19 matches found
CVE-2022-22786
CVE-2022-22786 affects the Zoom Client for Meetings on Windows (and Zoom Rooms on Windows) prior to 5.10.0. The issue is that the updater does not properly check the installed version during updates, enabling a potential downgrade attack to push users to an older, less secure Zoom build. The vuln...
Design/Logic Flaw
A vulnerability was discovered in the Zoom Client for Meetings for Android, iOS, Linux, macOS, and Windows before version 5.8.4, Zoom Client for Meetings for Blackberry for Android and iOS before version 5.8.1, Zoom Client for Meetings for intune for Android and iOS before version 5.8.4, Zoom...
CAYIN Technology xPost SQL Injection Vulnerability
CAYIN Technology xPost is a digital signage system for conference room management from CAYIN Technology in Taiwan, China. A SQL injection vulnerability exists in CAYIN Technology xPost 2.5 and prior versions. The vulnerability stems from a database-based application that lacks validation of...
File Upload Vulnerability in Rmeeting Room Management System
Rmeeting Conference Room Management System is a system that provides meeting booking services for corporate meeting rooms, large conference centers, and hotel conference centers. A file upload vulnerability exists in the Rmeeting Conference Room Management System, which can be exploited by an...
Zoom conference room connector service insufficient session invalidation
Summary Zoom Conference Room Connector services perform insufficient session invalidation upon certain user administration tasks which enable a demoted or deleted user to still access the room administration interface. If a user has administrative access to the connected device and if this access...
IBM Sametime Information Disclosure Vulnerability (CNVD-2017-30590)
IBM Sametime is a suite of next-generation social communication tools from IBM in the United States. The tool helps users realize real-time business collaboration by integrating audio voice, data and video. A security vulnerability exists in IBM Sametime versions 8.5.1 and 9.0. An attacker can...
Webservice-DIC yoyaku_v41 Unauthorized Operation Vulnerability
Webservice-DIC yoyakuv41 is a conference room reservation management software from Webservice-DIC. Webservice-DIC yoyakuv41 fails to properly filter user-submitted input, which allows remote attackers to bypass authentication by submitting a special request to complete a conference room reservati...
CVE-2015-2978
Webservice-DIC yoyakuv41 allows remote attackers to bypass authentication and complete a conference-room reservation via unspecified vectors, as demonstrated by an "unintentional reservation."...
Authentication flaw
Webservice-DIC yoyakuv41 allows remote attackers to bypass authentication and complete a conference-room reservation via unspecified vectors, as demonstrated by an "unintentional reservation."...
CVE-2015-2978
Webservice-DIC yoyakuv41 allows remote attackers to bypass authentication and complete a conference-room reservation via unspecified vectors, as demonstrated by an "unintentional reservation."...
JVN#17522792: yoyaku_v41 vulnerable to OS command injection
yoyakuv41 provided by Webservice-DIC is a software to manage conference room reservations. yoyakuv41 contains an OS command injection vulnerability CWE-78. Impact An arbitrary OS command may be executed with the privileges of the web server on the server where yoyakuv41 is running. Solution Do no...
Yahoo Messenger AudioConf ActiveX Control Buffer Overflow (CVE-2007-1680)
Yahoo! Messenger is an instant messaging communicating application developed by Yahoo! Inc. One of the features that Yahoo! Messenger provides is the ability to create conference rooms. Yahoo! Messenger users can create a conference room and invite other users to join the conference. The conferen...
JVN#05857667 Webservice-DIC yoyaku_v41 vulnerable to command injection
yoyakuv41 from Webservice-DIC is a software to manage conference room reservations. yoyakuv41 contains a command injection vulnerability. This vulnerability is different from JVN80436657. Impact An arbitrary command could be executed with the privilege of the server where yoyakuv41 runs. Solution...
JVN#80436657 Webservice-DIC yoyaku_v41 vulnerable to command injection
yoyakuv41 from Webservice-DIC is a software to manage conference room reservations. yoyakuv41 contains a command injection vulnerability. Impact An arbitrary command could be executed with the privilege of the server where yoyakuv41 runs. Solution Update the Software Update to the latest version...
Cross site scripting
Cross-site scripting XSS vulnerability in AD2000 free-sw leger aka Web Conference Room Free 1.6.4 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2009-2240
The CVE-2009-2240 issue affects leger (free edition) from AD2000 (Web Conference Room Free). A cross-site scripting (XSS) vulnerability exists in version 1.6.4 and earlier, allowing an attacker to cause arbitrary script execution in a user’s browser. The vendor addressed this with an update in ve...
JVN#57036470 Cross-site scripting vulnerability in leger (free edition)
leger free edition from 'AD2000' is a software to manage conference room reservations. leger free edition contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the...
Vulnerable: Conference Room Professional-Developer Edititon.
Vulnerable: Conference Room Professional-Developer Edititon. www.webmaster.com Only tested on Windows NT 4.0 sp6a and Windows 2000 pro. Conference Room 1.8.1x or older versions are subject to a DoS attack when following commands are used. Make to connections to the irc server second being the clo...
DoS против Conference Room
Определенная последовательность команд приводит к краху IRC-сервера...