Lucene search
K

10 matches found

Nuclei
Nuclei
added yesterday16 views

BrightSign Digital Signage 8.2.26 - Server-Side Request Forgery

Unauthenticated Server-Side Request Forgery SSRF vulnerability exists in the BrightSign digital signage media player affecting the Diagnostic Web Server DWS. The application parses user supplied data in the 'url' GET parameter to construct a diagnostics request to the Download Speed Test service...

6.9CVSS6.1AI score0.0083EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/10 9:31 p.m.7 views

EUVD-2020-30845

BrightSign Digital Signage Diagnostic Web Server 8.2.26 and less contains an unauthenticated server-side request forgery vulnerability in the 'url' GET parameter of the Download Speed Test service. Attackers can specify external domains to bypass firewalls and perform network enumeration by forci...

6.9CVSS6.7AI score0.0083EPSS
Exploits0References6
NVD
NVD
added 2025/12/10 9:16 p.m.5 views

CVE-2020-36884

BrightSign Digital Signage Diagnostic Web Server 8.2.26 and less contains an unauthenticated server-side request forgery vulnerability in the 'url' GET parameter of the Download Speed Test service. Attackers can specify external domains to bypass firewalls and perform network enumeration by forci...

6.9CVSS0.0083EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/12/10 8:47 p.m.5 views

CVE-2020-36884 BrightSign Digital Signage Diagnostic Web Server 8.2.26 Unauthenticated SSRF

BrightSign Digital Signage Diagnostic Web Server 8.2.26 and less contains an unauthenticated server-side request forgery vulnerability in the 'url' GET parameter of the Download Speed Test service. Attackers can specify external domains to bypass firewalls and perform network enumeration by forci...

6.9CVSS6.8AI score0.0083EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/12/10 12:0 a.m.6 views

BrightSign Digital Signage Diagnostic Web Server 代码问题漏洞

BrightSign Digital Signage Diagnostic Web Server is a troubleshooting and configuration tool from BrightSign USA. A code issue vulnerability exists in BrightSign Digital Signage Diagnostic Web Server version 8.2.26 and earlier, which stems from a server-side request forgery in the url parameter o...

6.9CVSS6.9AI score0.0083EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/12/10 12:0 a.m.7 views

PT-2025-50508

BrightSign Digital Signage Diagnostic Web Server 8.2.26 and less contains an unauthenticated server-side request forgery vulnerability in the 'url' GET parameter of the Download Speed Test service. Attackers can specify external domains to bypass firewalls and perform network enumeration by forci...

6.9CVSS7.2AI score0.0083EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/12/24 12:0 a.m.5 views

kylinos kylin-system-updater OS Command Injection Vulnerability

kylinos kylin-system-updater is an operating system component from China's KylinSoft kylinos. An operating system command injection vulnerability exists in KylinSoft kylin-system-updater 2.0.5.16-0k2.33 and earlier versions, which originates in /usr/share/kylin-system-...

7.8CVSS7.5AI score0.00945EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2007/12/18 12:0 a.m.51 views

iMesh 7.1.0.x - 'IMWeb.dll 7.0.0.x' Remote Heap Overflow

!-- iMesh = 7.1.0.x IMWebControl Class IMWeb.dll 7.0.0.x remote heap exploit IE7/XP full patched by rgod, site: http://retrogod.altervista.org/ software site: http://www.imesh.com "iMesh is a file sharing and online social network. It uses a proprietary, centralized, P2P protocol. iMesh is owned ...

7.4AI score
Exploits0
Slackware Linux
Slackware Linux
added 2007/10/03 3:59 a.m.18 views

[slackware-security] pidgin

A new pidgin package is available for Slackware 12.0 to fix a minor fix security issue. More details about this issue may be found here: http://www.pidgin.im/news/security/?id=23 Here are the details from the Slackware 12.0 ChangeLog: patches/packages/pidgin-2.2.1-i486-1slack12.0.tgz: Upgraded to...

6.8AI score
Exploits0
Slackware Linux
Slackware Linux
added 2006/11/09 7:5 p.m.16 views

[fixed URLs] firefox/thunderbird/seamonkey

The original advisory for this issue contained incorrect URLs for the Slackware 11.0 patches. Sorry about that! The URLs for the 10.2 packages were correct and the Firefox/Thunderbird links given for 11.0 would have been just fine anyway since 10.2 and 11.0 are using the same packages for those...

7AI score
Exploits0
Rows per page
Query Builder