|
141
|
7.5 |
HIGH
Network
zoom
|
virtual_desktop_infrastructure
zoom
|
Uncontrolled resource consumption in Zoom Team Chat for Zoom Desktop Client for Windows and Zoom VDI Client may allow an unauthenticated user to conduct a disclosure of information via network access.
Update
|
NVD-CWE-noinfo
|
CVE-2023-39203
|
2024-09-28 04:15 |
2023-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
142
|
7.5 |
HIGH
Network
zoom
|
zoom
|
Improper input validation in Zoom Desktop Client for Linux before version 5.15.10 may allow an unauthenticated user to conduct a denial of service via network access.
Update
|
CWE-20
Improper Input Validation
|
CVE-2023-39208
|
2024-09-28 04:15 |
2023-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
143
|
7.8 |
HIGH
Local
|
zoom
|
rooms
zoom
|
Improper privilege management in Zoom Desktop Client for Windows and Zoom Rooms for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via local access.
Update
|
CWE-269
Improper Privilege Management
|
CVE-2023-39211
|
2024-09-28 04:15 |
2023-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
144
|
6.5 |
MEDIUM
Network
|
zoom
|
zoom
|
Improper input validation in Zoom Desktop Client for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via network access.
Update
|
CWE-20
Improper Input Validation
|
CVE-2023-39209
|
2024-09-28 04:15 |
2023-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
145
|
6.5 |
MEDIUM
Network
|
zoom
|
zoom
virtual_desktop_infrastructure
rooms
|
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enable information disclosure via network access.
Update
|
NVD-CWE-Other
|
CVE-2023-36535
|
2024-09-28 04:15 |
2023-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
146
|
8.1 |
HIGH
Network
|
phoenixcontact
|
tc_mguard_rs4000_4g_vzw_vpn_firmware
tc_mguard_rs4000_4g_vpn_firmware
tc_mguard_rs4000_4g_att_vpn_firmware
tc_mguard_rs4000_3g_vpn_firmware
tc_mguard_rs2000_4g_vzw_vpn_firmware
tc_mgua…
|
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP …
Update
|
NVD-CWE-noinfo
|
CVE-2024-43392
|
2024-09-28 04:04 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
147
|
7.1 |
HIGH
Local
|
moxa
|
mxview_one
mxview_one_central_manager
|
The configuration file stores credentials in cleartext. An attacker with local access rights can read or modify the configuration file, potentially resulting in the service being abused due to sensit…
Update
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-6785
|
2024-09-28 03:59 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
148
|
8.8 |
HIGH
Network
|
phoenixcontact
|
tc_mguard_rs4000_4g_vzw_vpn_firmware
tc_mguard_rs4000_4g_vpn_firmware
tc_mguard_rs4000_4g_att_vpn_firmware
tc_mguard_rs4000_3g_vpn_firmware
tc_mguard_rs2000_4g_vzw_vpn_firmware
tc_mgua…
|
An low privileged remote attacker can execute OS commands with root privileges due to improper neutralization of special elements in user data.
Update
|
CWE-78
OS Command
|
CVE-2024-7699
|
2024-09-28 03:59 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
149
|
7.8 |
HIGH
Local
|
logitech
|
logi_options\+
|
Improper Control of Generation of Code ('Code Injection') in Electron Fuses in Logitech Options Plus version 1.60.496306 on macOS allows attackers to execute arbitrary code via insecure Electron Fuse…
Update
|
CWE-94
Code Injection
|
CVE-2024-8258
|
2024-09-28 03:56 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
150
|
9.8 |
CRITICAL
Network
millbeck
|
proroute_h685t-w_firmware
|
There is a command injection vulnerability that may allow an attacker to inject malicious input on the device's operating system.
Update
|
CWE-78
OS Command
|
CVE-2024-45682
|
2024-09-28 03:54 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
