28 matches found
Astra Linux - уязвимость в webkit2gtk
A logic issue in the handling of concurrent media was addressed with improved state handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. Video self-preview in a webRTC call may be interrupted if the user answers a phone call...
CVE-2019-20851
An issue was discovered in Mattermost Mobile Apps before 1.26.0. An attacker can use directory traversal with the Video Preview feature to overwrite arbitrary files on a device...
EUVD-2019-11388
Malware in sbrugna...
EUVD-2024-45112
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-22677
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A logic issue in the handling of concurrent media was addressed with improved state handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS...
Bottinelli Informatical Vedo Suite Server-Side Request Forgery Vulnerability
Bottinelli Informatical Vedo Suite is an enterprise software suite for the textile and design industry from Bottinelli Informatica, Italy. Bottinelli Informatical Vedo Suite suffers from a server-side request forgery vulnerability, which originates from the /apivedo/video/preview endpoint that do...
CVE-2025-51057
A local file inclusion LFI vulnerability in Vedo Suite version 2024.17 allows remote authenticated attackers to read arbitrary filesystem files by exploiting an unsanitized 'readfile' function call in '/apivedo/video/preview'...
Bottinelli Informatical Vedo Suite 安全漏洞
Bottinelli Informatical Vedo Suite is an enterprise software suite for the textile and design industry from Bottinelli Informatica, Italy. Bottinelli Informatical Vedo Suite suffers from a server-side request forgery vulnerability, which originates from the /apivedo/video/preview endpoint that do...
webkitgtk: the video in a webRTC call may be interrupted if the audio capture gets interrupted
A vulnerability was found in WebKitGTK. This issue occurs due to a logic issue in video self-preview feature in a webRTC call, which can be interrupted if the user answers a phone call or the audio capture is interrupted. This flaw allows a remote attacker to perform a denial of service attack...
CVE-2024-50552
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jasonpancake Hover Video Preview hover-video-preview allows Stored XSS.This issue affects Hover Video Preview: from n/a through = 1.0.2...
CVE-2023-21485
Improper export of android application components vulnerability in VideoPreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox...
CVE-2024-50552
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jasonpancake Hover Video Preview hover-video-preview allows Stored XSS.This issue affects Hover Video Preview: from n/a through = 1.0.2...
CVE-2024-50552 WordPress Hover Video Preview plugin <= 1.0.2 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jasonpancake Hover Video Preview hover-video-preview allows Stored XSS.This issue affects Hover Video Preview: from n/a through = 1.0.2...
CVE-2024-50552
CVE-2024-50552: WordPress Hover Video Preview plugin versions 1.0.2 and earlier are affected by a Stored XSS due to improper neutralization of input during web page generation. The connected sources consistently describe this as a Stored XSS vulnerability in Hover Video Preview (CVE-2024-50552); ...
CVE-2024-50552 WordPress Hover Video Preview plugin <= 1.0.2 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jasonpancake Hover Video Preview hover-video-preview allows Stored XSS.This issue affects Hover Video Preview: from n/a through = 1.0.2...
WordPress plugin Hover Video Preview 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...
WordPress Hover Video Preview plugin <= 1.0.2 - Stored Cross Site Scripting (XSS) vulnerability
Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Hover Video Preview versions = 1.0.2...
WordPress Hover Video Preview Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)
Software Hover Video Preview Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50552 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 13b97e4ff065 Credits SOPROBRO Required privilege...
Samsung Mobile 安全漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung SAMSUNG. A security vulnerability previously existed in Samsung Mobile SMR May-2023 Release 1 version, which stemmed from a call to VideoPreviewActivity in...
SUSE CVE-2022-22677
A logic issue in the handling of concurrent media was addressed with improved state handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. Video self-preview in a webRTC call may be interrupted if the user answers a phone call...