EUVD-2026-17646

AVideo: DOM XSS via Unsanitized Display Name in WebSocket Call Notification...

CVE-2026-34716

WWBN AVideo (versions 26.0 and earlier) is affected by a DOM XSS in the YPTSocket plugin. The attacker-controlled display name is passed to the jQuery Toast Plugin as the heading, which is assembled as raw HTML and injected via .html(), allowing the display name to include scripts. This enables c...

CVE-2018-11631

Rondaful M1 Wristband Smart Band 1 devices allow remote attackers to send an arbitrary number of call or SMS notifications via crafted Bluetooth Low Energy BLE traffic...

Description of the update for Communicator 2007 R2: Oct 2009

Provides information about the update for Communicator 2007 R2 that is dated Oct 2009.SummaryThis article describes the Microsoft Office Communicator 2007 R2 issues that are fixed in the update for Communicator 2007 R2 that is dated Oct 2009.This article describes the following items about the...

Code injection

Rondaful M1 Wristband Smart Band 1 devices allow remote attackers to send an arbitrary number of call or SMS notifications via crafted Bluetooth Low Energy BLE traffic...

CVE-2018-11631

Rondaful M1 Wristband Smart Band 1 devices allow remote attackers to send an arbitrary number of call or SMS notifications via crafted Bluetooth Low Energy BLE traffic...