Lucene search
+L

42 matches found

Cvelist
Cvelist
added 3 days ago36 views

CVE-2026-15624 nextlevelbuilder GoClaw invoke Endpoint create_video_byteplus.go bytePlusDownloadVideo server-side request forgery

A vulnerability has been found in nextlevelbuilder GoClaw 3.13.3-beta.3. Affected by this vulnerability is the function bytePlusDownloadVideo of the file internal/tools/createvideobyteplus.go of the component invoke Endpoint. The manipulation of the argument output.videourl leads to server-side...

6.5CVSS0.00209EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.11 views

CVE-2026-45082

Karakeep is a elf-hostable bookmark-everything app. A Server-Side Request Forgery SSRF protection bypass vulnerability was identified in versions prior to 0.32.0 affecting redirect-following processing components. Although the application implements protections intended to prevent requests toward...

7.6CVSS5.5AI score0.003EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/26 1:45 p.m.19 views

CVE-2026-45082 Karakeep has a SSRF Protection Bypass via Redirect Handling

Karakeep is a elf-hostable bookmark-everything app. A Server-Side Request Forgery SSRF protection bypass vulnerability was identified in versions prior to 0.32.0 affecting redirect-following processing components. Although the application implements protections intended to prevent requests toward...

7.6CVSS5.8AI score0.003EPSS
Exploits0References1
OSV
OSV
added 2026/05/26 1:45 p.m.4 views

CVE-2026-45082 Karakeep has a SSRF Protection Bypass via Redirect Handling

Karakeep is a elf-hostable bookmark-everything app. A Server-Side Request Forgery SSRF protection bypass vulnerability was identified in versions prior to 0.32.0 affecting redirect-following processing components. Although the application implements protections intended to prevent requests toward...

7.6CVSS5.9AI score0.003EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/14 12:31 a.m.7 views

EUVD-2026-22120

A vulnerability was identified in HummerRisk up to 1.5.0. This vulnerability affects the function ServerService.addServer of the file ServerService.java of the component Video File Download URL Handler. Such manipulation of the argument streamIp leads to server-side request forgery. It is possibl...

5.8CVSS5.5AI score0.00218EPSS
Exploits0References5
CVE
CVE
added 2026/04/13 9:0 p.m.12 views

CVE-2026-6220

HummerRisk up to 1.5.0 is affected in ServerService.addServer (ServerService.java, Video File Download URL Handler). Manipulating the argument streamIp enables server-side request forgery; remote exploitation is possible and a public exploit exists. Vendor was contacted but did not respond. No re...

5.8CVSS5.5AI score0.00218EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/22 5:0 p.m.2 views

CVE-2026-33295 AVideo Vulnerable to Stored XSS via Unescaped Video Title in CDN downloadButtons.php

WWBN AVideo is an open source video platform. Prior to version 26.0, WWBN/AVideo contains a stored cross-site scripting vulnerability in the CDN plugin's download buttons component. The cleantitle field of a video record is interpolated directly into a JavaScript string literal without any...

8.2CVSS5.7AI score0.00216EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/12/17 8:7 a.m.4 views

CVE-2025-61976

CHOCO TEI WATCHER mini IB-MCT001 contains an issue with improper check for unusual or exceptional conditions. If a remote attacker sends a specially crafted request to the Video Download interface, the system may become unresponsive...

8.7CVSS7AI score0.00344EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/17 8:7 a.m.6 views

CVE-2025-66357

CHOCO TEI WATCHER mini IB-MCT001 contains an issue with improper check for unusual or exceptional conditions. When the Video Download feature is in a specific communication state, the product's resources may be consumed abnormally...

6.9CVSS6.8AI score0.00256EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/12/17 2:28 a.m.4 views

Multiple vulnerabilities in CHOCO TEI WATCHER mini

Overview CHOCO TEI WATCHER mini provided by Inaba Denki Sangyo Co., Ltd. contains multiple vulnerabilities listed below. Clickjacking CWE-1021 - CVE-2025-59479 Improper check for unusual conditions CWE-754 - CVE-2025-61976 Improper check for unusual conditions CWE-754 - CVE-2025-66357 JTEKT...

8.7CVSS6.7AI score0.00344EPSS
Exploits0References7
NVD
NVD
added 2025/12/16 5:16 a.m.7 views

CVE-2025-66357

CHOCO TEI WATCHER mini IB-MCT001 contains an issue with improper check for unusual or exceptional conditions. When the Video Download feature is in a specific communication state, the product's resources may be consumed abnormally...

6.9CVSS0.00256EPSS
Exploits0References2
NVD
NVD
added 2025/12/16 5:16 a.m.4 views

CVE-2025-61976

CHOCO TEI WATCHER mini IB-MCT001 contains an issue with improper check for unusual or exceptional conditions. If a remote attacker sends a specially crafted request to the Video Download interface, the system may become unresponsive...

8.7CVSS0.00344EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/16 4:48 a.m.4 views

EUVD-2025-203502

CHOCO TEI WATCHER mini IB-MCT001 contains an issue with improper check for unusual or exceptional conditions. When the Video Download feature is in a specific communication state, the product's resources may be consumed abnormally...

6.9CVSS6.3AI score0.00256EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/16 4:48 a.m.3 views

CVE-2025-66357

CHOCO TEI WATCHER mini IB-MCT001 contains an issue with improper check for unusual or exceptional conditions. When the Video Download feature is in a specific communication state, the product's resources may be consumed abnormally...

6.9CVSS6.5AI score0.00256EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/16 4:48 a.m.40 views

CVE-2025-66357

CHOCO TEI WATCHER mini IB-MCT001 contains an issue with improper check for unusual or exceptional conditions. When the Video Download feature is in a specific communication state, the product's resources may be consumed abnormally...

6.9CVSS0.00256EPSS
Exploits0References2
CVE
CVE
added 2025/12/16 4:48 a.m.12 views

CVE-2025-66357

Summary: CVE-2025-66357 affects CHOCO TEI WATCHER mini (IB-MCT001). When the Video Download feature is in a specific communication state, the product may consume resources abnormally due to an improper check for unusual or exceptional conditions, potentially causing a denial of service. The Red H...

6.9CVSS6.5AI score0.00256EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2025/12/16 4:48 a.m.5 views

EUVD-2025-203504

CHOCO TEI WATCHER mini IB-MCT001 contains an issue with improper check for unusual or exceptional conditions. If a remote attacker sends a specially crafted request to the Video Download interface, the system may become unresponsive...

8.7CVSS6.4AI score0.00344EPSS
Exploits0References3
CVE
CVE
added 2025/12/16 4:48 a.m.18 views

CVE-2025-61976

CVE-2025-61976 affects CHOCO TEI WATCHER mini (IB-MCT001). A vulnerability described as an improper check for unusual or exceptional conditions could allow a remote attacker to send a crafted request to the Video Download interface, potentially causing the system to become unresponsive. Public so...

8.7CVSS6.6AI score0.00344EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/16 4:48 a.m.2 views

CVE-2025-61976

CHOCO TEI WATCHER mini IB-MCT001 contains an issue with improper check for unusual or exceptional conditions. If a remote attacker sends a specially crafted request to the Video Download interface, the system may become unresponsive...

8.7CVSS6.6AI score0.00344EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/16 4:48 a.m.33 views

CVE-2025-61976

CHOCO TEI WATCHER mini IB-MCT001 contains an issue with improper check for unusual or exceptional conditions. If a remote attacker sends a specially crafted request to the Video Download interface, the system may become unresponsive...

8.7CVSS0.00344EPSS
Exploits0References2
Rows per page
Query Builder