25 matches found
PT-2026-33789
Vexa is an open-source, self-hostable meeting bot API and meeting transcription API. Prior to 0.10.0-260419-1910, the Vexa transcription-collector service exposes an internal endpoint GET /internal/transcripts/meeting id that returns transcript data for any meeting without any authentication or...
CVE-2026-1368
The CVE-2026-1368 issue affects the Video Conferencing with Zoom WordPress plugin prior to 4.6.6. A broken authentication flaw in a broken AJAX handler with nonce verification disabled allows unauthenticated attackers to generate valid Zoom SDK signatures for any meeting ID and to retrieve the si...
CVE-2026-1368
The Video Conferencing with Zoom WordPress plugin before 4.6.6 contains an AJAX handler that has its nonce verification commented out, allowing unauthenticated attackers to generate valid Zoom SDK signatures for any meeting ID and retrieve the site's Zoom SDK key...
PT-2026-20277
Name of the Vulnerable Software and Affected Versions Video Conferencing with Zoom WordPress plugin versions prior to 4.6.6 Description The Video Conferencing with Zoom WordPress plugin has an AJAX handler where the security check for generated signatures is disabled. This allows attackers who ar...
EUVD-2015-7248
Malware in sbrugna...
EUVD-2023-57851
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-5543
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide...
CVE-2020-8216
An information disclosure vulnerability in meeting of Pulse Connect Secure 9.1R8 allowed an authenticated end-users to find meeting details, if they know the Meeting ID...
BIT-MOODLE-2023-5543 Moodle: duplicating a bigbluebutton activity assigns the same meeting id
When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide unintended access to the original meeting...
CVE-2023-5543
When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide unintended access to the original meeting...
UBUNTU-CVE-2023-5543
When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide unintended access to the original meeting...
CVE-2023-5543 Moodle: duplicating a bigbluebutton activity assigns the same meeting id
When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide unintended access to the original meeting...
Don’t Let Zombie Zoom Links Drag You Down
Many organizations -- including quite a few Fortune 500 firms -- have exposed web links that allow anyone to initiate a Zoom video conference meeting as a valid employee. These company-specific Zoom links, which include a permanent user ID number and an embedded passcode, can work indefinitely an...
CVE-2023-3947
The Video Conferencing with Zoom plugin for WordPress is vulnerable to Sensitive Information Exposure due to hardcoded encryption key on the 'vczapiencryptdecrypt' function in versions up to, and including, 4.2.1. This makes it possible for unauthenticated attackers to decrypt and view the meetin...
Hardcoded credentials
The Video Conferencing with Zoom plugin for WordPress is vulnerable to Sensitive Information Exposure due to hardcoded encryption key on the 'vczapiencryptdecrypt' function in versions up to, and including, 4.2.1. This makes it possible for unauthenticated attackers to decrypt and view the meetin...
CVE-2023-3947 Video Conferencing with Zoom <= 4.2.1 - Sensitive Information Exposure
The Video Conferencing with Zoom plugin for WordPress is vulnerable to Sensitive Information Exposure due to hardcoded encryption key on the 'vczapiencryptdecrypt' function in versions up to, and including, 4.2.1. This makes it possible for unauthenticated attackers to decrypt and view the meetin...
PT-2023-26960 · WordPress · Video Conferencing With Zoom
Name of the Vulnerable Software and Affected Versions: Video Conferencing with Zoom plugin for WordPress versions up to, and including, 4.2.1 Description: The issue is related to Sensitive Information Exposure due to a hardcoded encryption key in the vczapi encrypt decrypt function. This allows...
PT-2022-19485 · Unknown · Bigbluebutton
Name of the Vulnerable Software and Affected Versions: BigBlueButton versions 2.2 through 2.3.17 BigBlueButton versions 2.4-rc-1 through 2.4-rc-5 Description: BigBlueButton is an open source web conferencing system. An attacker who is able to obtain the meeting identifier for a meeting on a serve...
CVE-2020-8216
An information disclosure vulnerability in meeting of Pulse Connect Secure 9.1R8 allowed an authenticated end-users to find meeting details, if they know the Meeting ID...
Pulse Secure Pulse Connect Secure and Pulse Policy Secure Information Disclosure Vulnerabilities
Pulse Secure Pulse Connect Secure a.k.a. PCS, formerly known as Juniper Junos Pulse and Pulse Policy Secure are both products of Pulse Secure, Inc.Pulse Connect Secure is an SSL VPN solution. Pulse Connect Secure is an SSL VPN solution. Pulse Policy Secure is a network access control solution. A...