76 matches found
Owncast - Server Side Request Forgery
Server-Side Request Forgery SSRF in GitHub repository owncast/owncast prior to 0.1.0. id: CVE-2023-3188 info: name: Owncast - Server Side Request Forgery author: DhiyaneshDk severity: medium description: | Server-Side Request Forgery SSRF in GitHub repository owncast/owncast prior to 0.1.0. impac...
EUVD-2021-2423
Malware in sbrugna...
EUVD-2023-2857
Malicious code in bioql PyPI...
EUVD-2024-2541
Malicious code in bioql PyPI...
EUVD-2024-2659
Malicious code in bioql PyPI...
EUVD-2022-7318
Malicious code in bioql PyPI...
CVE-2024-31450
Owncast is an open source, self-hosted, decentralized, single user live video streaming and chat server. The Owncast application exposes an administrator API at the URL /api/admin. The emoji/delete endpoint of said API allows administrators to delete custom emojis, which are saved on disk. The...
CVE-2023-46480
An issue in OwnCast v.0.1.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via the authHost parameter of the indieauth function...
CVE-2023-3188
Server-Side Request Forgery SSRF in GitHub repository owncast/owncast prior to 0.1.0...
CVE-2021-39183
Owncast is an open source, self-hosted live video streaming and chat server. In affected versions inline scripts are executed when Javascript is parsed via a paste action. This issue is patched in 0.0.9 by blocking unsafe-inline Content Security Policy and specifying the script-src. The worker-sr...
CVE-2022-3751
SQL Injection in GitHub repository owncast/owncast prior to 0.0.13...
CVE-2024-29026
Owncast is an open source, self-hosted, decentralized, single user live video streaming and chat server. In versions 0.1.2 and prior, a lenient CORS policy allows attackers to make a cross origin request, reading privileged information. This can be used to leak the admin password. Commit...
GO-2022-1138 owncast is vulnerable to SQL Injection in github.com/owncast/owncast
owncast is vulnerable to SQL Injection in github.com/owncast/owncast...
GO-2024-3054 Owncast Cross-Site Request Forgery vulnerability in github.com/owncast/owncast
Owncast Cross-Site Request Forgery vulnerability in github.com/owncast/owncast...
GHSA-9355-27M8-H74V Owncast Path Traversal vulnerability
Owncast is an open source, self-hosted, decentralized, single user live video streaming and chat server. The Owncast application exposes an administrator API at the URL /api/admin. The emoji/delete endpoint of said API allows administrators to delete custom emojis, which are saved on disk. The...
Owncast Path Traversal vulnerability
Owncast is an open source, self-hosted, decentralized, single user live video streaming and chat server. The Owncast application exposes an administrator API at the URL /api/admin. The emoji/delete endpoint of said API allows administrators to delete custom emojis, which are saved on disk. The...
Owncast Cross-Site Request Forgery vulnerability
Owncast is an open source, self-hosted, decentralized, single user live video streaming and chat server. In versions 0.1.2 and prior, a lenient CORS policy allows attackers to make a cross origin request, reading privileged information. This can be used to leak the admin password. Commit...
GHSA-V99W-R56H-G23V Owncast Cross-Site Request Forgery vulnerability
Owncast is an open source, self-hosted, decentralized, single user live video streaming and chat server. In versions 0.1.2 and prior, a lenient CORS policy allows attackers to make a cross origin request, reading privileged information. This can be used to leak the admin password. Commit...
GO-2024-2741 Owncast Path Traversal vulnerability in github.com/owncast/owncast
Owncast Path Traversal vulnerability in github.com/owncast/owncast...
CVE-2024-31450
Owncast is an open source, self-hosted, decentralized, single user live video streaming and chat server. The Owncast application exposes an administrator API at the URL /api/admin. The emoji/delete endpoint of said API allows administrators to delete custom emojis, which are saved on disk. The...