Lucene search
+L

540 matches found

Prion
Prion
added 2023/03/10 4:15 p.m.19 views

Cross site scripting

The help page in GigaVUE-FM, when using GigaVUE-OS software version 5.0 202, does not require an authenticated user. An attacker could enforce a user into inserting malicious JavaScript code into the URI, that could lead to a Reflected Cross site Scripting...

5.8CVSS6.1AI score0.00353EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/03/10 12:0 a.m.19 views

CVE-2023-0746 XSS Vulnerability in GigaVue-FM

The help page in GigaVUE-FM, when using GigaVUE-OS software version 5.0 202, does not require an authenticated user. An attacker could enforce a user into inserting malicious JavaScript code into the URI, that could lead to a Reflected Cross site Scripting...

6.3CVSS6.4AI score0.00353EPSS
Exploits0References1
CVE
CVE
added 2023/03/10 12:0 a.m.59 views

CVE-2023-0746

The CVE-2023-0746 entry describes a Reflected Cross-Site Scripting vulnerability in Gigamon GigaVUE-FM when operating with GigaVUE-OS 5.0 202. The issue arises on the help page, where an unauthenticated user could trigger JavaScript in a URI, leading to client-side script execution. Affected prod...

6.3CVSS6.2AI score0.00353EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/10 12:0 a.m.6 views

CVE-2023-0746 XSS Vulnerability in GigaVue-FM

The help page in GigaVUE-FM, when using GigaVUE-OS software version 5.0 202, does not require an authenticated user. An attacker could enforce a user into inserting malicious JavaScript code into the URI, that could lead to a Reflected Cross site Scripting...

6.3CVSS6.3AI score0.00353EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2023/01/02 9:44 p.m.17 views

fm-modellgusstechnik.de Cross Site Scripting vulnerability OBB-3127087

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Packet Storm
Packet Storm
added 2022/12/15 12:0 a.m.245 views

SOUND4 IMPACT/FIRST/PULSE/Eco 2.x password SQL Injection

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x password Authentication Bypass Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1: 2.1/1.69 Impact/Pulse Eco 1.16 Voi...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/12/15 12:0 a.m.282 views

SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Radio Steam Disclosure

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x Unauthenticated Radio Stream Disclosure Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1: 2.1/1.69 Impact/Pulse Eco...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/12/15 12:0 a.m.239 views

SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Authorization Bypass

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x Authorization Bypass IDOR Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1: 2.1/1.69 Impact/Pulse Eco 1.16 Voice...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2022/12/15 12:0 a.m.274 views

SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Cross Site Request Forgery

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x Cross-Site Request Forgery Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1: 2.1/1.69 Impact/Pulse Eco 1.16 Voice...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/12/15 12:0 a.m.252 views

SOUND4 IMPACT/FIRST/PULSE/Eco 2.x Unauthenticated File Disclosure

SOUND4 IMPACT/FIRST/PULSE/Eco =2.x PHPTail Unauthenticated File Disclosure Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1: 2.1/1.69 Impact/Pulse Eco...

7.4AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2022/12/14 12:0 a.m.246 views

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (ping.php) Conditional Command Injection

Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...

8.5CVSS6AI score0.03353EPSS
Exploits2
Zero Science Lab
Zero Science Lab
added 2022/12/14 12:0 a.m.212 views

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (services) Authenticated Command Injection

Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...

8.8CVSS6AI score0.02789EPSS
Exploits2
Zero Science Lab
Zero Science Lab
added 2022/12/14 12:0 a.m.310 views

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Insufficient Session Expiration

Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...

7.5CVSS5.8AI score0.00502EPSS
Exploits2
Zero Science Lab
Zero Science Lab
added 2022/12/14 12:0 a.m.205 views

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (username) Authentication Bypass

Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...

9.8CVSS6.1AI score0.00815EPSS
Exploits2
Zero Science Lab
Zero Science Lab
added 2022/12/14 12:0 a.m.202 views

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x (password) Unauthenticated Command Injection

Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...

9.8CVSS6.1AI score0.0303EPSS
Exploits2
Zero Science Lab
Zero Science Lab
added 2022/12/14 12:0 a.m.202 views

SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x Cross-Site Request Forgery

Summary The SOUND4 IMPACT introduces an innovative process - mono and stereo parts of the signal are processed separately to obtain perfect consistency in terms of both sound and level. Therefore, in moving reception, when the FM receiver switches from stereo to mono and back to stereo, the sound...

5.1CVSS5.8AI score0.00159EPSS
Exploits2
CNVD
CNVD
added 2022/11/30 12:0 a.m.25 views

Telos Alliance Omnia MPX Node Insecure Direct Object Reference Vulnerability

The Telos Alliance Omnia MPX Node is a specialized hardware codec from Telos Alliance, USA. Capable of transmitting or receiving full FM signals at data rates as low as 320 kbps using the Omnia μMPXTM algorithm, it is ideally suited for capacity-limited networks, including IP radios. An insecure...

7.5CVSS7.6AI score0.00664EPSS
Exploits1References1
Rockylinux
Rockylinux
added 2022/11/15 6:23 a.m.22 views

RDMA stack bug fix and enhancement update

An update is available for ucx, rdma-core, mstflint, libvma, libpsm2, fabtests, opa-fm, opa-ff, eth-tools, libfabric. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

1.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2022/09/18 11:25 a.m.10 views

radiorecord.fm Cross Site Scripting vulnerability OBB-2933271

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
OSV
OSV
added 2022/09/15 6:15 p.m.1 views

DEBIAN-CVE-2022-39209

cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. In versions prior to 0.29.0.gfm.6 a polynomial time complexity issue in cmark-gfm's autolink extension may lead to unbounded resource exhaustion and subsequent denial of service. Users may verify the...

6.5CVSS6.3AI score0.01702EPSS
Exploits0References1
Rows per page
Query Builder