Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2026/03/25 7:52 p.m.2 views

EUVD-2026-14496

AVideo Allows Unauthenticated Access to ADServer reports.json.php that Exposes Ad Campaign Analytics and User Data...

5.3CVSS5.8AI score0.00112EPSS
Exploits1References3
NVD
NVDadded 2026/03/23 7:16 p.m.0 views

CVE-2026-33685

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the plugin/ADServer/reports.json.php endpoint performs no authentication or authorization checks, allowing any unauthenticated attacker to extract ad campaign analytics data including video titles, user channel...

5.3CVSS0.00112EPSS
Exploits1References2
ATTACKERKB
ATTACKERKBadded 2026/03/23 6:42 p.m.2 views

CVE-2026-33685

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the plugin/ADServer/reports.json.php endpoint performs no authentication or authorization checks, allowing any unauthenticated attacker to extract ad campaign analytics data including video titles, user channel...

5.3CVSS5.8AI score0.00112EPSS
Exploits1References3Affected Software1
CVE
CVEadded 2026/03/23 6:42 p.m.2 views

CVE-2026-33685

WWBN AVideo up to version 26.0 exposes ad campaign analytics and related user data via unauthenticated access to plugin/AD_Server/reports.json.php. The HTML reports (reports.php) and CSV export (getCSV.php) enforce User::isAdmin(), but the JSON API lacked authentication/authorization checks, allo...

5.3CVSS5.8AI score0.00112EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2026/03/23 12:0 a.m.1 views

PT-2026-27187

Name of the Vulnerable Software and Affected Versions AVideo versions prior to 26.1 Description AVideo is an open source video platform. Versions up to and including 26.0 lack authentication and authorization checks on the plugin/AD Server/reports.json.php endpoint. This allows unauthenticated...

5.3CVSS5.8AI score0.00112EPSS
Exploits1References5
ThreatPost
ThreatPostadded 2016/07/05 1:44 p.m.12 views

HummingBad Android Malware Connected to YiSpecter iOS Attacks

The same group of cybercriminals behind a strain of iOS malware uncovered last year have apparently diversified and now dabble in Android malware. The group, dubbed Yingmob, has been running a malware campaign named HummingBad that controls 10 million Android devices globally and rakes in $300,00...

0.8AI score
Exploits0References3
The Hacker News
The Hacker Newsadded 2016/07/04 10:33 p.m.11 views

Chinese Ad Firm Infected 85 Million Android Users to Get More Clicks

An Android-based malware campaign has been found to control as many as 85 million Android devices globally and is making its gang an estimated $300,000 per month in fraudulent ad revenue. A Chinese advertising company called Yingmob is responsible for distributing the malware on a massive scale a...

7.2AI score
Exploits0
Rows per page
Query Builder