VYPR
Vendor

Cog Creators

Products
2
CVEs
5
Across products
5
Status
Private

Products

2

Recent CVEs

5
  • CVE-2020-26249HigDec 9, 2020
    risk 0.43cvss 7.7epss 0.01

    Red Discord Bot Dashboard is an easy-to-use interactive web dashboard to control your Redbot. In Red Discord Bot before version 0.1.7a an RCE exploit has been discovered. This exploit allows Discord users with specially crafted Server names and Usernames/Nicknames to inject code…

  • CVE-2020-15278HigOct 28, 2020
    risk 0.43cvss 7.7epss 0.01

    Red Discord Bot before version 3.4.1 has an unauthorized privilege escalation exploit in the Mod module. This exploit allows Discord users with a high privilege level within the guild to bypass hierarchy checks when the application is in a specific condition that is beyond that…

  • CVE-2024-39905MedJul 11, 2024
    risk 0.27cvss 5.3epss 0.00

    Red is a fully modular Discord bot. Due to a bug in Red's Core API, 3rd-party cogs using the `@commands.can_manage_channel()` command permission check without additional permission controls may authorize a user to run a command even when that user doesn't have permissions to…

  • CVE-2020-15147HigAug 21, 2020
    risk 0.00cvss 8.5epss 0.02

    Red Discord Bot before versions 3.3.12 and 3.4 has a Remote Code Execution vulnerability in the Streams module. This exploit allows Discord users with specifically crafted "going live" messages to inject code into the Streams module's going live message. By abusing this exploit,…

  • CVE-2020-15140HigAug 21, 2020
    risk 0.00cvss 8.2epss 0.01

    In Red Discord Bot before version 3.3.11, a RCE exploit has been discovered in the Trivia module: this exploit allows Discord users with specifically crafted usernames to inject code into the Trivia module's leaderboard command. By abusing this exploit, it's possible to perform…