144 matches found
CVE-2024-24275
Cross Site Scripting vulnerability in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to obtain sensitive information via a crafted payload to the global search function...
CVE-2024-24276
Cross Site Scripting XSS vulnerability in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to obtain sensitive information via a crafted payload to the chat name, message preview, username and group name components...
CVE-2024-24278
An issue in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to obtain sensitive information via a crafted payload to the message function...
PT-2024-20333 · Teamwire · Teamwire Windows Desktop Client
Name of the Vulnerable Software and Affected Versions: Teamwire Windows desktop client versions 2.0.1 through 2.4.0 Description: The issue allows a remote attacker to obtain sensitive information via a crafted payload to the global search function. This is a Cross Site Scripting vulnerability...
CVE-2024-24275
The CVE-2024-24275 issue affects Teamwire Windows desktop client versions 2.0.1–2.4.0. A Cross Site Scripting (XSS) vulnerability exists in the global search function that allows a remote attacker to obtain sensitive information via a crafted payload. The vulnerability is described across multipl...
CVE-2024-24278
An issue in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to obtain sensitive information via a crafted payload to the message function...
CVE-2024-24275
Cross Site Scripting vulnerability in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to obtain sensitive information via a crafted payload to the global search function...
CVE-2024-24275
Cross Site Scripting vulnerability in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to obtain sensitive information via a crafted payload to the global search function...
CVE-2024-24276
Cross Site Scripting XSS vulnerability in Teamwire Windows desktop client v.2.0.1 through v.2.4.0 allows a remote attacker to obtain sensitive information via a crafted payload to the chat name, message preview, username and group name components...
Vulnerabilities fixed in Zoom products
Zoom has fixed vulnerabilities in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows. A malicious party could exploit the vulnerabilities to gain access to sensitive data, grant themselves elevated permissions, or to cause a denial-of-service. To cause ...
CVE-2023-50159
In ScaleFusion Windows Desktop App agent 10.5.2, Kiosk mode application restrictions can be bypassed allowing arbitrary code to be executed. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...
Code injection
In ScaleFusion Windows Desktop App agent 10.5.2, Kiosk mode application restrictions can be bypassed allowing arbitrary code to be executed. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...
CVE-2023-50159
In ScaleFusion Windows Desktop App agent 10.5.2, Kiosk mode application restrictions can be bypassed allowing arbitrary code to be executed. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...
CVE-2023-50159
In ScaleFusion Windows Desktop App agent 10.5.2, Kiosk mode application restrictions can be bypassed allowing arbitrary code to be executed. This is fixed in 10.5.7 by preventing the launching of the file explorer in Agent-based Multi-App and Single App Kiosk mode...
Brother iPrint&Scan Desktop for Windows vulnerable to improper link resolution before file access
Overview iPrint Desktop for Windows provided by Brother Industries, Ltd. outputs logs to a certain log file. The affected version of the product does not check whether the log file is a normal file or a symbolic link to a certain file CWE-59. Chris Au reported this vulnerability to Brother...
Brother iPrint&Scan Security Breach
Brother iPrint&Scan is a free application from Brother that allows you to print and scan from your Android device. A security vulnerability exists in Brother iPrint&Scan Desktop for Windows version 11.0.0 and earlier versions that stems from...
Zoom Client Injection Vulnerability
Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. A security vulnerability previously existed in Zoom Desktop Client for Windows and Zoom VDI Client version 5.15.2, which stemmed from a special element neutralization improper issue...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. A vulnerability exists in .NET applications where the diagnostic server can be exploited to achieve cross-session/cross-user elevation of privilege EoP and code execution. Remediation Upgrade...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. A vulnerability exists in .NET applications where the diagnostic server can be exploited to achieve cross-session/cross-user elevation of privilege EoP and code execution. Remediation Upgrade...
Remote Code Execution (RCE)
Overview Affected versions of this package are vulnerable to Remote Code Execution RCE. A vulnerability exists in .NET applications where the diagnostic server can be exploited to achieve cross-session/cross-user elevation of privilege EoP and code execution. Remediation Upgrade...