Lucene search
+L

195 matches found

cvelist
cvelist
added 2020/10/21 2:8 p.m.22 views

CVE-2020-27607

In BigBlueButton before 2.2.28 or earlier, the client-side Mute button only signifies that the server should stop accepting audio data from the client. It does not directly configure the client to stop sending audio data to the server, and thus a modified server could store the audio data and/or...

6.5AI score0.00761EPSS
Exploits1References1
openvas
openvas
added 2020/01/23 12:0 a.m.35 views

Huawei EulerOS: Security Advisory for libvorbis (EulerOS-SA-2018-1105)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.1AI score0.12054EPSS
Exploits0References2
openvas
openvas
added 2020/01/23 12:0 a.m.46 views

Huawei EulerOS: Security Advisory for libvorbis (EulerOS-SA-2018-1104)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.1AI score0.12054EPSS
Exploits0References2
cnvd
cnvd
added 2019/12/13 12:0 a.m.4 views

Unspecified Vulnerability in Apple iOS and iPadOS Photos Component

Apple iOS is an operating system for mobile devices developed by Apple. A security vulnerability exists in the Photos component of Apple iOS before 13.3 and iPadOS before 13.3. An attacker could exploit the vulnerability to share Live Photo audio and video data even if Live Photo is not enabled...

3.3CVSS6.3AI score0.00295EPSS
Exploits0References1
nessus
nessus
added 2019/08/12 12:0 a.m.43 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : libvorbis Vulnerability (NS-SA-2019-0026)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libvorbis packages installed that are affected by a vulnerability: - An out of bounds write flaw was found in the processing of vorbis audio data. A maliciously crafted file or audio stream could cause the application to...

8.8CVSS8.1AI score0.12054EPSS
Exploits0References2
nessus
nessus
added 2019/08/12 12:0 a.m.32 views

NewStart CGSL MAIN 4.05 : libvorbis Vulnerability (NS-SA-2019-0122)

The remote NewStart CGSL host, running version MAIN 4.05, has libvorbis packages installed that are affected by a vulnerability: - An out of bounds write flaw was found in the processing of vorbis audio data. A maliciously crafted file or audio stream could cause the application to crash or,...

8.8CVSS8.1AI score0.12054EPSS
Exploits0References2
nessus
nessus
added 2019/08/12 12:0 a.m.49 views

NewStart CGSL MAIN 5.04 : thunderbird Multiple Vulnerabilities (NS-SA-2019-0017)

The remote NewStart CGSL host, running version MAIN 5.04, has thunderbird packages installed that are affected by multiple vulnerabilities: - Memory safety bugs were reported in Firefox 58 and Firefox ESR 52.6. Some of these bugs showed evidence of memory corruption and we presume that with enoug...

9.8CVSS8.4AI score0.12054EPSS
Exploits3References7
prion
prion
added 2019/05/16 7:29 p.m.21 views

Improper access control

Yeelight Smart AI Speaker 3.3.100074 devices have improper access control over the UART interface, allowing physical attackers to obtain a root shell. The attacker can then exfiltrate the audio data, read cleartext Wi-Fi credentials in a log file, or access other sensitive device and user...

7.2CVSS6.4AI score0.00487EPSS
Exploits1References2Affected Software1
cve
cve
added 2019/05/16 6:8 p.m.50 views

CVE-2018-20007

CVE-2018-20007 affects Yeelight Smart AI Speaker version 3.3.10_0074. The vulnerability is due to improper access control over the UART interface, enabling a physical attacker to obtain a root shell and then exfiltrate audio data, read cleartext Wi‑Fi credentials in a log file, or access other se...

7.2CVSS6.3AI score0.00487EPSS
Exploits1References2Affected Software1
nessus
nessus
added 2019/03/27 12:0 a.m.43 views

openSUSE Security Update : webkit2gtk3 (openSUSE-2019-705)

This update for webkit2gtk3 to version 2.20.5 fixes the following issues : Security issue fixed : - CVE-2018-12911: Fix off-by-one in xdgmimegetsimpleglobs bsc1101999. - CVE-2018-4261, CVE-2018-4262, CVE-2018-4263, CVE-2018-4264, CVE-2018-4265, CVE-2018-4267, CVE-2018-4272, CVE-2018-4284:...

9.8CVSS6.8AI score0.02571EPSS
Exploits0References16
nvd
nvd
added 2019/02/28 6:29 p.m.13 views

CVE-2018-12391

During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. Note: this issu...

9.3CVSS8.3AI score0.02093EPSS
Exploits0References8
debiancve
debiancve
added 2019/02/28 6:0 p.m.38 views

CVE-2018-12391

During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. Note: this issu...

9.3CVSS9.1AI score0.02093EPSS
Exploits0
apple
apple
added 2018/11/17 12:38 p.m.49 views

About the security content of iOS 11.4.1 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

9.3CVSS0.4AI score0.02571EPSS
Exploits2Affected Software1
apple
apple
added 2018/11/17 1:10 a.m.47 views

About the security content of tvOS 11.4.1 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

8.8CVSS0.1AI score0.02571EPSS
Exploits2Affected Software1
cnvd
cnvd
added 2018/10/26 12:0 a.m.4 views

Mozilla Firefox and Firefox ESR Unauthorized Access Vulnerability

Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the U.S. Firefox ESR is an extended support version of Firefox. A security vulnerability exists in the underlying Android service in Mozilla Firefox versions prior to 63 and Firefox ESR versions prior to 60.3 for...

9.3CVSS8.7AI score0.02093EPSS
Exploits0References1
nessus
nessus
added 2018/10/25 12:0 a.m.36 views

Mozilla Firefox ESR < 60.3

The version of Firefox ESR installed on the remote Windows host is prior to 60.3. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-27 advisory. - When manipulating user events in nested loops while opening a document through script, it is possible to trigger a...

9.8CVSS8AI score0.03924EPSS
Exploits0References9
redhatcve
redhatcve
added 2018/10/23 10:21 p.m.18 views

CVE-2018-12391

During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across origins in violation of security policies. Because the problem is in the underlying Android service, this issue is addressed by treating all HLS streams as cross-origin and opaque to access. Note: this issu...

9.3CVSS2.5AI score0.02093EPSS
Exploits0References2
cnvd
cnvd
added 2018/07/11 12:0 a.m.2 views

Apple iOS Information Disclosure Vulnerability (CNVD-2018-14968)

iOS is a mobile operating system developed by Apple Inc. Apple iOS suffers from an information disclosure vulnerability due to a cross-origin access error in the WebKit component that can be exploited by an attacker to obtain audio data...

4.3CVSS5.9AI score0.02279EPSS
Exploits0References1
openvas
openvas
added 2018/07/10 12:0 a.m.40 views

Apple iTunes Security Updates (HT208933) - Windows

Apple iTunes is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:itunes"; ifdescription...

8.8CVSS7AI score0.02571EPSS
Exploits0References1
osv
osv
added 2018/06/11 9:29 p.m.34 views

CVE-2018-5146

An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox 59.0.1, Firefox ESR 52.7.2, and Thunderbird 52.7...

8.8CVSS6.4AI score
Exploits0References20
Rows per page
Query Builder