Lucene search
K

144 matches found

NVD
NVD
added 2024/03/05 11:15 p.m.30 views

CVE-2024-24275

Cross Site Scripting vulnerability in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to obtain sensitive information via a crafted payload to the global search function...

9.6CVSS5.7AI score0.00869EPSS
Exploits1References1
NVD
NVD
added 2024/03/05 11:15 p.m.13 views

CVE-2024-24276

Cross Site Scripting XSS vulnerability in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to obtain sensitive information via a crafted payload to the chat name, message preview, username and group name components...

9.6CVSS5.3AI score0.00869EPSS
Exploits1References1
NVD
NVD
added 2024/03/05 11:15 p.m.21 views

CVE-2024-24278

An issue in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to obtain sensitive information via a crafted payload to the message function...

7.5CVSS6AI score0.00708EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/03/05 12:0 a.m.5 views

PT-2024-20333 · Teamwire · Teamwire Windows Desktop Client

Name of the Vulnerable Software and Affected Versions: Teamwire Windows desktop client versions 2.0.1 through 2.4.0 Description: The issue allows a remote attacker to obtain sensitive information via a crafted payload to the global search function. This is a Cross Site Scripting vulnerability...

9.6CVSS6.4AI score0.00869EPSS
Exploits1References5
CVE
CVE
added 2024/03/05 12:0 a.m.67 views

CVE-2024-24275

The CVE-2024-24275 issue affects Teamwire Windows desktop client versions 2.0.1–2.4.0. A Cross Site Scripting (XSS) vulnerability exists in the global search function that allows a remote attacker to obtain sensitive information via a crafted payload. The vulnerability is described across multipl...

9.6CVSS5.9AI score0.00869EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/03/05 12:0 a.m.15 views

CVE-2024-24278

An issue in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to obtain sensitive information via a crafted payload to the message function...

6.4AI score0.00708EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/03/05 12:0 a.m.33 views

CVE-2024-24275

Cross Site Scripting vulnerability in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to obtain sensitive information via a crafted payload to the global search function...

5.9AI score0.00869EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/03/05 12:0 a.m.14 views

CVE-2024-24275

Cross Site Scripting vulnerability in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to obtain sensitive information via a crafted payload to the global search function...

6AI score0.00869EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/03/05 12:0 a.m.17 views

CVE-2024-24276

Cross Site Scripting XSS vulnerability in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to obtain sensitive information via a crafted payload to the chat name, message preview, username and group name components...

5.7AI score0.00869EPSS
Exploits1References1
NCSC
NCSC
added 2024/02/14 12:0 a.m.40 views

Vulnerabilities fixed in Zoom products

Zoom has fixed vulnerabilities in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows. A malicious party could exploit the vulnerabilities to gain access to sensitive data, grant themselves elevated permissions, or to cause a denial-of-service. To cause ...

9.8CVSS7AI score0.01689EPSS
Exploits0
OSV
OSV
added 2024/01/11 2:15 p.m.4 views

CVE-2023-50159

In ScaleFusion Windows Desktop App agent 10.5.2, Kiosk mode application restrictions can be bypassed allowing arbitrary code to be executed. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...

8.8CVSS7.4AI score0.00286EPSS
Exploits1References3
Prion
Prion
added 2024/01/11 2:15 p.m.19 views

Code injection

In ScaleFusion Windows Desktop App agent 10.5.2, Kiosk mode application restrictions can be bypassed allowing arbitrary code to be executed. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...

4.3CVSS7.5AI score0.00286EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2024/01/11 12:0 a.m.25 views

CVE-2023-50159

In ScaleFusion Windows Desktop App agent 10.5.2, Kiosk mode application restrictions can be bypassed allowing arbitrary code to be executed. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...

8.9AI score0.00286EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/01/11 12:0 a.m.16 views

CVE-2023-50159

In ScaleFusion Windows Desktop App agent 10.5.2, Kiosk mode application restrictions can be bypassed allowing arbitrary code to be executed. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...

7.3AI score0.00286EPSS
Exploits1References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/12/26 12:27 a.m.4 views

Brother iPrint&Scan Desktop for Windows vulnerable to improper link resolution before file access

Overview iPrint Desktop for Windows provided by Brother Industries, Ltd. outputs logs to a certain log file. The affected version of the product does not check whether the log file is a normal file or a symbolic link to a certain file CWE-59. Chris Au reported this vulnerability to Brother...

6.5CVSS6.5AI score0.00186EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/12/22 12:0 a.m.4 views

Brother iPrint&Scan Security Breach

Brother iPrint&Scan is a free application from Brother that allows you to print and scan from your Android device. A security vulnerability exists in Brother iPrint&Scan Desktop for Windows version 11.0.0 and earlier versions that stems from...

5.5CVSS6.7AI score0.00186EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/08/08 12:0 a.m.4 views

Zoom Client Injection Vulnerability

Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. A security vulnerability previously existed in Zoom Desktop Client for Windows and Zoom VDI Client version 5.15.2, which stemmed from a special element neutralization improper issue...

9.8CVSS6.8AI score0.01289EPSS
Exploits0References2
Snyk
Snyk
added 2023/07/11 12:0 a.m.3 views

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. A vulnerability exists in .NET applications where the diagnostic server can be exploited to achieve cross-session/cross-user elevation of privilege EoP and code execution. Remediation Upgrade...

8.1CVSS7.9AI score0.01976EPSS
Exploits0References2
Snyk
Snyk
added 2023/07/11 12:0 a.m.2 views

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. A vulnerability exists in .NET applications where the diagnostic server can be exploited to achieve cross-session/cross-user elevation of privilege EoP and code execution. Remediation Upgrade...

8.1CVSS7.9AI score0.01976EPSS
Exploits0References2
Snyk
Snyk
added 2023/07/11 12:0 a.m.7 views

Remote Code Execution (RCE)

Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. A vulnerability exists in .NET applications where the diagnostic server can be exploited to achieve cross-session/cross-user elevation of privilege EoP and code execution. Remediation Upgrade...

8.1CVSS7.9AI score0.01976EPSS
Exploits0References2
Rows per page
Query Builder