CVE-2026-3109

Mattermost Plugins versions =11.4 10.11.11.0 fail to validate webhook request timestamps which allows an attacker to corrupt Zoom meeting state in Mattermost via replayed webhook requests. Mattermost Advisory ID: MMSA-2026-00584...

EUVD-2026-16236

Mattermost Plugins versions =11.4 10.11.11.0 fail to validate webhook request timestamps which allows an attacker to corrupt Zoom meeting state in Mattermost via replayed webhook requests. Mattermost Advisory ID: MMSA-2026-00584...

CVE-2026-3109

Mattermost Plugins versions =11.4 10.11.11.0 fail to validate webhook request timestamps which allows an attacker to corrupt Zoom meeting state in Mattermost via replayed webhook requests. Mattermost Advisory ID: MMSA-2026-00584...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the channel preference API endpoint. An attacker can modify Zoom meeting restrictions for arbitrary channels by sending crafted API requests as an authenticated user. Remediation Upgrade...

CVE-2026-0997

Mattermost versions 11.1.x = 11.1.2, 10.11.x = 10.11.9, 11.2.x = 11.2.1 and Mattermost Plugin Zoom versions =1.11.0 fail to validate the authenticated user when processing /plugins/zoom/api/v1/channel-preference, which allows any logged-in user to change Zoom meeting restrictions for arbitrary...

EUVD-2023-38217

Malicious code in bioql PyPI...

EUVD-2022-33200

Malicious code in bioql PyPI...

EUVD-2022-33188

Malicious code in bioql PyPI...

EUVD-2022-33189

Malicious code in bioql PyPI...

EUVD-2024-22095

Malicious code in bioql PyPI...

EUVD-2024-39626

Malicious code in bioql PyPI...

CVE-2024-42441

Incorrect privilege assignment in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access...

CVE-2024-42439

Untrusted search path in the installer for Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS before 6.1.0 may allow a privileged user to conduct an escalation of privilege via local access...

CVE-2024-42439

Untrusted search path in the installer for Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS before 6.1.0 may allow a privileged user to conduct an escalation of privilege via local access...

CVE-2024-42440

Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access...

CVE-2024-42439

CVE-2024-42439 affects Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS prior to 6.1.0. The root cause is an untrusted search path in the installer, which may allow a local, privileged user to escalate privileges. Affected products: Zoom Workplace Desktop App for macOS (pre-6.1...

Zoom多款产品 安全漏洞

Zoom Rooms and others are products of Zoom Corporation, USA.Zoom Rooms is a software-based conferencing system.Zoom Meeting SDK is a development kit.Zoom Workplace is a desktop application software. A security vulnerability exists in several Zoom products. An attacker could exploit the...

Zoom Meeting SDK and Zoom Workplace Security Vulnerabilities

Zoom Meeting SDK and Zoom Workplace are both products of Zoom, Inc.Zoom Meeting SDK is a development kit. Enables your company to accelerate the development and build fully customizable video-based applications by leveraging the performance, scale and reliability of Zoom's industry-leading...

The vulnerability of the Meeting Chat component of Zoom’s video conferencing software for Windows operating systems allows a intruder to disclose protected information.

The vulnerability of the Meeting Chat component of Zoom’s video conferencing software for Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to disclose protected information remotely...

The vulnerability of the Meeting Chat component of Zoom’s video conferencing software, which allows a intruder to disclose protected information

The vulnerability of the Zoom software’s meeting chat component relates to the improper processing of logical operations. Exploiting this vulnerability allows a malicious actor to disclose protected information remotely...