89 matches found
CVE-2024-6033
The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to unauthorized data importation due to a missing capability check on the 'importfile' function in all versions up to, and including, 4.0.4. This makes it possible for authenticated attackers,...
WordPress Plugin Event Tickets and Registration Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
Malicious code in skypecast-attendee (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 14941d16f59035ce08203be2c6e8468a4044bfe3bd9a9b128d568c1bdf5070de Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2022-28749
Zooms On-Premise Meeting Connector MMR before version 4.8.113.20220526 fails to properly check the permissions of a Zoom meeting attendee. As a result, a threat actor in the Zooms waiting room can join the meeting without the consent of the host...
Zooms On-Premise Meeting Connector MMR 安全漏洞
Zooms On-Premise Meeting Connector MMR is a video conferencing connection controller from Zoom USA. A security vulnerability exists in versions of Zooms On-Premise Meeting Connector MMR prior to 4.8.113.20220526, which stems from an inability to properly check the permissions of Zoom meeting...
CVE-2020-3542
A vulnerability in Cisco Webex Training could allow an authenticated, remote attacker to join a password-protected meeting without providing the meeting password. The vulnerability is due to improper validation of input to API requests that are a part of meeting join flow. An attacker could explo...
Input validation
A vulnerability in Cisco Webex Training could allow an authenticated, remote attacker to join a password-protected meeting without providing the meeting password. The vulnerability is due to improper validation of input to API requests that are a part of meeting join flow. An attacker could explo...
CVE-2020-3542 Cisco Webex Training Unauthorized Meeting Join Vulnerability
A vulnerability in Cisco Webex Training could allow an authenticated, remote attacker to join a password-protected meeting without providing the meeting password. The vulnerability is due to improper validation of input to API requests that are a part of meeting join flow. An attacker could explo...
Cisco Webex Training Unauthorized Meeting Join Vulnerability
A vulnerability in Cisco Webex Training could allow an authenticated, remote attacker to join a password-protected meeting without providing the meeting password. The vulnerability is due to improper validation of input to API requests that are a part of meeting join flow. An attacker could explo...
Description of the cumulative update for Lync 2010 Attendee - Administrator level installation: June 2012
Describes the cumulative update for Lync 2010 Attendee, Administrator level installation that is dated June 2012.SummaryThis article describes the issue that is fixed in the cumulative update for Microsoft Lync 2010 Attendee - Administrator level installation that is dated June 2012.This article...
MS13-054: Description of the security update for Lync 2010 Attendee (user level install): July 9, 2013
Resolves a vulnerability that could allow remote code execution on a client system if a user views shared content that embeds TrueType font files.View products that this article applies to.IntroductionThis update resolves a vulnerability that could allow remote code execution on a client system i...
Zoom Caught in Cybersecurity Debate — Here's Everything You Need To Know
Over the past few weeks, the use of Zoom video conferencing software has exploded ever since it emerged the platform of choice to host everything from cabinet meetings to yoga classes amidst the ongoing coronavirus outbreak and work from home became the new normal. The app has skyrocketed to 200...
CVE-2020-3142
CVE-2020-3142 affects Cisco Webex Meetings Suite sites and Webex Meetings Online sites via an unauthenticated join flow in mobile Webex apps. An attacker could join a password-protected meeting by using a known meeting ID/URL from a mobile browser, without providing the meeting password; the atte...
CVE-2019-13410
TOPMeeting before version 8.8 2019/08/19 shows attendees account and password in front end page that allows an attacker to obtain sensitive information by browsing the source code of the page...
CVE-2017-18563
The rsvp plugin before 2.3.8 for WordPress has persistent XSS via the note field on the attendee-list screen...
CVE-2017-18563
The rsvp plugin before 2.3.8 for WordPress has persistent XSS via the note field on the attendee-list screen...
Cross site scripting
The rsvp plugin before 2.3.8 for WordPress has persistent XSS via the note field on the attendee-list screen...
Design/Logic Flaw
Zoom clients on Windows before version 4.1.34814.1119, Mac OS before version 4.1.34801.1116, and Linux 2.4.129780.0915 and below are vulnerable to unauthorized message processing. A remote unauthenticated attacker can spoof UDP messages from a meeting attendee or Zoom server in order to invoke...
CVE-2018-15715
Zoom clients on Windows before version 4.1.34814.1119, Mac OS before version 4.1.34801.1116, and Linux 2.4.129780.0915 and below are vulnerable to unauthorized message processing. A remote unauthenticated attacker can spoof UDP messages from a meeting attendee or Zoom server in order to invoke...
Remote code execution
Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Add-in and Console allows an attacker to...