Lucene search
+L

89 matches found

nvd
nvd
added 2024/07/17 7:15 a.m.29 views

CVE-2024-6033

The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to unauthorized data importation due to a missing capability check on the 'importfile' function in all versions up to, and including, 4.0.4. This makes it possible for authenticated attackers,...

4.3CVSS0.00362EPSS
Exploits0References3
cnnvd
cnnvd
added 2024/02/22 12:0 a.m.4 views

WordPress Plugin Event Tickets and Registration Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

4.3CVSS6.5AI score0.00396EPSS
Exploits0References3
ossf
ossf
added 2022/06/20 6:20 p.m.2 views

Malicious code in skypecast-attendee (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 14941d16f59035ce08203be2c6e8468a4044bfe3bd9a9b128d568c1bdf5070de Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
osv
osv
added 2022/06/15 9:15 p.m.4 views

CVE-2022-28749

Zooms On-Premise Meeting Connector MMR before version 4.8.113.20220526 fails to properly check the permissions of a Zoom meeting attendee. As a result, a threat actor in the Zooms waiting room can join the meeting without the consent of the host...

4.3CVSS5.8AI score0.00548EPSS
Exploits0References1
cnnvd
cnnvd
added 2022/06/15 12:0 a.m.6 views

Zooms On-Premise Meeting Connector MMR 安全漏洞

Zooms On-Premise Meeting Connector MMR is a video conferencing connection controller from Zoom USA. A security vulnerability exists in versions of Zooms On-Premise Meeting Connector MMR prior to 4.8.113.20220526, which stems from an inability to properly check the permissions of Zoom meeting...

6.5CVSS5.3AI score0.00548EPSS
Exploits0References2
osv
osv
added 2020/09/04 3:15 a.m.2 views

CVE-2020-3542

A vulnerability in Cisco Webex Training could allow an authenticated, remote attacker to join a password-protected meeting without providing the meeting password. The vulnerability is due to improper validation of input to API requests that are a part of meeting join flow. An attacker could explo...

5.3CVSS6.1AI score0.01079EPSS
Exploits0References1
prion
prion
added 2020/09/04 3:15 a.m.11 views

Input validation

A vulnerability in Cisco Webex Training could allow an authenticated, remote attacker to join a password-protected meeting without providing the meeting password. The vulnerability is due to improper validation of input to API requests that are a part of meeting join flow. An attacker could explo...

4CVSS5.2AI score0.01079EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2020/09/04 2:25 a.m.12 views

CVE-2020-3542 Cisco Webex Training Unauthorized Meeting Join Vulnerability

A vulnerability in Cisco Webex Training could allow an authenticated, remote attacker to join a password-protected meeting without providing the meeting password. The vulnerability is due to improper validation of input to API requests that are a part of meeting join flow. An attacker could explo...

5.3CVSS5.2AI score0.01079EPSS
Exploits0References1
cisco
cisco
added 2020/09/02 4:0 p.m.27 views

Cisco Webex Training Unauthorized Meeting Join Vulnerability

A vulnerability in Cisco Webex Training could allow an authenticated, remote attacker to join a password-protected meeting without providing the meeting password. The vulnerability is due to improper validation of input to API requests that are a part of meeting join flow. An attacker could explo...

5.3CVSS5.2AI score0.01079EPSS
Exploits0References1
mskb
mskb
added 2020/05/20 2:37 a.m.30 views

Description of the cumulative update for Lync 2010 Attendee - Administrator level installation: June 2012

Describes the cumulative update for Lync 2010 Attendee, Administrator level installation that is dated June 2012.SummaryThis article describes the issue that is fixed in the cumulative update for Microsoft Lync 2010 Attendee - Administrator level installation that is dated June 2012.This article...

0.7AI score
Exploits0
mskb
mskb
added 2020/04/13 4:7 a.m.22 views

MS13-054: Description of the security update for Lync 2010 Attendee (user level install): July 9, 2013

Resolves a vulnerability that could allow remote code execution on a client system if a user views shared content that embeds TrueType font files.View products that this article applies to.IntroductionThis update resolves a vulnerability that could allow remote code execution on a client system i...

7.5AI score
Exploits0
thn
thn
added 2020/04/06 12:22 p.m.156 views

Zoom Caught in Cybersecurity Debate — Here's Everything You Need To Know

Over the past few weeks, the use of Zoom video conferencing software has exploded ever since it emerged the platform of choice to host everything from cabinet meetings to yoga classes amidst the ongoing coronavirus outbreak and work from home became the new normal. The app has skyrocketed to 200...

7.9AI score
Exploits0
cve
cve
added 2020/01/26 4:55 a.m.172 views

CVE-2020-3142

CVE-2020-3142 affects Cisco Webex Meetings Suite sites and Webex Meetings Online sites via an unauthenticated join flow in mobile Webex apps. An attacker could join a password-protected meeting by using a known meeting ID/URL from a mobile browser, without providing the meeting password; the atte...

7.5CVSS7.2AI score0.0149EPSS
Exploits0References1Affected Software1
osv
osv
added 2019/10/17 8:15 p.m.4 views

CVE-2019-13410

TOPMeeting before version 8.8 2019/08/19 shows attendees account and password in front end page that allows an attacker to obtain sensitive information by browsing the source code of the page...

7.5CVSS7.2AI score0.01535EPSS
Exploits0References2
nvd
nvd
added 2019/08/21 6:15 p.m.16 views

CVE-2017-18563

The rsvp plugin before 2.3.8 for WordPress has persistent XSS via the note field on the attendee-list screen...

6.1CVSS6.1AI score0.00905EPSS
Exploits0References1
osv
osv
added 2019/08/21 6:15 p.m.2 views

CVE-2017-18563

The rsvp plugin before 2.3.8 for WordPress has persistent XSS via the note field on the attendee-list screen...

6.1CVSS5.8AI score0.00905EPSS
Exploits0References1
prion
prion
added 2019/08/21 6:15 p.m.16 views

Cross site scripting

The rsvp plugin before 2.3.8 for WordPress has persistent XSS via the note field on the attendee-list screen...

4.3CVSS6AI score0.00905EPSS
Exploits0References1Affected Software1
prion
prion
added 2018/11/30 8:29 p.m.17 views

Design/Logic Flaw

Zoom clients on Windows before version 4.1.34814.1119, Mac OS before version 4.1.34801.1116, and Linux 2.4.129780.0915 and below are vulnerable to unauthorized message processing. A remote unauthenticated attacker can spoof UDP messages from a meeting attendee or Zoom server in order to invoke...

7.5CVSS9.1AI score0.03487EPSS
Exploits1References1Affected Software1
osv
osv
added 2018/11/30 8:29 p.m.2 views

CVE-2018-15715

Zoom clients on Windows before version 4.1.34814.1119, Mac OS before version 4.1.34801.1116, and Linux 2.4.129780.0915 and below are vulnerable to unauthorized message processing. A remote unauthenticated attacker can spoof UDP messages from a meeting attendee or Zoom server in order to invoke...

9.8CVSS5.9AI score0.03487EPSS
Exploits1References1
prion
prion
added 2017/09/13 1:29 a.m.26 views

Remote code execution

Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Add-in and Console allows an attacker to...

7.6CVSS7.6AI score0.14264EPSS
Exploits0References3Affected Software6
Rows per page
Query Builder