Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rooms vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2019-16005
A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an authenticated, remote malicious user to execute arbitrary commands on the affected system. The vulnerability is due to improper validation of user-supplied input by the web-based manage...
Cisco Collaboration Meeting Rooms 2.0
Cisco Webex Video Mesh
1 Article
7.5
CVSSv3
CVE-2023-36539
Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive information.
Zoom Video Software Development Kit 1.8.0
Zoom Meetings 5.15.0
Zoom Meetings 5.15.1
Zoom Zoom 5.15.0
Zoom Rooms 5.15.0
Zoom Zoom 5.15.1
Zoom Poly Ccx 700 Firmware 5.15.0
Zoom Poly Ccx 600 Firmware 5.15.0
Zoom Yealink Vp59 Firmware 5.15.0
Zoom Yealink Mp54 Firmware 5.15.0
Zoom Yealink Mp56 Firmware 5.15.0
6.1
CVSSv3
CVE-2021-1500
A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an unauthenticated, remote malicious user to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the URL parameters in an HTTP request. An at...
Cisco Collaboration Meeting Rooms 2.0
Cisco Webex Video Mesh
6.1
CVSSv3
CVE-2021-40115
A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management ...
Cisco Collaboration Meeting Rooms 2.0
Cisco Webex Video Mesh
7.5
CVSSv3
CVE-2018-12423
In Synapse prior to 0.31.2, unauthorised users can hijack rooms when there is no m.room.power_levels event in force.
Matrix Synapse
4.4
CVSSv3
CVE-2022-40135
An information leak vulnerability in the Smart USB Protection SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory.
Lenovo Ideacentre C5-14imb05 Firmware
Lenovo Thinkcentre E96z Firmware
Lenovo Ideacentre 3 07iab7 Firmware
Lenovo Ideacentre 3-07imb05 Firmware
Lenovo Ideacentre 5 14iab7 Firmware
Lenovo Ideacentre 5-14acn6 Firmware
Lenovo Ideacentre 5-14imb05 Firmware
Lenovo Ideacentre 5-14iob6 Firmware
Lenovo Ideacentre Creator 5-14iob6 Firmware
Lenovo Ideacentre G5-14imb05 Firmware
Lenovo Ideacentre Gaming 5 17acn7 Firmware
Lenovo Ideacentre Gaming 5 17iab7 Firmware
Lenovo Ideacentre Gaming 5-14acn6 Firmware
Lenovo Ideacentre Gaming 5-14iob6 Firmware
Lenovo Legion C530-19icb Firmware
Lenovo Legion T5-26iob6 Firmware
Lenovo Legion T5-28icb05 Firmware
Lenovo Legion T530-28apr Firmware
Lenovo Legion T530-28icb Firmware
Lenovo Legion T7-34imz5 Firmware
Lenovo Thinkcentre M60e Tiny Firmware
Lenovo Thinkcentre M625q Firmware
4.4
CVSSv3
CVE-2022-40136
An information leak vulnerability in SMI Handler used to configure platform settings over WMI in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory.
Lenovo Ideacentre C5-14imb05 Firmware
Lenovo Thinkcentre E96z Firmware
Lenovo Ideacentre 3 07iab7 Firmware
Lenovo Ideacentre 3-07imb05 Firmware
Lenovo Ideacentre 5 14iab7 Firmware
Lenovo Ideacentre 5-14acn6 Firmware
Lenovo Ideacentre 5-14imb05 Firmware
Lenovo Ideacentre 5-14iob6 Firmware
Lenovo Ideacentre Creator 5-14iob6 Firmware
Lenovo Ideacentre G5-14imb05 Firmware
Lenovo Ideacentre Gaming 5 17acn7 Firmware
Lenovo Ideacentre Gaming 5 17iab7 Firmware
Lenovo Ideacentre Gaming 5-14acn6 Firmware
Lenovo Ideacentre Gaming 5-14iob6 Firmware
Lenovo Legion C530-19icb Firmware
Lenovo Legion T5-26iob6 Firmware
Lenovo Legion T5-28icb05 Firmware
Lenovo Legion T530-28apr Firmware
Lenovo Legion T530-28icb Firmware
Lenovo Legion T7-34imz5 Firmware
Lenovo Thinkcentre M70q Gen 2 Firmware
Lenovo Thinkcentre M710t Firmware
NA
CVE-1999-0897
iChat ROOMS Webserver allows remote malicious users to read arbitrary files via a .. (dot dot) attack.
Apple Ichat Server 3.0
4.3
CVSSv3
CVE-2024-4314
The Hostel plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.5.3. This is due to missing or incorrect nonce validation when managing rooms. This makes it possible for unauthenticated malicious users to create and delete roo...
7.2
CVSSv3
CVE-2022-32346
Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/rooms/view_room.php?id=.
Hospital's Patient Records Management System Project Hospital's Patient Records Management System 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »