Lucene search
K

20 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-38792

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.0105EPSS
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2024/04/22 12:0 a.m.3 views

The vulnerability of microprogrammed software in telephones and audio conferencing systems, related to deficiencies in authentication procedures, allows attackers to escalate their privileges.

The vulnerability of microprogrammed software in telephones and audio conferencing systems is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow attackers to enhance their privileges...

8.8CVSS5.5AI score0.00501EPSS
Exploits1References3Affected Software6
BDU FSTEC
BDU FSTEC
added 2024/01/15 12:0 a.m.5 views

The vulnerability of microprogrammed software in telephones and audio conferencing systems for Poly allows a intruder to change the administrator password.

The vulnerability of microprogrammed software in telephones and audio conferencing systems is related to the lack of necessary checks during password changes. Exploiting this vulnerability can allow a remote attacker to change the administrator’s password...

6.1CVSS5.8AI score0.00463EPSS
Exploits1References7
NVD
NVD
added 2023/03/31 11:15 p.m.28 views

CVE-2023-28845

Nextcloud talk is a video & audio conferencing app for Nextcloud. In affected versions the talk app does not properly filter access to a conversations member list. As a result an attacker could use this vulnerability to gain information about the members of a Talk conversation, even if they...

3.5CVSS3.8AI score0.00445EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/03/31 10:13 p.m.34 views

CVE-2023-28845 Chat room membership disclosed via autocompletion in Nextcloud talk

Nextcloud talk is a video & audio conferencing app for Nextcloud. In affected versions the talk app does not properly filter access to a conversations member list. As a result an attacker could use this vulnerability to gain information about the members of a Talk conversation, even if they...

3.5CVSS4.3AI score0.00445EPSS
Exploits0References2
CVE
CVE
added 2023/03/31 10:13 p.m.60 views

CVE-2023-28845

CVE-2023-28845 affects Nextcloud Talk (the video/audio conferencing app) and stems from improper filtering of access to a conversation’s member list. This could allow an attacker to retrieve information about members of a Talk conversation even if they are not a member themselves. Public disclosu...

3.5CVSS3.8AI score0.00445EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2022/12/01 9:15 p.m.21 views

CVE-2022-41971

Nextcould Talk android is a video and audio conferencing app for Nextcloud. Prior to versions 12.2.8, 13.0.10, 14.0.6, and 15.0.0, guests can continue to receive video streams from a call after being removed from a conversation. An attacker would be able to see videos on a call in a public...

6.5CVSS0.00757EPSS
Exploits0References3
CVE
CVE
added 2022/05/17 7:0 p.m.92 views

CVE-2022-24890

CVE-2022-24890 (Nextcloud Talk) affects Nextcloud Talk prior to versions 13.0.5 and 14.0.0, where a call moderator could indirectly enable a user's webcam by granting permissions that were removed. The underlying issue is exposure of webcam permissions that could be re-enabled without user consen...

4.3CVSS4.3AI score0.00883EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/05/17 7:0 p.m.32 views

CVE-2022-24890 Exposure of Private Personal Information to an Unauthorized Actor in Nextcloud Talk

Nextcloud Talk is a video and audio conferencing app for Nextcloud. In versions prior to 13.0.5 and 14.0.0, a call moderator can indirectly enable user webcams by granting permissions, if they were enabled before removing the permissions. A patch is available in versions 13.0.5 and 14.0.0. There...

2.4CVSS4.7AI score0.00883EPSS
Exploits1References6
NVD
NVD
added 2022/04/27 2:15 p.m.29 views

CVE-2022-24887

Nextcloud Talk is a video and audio conferencing app for Nextcloud, a self-hosted productivity platform. Prior to versions 11.3.4, 12.2.2, and 13.0.0, when sharing a Deck card in conversation, the metaData can be manipulated so users can be tricked into opening arbitrary URLs. This issue is fixed...

6.1CVSS0.00897EPSS
Exploits1References3
Prion
Prion
added 2022/04/27 2:15 p.m.18 views

Code injection

Nextcloud Talk is a video and audio conferencing app for Nextcloud, a self-hosted productivity platform. Prior to versions 11.3.4, 12.2.2, and 13.0.0, when sharing a Deck card in conversation, the metaData can be manipulated so users can be tricked into opening arbitrary URLs. This issue is fixed...

5.8CVSS6AI score0.00897EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2022/04/27 1:55 p.m.90 views

CVE-2022-24887

CVE-2022-24887 – Open Redirect in Nextcloud Talk : The issue affects Nextcloud Talk prior to versions 11.3.4, 12.2.2, and 13.0.0. When sharing a Deck card in a conversation, the metaData can be manipulated to trick users into opening arbitrary URLs. The vulnerability is fixed in the cited patched...

6.1CVSS5.1AI score0.00897EPSS
Exploits1References3Affected Software1
CNVD
CNVD
added 2021/08/17 12:0 a.m.17 views

Mitel Networks MiCollab Licensing Issue Vulnerability

An authorization issue vulnerability exists in Mitel Networks MiCollab, a mobile application from Mitel Networks Canada that provides voice, video, messaging, audio conferencing, and team collaboration for employees, and stems from the product's MiCollab Client Service component does not validate...

5.8CVSS2.4AI score0.00639EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2019/03/25 6:30 p.m.59 views

Bugs in Grandstream Gear Lay Open SMBs to Range of Attacks

A series of both unauthenticated and authenticated remote code-execution vulnerabilities have been uncovered in a variety of Grandstream products for small to medium-sized businesses, including audio and video conferencing units, IP video phones, routers and IP PBXs. Affected Products According t...

0.3AI score
Exploits0References7
seebug.org
seebug.org
added 2013/12/18 12:0 a.m.32 views

Cisco WebEx Training Center Email验证绕过音频会议加入漏洞

Bugtraq ID:64281 CVE ID:CVE-2013-6965 Cisco WebEx Training Center是一款互动式培训解决方案,可开展电子教学。 Cisco WebEx Training Center培训中心注册页面存在安全漏洞,允许未验证远程攻击者无需要提供合法Email地址加入培训会议的音频会议。漏洞是由于注册结束之前泄漏了培训会话信息URL,攻击者可收集泄漏URL中的培训会话访问代码和密码,使用这些信息加入受限会议。 0 Cisco WebEx Training Center 厂商补丁: Cisco ----- 用户可参考如下厂商提供的安全公告获得补丁信...

5CVSS6.6AI score0.01753EPSS
Exploits1
ThreatPost
ThreatPost
added 2013/08/07 2:48 p.m.10 views

Remotely Exploitable Bug Affects Wide Range of Cisco TelePresence Systems

There’s a serious vulnerability in Cisco’s popular TelePresence system that could give an attacker complete control of the affected system. The vulnerability affects a broad range of TelePresence models, although there are workarounds available. The vulnerability results from the fact that there...

1AI score
Exploits0References1
securityvulns
securityvulns
added 2006/03/28 12:0 a.m.32 views

[DDSi-SA] XSS in Raindance Communications Web Conferencing Pro

-= DDSi Security Advisory =- March 24, 2006 ---------------------------------------------------------------- Vendor: Raindance Communications, Inc. Raindance offers audio and web conferencing solutions for more effective web meetings. Integrated web, audio and internet video conferencing makes...

0.7AI score
Exploits0
CVE
CVE
added 2005/03/12 5:0 a.m.46 views

CVE-2003-1129

Vulnerability: Yahoo! Audio Conferencing (Voice Chat) ActiveX control prior to 1.0.0.45 is affected by a buffer overflow when processing a URL with a long hostname to Yahoo! Messenger/Chat. Impact: remote DoS and possible arbitrary code execution. Affected component: Yahoo! Audio Conferencing Act...

2.6CVSS8.4AI score0.08344EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2005/03/12 5:0 a.m.17 views

CVE-2003-1129

Buffer overflow in the Yahoo! Audio Conferencing aka Voice Chat ActiveX control before 1,0,0,45 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a URL with a long hostname to Yahoo! Messenger or Yahoo! Chat...

8AI score0.08344EPSS
Exploits0References6
NVD
NVD
added 2003/12/31 5:0 a.m.12 views

CVE-2003-1129

Buffer overflow in the Yahoo! Audio Conferencing aka Voice Chat ActiveX control before 1,0,0,45 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a URL with a long hostname to Yahoo! Messenger or Yahoo! Chat...

2.6CVSS8AI score0.08344EPSS
Exploits0References6
Rows per page
Query Builder