CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

RedhatCVE•added 2025/12/13 5:3 a.m.•3 views

CVE-2025-61987

GroupSession Free edition prior to ver5.3.0, GroupSession byCloud prior to ver5.3.3, and GroupSession ZION prior to ver5.3.2. do not validate origins in WebSockets. If a user accesses a crafted page, Chat information sent to the user may be exposed...

6.9CVSS6.5AI score0.00016EPSS

Exploits0References1

NVD•added 2025/12/12 5:16 a.m.•2 views

CVE-2025-61987

6.9CVSS0.00016EPSS

Exploits0References2

OSV•added 2025/12/12 5:16 a.m.•1 views

CVE-2025-61987

6.9CVSS5.7AI score0.00016EPSS

Exploits0References2

Vulnrichment•added 2025/12/12 5:2 a.m.•2 views

CVE-2025-61987

6.9CVSS5.3AI score0.00016EPSS

Exploits0References2

CVE•added 2025/12/12 5:2 a.m.•5 views

CVE-2025-61987

CVE-2025-61987 affects GroupSession variants: Free edition prior to 5.3.0, byCloud prior to 5.3.3, and ZION prior to 5.3.2. The root cause is lack of origin validation in WebSockets, which may allow exposure of chat information to users accessing crafted pages. Affected software is GroupSession (...

6.9CVSS6.1AI score0.00016EPSS

Exploits0References2Affected Software1

EUVD•added 2025/12/12 5:2 a.m.•2 views

EUVD-2025-203021

6.9CVSS6AI score0.00016EPSS

Exploits0References3

Cvelist•added 2025/12/12 5:2 a.m.•23 views

CVE-2025-61987

6.9CVSS0.00016EPSS

Exploits0References2

SUSE CVE•added 2023/02/15 5:29 a.m.•2 views

SUSE CVE-2014-3429

IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page...

6.8CVSS7.5AI score0.02089EPSS

Exploits0References3

OSV•added 2014/08/07 11:13 a.m.•1 views

UBUNTU-CVE-2014-3429

6.8CVSS6.2AI score0.02089EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by