Filter
15
0
10/12/2020
2/26/2021
7/12/2021
11/25/2021
4/11/2022
8/25/2022
1/9/2023
5/25/2023
10/8/2023
2/22/2024
7/7/2024
Trending
Software
BigBlueButtonBlind SSRF When Uploading Presentation in BigBlueButton
6.5
First published (updated )
BigBlueButtonBigBlueButton <= 3.0.0-beta.4 - Authenticated (Author+) Stored Cross-Site Scripting
6.4
First published (updated )
BigBlueButtonBigBlueButton Unrestricted File Upload vulnerability
8.8
First published (updated )
BigBlueButtonBigBlueButton Path Traversal – Reading Certain File Extensions
5.3
First published (updated )
BigBlueButtonBigBlueButton Stored Cross-site Scripting vulnerability at Guest Lobby
6.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
BigBlueButtonBigBlueButton Blind SSRF When Uploading Presentation (mitigation bypass)
5.6
First published (updated )
BigBlueButtonBigBlueButton Greenlight Open Redirect vulnerability
9.1
First published (updated )
BigBlueButtonweb/controllers/ApiController.groovy in BigBlueButton before 2.2.29 lacks certain parameter sanitiza…
5.3
First published (updated )
BigBlueButtonAn issue was discovered in BigBlueButton through 2.2.29. A brute-force attack may occur because an u…
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
BigBlueButtonIn BigBlueButton before 2.2.29, a user can vote more than once in a single poll.
4.3
First published (updated )
BigBlueButtonBigBlueButton through 2.2.28 uses STUN/TURN resources from a third party, which may represent an uni…
7.5
First published (updated )
BigBlueButtonBigBlueButton through 2.2.28 uses Ghostscript for processing of uploaded EPS documents, and conseque…
9.8
First published (updated )
BigBlueButtonBigBlueButton before 2.3 does not implement LibreOffice sandboxing. This might make it easier for re…
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
BigBlueButtonBigBlueButton before 2.2.28 (or earlier) does not set the secure flag for the session cookie in an h…
5.3
First published (updated )
BigBlueButtonThe installation procedure in BigBlueButton before 2.2.28 (or earlier) exposes certain network servi…
7.5
First published (updated )
BigBlueButtonBigBlueButton before 2.2.7 does not have a protection mechanism for separator injection in meetingId…
9.8
First published (updated )
BigBlueButtonThe installation procedure in BigBlueButton before 2.2.28 (or earlier) uses ClueCon as the FreeSWITC…
8.4
First published (updated )
BigBlueButtonBigBlueButton through 2.2.28 records a video meeting despite the deactivation of video recording in …
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
BigBlueButtonBigBlueButton before 2.2.27 has an unsafe JODConverter setting in which LibreOffice document convers…
7.5
First published (updated )
BigBlueButtonIn BigBlueButton before 2.2.28 (or earlier), the client-side Mute button only signifies that the ser…
6.5
First published (updated )
BigBlueButtonIn BigBlueButton before 2.2.7, lockSettingsProps.disablePrivateChat does not apply to already opened…
3.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
BigBlueButtonBigBlueButton Greenlight before 2.5.6 allows HTTP header (Host and Origin) attacks, which can result…
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.