26 matches found
CVE-2024-24978
Denial-of-service DoS vulnerability exists in TvRock 0.9t8a. Receiving a specially crafted request by a remote attacker or having a user of TvRock click a specially crafted request may lead to ABEND abnormal end. Note that the developer was unreachable, therefore, users should consider stop using...
CVE-2024-26018
Cross-site scripting vulnerability exists in TvRock 0.9t8a. An arbitrary script may be executed on the web browser of the user accessing the website that uses the product. Note that the developer was unreachable, therefore, users should consider stop using TvRock 0.9t8a...
CVE-2024-23597
Cross-site request forgery CSRF vulnerability exists in TvRock 0.9t8a. If a logged-in user of TVRock accesses a specially crafted page, unintended operations may be performed. Note that the developer was unreachable, therefore, users should consider stop using TvRock 0.9t8a...
CVE-2024-24978
Denial-of-service DoS vulnerability exists in TvRock 0.9t8a. Receiving a specially crafted request by a remote attacker or having a user of TvRock click a specially crafted request may lead to ABEND abnormal end. Note that the developer was unreachable, therefore, users should consider stop using...
CVE-2024-23597
Cross-site request forgery CSRF vulnerability exists in TvRock 0.9t8a. If a logged-in user of TVRock accesses a specially crafted page, unintended operations may be performed. Note that the developer was unreachable, therefore, users should consider stop using TvRock 0.9t8a...
CVE-2024-24978
Denial-of-service DoS vulnerability exists in TvRock 0.9t8a. Receiving a specially crafted request by a remote attacker or having a user of TvRock click a specially crafted request may lead to ABEND abnormal end. Note that the developer was unreachable, therefore, users should consider stop using...
CVE-2024-24978
TvRock 0.9t8a has a DoS vulnerability that can trigger an ABEND via a specially crafted request, with exploitation possible by remote attackers or by users clicking the crafted request. The developer is unreachable, and multiple sources advise stopping use of TvRock 0.9t8a. No public patch or mit...
CVE-2024-24978
Denial-of-service DoS vulnerability exists in TvRock 0.9t8a. Receiving a specially crafted request by a remote attacker or having a user of TvRock click a specially crafted request may lead to ABEND abnormal end. Note that the developer was unreachable, therefore, users should consider stop using...
CVE-2024-23597
Cross-site request forgery CSRF vulnerability exists in TvRock 0.9t8a. If a logged-in user of TVRock accesses a specially crafted page, unintended operations may be performed. Note that the developer was unreachable, therefore, users should consider stop using TvRock 0.9t8a...
CVE-2024-23597
CVE-2024-23597 describes a cross-site request forgery (CSRF) in TvRock 0.9t8a. When a logged‑in user visits a crafted page, unintended operations may be performed. The issue is attributed to TvRock’s lack of reachable mitigation, prompting multiple sources to recommend stopping use of version 0.9...
CVE-2024-23597
Cross-site request forgery CSRF vulnerability exists in TvRock 0.9t8a. If a logged-in user of TVRock accesses a specially crafted page, unintended operations may be performed. Note that the developer was unreachable, therefore, users should consider stop using TvRock 0.9t8a...
PT-2024-19955 · Tvrock · Tvrock
Name of the Vulnerable Software and Affected Versions: TvRock version 0.9t8a Description: A cross-site request forgery CSRF issue exists, allowing unintended operations to be performed if a logged-in user accesses a specially crafted page. Recommendations: For TvRock version 0.9t8a, consider...
PT-2024-20685 · Tvrock · Tvrock
Name of the Vulnerable Software and Affected Versions: TvRock version 0.9t8a Description: A denial-of-service DoS issue exists, where receiving a specially crafted request by a remote attacker or having a user click a specially crafted request may lead to an abnormal end ABEND. The developer of...
TvRock vulnerable to cross-site request forgery
Overview TvRock provided by TvRock according to the original report submitted by the reporter is a tool to set a timer recording for a TV program. TvRock contains a cross-site request forgery vulnerability CWE-352. During the meeting of Committee for authorizing the disclosure of unresolved...
TvRock vulnerable to denial-of-service (DoS)
Overview TvRock provided by TvRock according to the original report submitted by the reporter is a tool to set a timer recording for a TV program. TvRock contains a denial-of-service DoS vulnerability CWE-400. During the meeting of Committee for authorizing the disclosure of unresolved...
JVN#40079147: TvRock vulnerable to denial-of-service (DoS)
TvRock provided by TvRock according to the original report submitted by the reporter is a tool to set a timer recording for a TV program. TvRock contains a denial-of-service DoS vulnerability CWE-400. Impact Receiving a specially crafted request by a remote attacker or having a user of TVRock cli...
TvRock 安全漏洞
TvRock is a tool for setting timer recordings for TV programs from TvRock, Inc. A security vulnerability exists in TvRock version 0.9t8a, which stems from the presence of a Denial of Service DoS vulnerability, where a remote attacker with a specially crafted request could cause an abnormal end...
TvRock 安全漏洞
TvRock is a tool for setting timer recordings for TV programs from TvRock, Inc. A security vulnerability exists in TvRock version 0.9t8a, which stems from a cross-site request forgery vulnerability that may allow a logged in user to perform unexpected actions if they visit a specially crafted pag...
JVN#24683352: TvRock vulnerable to cross-site request forgery
TvRock provided by TvRock according to the original report submitted by the reporter is a tool to set a timer recording for a TV program. TvRock contains a cross-site request forgery vulnerability CWE-352. Impact If a logged-in user of TVRock accesses a specially crafted page, unintended operatio...
CVE-2024-26018
Cross-site scripting vulnerability exists in TvRock 0.9t8a. An arbitrary script may be executed on the web browser of the user accessing the website that uses the product. Note that the developer was unreachable, therefore, users should consider stop using TvRock 0.9t8a...