Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-23168 | 2024-08-19 | N/A | 9.8 CRITICAL | ||
Vulnerability in Xiexe XSOverlay before build 647 allows non-local websites to send the malicious commands to the WebSocket API, resulting in the arbitrary code execution. | |||||
CVE-2014-125071 | 1 Gribbit Project | 1 Gribbit | 2024-05-17 | 5.2 MEDIUM | 9.8 CRITICAL |
A vulnerability was found in lukehutch Gribbit. It has been classified as problematic. Affected is the function messageReceived of the file src/gribbit/request/HttpRequestHandler.java. The manipulation leads to missing origin validation in websockets. The name of the patch is 620418df247aebda3dd4be1dda10fe229ea505dd. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217716. | |||||
CVE-2024-1657 | 2024-04-25 | N/A | 8.1 HIGH | ||
A flaw was found in the ansible automation platform. An insecure WebSocket connection was being used in installation from the Ansible rulebook EDA server. An attacker that has access to any machine in the CIDR block could download all rulebook data from the WebSocket, resulting in loss of confidentiality and integrity of the system. | |||||
CVE-2023-32264 | 2024-03-08 | N/A | 5.8 MEDIUM | ||
CWE-1385 vulnerability in OpenText Documentum D2 affecting versions16.5.1 to CE 23.2. The vulnerability could allow upload arbitrary code and execute it on the client's computer. | |||||
CVE-2023-2886 | 1 Cbot | 2 Cbot Core, Cbot Panel | 2024-02-04 | N/A | 4.3 MEDIUM |
Missing Origin Validation in WebSockets vulnerability in CBOT Chatbot allows Content Spoofing Via Application API Manipulation.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7. |