208 matches found
WordPress StreamWeasels Twitch Integration plugin <= 1.9.2 - Unauthenticated Reflected Cross-Site Scripting vulnerability
Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin StreamWeasels Twitch Integration versions = 1.9.2...
CVE-2026-40907
WWBN AVideo is an open source video platform. In versions 29.0 and prior, the endpoint plugin/Live/view/Liverestreams/list.json.php contains an Insecure Direct Object Reference IDOR vulnerability that allows any authenticated user with streaming permission to retrieve other users' live restream...
EUVD-2026-24284
WWBN AVideo is an open source video platform. In versions 29.0 and prior, the endpoint plugin/Live/view/Liverestreams/list.json.php contains an Insecure Direct Object Reference IDOR vulnerability that allows any authenticated user with streaming permission to retrieve other users' live restream...
GHSA-GPGP-W4X2-H3H7 WWBN AVideo has an IDOR in Live Restreams list.json.php Exposes Other Users' Stream Keys and OAuth Tokens
Summary The endpoint plugin/Live/view/Liverestreams/list.json.php contains an Insecure Direct Object Reference IDOR vulnerability that allows any authenticated user with streaming permission to retrieve other users' live restream configurations, including third-party platform stream keys and OAut...
CVE-2024-14032
Twitch Studio version 0.114.8 and prior contain a privilege escalation vulnerability in its privileged helper tool that allows local attackers to execute arbitrary code as root by exploiting an unprotected XPC service. Attackers can invoke the installFromPath:toPath:withReply: method to overwrite...
EUVD-2024-55535
Twitch Studio version 0.114.8 and prior contain a privilege escalation vulnerability in its privileged helper tool that allows local attackers to execute arbitrary code as root by exploiting an unprotected XPC service. Attackers can invoke the installFromPath:toPath:withReply: method to overwrite...
CVE-2024-14032
Twitch Studio version 0.114.8 and prior contain a privilege escalation vulnerability in its privileged helper tool that allows local attackers to execute arbitrary code as root by exploiting an unprotected XPC service. Attackers can invoke the installFromPath:toPath:withReply: method to overwrite...
CVE-2024-14032 Twitch Studio LauncherHelper XPC Missing Authorization to Root File Write
Twitch Studio version 0.114.8 and prior contain a privilege escalation vulnerability in its privileged helper tool that allows local attackers to execute arbitrary code as root by exploiting an unprotected XPC service. Attackers can invoke the installFromPath:toPath:withReply: method to overwrite...
CVE-2024-14032 Twitch Studio LauncherHelper XPC Missing Authorization to Root File Write
Twitch Studio version 0.114.8 and prior contain a privilege escalation vulnerability in its privileged helper tool that allows local attackers to execute arbitrary code as root by exploiting an unprotected XPC service. Attackers can invoke the installFromPath:toPath:withReply: method to overwrite...
CVE-2024-14032
CVE-2024-14032 affects Twitch Studio (version 0.114.8 and earlier). The vulnerability is in the privileged helper tool, via an unprotected XPC service, allowing a local attacker to call installFromPath:toPath:withReply: to overwrite system files and privileged binaries. This can lead to arbitrary...
Twitch Studio 安全漏洞
Twitch Studio is a simple streaming production and publishing software for live creators developed by the American company Twitch. Versions of Twitch Studio prior to 0.114.8 contain security vulnerabilities. These vulnerabilities stem from the unprotected XPC service in the privilege assistant...
PT-2026-30633
Twitch Studio version 0.114.8 and prior contain a privilege escalation vulnerability in its privileged helper tool that allows local attackers to execute arbitrary code as root by exploiting an unprotected XPC service. Attackers can invoke the installFromPath:toPath:withReply: method to overwrite...
Malicious Package
Overview twitch-security is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview twitch.dashboard-v2.core is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Malicious code in twitch-security (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f99261d9b844b178048388c92a488b23fa3bf806bbedbcc40108cb97f0b7087 The package twitch-security was found to contain malicious code. Source: ghsa-malware f46d2713d7df72180db5cb77dcd0cefbbffa8baa5a245e376ab250a84d29fc2...
MAL-2026-1416 Malicious code in twitch-security (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f99261d9b844b178048388c92a488b23fa3bf806bbedbcc40108cb97f0b7087 The package twitch-security was found to contain malicious code. Source: ghsa-malware f46d2713d7df72180db5cb77dcd0cefbbffa8baa5a245e376ab250a84d29fc2...
MAL-2026-1417 Malicious code in twitch.dashboard-v2.core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 637dc1fe27ba94d42da29869618ddc561c6dece34d9b0cbfc0061919e77de510 The package twitch.dashboard-v2.core was found to contain malicious code. Source: ghsa-malware...
Malicious code in twitch.dashboard-v2.core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 637dc1fe27ba94d42da29869618ddc561c6dece34d9b0cbfc0061919e77de510 The package twitch.dashboard-v2.core was found to contain malicious code. Source: ghsa-malware...
Malicious code in twitch-twilight-intl (npm)
The package exfiltrates system data to remote server --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01efff3eeb27457695f8dc2651f9944b72ee21d46a4579f33d0078e509887101 The package twitch-twilight-intl was found to contain malicious code. Source: ghsa-malware...
MAL-2026-1389 Malicious code in twitch-twilight-intl (npm)
The package exfiltrates system data to remote server --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01efff3eeb27457695f8dc2651f9944b72ee21d46a4579f33d0078e509887101 The package twitch-twilight-intl was found to contain malicious code. Source: ghsa-malware...