Lucene search
K

750 matches found

Exploit DB
Exploit DB
added 2020/11/18 12:0 a.m.1254 views

BigBlueButton 2.2.25 - Arbitrary File Disclosure and Server-Side Request Forgery

Exploit Title: BigBlueButton 2.2.25 - Arbitrary File Disclosure and Server-Side Request Forgery Date: 2020-09-11 Exploit Author: RedTeam Pentesting GmbH Vendor Homepage: https://bigbluebutton.org/ Version: BigBlueButton 2.2.25 RedTeam Pentesting discovered a vulnerability in the BigBlueButton web...

6.5CVSS7.1AI score0.08825EPSS
Exploits3
CNVD
CNVD
added 2020/10/29 12:0 a.m.1 views

Command Execution Vulnerability in Extreme Demo 2019 (Windows Client)

Extreme Presentation 2019 is the PPT office software in the Extreme Office office suite A command execution vulnerability exists in Extreme Presentation 2019 Windows client. An attacker can exploit the vulnerability to execute arbitrary code...

7.8AI score
Exploits0
OSV
OSV
added 2020/10/21 3:15 p.m.14 views

CVE-2020-27608

In BigBlueButton before 2.2.28 or earlier, uploaded presentations are sent to clients without a Content-Type header, which allows XSS, as demonstrated by a .png file extension for an HTML document...

6.1CVSS6.7AI score
Exploits0References1
Prion
Prion
added 2020/10/21 3:15 p.m.19 views

Design/Logic Flaw

In BigBlueButton before 2.2.28 or earlier, uploaded presentations are sent to clients without a Content-Type header, which allows XSS, as demonstrated by a .png file extension for an HTML document...

4.3CVSS6.2AI score0.00677EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/10/21 2:7 p.m.68 views

CVE-2020-27608

BigBlueButton vulnerability CVE-2020-27608 affects versions prior to 2.2.28. The issue stems from uploaded presentations being sent to clients without a Content-Type header, enabling cross-site scripting (XSS) evidenced by a .png file extension used for an HTML document. Impact is limited to XSS ...

6.1CVSS6.2AI score0.00677EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2020/09/21 8:15 p.m.9 views

CVE-2020-6559

Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

9.3CVSS0.02296EPSS
Exploits0References8
OSV
OSV
added 2020/09/21 8:15 p.m.0 views

DEBIAN-CVE-2020-6559

Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS8.6AI score0.02296EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2020/09/21 8:15 p.m.21 views

CVE-2020-6559

Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

9.3CVSS7.3AI score0.02296EPSS
Exploits0References1
Prion
Prion
added 2020/09/21 8:15 p.m.15 views

Design/Logic Flaw

Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

9.3CVSS8.8AI score0.02296EPSS
Exploits0References8Affected Software5
OSV
OSV
added 2020/09/21 8:15 p.m.0 views

UBUNTU-CVE-2020-6559

Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.3AI score0.02296EPSS
Exploits0References2
CVE
CVE
added 2020/09/21 7:6 p.m.200 views

CVE-2020-6559

CVE-2020-6559 is a Use-After-Free in Chrome/Chromium’s Presentation API (heap corruption) that could be exploited remotely via a crafted HTML page. Affected products are Google Chrome/Chromium prior to version 85.0.4183.83. Mitigation from the connected documents shows upgrading to 85.0.4183.83 o...

9.3CVSS8.8AI score0.02296EPSS
Exploits0References8Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2020/09/18 12:0 a.m.56 views

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1322-1 Rating: important References: 1175757 Cross-References: CVE-2020-6558 CVE-2020-6559 CVE-2020-6560 CVE-2020-6561 CVE-2020-6562 CVE-2020-6563 CVE-2020-6564 CVE-2020-6565 CVE-2020-6566 CVE-2020-6567...

9.3CVSS6.6AI score0.02296EPSS
Exploits3References1
RedHat Linux
RedHat Linux
added 2020/09/10 1:45 p.m.4 views

chromium-browser: Use after free in presentation API

Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

9.3CVSS7.4AI score0.02296EPSS
Exploits0References5
Microsoft KB
Microsoft KB
added 2020/09/04 12:0 a.m.27 views

September 8, 2020-KB4576480 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703

September 8, 2020-KB4576480 Cumulative Update for .NET Framework 4.8 for Windows 10 Version 1703 Release Date: September 8, 2020 Version: .NET Framework 4.8 Summary Security improvementsClickOnce will no longer download applications from untrusted servers which use NTLM authentication, but,...

6.9AI score
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2020/09/03 12:0 a.m.45 views

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1328-1 Rating: important References: 1175757 Cross-References: CVE-2020-6558 CVE-2020-6559 CVE-2020-6560 CVE-2020-6561 CVE-2020-6562 CVE-2020-6563 CVE-2020-6564 CVE-2020-6565 CVE-2020-6566 CVE-2020-6567...

9.3CVSS6.6AI score0.02296EPSS
Exploits3References1
OpenVAS
OpenVAS
added 2020/09/02 12:0 a.m.22 views

Google Chrome Security Update (stable-channel-update-for-desktop_25-2020-08) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

9.3CVSS6.2AI score0.02296EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2020/09/02 12:0 a.m.35 views

openSUSE Security Update : chromium (openSUSE-2020-1309)

This update for chromium fixes the following issues : Chromium was updated to version 85.0.4183.83 boo1175757 fixing : - CVE-2020-6558: Insufficient policy enforcement in iOS - CVE-2020-6559: Use after free in presentation API - CVE-2020-6560: Insufficient policy enforcement in autofill -...

9.3CVSS7AI score0.02296EPSS
Exploits3References15
OpenVAS
OpenVAS
added 2020/09/02 12:0 a.m.21 views

openSUSE: Security Advisory for chromium (openSUSE-SU-2020:1306-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS6.5AI score0.02296EPSS
Exploits3References2
OPENSUSE Linux
OPENSUSE Linux
added 2020/09/01 12:0 a.m.52 views

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1309-1 Rating: important References: 1175757 Cross-References: CVE-2020-6558 CVE-2020-6559 CVE-2020-6560 CVE-2020-6561 CVE-2020-6562 CVE-2020-6563 CVE-2020-6564 CVE-2020-6565 CVE-2020-6566 CVE-2020-6567...

9.3CVSS6.6AI score0.02296EPSS
Exploits3References1
OPENSUSE Linux
OPENSUSE Linux
added 2020/08/31 12:0 a.m.53 views

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1306-1 Rating: important References: 1175757 Cross-References: CVE-2020-6558 CVE-2020-6559 CVE-2020-6560 CVE-2020-6561 CVE-2020-6562 CVE-2020-6563 CVE-2020-6564 CVE-2020-6565 CVE-2020-6566 CVE-2020-6567...

9.3CVSS6.6AI score0.02296EPSS
Exploits3References1
Rows per page
Query Builder