Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
barco control room management suite vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-2623
Use after free in Offline in Google Chrome on Android before 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.
Google Chrome
Fedoraproject Fedora 37
7.5
CVSSv3
CVE-2022-26975
Barco Control Room Management Suite web application, which is part of TransForm N prior to 3.14, is exposing log files without authentication.
Barco Control Room Management Suite
7.5
CVSSv3
CVE-2022-26233
Barco Control Room Management through Suite 2.9 Build 0275 exists to be vulnerable to directory traversal, allowing malicious users to access sensitive information and components. Requests must begin with the "GET /..\.." substring.
Barco Control Room Management Suite
6.1
CVSSv3
CVE-2022-26972
Barco Control Room Management Suite web application, which is part of TransForm N prior to 3.14, is exposing a URL /cgi-bin endpoint. The URL parameters are not correctly sanitized, leading to reflected XSS.
Barco Control Room Management Suite
6.1
CVSSv3
CVE-2022-26974
Barco Control Room Management Suite web application, which is part of TransForm N prior to 3.14, is exposing a file upload mechanism. Lack of input sanitization in the upload mechanism leads to reflected XSS.
Barco Control Room Management Suite
6.1
CVSSv3
CVE-2022-26977
Barco Control Room Management Suite web application, which is part of TransForm N prior to 3.14, is exposing a license file upload mechanism. Lack of input sanitization of the upload mechanism is leads to stored XSS.
Barco Control Room Management Suite
6.1
CVSSv3
CVE-2022-26978
Barco Control Room Management Suite web application, which is part of TransForm N prior to 3.14, is exposing a URL /checklogin.jsp endpoint. The os_username parameters is not correctly sanitized, leading to reflected XSS.
Barco Control Room Management Suite
5.4
CVSSv3
CVE-2022-26976
Barco Control Room Management Suite web application, which is part of TransForm N prior to 3.14, is exposing a license file upload mechanism. Lack of input sanitization in the upload mechanism is leads to reflected XSS.
Barco Control Room Management Suite
5.3
CVSSv3
CVE-2022-26971
Barco Control Room Management Suite web application, which is part of TransForm N prior to 3.14, is exposing a license file upload mechanism. This upload can be executed without authentication.
Barco Control Room Management Suite
5.3
CVSSv3
CVE-2022-26973
Barco Control Room Management Suite web application, which is part of TransForm N prior to 3.14, is exposing a license file upload mechanism. By tweaking the license file name, the returned error message exposes internal directory path details.
Barco Control Room Management Suite
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started