CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 5 days ago•11 views

CVE-2017-20270

CVE-2017-20270 affects the Joomla! Twitch Tv component 1.1, with an SQL injection vulnerability in the GET parameters username and id via index.php (option=com_twitchtv and view) that allows unauthenticated attackers to execute arbitrary SQL and extract sensitive data (credentials, configuration)...

8.8CVSS6.2AI score0.0027EPSS

Cvelist•added 5 days ago•25 views

CVE-2017-20270 Joomla! Component Twitch Tv 1.1 SQL Injection

8.8CVSS0.0027EPSS

ATTACKERKB•added 5 days ago•6 views

CVE-2017-20270

8.8CVSS6.2AI score0.0027EPSS

Exploits0References4Affected Software1

EUVD•added 5 days ago•4 views

EUVD-2017-18997

8.8CVSS6.2AI score0.0027EPSS

Patchstack•added 2026/05/01 9:16 a.m.•2 views

WordPress StreamWeasels Twitch Integration plugin <= 1.9.2 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin StreamWeasels Twitch Integration versions = 1.9.2...

6.1CVSS5.8AI score0.00276EPSS

Exploits0References1Affected Software1

NVD•added 2026/04/21 8:17 p.m.•4 views

CVE-2026-40907

WWBN AVideo is an open source video platform. In versions 29.0 and prior, the endpoint plugin/Live/view/Liverestreams/list.json.php contains an Insecure Direct Object Reference IDOR vulnerability that allows any authenticated user with streaming permission to retrieve other users' live restream...

6.5CVSS0.00269EPSS

Exploits1References2

EUVD•added 2026/04/21 7:50 p.m.•4 views

EUVD-2026-24284

6.5CVSS5.7AI score0.00269EPSS

Exploits1References2

OSV•added 2026/04/14 10:49 p.m.•2 views

GHSA-GPGP-W4X2-H3H7 WWBN AVideo has an IDOR in Live Restreams list.json.php Exposes Other Users' Stream Keys and OAuth Tokens

Summary The endpoint plugin/Live/view/Liverestreams/list.json.php contains an Insecure Direct Object Reference IDOR vulnerability that allows any authenticated user with streaming permission to retrieve other users' live restream configurations, including third-party platform stream keys and OAut...

6.5CVSS6AI score0.00269EPSS

RedhatCVE•added 2026/04/07 5:3 p.m.•1 views

CVE-2024-14032

Twitch Studio version 0.114.8 and prior contain a privilege escalation vulnerability in its privileged helper tool that allows local attackers to execute arbitrary code as root by exploiting an unprotected XPC service. Attackers can invoke the installFromPath:toPath:withReply: method to overwrite...

EUVD•added 2026/04/06 6:33 p.m.•3 views

Exploits1References1

EUVD-2024-55535

NVD•added 2026/04/06 4:16 p.m.•3 views

Exploits1References5

CVE-2024-14032

8.5CVSS0.00177EPSS

CVE•added 2026/04/06 3:33 p.m.•10 views

CVE-2024-14032

CVE-2024-14032 affects Twitch Studio (version 0.114.8 and earlier). The vulnerability is in the privileged helper tool, via an unprotected XPC service, allowing a local attacker to call installFromPath:toPath:withReply: to overwrite system files and privileged binaries. This can lead to arbitrary...

Exploits1References4Affected Software1

Cvelist•added 2026/04/06 3:33 p.m.•25 views

CVE-2024-14032 Twitch Studio LauncherHelper XPC Missing Authorization to Root File Write

8.5CVSS0.00177EPSS

Vulnrichment•added 2026/04/06 3:33 p.m.•1 views

CVE-2024-14032 Twitch Studio LauncherHelper XPC Missing Authorization to Root File Write

CNNVD•added 2026/04/06 12:0 a.m.•3 views

Twitch Studio 安全漏洞

Twitch Studio is a simple streaming production and publishing software for live creators developed by the American company Twitch. Versions of Twitch Studio prior to 0.114.8 contain security vulnerabilities. These vulnerabilities stem from the unprotected XPC service in the privilege assistant...

8.5CVSS5.8AI score0.00177EPSS

Positive Technologies•added 2026/04/06 12:0 a.m.•3 views

PT-2026-30633