23 matches found
GHSA-M7R8-6Q9J-M2HC WWBN AVideo has an incomplete fix for CVE-2026-33500: XSS
Summary The incomplete XSS fix in AVideo's ParsedownSafeWithLinks class overrides inlineMarkup for raw HTML but does not override inlineLink or inlineUrlTag, allowing javascript: URLs in markdown link syntax to bypass sanitization. Affected Package - Ecosystem: Other - Package: AVideo - Affected...
EUVD-2020-29373
Malware in sbrugna...
EUVD-2011-3926
Malware in sbrugna...
EUVD-2025-29046
Malicious code in bioql PyPI...
EUVD-2023-35292
Malicious code in bioql PyPI...
CVE-2025-48732
An incomplete blacklist exists in the .htaccess sample of WWBN AVideo 14.4 and dev master commit 8a8954ff. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can request a .phar file to trigger this vulnerability...
CVE-2023-30954
The Gotham video-application-server service contained a race condition which would cause it to not apply certain acls new videos if the source system had not yet initialized...
CVE-2020-8507
The Citytv Video application 4.08.0 for Android and 3.35 for iOS sends Unencrypted Analytics...
CVE-2020-3646
u'Buffer overflow seen as the destination buffer size is lesser than the source buffer size in video application' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, MSM8909W, QCM2150, QCS405, QCS60...
Cross site scripting
Cross Site Scripting XSS vulnerability in AVA teaching video application service platform version 3.1, allows remote attackers to execute arbitrary code via a crafted script to ajax.aspx...
CVE-2023-30954
The Gotham video-application-server service contained a race condition which would cause it to not apply certain acls new videos if the source system had not yet initialized...
CVE-2023-30954 Gotham Video Broken Authentication
The Gotham video-application-server service contained a race condition which would cause it to not apply certain acls new videos if the source system had not yet initialized...
CVE-2023-30954
The CVE describes a race condition in the Gotham video-application-server where ACLs for new videos may not be applied if the source system has not initialized. Affected component: Gotham video-application-server; underlying issue is a race condition affecting access control application during vi...
PT-2023-23083 · Unknown · Gotham Video-Application-Server
Name of the Vulnerable Software and Affected Versions: Gotham video-application-server affected versions not specified Description: The issue is related to a race condition in the Gotham video-application-server service. This condition causes the service to fail in applying certain access control...
WHO 安全漏洞
WHO is an online video community application. A security vulnerability exists in WHO versions 1.0.28, 1.0.30, and 1.0.32, which originates from a vulnerability that could allow an attacker to elevate privileges via the TTMultiProvider component...
Unauthorized Access Vulnerability in Ovia's Instructional Video Application Cloud Platform
Ltd. is a high-tech enterprise focusing on the research and development, production, sales and service of education informatization products. Guangzhou Aoweiya Electronic Technology Co., Ltd. campus video application cloud platform has unauthorized access vulnerability, attackers can use the...
CVE-2020-3646
u'Buffer overflow seen as the destination buffer size is lesser than the source buffer size in video application' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, MSM8909W, QCM2150, QCS405, QCS60...
Buffer overflow
u'Buffer overflow seen as the destination buffer size is lesser than the source buffer size in video application' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, MSM8909W, QCM2150, QCS405, QCS60...
CVE-2020-3646
CVE-2020-3646 affects Qualcomm Snapdragon video components; root cause is a buffer overflow where the destination buffer is smaller than the source buffer in a video application. Affected products include Snapdragon Compute/Consumer IoT/Industrial IoT, Mobile, Wearables, and related SoCs (e.g., S...
CVE-2020-3646
u'Buffer overflow seen as the destination buffer size is lesser than the source buffer size in video application' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, MSM8909W, QCM2150, QCS405, QCS60...