540 matches found
Cross site scripting
The help page in GigaVUE-FM, when using GigaVUE-OS software version 5.0 202, does not require an authenticated user. An attacker could enforce a user into inserting malicious JavaScript code into the URI, that could lead to a Reflected Cross site Scripting...
CVE-2023-0746 XSS Vulnerability in GigaVue-FM
The help page in GigaVUE-FM, when using GigaVUE-OS software version 5.0 202, does not require an authenticated user. An attacker could enforce a user into inserting malicious JavaScript code into the URI, that could lead to a Reflected Cross site Scripting...
CVE-2023-0746
The CVE-2023-0746 entry describes a Reflected Cross-Site Scripting vulnerability in Gigamon GigaVUE-FM when operating with GigaVUE-OS 5.0 202. The issue arises on the help page, where an unauthenticated user could trigger JavaScript in a URI, leading to client-side script execution. Affected prod...
CVE-2023-0746 XSS Vulnerability in GigaVue-FM
The help page in GigaVUE-FM, when using GigaVUE-OS software version 5.0 202, does not require an authenticated user. An attacker could enforce a user into inserting malicious JavaScript code into the URI, that could lead to a Reflected Cross site Scripting...
fm-modellgusstechnik.de Cross Site Scripting vulnerability OBB-3127087
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x password SQL Injection
SOUND4 IMPACT/FIRST/PULSE/Eco =2.x password Authentication Bypass Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1: 2.1/1.69 Impact/Pulse Eco 1.16 Voi...
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Radio Steam Disclosure
SOUND4 IMPACT/FIRST/PULSE/Eco =2.x Unauthenticated Radio Stream Disclosure Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1: 2.1/1.69 Impact/Pulse Eco...
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Authorization Bypass
SOUND4 IMPACT/FIRST/PULSE/Eco =2.x Authorization Bypass IDOR Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1: 2.1/1.69 Impact/Pulse Eco 1.16 Voice...
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Cross Site Request Forgery
SOUND4 IMPACT/FIRST/PULSE/Eco =2.x Cross-Site Request Forgery Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1: 2.1/1.69 Impact/Pulse Eco 1.16 Voice...
SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Unauthenticated File Disclosure
SOUND4 IMPACT/FIRST/PULSE/Eco =2.x PHPTail Unauthenticated File Disclosure Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1: 2.1/1.69 Impact/Pulse Eco...
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (ping.php) Conditional Command Injection
Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (services) Authenticated Command Injection
Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Insufficient Session Expiration
Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (username) Authentication Bypass
Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (password) Unauthenticated Command Injection
Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...
SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Cross-Site Request Forgery
Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...
Telos Alliance Omnia MPX Node Insecure Direct Object Reference Vulnerability
The Telos Alliance Omnia MPX Node is a specialized hardware codec from Telos Alliance, USA. Capable of transmitting or receiving full FM signals at data rates as low as 320 kbps using the Omnia μMPXTM algorithm, it is ideally suited for capacity-limited networks, including IP radios. An insecure...
RDMA stack bug fix and enhancement update
An update is available for ucx, rdma-core, mstflint, libvma, libpsm2, fabtests, opa-fm, opa-ff, eth-tools, libfabric. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
radiorecord.fm Cross Site Scripting vulnerability OBB-2933271
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
DEBIAN-CVE-2022-39209
cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior to 0.29.0.gfm.6 a polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Users may verify the...