CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 3CVE-2024-37742
https://notcve.org/view.php?id=CVE-2024-37742
25 Jun 2024 — Insecure Access Control in Safe Exam Browser (SEB) = 3.5.0 on Windows. The vulnerability allows an attacker to share clipboard data between the SEB kiosk mode and the underlying system, compromising exam integrity. By exploiting this flaw, an attacker can bypass exam controls and gain an unfair advantage during exams. Un problema en Safe Exam Browser para Windows anterior a 3.6 permite a un atacante compartir datos del portapapeles entre el modo quiosco SEB y el sistema subyacente, comprometiendo la integri... • https://github.com/Eteblue/CVE-2024-37742 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-36220
https://notcve.org/view.php?id=CVE-2022-36220
19 Aug 2022 — Kiosk breakout (without quit password) in Safe Exam Browser (Windows) <3.4.0, which allows an attacker to achieve code execution via the browsers' print dialog. Kiosk breakout (sin dejar la contraseña) en Safe Exam Browser (Windows) versiones anteriores a 3.4.0, que permite a un atacante lograr una ejecución de código por medio del diálogo de impresión del navegador. • https://github.com/SafeExamBrowser/seb-win-refactoring/issues/434 •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 1CVE-2020-24364
https://notcve.org/view.php?id=CVE-2020-24364
24 Aug 2020 — MineTime through 1.8.5 allows arbitrary command execution via the notes field in a meeting. Could lead to RCE via meeting invite. MineTime hasta la versión 1.8.5 permite la ejecución de comandos arbitrarios a través del campo de notas en una reunión. Podría conducir a RCE a través de la invitación a la reunión • https://github.com/theart42/cves/blob/master/cve-2020-24364/CVE-2020-24364.md • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 2.5EPSS: 0%CPEs: 4EXPL: 0CVE-2016-4980
https://notcve.org/view.php?id=CVE-2016-4980
27 Nov 2019 — A password generation weakness exists in xquest through 2016-06-13. Existe una debilidad de generación de contraseña en xquest hasta 13-06-2016. • https://access.redhat.com/security/cve/cve-2016-4980 • CWE-330: Use of Insufficiently Random Values •