3230 matches found
Zoom Rooms < 7.0.0 Untrusted Search Path (ZSB-26008)
The version of Zoom Rooms installed on the remote host is prior to 7.0.0. It is, therefore, affected by a vulnerability as referenced in the ZSB-26008 advisory. - Untrusted search path in the installer for Zoom Rooms for Windows before version 7.0.0 may allow an authenticated user to enable an...
Cross-site Scripting (XSS)
Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Cross-site Scripting XSS through the @html svg rendering path in the SVGPanZoom.svelte common component. An attacker can execute an arbitrary script in the browser by supplying a crafted SVG payload that is...
EUVD-2026-30112
Untrusted search path in the installer for Zoom Rooms for Windows before version 7.0.0 may allow an authenticated user to enable an escalation of privilege via local access...
EUVD-2026-30110
Protection Mechanism Failure in Zoom Workplace for iOS before version 7.0.0 may allow an authenticated user to conduct a disclosure of information via physical access...
EUVD-2026-30111
External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an authenticated user to conduct an escalation of privilege via local access...
CVE-2026-30906
Untrusted search path in the installer for Zoom Rooms for Windows before version 7.0.0 may allow an authenticated user to enable an escalation of privilege via local access...
CVE-2026-30904
Protection Mechanism Failure in Zoom Workplace for iOS before version 7.0.0 may allow an authenticated user to conduct a disclosure of information via physical access...
CVE-2026-30905
External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an authenticated user to conduct an escalation of privilege via local access...
CVE-2026-30906
Untrusted search path in the installer for Zoom Rooms for Windows before version 7.0.0 may allow an authenticated user to enable an escalation of privilege via local access...
CVE-2026-30906
Untrusted search path in the installer for Zoom Rooms for Windows before version 7.0.0 may allow an authenticated user to enable an escalation of privilege via local access...
CVE-2026-30906
Untrusted search path in the installer for Zoom Rooms for Windows before version 7.0.0 may allow an authenticated user to enable an escalation of privilege via local access...
CVE-2026-30906
CVE-2026-30906 : Untrusted search path in the installer of Zoom Rooms for Windows, affected up to version 7.0.0, may allow an authenticated user to escalate privileges via local access. The CVSSv3.1 vector is AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H with a base score of 7.8 (HIGH). The issue is tied t...
CVE-2026-30905
External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an authenticated user to conduct an escalation of privilege via local access...
CVE-2026-30905
External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an authenticated user to conduct an escalation of privilege via local access...
CVE-2026-30905
CVE-2026-30905 concerns the Zoom Workplace VDI Plugin Windows Universal Installer. The issue arises from external control of a file name or path in the installer, potentially allowing an authenticated user to escalate privileges through local access on installations prior to version 6.6.11. Affec...
CVE-2026-30905
External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an authenticated user to conduct an escalation of privilege via local access...
CVE-2026-30904
Protection Mechanism Failure in Zoom Workplace for iOS before version 7.0.0 may allow an authenticated user to conduct a disclosure of information via physical access...
CVE-2026-30904
CVE-2026-30904 concerns Zoom Workplace for iOS prior to version 7.0.0, where a protection mechanism failure could allow an authenticated user with physical access to disclose information. The issue is described consistently across sources as a local, physical-access threat affecting the client, w...
CVE-2026-30904
Protection Mechanism Failure in Zoom Workplace for iOS before version 7.0.0 may allow an authenticated user to conduct a disclosure of information via physical access...
CVE-2026-30904
Protection Mechanism Failure in Zoom Workplace for iOS before version 7.0.0 may allow an authenticated user to conduct a disclosure of information via physical access...