Lucene search
K

3230 matches found

NVD
NVD
added 2026/04/01 2:16 a.m.3 views

CVE-2026-3777

The application does not properly validate the lifetime and validity of internal view cache pointers after JavaScript changes the document zoom and page state. When a script modifies the zoom property and then triggers a page change, the original view object may be destroyed while stale pointers...

7.8CVSS0.00119EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/01 1:40 a.m.3 views

CVE-2026-3777 Use after free of view cache in Foxit PDF Editor/Reader

The application does not properly validate the lifetime and validity of internal view cache pointers after JavaScript changes the document zoom and page state. When a script modifies the zoom property and then triggers a page change, the original view object may be destroyed while stale pointers...

5.5CVSS6AI score0.00119EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/01 1:40 a.m.20 views

CVE-2026-3777 Use after free of view cache in Foxit PDF Editor/Reader

The application does not properly validate the lifetime and validity of internal view cache pointers after JavaScript changes the document zoom and page state. When a script modifies the zoom property and then triggers a page change, the original view object may be destroyed while stale pointers...

5.5CVSS0.00119EPSS
Exploits0References1
CVE
CVE
added 2026/04/01 1:40 a.m.17 views

CVE-2026-3777

Summary: CVE-2026-3777 affects Foxit PDF Editor/Reader (multiple platforms). The vulnerability is a use-after-free caused by improper validation of lifetime/validity of internal view cache pointers after JavaScript alters document zoom and page state. When a script modifies zoom and triggers a pa...

7.8CVSS6AI score0.00119EPSS
Exploits0References1Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/04/01 1:40 a.m.2 views

CVE-2026-3777

The application does not properly validate the lifetime and validity of internal view cache pointers after JavaScript changes the document zoom and page state. When a script modifies the zoom property and then triggers a page change, the original view object may be destroyed while stale pointers...

5.5CVSS6AI score0.00119EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.5 views

PT-2026-29437

The application does not properly validate the lifetime and validity of internal view cache pointers after JavaScript changes the document zoom and page state. When a script modifies the zoom property and then triggers a page change, the original view object may be destroyed while stale pointers...

5.5CVSS6AI score0.00119EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/27 5:9 p.m.4 views

CVE-2026-3109

Mattermost Plugins versions =11.4 10.11.11.0 fail to validate webhook request timestamps which allows an attacker to corrupt Zoom meeting state in Mattermost via replayed webhook requests. Mattermost Advisory ID: MMSA-2026-00584...

2.2CVSS5.9AI score0.00291EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/26 6:35 p.m.9 views

Improper Check for Unusual or Exceptional Conditions

Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions due to missing timestamp validation in the Zoom webhook handler. An attacker can corrupt meeting state by replaying webhook requests. Remediation Upgrade...

2.2CVSS5.9AI score0.00291EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/26 6:31 p.m.5 views

EUVD-2026-16236

Mattermost Plugins versions =11.4 10.11.11.0 fail to validate webhook request timestamps which allows an attacker to corrupt Zoom meeting state in Mattermost via replayed webhook requests. Mattermost Advisory ID: MMSA-2026-00584...

2.2CVSS5.8AI score0.00291EPSS
Exploits0References2
NVD
NVD
added 2026/03/26 5:16 p.m.3 views

CVE-2026-3109

Mattermost Plugins versions =11.4 10.11.11.0 fail to validate webhook request timestamps which allows an attacker to corrupt Zoom meeting state in Mattermost via replayed webhook requests. Mattermost Advisory ID: MMSA-2026-00584...

2.2CVSS0.00291EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/26 4:28 p.m.25 views

CVE-2026-3109 Missing timestamp validation in Zoom webhook handler

Mattermost Plugins versions =11.4 10.11.11.0 fail to validate webhook request timestamps which allows an attacker to corrupt Zoom meeting state in Mattermost via replayed webhook requests. Mattermost Advisory ID: MMSA-2026-00584...

2.2CVSS0.00291EPSS
Exploits0References1
CVE
CVE
added 2026/03/26 4:28 p.m.15 views

CVE-2026-3109

Mattermost Plugins in versions

2.2CVSS5.8AI score0.00291EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/26 4:28 p.m.2 views

CVE-2026-3109 Missing timestamp validation in Zoom webhook handler

Mattermost Plugins versions =11.4 10.11.11.0 fail to validate webhook request timestamps which allows an attacker to corrupt Zoom meeting state in Mattermost via replayed webhook requests. Mattermost Advisory ID: MMSA-2026-00584...

2.2CVSS5.8AI score0.00291EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/26 4:28 p.m.4 views

CVE-2026-3109

Mattermost Plugins versions =11.4 10.11.11.0 fail to validate webhook request timestamps which allows an attacker to corrupt Zoom meeting state in Mattermost via replayed webhook requests. Mattermost Advisory ID: MMSA-2026-00584...

2.2CVSS5.8AI score0.00291EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/26 4:19 p.m.28 views

CVE-2026-3116 Improper Input Validation in Zoom Plugin Webhook Handler

Mattermost Plugins versions =11.4 11.0.4 11.1.3 11.3.2 10.11.11.0 fail to validate incoming request size which allows an authenticated attacker to cause service disruption via the webhook endpoint. Mattermost Advisory ID: MMSA-2026-00589...

4.9CVSS0.00344EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/26 4:19 p.m.3 views

CVE-2026-3116 Improper Input Validation in Zoom Plugin Webhook Handler

Mattermost Plugins versions =11.4 11.0.4 11.1.3 11.3.2 10.11.11.0 fail to validate incoming request size which allows an authenticated attacker to cause service disruption via the webhook endpoint. Mattermost Advisory ID: MMSA-2026-00589...

4.9CVSS5.8AI score0.00344EPSS
Exploits0References1
CVE
CVE
added 2026/03/26 4:19 p.m.11 views

CVE-2026-3116

CVE-2026-3116 affects Mattermost Plugins with versions

4.9CVSS5.8AI score0.00344EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 3:3 p.m.8 views

CVE-2026-30903

External Control of File Name or Path in the Mail feature of Zoom Workplace for Windows before 6.6.0 may allow an unauthenticated user to conduct an escalation of privilege via network access...

9.6CVSS5.8AI score0.00328EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:3 p.m.8 views

CVE-2026-30901

Improper Input Validation in Zoom Rooms for Windows before 6.6.5 in Kiosk Mode may allow an authenticated user to conduct an escalation of privilege via local access...

7CVSS5.8AI score0.00114EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:3 p.m.7 views

CVE-2026-30900

Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References1
Rows per page
Query Builder