|
531
|
7.5 |
HIGH
Network
zoom
|
virtual_desktop_infrastructure
zoom
|
Uncontrolled resource consumption in Zoom Team Chat for Zoom Desktop Client for Windows and Zoom VDI Client may allow an unauthenticated user to conduct a disclosure of information via network access.
|
NVD-CWE-noinfo
|
CVE-2023-39203
|
2024-09-28 04:15 |
2023-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
532
|
7.5 |
HIGH
Network
zoom
|
zoom
|
Improper input validation in Zoom Desktop Client for Linux before version 5.15.10 may allow an unauthenticated user to conduct a denial of service via network access.
|
CWE-20
Improper Input Validation
|
CVE-2023-39208
|
2024-09-28 04:15 |
2023-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
533
|
7.8 |
HIGH
Local
|
zoom
|
rooms
zoom
|
Improper privilege management in Zoom Desktop Client for Windows and Zoom Rooms for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via local access.
|
CWE-269
Improper Privilege Management
|
CVE-2023-39211
|
2024-09-28 04:15 |
2023-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
534
|
6.5 |
MEDIUM
Network
|
zoom
|
zoom
|
Improper input validation in Zoom Desktop Client for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via network access.
|
CWE-20
Improper Input Validation
|
CVE-2023-39209
|
2024-09-28 04:15 |
2023-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
535
|
6.5 |
MEDIUM
Network
|
zoom
|
zoom
virtual_desktop_infrastructure
rooms
|
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enable information disclosure via network access.
|
NVD-CWE-Other
|
CVE-2023-36535
|
2024-09-28 04:15 |
2023-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
536
|
8.1 |
HIGH
Network
|
phoenixcontact
|
tc_mguard_rs4000_4g_vzw_vpn_firmware
tc_mguard_rs4000_4g_vpn_firmware
tc_mguard_rs4000_4g_att_vpn_firmware
tc_mguard_rs4000_3g_vpn_firmware
tc_mguard_rs2000_4g_vzw_vpn_firmware
tc_mgua…
|
A low privileged remote attacker can perform configuration changes of the firewall services, including packet filter, packet forwarding, network access control or NAT through the FW_INCOMING.FROM_IP …
|
NVD-CWE-noinfo
|
CVE-2024-43392
|
2024-09-28 04:04 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
537
|
7.1 |
HIGH
Local
|
moxa
|
mxview_one
mxview_one_central_manager
|
The configuration file stores credentials in cleartext. An attacker with local access rights can read or modify the configuration file, potentially resulting in the service being abused due to sensit…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-6785
|
2024-09-28 03:59 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
538
|
8.8 |
HIGH
Network
|
phoenixcontact
|
tc_mguard_rs4000_4g_vzw_vpn_firmware
tc_mguard_rs4000_4g_vpn_firmware
tc_mguard_rs4000_4g_att_vpn_firmware
tc_mguard_rs4000_3g_vpn_firmware
tc_mguard_rs2000_4g_vzw_vpn_firmware
tc_mgua…
|
An low privileged remote attacker can execute OS commands with root privileges due to improper neutralization of special elements in user data.
|
CWE-78
OS Command
|
CVE-2024-7699
|
2024-09-28 03:59 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
539
|
7.8 |
HIGH
Local
|
logitech
|
logi_options\+
|
Improper Control of Generation of Code ('Code Injection') in Electron Fuses in Logitech Options Plus version 1.60.496306 on macOS allows attackers to execute arbitrary code via insecure Electron Fuse…
|
CWE-94
Code Injection
|
CVE-2024-8258
|
2024-09-28 03:56 |
2024-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
540
|
9.8 |
CRITICAL
Network
millbeck
|
proroute_h685t-w_firmware
|
There is a command injection vulnerability that may allow an attacker to inject malicious input on the device's operating system.
|
CWE-78
OS Command
|
CVE-2024-45682
|
2024-09-28 03:54 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
