type Plugin Vulnerable versions = 5.7.3 Fixed in 5.7.4 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-35710 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 7b2985bdf410 Credits Peng Zhou Required...
PT-2024-4654 · Tibco · Spotfire For Aws Marketplace +2
Name of the Vulnerable Software and Affected Versions: Spotfire Analyst versions 12.0.9 through 12.5.0 Spotfire Analyst versions 14.0 through 14.0.2 Spotfire Server versions 12.0.10 through 12.5.0 Spotfire Server versions 14.0 through 14.0.3 Spotfire Server versions 14.2.0 through 14.3.0 Spotfire...
Podlove Web Player < 5.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Podlove Web Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url' variable in versions up to, and including, 5.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-leve...
CVE-2024-29788
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Podlove Podlove Web Player allows Stored XSS.This issue affects Podlove Web Player: from n/a through 5.7.1...
CVE-2024-29788 WordPress Podlove Web Player plugin <= 5.7.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Podlove Podlove Web Player allows Stored XSS.This issue affects Podlove Web Player: from n/a through 5.7.1...
CVE-2024-29788
CVE-2024-29788 : Podlove Web Player for WordPress contains a Stored XSS vulnerability via improper neutralization of input during web page generation. Affected versions are Podlove Web Player from 0 through 5.7.1. The issue is exploitable in authenticated contexts. Security status from connected ...
CVE-2024-29788 WordPress Podlove Web Player plugin <= 5.7.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Podlove Podlove Web Player allows Stored XSS.This issue affects Podlove Web Player: from n/a through 5.7.1...