| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-23490 | Improper access control to polling votes | bigbluebutton | bigbluebutton | Medium | 4.3 | 2022-12-16 21:02:30 | Deep Dive |
| CVE-2022-41964 | BigBlueButton contains Response leaks in anonymous polls | bigbluebutton | bigbluebutton | Medium | 5.7 | 2022-12-16 17:17:15 | Deep Dive |
| CVE-2022-41963 | BigBlueButton contains Improper Preservation of Permissions for whiteboard | bigbluebutton | bigbluebutton | Low | 2.7 | 2022-12-16 13:00:42 | Deep Dive |
| CVE-2022-41962 | BigBlueButton contains Incorrect Authorization for setting emoji status | bigbluebutton | bigbluebutton | Low | 2.7 | 2022-12-16 12:45:06 | Deep Dive |
| CVE-2022-41961 | BigBlueButton subject to Ineffective user bans | bigbluebutton | bigbluebutton | Medium | 4.3 | 2022-12-16 12:24:43 | Deep Dive |
| CVE-2022-41960 | BigBlueButton contains DoS via failed authToken validation | bigbluebutton | bigbluebutton | Medium | 4.3 | 2022-12-15 23:56:27 | Deep Dive |
| CVE-2022-31064 | Cross site scripting in username that will trigger by sending chat | bigbluebutton | bigbluebutton | Medium | 6.5 | 2022-06-27 19:50:14 | Deep Dive |
| CVE-2022-31065 | Cross site scripting vulnerability for private chat in bigbluebutton | bigbluebutton | bigbluebutton | Medium | 6.5 | 2022-06-27 19:45:21 | Deep Dive |
| CVE-2022-31039 | Improper privilege management - Anyone can view room settings in GreenLight | bigbluebutton | greenlight | Medium | 4.3 | 2022-06-27 19:25:12 | Deep Dive |
| CVE-2022-29235 | Limited data exposure for shared external videos in BigBlueButton | bigbluebutton | bigbluebutton | Medium | 5.3 | 2022-06-01 23:25:18 | Deep Dive |
| CVE-2022-29236 | Improper access control for pencil annotations in BigBlueButton | bigbluebutton | bigbluebutton | Medium | 4.3 | 2022-06-01 23:25:12 | Deep Dive |
| CVE-2022-29234 | Grace period for lock settings in public/private chats in BigBlueButton | bigbluebutton | bigbluebutton | Medium | 4.3 | 2022-06-01 23:20:14 | Deep Dive |
| CVE-2022-29233 | Improper access control for breakout rooms in BigBlue Button | bigbluebutton | bigbluebutton | Medium | 4.3 | 2022-06-01 23:15:15 | Deep Dive |
| CVE-2022-29232 | Exposure of messages in BigBlueButton public chats | bigbluebutton | bigbluebutton | Medium | 6.5 | 2022-06-01 22:25:12 | Deep Dive |
| CVE-2022-29169 | ReDoS on endpoint html5client/useragent in BigBlueButton | bigbluebutton | bigbluebutton | High | 7.5 | 2022-06-01 22:20:12 | Deep Dive |
| CVE-2021-4143 | Cross-site Scripting (XSS) - Generic in bigbluebutton/bigbluebutton | bigbluebutton | bigbluebutton/bigbluebutton | 高危 | - | 2022-01-19 22:20:09 | Deep Dive |