EUVD-2024-34508

Malicious code in bioql PyPI...

CVE-2024-33927

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Team GIPHY Giphypress allows Stored XSS.This issue affects Giphypress: from n/a through 1.6.2...

CVE-2024-44080

In Jitsi Meet before 2.0.9779, the functionality to share an image using giphy was implemented in an insecure way, resulting in clients loading GIFs from any arbitrary URL if a message from another participant contains a URL encoded in the expected format...

The vulnerability of the image-sharing function in Jitsi Meet software allows a hacker to upload arbitrary GIF files.

The vulnerability of the image-sharing function in Jitsi Meet software for video conferencing involves a lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to upload arbitrary GIF files using giphy...

CVE-2024-44080

In Jitsi Meet before 2.0.9779, the functionality to share an image using giphy was implemented in an insecure way, resulting in clients loading GIFs from any arbitrary URL if a message from another participant contains a URL encoded in the expected format...

CVE-2024-44080

In Jitsi Meet before 2.0.9779, the functionality to share an image using giphy was implemented in an insecure way, resulting in clients loading GIFs from any arbitrary URL if a message from another participant contains a URL encoded in the expected format...

Jitsi Meet 安全漏洞

Jitsi Meet is a set of open source projects from Jitsi Open Source. Enabling users to use and deploy a video conferencing platform with state-of-the-art video quality and features. A security vulnerability previously existed in Jitsi Meet version 2.0.9779, which arose from the fact that the abili...

PT-2024-7557 · Unknown · Jitsi Meet

Name of the Vulnerable Software and Affected Versions: Jitsi Meet versions prior to 2.0.9779 Description: The issue is related to the insecure implementation of the image sharing functionality using giphy in Jitsi Meet. This allows clients to load GIFs from any arbitrary URL if a message from...

CVE-2024-33927

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Team GIPHY Giphypress allows Stored XSS.This issue affects Giphypress: from n/a through 1.6.2...

CVE-2024-33927 WordPress Giphypress plugin <= 1.6.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Team GIPHY Giphypress allows Stored XSS.This issue affects Giphypress: from n/a through 1.6.2...

CVE-2024-33927 WordPress Giphypress plugin <= 1.6.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Team GIPHY Giphypress allows Stored XSS.This issue affects Giphypress: from n/a through 1.6.2...

CVE-2024-33927

CVE-2024-33927 affects Team GIPHY Giphypress (WordPress plugin). The issue is a Stored XSS caused by improper neutralization during web page generation, impacting Giphypress versions up to 1.6.2. Public details in the connected sources confirm the vulnerability type and affected range; as of the ...

Zoom Client for Meetings < 5.6.3 Vulnerability (ZSB-21002)

The version of Zoom Client for Meetings installed on the remote host is prior to 5.6.3. It is, therefore, affected by a vulnerability as referenced in the ZSB-21002 advisory. - A heap based buffer overflow exists in all desktop versions of the Zoom Client for Meetings before version 5.6.3. This...

Malicious code in giphy-web-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c3ce852d61afc6e95150c73143e32f931a8811bfbf6215d8d1ac2a184d615162 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-3365 Malicious code in giphy-web-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c3ce852d61afc6e95150c73143e32f931a8811bfbf6215d8d1ac2a184d615162 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Zoom Client < 4.6.12 Multiple Vulnerabilities (Jun 2020)

The Zoom Client is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:zoom:zoom"; ifdescription...

(Pwn2Own) Zoom Client GIPHY URL Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Zoom Clients. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of GIPHY messages. The issue results from the lack of proper validation of a...

The vulnerability of GIPHY’s video conferencing service allows a perpetrator to execute arbitrary commands.

The vulnerability of GIPHY’s Zoom video conferencing service exists due to an incorrect restriction on the path name to the restricted catalog. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created GIF file...

Two Critical Flaws in Zoom Could've Let Attackers Hack Systems via Chat

If you're using Zoom —especially during this challenging time to cope with your schooling, business, or social engagement—make sure you are running the latest version of the widely popular video conferencing software on your Windows, macOS, or Linux computers. No, it's not about the arrival of th...

Two Critical Flaws in Zoom Could've Let Attackers Hack Systems via Chat

If you're using Zoom—especially during this challenging time to cope with your schooling, business, or social engagement—make sure you are running the latest version of the widely popular video conferencing software on your Windows, macOS, or Linux computers. No, it's not about the arrival of the...