Lucene search
K

9 matches found

OSV
OSV
added 2026/03/27 6:13 p.m.4 views

CVE-2026-34369 AVIdeo has Video Password Protection Bypass via API Endpoints Returning Full Playback Sources Without Password Verification

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the getapivideofile and getapivideo API endpoints in AVideo return full video playback sources direct MP4 URLs, HLS manifests for password-protected videos without verifying the video password. While the normal we...

5.3CVSS5.9AI score0.00376EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-7929

Malware in sbrugna...

6.5CVSS7.8AI score0.0078EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.4 views

SUSE CVE-2018-16072

A missing origin check related to HLS manifests in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

6.5CVSS8.7AI score0.0078EPSS
Exploits0References5
OSV
OSV
added 2019/01/09 7:29 p.m.2 views

CVE-2018-16072

A missing origin check related to HLS manifests in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

6.5CVSS5.8AI score0.0078EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2019/01/09 7:29 p.m.28 views

CVE-2018-16072

A missing origin check related to HLS manifests in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

6.5CVSS7AI score0.0078EPSS
Exploits0References2
OSV
OSV
added 2019/01/09 7:29 p.m.3 views

UBUNTU-CVE-2018-16072

A missing origin check related to HLS manifests in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

6.5CVSS7AI score0.0078EPSS
Exploits0References3
CVE
CVE
added 2019/01/09 7:0 p.m.105 views

CVE-2018-16072

CVE-2018-16072 relates to Chrome/Blink where a missing origin check in HLS manifests could bypass the same-origin policy via a crafted HTML page. Affected software is Google Chrome (Blink engine); vulnerable builds are prior to Chrome/Chromium version 69.0.3497.81. The underlying issue is a failu...

6.5CVSS6.5AI score0.0078EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2019/01/09 7:0 p.m.14 views

CVE-2018-16072

A missing origin check related to HLS manifests in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

6.7AI score0.0078EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2018/09/05 4:24 a.m.26 views

CVE-2018-16072

A missing origin check related to HLS manifests in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

6.5CVSS3AI score0.0078EPSS
Exploits0References2
Rows per page
Query Builder