Lucene search
K

6 matches found

EUVD
EUVD
added 5 days ago6 views

EUVD-2026-40415

Invidious through 2.20260626.0, fixed in commit 77ad416, contains a broken object level authorization vulnerability that allows authenticated attackers to delete videos from other users' playlists by supplying an arbitrary global video index in the removevideo action of the playlist endpoint...

7.1CVSS5.9AI score0.00225EPSS
Exploits0References5
CVE
CVE
added 6 days ago10 views

CVE-2026-58447

CVE-2026-58447 (Invidious) : A broken object-level authorization vulnerability affects Invidious up to version 2.20260626.0. An authenticated attacker can delete videos from other users’ playlists by supplying an arbitrary global video index to the remove_video endpoint, using per-video indices e...

7.1CVSS5.9AI score0.00225EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 6 days ago4 views

PT-2026-53996

Name of the Vulnerable Software and Affected Versions Invidious versions prior to 2.20260626.0 Description An issue exists where authenticated attackers can delete videos from playlists belonging to other users. This occurs because the system fails to validate ownership when a request is made to...

7.1CVSS6AI score0.00225EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2025/05/23 8:38 a.m.5 views

CVE-2024-32963

Navidrome is an open source web-based music collection server and streamer. In affected versions of Navidrome are subject to a parameter tampering vulnerability where an attacker has the ability to manipulate parameter values in the HTTP requests. The attacker is able to change the parameter valu...

4.2CVSS6.9AI score0.00413EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/03/24 6:0 p.m.18 views

CVE-2017-17750

Bose SoundTouch devices allow XSS via a crafted public playlist from Spotify...

5.3AI score0.00521EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2018/03/24 12:0 a.m.5 views

PT-2018-6563 · Spotify +1 · Spotify +1

Name of the Vulnerable Software and Affected Versions: Bose SoundTouch affected versions not specified Description: The issue allows for cross-site scripting XSS attacks through a crafted public playlist from Spotify. Recommendations: At the moment, there is no information about a newer version...

5.4CVSS5.2AI score0.00521EPSS
Exploits0References2
Rows per page
Query Builder