|
1461
|
6.5 |
MEDIUM
Network
|
zoom
|
meeting_software_development_kit
video_software_development_kit
zoom
|
Improper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS before version 5.16.5 may allow an authenticated user to conduct a disclosure of information via network access.
|
NVD-CWE-Other
|
CVE-2023-43585
|
2024-09-28 05:15 |
2023-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1462
|
7.8 |
HIGH
Local
|
zoom
|
rooms
|
Improper privilege management in Zoom Rooms for macOS before version 5.16.0 may allow an authenticated user to conduct an escalation of privilege via local access.
|
NVD-CWE-noinfo
|
CVE-2023-43591
|
2024-09-28 05:15 |
2023-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1463
|
6.5 |
MEDIUM
Network
|
zoom
|
meeting_software_development_kit
zoom
virtual_desktop_infrastructure
|
Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of service via network access.
|
CWE-287
Improper Authentication
|
CVE-2023-39215
|
2024-09-28 05:15 |
2023-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1464
|
8.1 |
HIGH
Network
|
zoom
|
meeting_software_development_kit
rooms
zoom
|
Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated user to enable a denial of service via network access.
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2023-39214
|
2024-09-28 05:15 |
2023-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1465
|
9.8 |
CRITICAL
Network
zoom
|
virtual_desktop_infrastructure
zoom
|
Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client before 5.15.2 may allow an unauthenticated user to enable an escalation of privilege via network acc…
|
CWE-74
Injection
|
CVE-2023-39213
|
2024-09-28 05:15 |
2023-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1466
|
7.5 |
HIGH
Network
zoom
|
meeting_software_development_kit
video_software_development_kit
|
Improper input validation in Zoom SDK’s before 5.14.10 may allow an unauthenticated user to enable a denial of service via network access.
|
NVD-CWE-noinfo
|
CVE-2023-39217
|
2024-09-28 05:15 |
2023-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1467
|
9.8 |
CRITICAL
Network
zoom
|
zoom
|
Improper input validation in Zoom Desktop Client for Windows before 5.14.7 may allow an unauthenticated user to enable an escalation of privilege via network access.
|
NVD-CWE-noinfo
|
CVE-2023-39216
|
2024-09-28 05:15 |
2023-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1468
|
5.7 |
MEDIUM
Network
|
phoenixcontact
|
tc_mguard_rs4000_4g_vzw_vpn_firmware
tc_mguard_rs4000_4g_vpn_firmware
tc_mguard_rs4000_4g_att_vpn_firmware
tc_mguard_rs4000_3g_vpn_firmware
tc_mguard_rs2000_4g_vzw_vpn_firmware
tc_mgua…
|
A low privileged remote attacker can get access to CSRF tokens of higher privileged users which can be abused to mount CSRF attacks.
|
CWE-212
Improper Removal of Sensitive Information Before Storage or Transfer
|
CVE-2024-7698
|
2024-09-28 04:39 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1469
|
8.8 |
HIGH
Network
|
apache
|
airflow_sqoop_provider
|
Apache Airflow Sqoop Provider, versions before 4.0.0, is affected by a vulnerability that allows an attacker pass parameters with the connections, which makes it possible to implement RCE attacks via…
|
CWE-20
Improper Input Validation
|
CVE-2023-27604
|
2024-09-28 04:35 |
2023-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1470
|
8.8 |
HIGH
Network
|
phoenixcontact
|
tc_mguard_rs4000_4g_vzw_vpn_firmware
tc_mguard_rs4000_4g_vpn_firmware
tc_mguard_rs4000_4g_att_vpn_firmware
tc_mguard_rs4000_3g_vpn_firmware
tc_mguard_rs2000_4g_vzw_vpn_firmware
tc_mgua…
|
A low privileged remote attacker can read and write files as root due to improper neutralization of special elements in the variable EMAIL_RELAY_PASSWORD in mGuard devices.
|
CWE-78
OS Command
|
CVE-2024-43387
|
2024-09-28 04:33 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
