123 matches found
CVE-2026-4219
A flaw has been found in INDEX Conferences & Exhibitions Organization YWF BPOF APGCS App up to 1.0.2 on Android. Affected by this vulnerability is an unknown functionality of the file com/index/event/BuildConfig.java of the component ae.index.apgcs. Executing a manipulation of the argument...
INDEX Conferences and Exhibitions Organization YWF BPOF APGCS App 安全漏洞
INDEX Conferences and Exhibitions Organization YWF BPOF APGCS App is an application for organizing conferences and exhibitions. Versions of INDEX Conferences and Exhibitions Organization YWF BPOF APGCS App prior to 1.0.2 have security vulnerabilities. These vulnerabilities stem from improper...
CVE-2026-22800
PILOS Platform for Interactive Live-Online Seminars is a frontend for BigBlueButton. Prior to 4.10.0, Cross-Site Request Forgery CSRF vulnerability exists in an administrative API endpoint responsible for terminating all active video conferences on a single server. The affected endpoint performs ...
CVE-2026-22800
PILOS Platform for Interactive Live-Online Seminars is a frontend for BigBlueButton. Prior to 4.10.0, Cross-Site Request Forgery CSRF vulnerability exists in an administrative API endpoint responsible for terminating all active video conferences on a single server. The affected endpoint performs ...
CVE-2026-22800 PILOS affected by a CSRF via GET request allows unintentional termination of all active video conferences
PILOS Platform for Interactive Live-Online Seminars is a frontend for BigBlueButton. Prior to 4.10.0, Cross-Site Request Forgery CSRF vulnerability exists in an administrative API endpoint responsible for terminating all active video conferences on a single server. The affected endpoint performs ...
CVE-2026-22800
PILOS (Platform for Interactive Live-Online Seminars) before version 4.10.0 contains a CSRF vulnerability in an administrative GET endpoint that terminates all active video conferences on a single BigBlueButton server. Although authorization checks exist, the use of GET allows implicit invocation...
CVE-2026-22800 PILOS affected by a CSRF via GET request allows unintentional termination of all active video conferences
PILOS Platform for Interactive Live-Online Seminars is a frontend for BigBlueButton. Prior to 4.10.0, Cross-Site Request Forgery CSRF vulnerability exists in an administrative API endpoint responsible for terminating all active video conferences on a single server. The affected endpoint performs ...
CVE-2026-22800 PILOS affected by a CSRF via GET request allows unintentional termination of all active video conferences
PILOS Platform for Interactive Live-Online Seminars is a frontend for BigBlueButton. Prior to 4.10.0, Cross-Site Request Forgery CSRF vulnerability exists in an administrative API endpoint responsible for terminating all active video conferences on a single server. The affected endpoint performs ...
PILOS 跨站请求伪造漏洞
PILOS is an open source front-end software from THM. A cross-site request forgery vulnerability exists in PILOS versions prior to 4.10.0, which stems from a cross-site request forgery in the management API endpoint that could result in termination of all active video conferences...
PT-2026-2312
Name of the Vulnerable Software and Affected Versions PILOS versions prior to 4.10.0 Description PILOS Platform for Interactive Live-Online Seminars is a frontend for BigBlueButton. A Cross-Site Request Forgery CSRF issue exists in an administrative API endpoint responsible for terminating all...
CVE-2025-23969
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in whassan KI Live Video Conferences ki-live-video-conferences allows Retrieve Embedded Sensitive Data.This issue affects KI Live Video Conferences: from n/a through = 5.5.15...
EUVD-2000-0296
Malware in sbrugna...
EUVD-2025-17154
Malicious code in bioql PyPI...
EUVD-2025-17155
Malicious code in bioql PyPI...
CVE-2025-23971
Missing Authorization vulnerability in whassan KI Live Video Conferences ki-live-video-conferences allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KI Live Video Conferences: from n/a through = 5.5.15...
CVE-2025-23971
Missing Authorization vulnerability in whassan KI Live Video Conferences ki-live-video-conferences allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KI Live Video Conferences: from n/a through = 5.5.15...
CVE-2025-23969
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in whassan KI Live Video Conferences ki-live-video-conferences allows Retrieve Embedded Sensitive Data.This issue affects KI Live Video Conferences: from n/a through = 5.5.15...
CVE-2025-23969 WordPress KI Live Video Conferences plugin <= 5.5.15 - Sensitive Data Exposure Vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in whassan KI Live Video Conferences ki-live-video-conferences allows Retrieve Embedded Sensitive Data.This issue affects KI Live Video Conferences: from n/a through = 5.5.15...
CVE-2025-23969
CVE-2025-23969 is reported for KI Live Video Conferences (via RH: CVE-2025-23969) and concerns Exposure of Sensitive System Information to an Unauthorized Actor . The Red Hat entry mirrors the description: it affects KI Live Video Conferences (version range: n/a up to 5.5.15) and enables retrieva...
CVE-2025-23971 WordPress KI Live Video Conferences plugin <= 5.5.15 - Broken Access Control Vulnerability
Missing Authorization vulnerability in whassan KI Live Video Conferences ki-live-video-conferences allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KI Live Video Conferences: from n/a through = 5.5.15...