Lucene search
K

4 matches found

OSV
OSV
added 2022/05/12 10:15 p.m.4 views

CVE-2021-27770

The vulnerability was discovered within the “FaviconService”. The service takes a base64-encoded URL which is then requested by the webserver. We assume this service is used by the “meetings”-function where users can specify an external URL where the online meeting will take place...

8.8CVSS5.8AI score0.00672EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/05/12 12:0 a.m.3 views

HCL Technologies HCL Sametime 安全漏洞

HCL Sametime, a conferencing solution from HCL Technologies, has a security vulnerability in HCL Technologies HCL Sametime version 11.6 that stems from a lack of external URL absorption in FaviconService, which could be exploited by an attacker to specify the external URL where the online meeting...

8.8CVSS7.8AI score0.00672EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/05/12 12:0 a.m.4 views

PT-2022-9858 · Hcl +1 · Sametime

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue was discovered within the FaviconService, which takes a base64-encoded URL and requests it through the webserver. It is assumed that this...

8.8CVSS8.5AI score0.00672EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2020/07/02 12:0 a.m.3 views

PT-2020-14464 · Duckduckgo · Duckduckgo

Name of the Vulnerable Software and Affected Versions: DuckDuckGo versions 5.58.0 and earlier for Android DuckDuckGo versions 7.47.1.0 and earlier for iOS Description: The application sends hostnames of visited web sites within HTTPS .ico requests to servers in the duckduckgo.com domain. This mig...

7.5CVSS6.9AI score0.01533EPSS
Exploits0References10
Rows per page
Query Builder