14 matches found
EUVD-2021-20191
Malware in sbrugna...
EUVD-2021-11826
Malware in sbrugna...
EUVD-2023-1987
Malicious code in bioql PyPI...
CVE-2024-9097
ManageEngine Endpoint Central versions before 11.3.2440.09 are vulnerable to IDOR vulnerability which allows the attacker to change the username in the chat...
CVE-2023-32678
Zulip CVE-2023-32678 describes an authorization flaw in Zulip Server prior to 7.3 where former subscribers of private streams could still edit, move, or delete messages and topics they had previously accessed. The issue arises from insufficient checks on who can modify or remove content in privat...
CVE-2022-21695
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions authenticated users or unauthenticated in public mode can send messages without being visible in the list of chat participants. Th...
CVE-2022-21691 Improper Access Control in Onionshare
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions chat participants can spoof their channel leave message, tricking others into assuming they left the chatroom...
CVE-2022-21695 Improper Access Control in Onionshare
OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor network. In affected versions authenticated users or unauthenticated in public mode can send messages without being visible in the list of chat participants. Th...
Nextcloud: User deletion is not handled properly everywhere
So I came across this when going over https://nextcloud.com/compare/ And noticed the section: "BUILT IN DATA-REQUEST/ACCOUNT DELETION" However looking at this it seems this is not handled properly everywhere in Nextcloud. I understand that the GDPR etc do consider shared data differently. For...
CVE-2020-1777
CVE-2020-1777 affects OTRS: agent names reveal in chat interfaces and ticket transcripts when masking real agent names is configured. Affected versions: OTRS 7.0.21 and earlier, 8.0.6 and earlier. CVSS metrics indicate a MEDIUM severity: CVSS v3.1 base score 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A...
CVE-2013-4110
Cryptocat is affected by an information-disclosure vulnerability (CVE-2013-4110) that allows an attacker to obtain the list of chat participants. Public sources in the connected documents describe an unspecified chat participant user-list disclosure within Cryptocat’s implementation. No explicit ...
Attack BI chat the 1 4 method-vulnerability warning-the black bar safety net
Summary of attack blue chat 1 4 ways 1. How in the blue sea Silver sand sitechat roomwith the hair background of the word? ^O^believe it is everyone's interest!!! First look at the example:we are the super invincible curse of the Legion we have the strongest technical The method is as follows:...
alipager xss attack
Vendor : www.roostercode.com version : all version! BUG : You can include all html tag ... in chat line ! for example : scriptalert"HI users!"/script +++++...
X-Chat 1.x - CTCP Ping Remote IRC Command Execution
X-Chat 1.x - CTCP Ping Remote IRC Command Execution source: https://www.securityfocus.com/bid/3830/info X-Chat is a graphical client for IRC. It requires the GTK+ toolkit, and is available for many Linux and Unix operating systems. If a CTCP ping request includes escaped newline characters and...