Tag
high
threat
Microsoft 365 Copilot Multiple Vulnerabilities
2 rules 2 TTPsA remote, anonymous attacker can exploit multiple vulnerabilities in Microsoft 365 Copilot to execute arbitrary program code and disclose confidential information.
Microsoft 365 Copilot
microsoft365
copilot
vulnerability
code_execution
information_disclosure
2r
2t
medium
advisory
Ruby Multiple Vulnerabilities Lead to DoS and Information Disclosure
2 rules 1 TTPA remote, anonymous attacker can exploit multiple unspecified vulnerabilities in Ruby to perform a denial of service attack or disclose sensitive information.
Ruby
dos
information_disclosure
vulnerability
2r
1t
high
advisory
AVideo CloneSite Unauthenticated Information Disclosure Leading to Remote Database Dump
2 rules 2 TTPsAVideo is vulnerable to unauthenticated information disclosure via the `plugin/CloneSite/cloneClient.json.php` endpoint, which echoes the local CloneSite shared secret (`$objClone->myKey`) in HTTP responses without authentication, enabling cross-site database dumps of the configured clone server.
avideo
information_disclosure
database_dump
2r
2t