Lucene search
K

11 matches found

ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-59704

Cap's GET /api/video/ai endpoint fails to validate user ownership or membership before returning private video AI metadata including titles, summaries, and chapters. Authenticated attackers can supply arbitrary video IDs to read sensitive AI-generated content and trigger unauthorized AI generatio...

7.1CVSS6AI score0.00216EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/02/21 12:0 a.m.7 views

PT-2026-21401

Name of the Vulnerable Software and Affected Versions yt-dlp versions prior to 2026.02.21 Description The --netrc-cmd option in yt-dlp contains an arbitrary command injection issue. The argument passed to the command in this option is now limited to a safe subset of characters to address this. Th...

8.8CVSS5.9AI score0.01596EPSS
Exploits2References29
Schneier on Security
Schneier on Security
added 2025/11/21 7:7 p.m.5 views

More on Rewiring Democracy

It's been a month since Rewiring Democracy: How AI Will Transform Our Politics, Government, and Citizenship was published. From what we know, sales are good. Some of the book's forty-three chapters are available online: chapters 2, 12, 28, 34, 38, and 41. We need more reviews--six on Amazon is no...

7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/11/12 3:47 a.m.11 views

CVE-2025-12126

The The Total Book Project plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.0 via several functions due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Contributor-level access a...

5.4CVSS5.6AI score0.00193EPSS
Exploits0References1
NVD
NVD
added 2025/11/11 4:15 a.m.5 views

CVE-2025-12126

The The Total Book Project plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.0 via several functions due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Contributor-level access a...

5.4CVSS0.00193EPSS
Exploits0References3
Schneier on Security
Schneier on Security
added 2025/10/13 4:36 p.m.4 views

Rewiring Democracy is Coming Soon

My latest book, Rewiring Democracy: How AI Will Transform Our Politics, Government, and Citizenship , will be published in just over a week. No reviews yet, but you can read chapters 12 and 34 of 43 chapters total. You can order the book pretty much everywhere, and a copy signed by me here. Pleas...

6.8AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2025/03/19 6:13 a.m.12 views

Cybersecurity communities. Small hacker groups, big impact

TL;DR Cybersecurity communities and groups are an excellent opportunity to network and learn There are OWASP, DEF CON, 2600, university hacking societies, Meetup communities and more to choose from They provide workshops, talks, and practical learning opportunities benefiting both newcomers and...

7.5AI score
Exploits0
Huntr
Huntr
added 2021/12/28 7:53 p.m.22 views

Improper Access Control in bookstackapp/bookstack

Description parentChapter permissions are not enforced during sort. Users with only book-update permissions on their own page can move their pages into restricted chapters via modifying the parentChapter id in the sortmap. Users do not need to have access to restricted books / chapter in order to...

4CVSS2.9AI score0.00707EPSS
Exploits1
Fedora
Fedora
added 2021/04/06 1:4 a.m.38 views

[SECURITY] Fedora 33 Update: mediainfo-21.03-1.fc33

MediaInfo CLI Command Line Interface. What information can I get from MediaInfo? General: title, author, director, album, track number, date, duration... Video: codec, aspect, fps, bitrate... Audio: codec, sample rate, channels, language, bitrate... Text: language of subtitle Chapters: number of...

7.5CVSS3.2AI score0.04238EPSS
Exploits1
Fedora
Fedora
added 2019/05/25 3:36 a.m.30 views

[SECURITY] Fedora 29 Update: mediainfo-19.04-1.fc29

MediaInfo CLI Command Line Interface. What information can I get from MediaInfo? General: title, author, director, album, track number, date, duration... Video: codec, aspect, fps, bitrate... Audio: codec, sample rate, channels, language, bitrate... Text: language of subtitle Chapters: number of...

6.5CVSS3.2AI score0.02503EPSS
Exploits2
Cvelist
Cvelist
added 2005/05/31 4:0 a.m.27 views

CVE-2005-1782

Multiple cross-site scripting XSS vulnerabilities in BookReview beta 1.0 allow remote attackers to inject arbitrary web script or HTML via the node parameter to 1 addreview.htm, 2 suggestreview.htm, 3 suggestcategory.htm, 4 addbooklist.htm, or 5 addurl.htm, the isbn parameter to 6 addreview.htm, ...

5.8AI score0.0513EPSS
Exploits1References12
Rows per page
Query Builder