General-Purpose System Vulnerabilities
Vulnerabilities related to traditional IT systems, servers, and desktop applications.
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2025-34440 | AVideo versions prior to 20.1 contain an open redirect vulnerability caused by insufficient validation of the siteRedir… | Medium (6.1) | 2025-12-17 | General-Purpose |
| CVE-2025-34439 | AVideo versions prior to 20.1 are vulnerable to an open redirect flaw due to missing validation of the cancelUri parame… | Medium (6.1) | 2025-12-17 | General-Purpose |
| CVE-2025-34438 | AVideo versions prior to 20.1 contain an insecure direct object reference vulnerability allowing users with upload perm… | High (8.1) | 2025-12-17 | General-Purpose |
| CVE-2025-34437 | AVideo versions prior to 20.1 permit any authenticated user to upload comment images to videos owned by other users. Th… | High (8.8) | 2025-12-17 | General-Purpose |
| CVE-2025-34436 | AVideo versions prior to 20.1 allow any authenticated user to upload files into directories belonging to other users du… | High (8.8) | 2025-12-17 | General-Purpose |