Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sametime vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2019-10297
Jenkins Sametime Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
Jenkins Sametime
NA
CVE-2023-50349
Sametime is impacted by a Cross Site Request Forgery (CSRF) vulnerability. Some REST APIs in the Sametime Proxy application can allow an malicious user to perform malicious actions on the application.
Hcltech Sametime
NA
CVE-2022-42446
Starting with Sametime 12, anonymous users are enabled by default. After logging in as an anonymous user, one has the ability to browse the User Directory and potentially create chats with internal users.
Hcltech Sametime 12.0
4.3
CVSSv2
CVE-2007-4142
Cross-site scripting (XSS) vulnerability in IBM Lotus Sametime Server 7.5.1 prior to 20070731 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors involving a crafted Sametime meeting.
Ibm Lotus Sametime
2.1
CVSSv2
CVE-2021-27755
"Sametime Android potential path traversal vulnerability when using File class"
Hcltech Hcl Sametime
4.3
CVSSv2
CVE-2007-6295
Cross-site scripting (XSS) vulnerability in the WebRunMenuFrame page in the online meeting center template in IBM Lotus Sametime prior to 8.0 allows remote malicious users to inject arbitrary web script or HTML via the URI.
Ibm Lotus Sametime
2.1
CVSSv2
CVE-2021-27753
"Sametime Android PathTraversal Vulnerability"
Hcltech Hcl Sametime
4
CVSSv2
CVE-2021-27772
Users are able to read group conversations without actively taking part in them. Next to one to one conversations, users are able to start group conversations with multiple users. It was found possible to obtain the contents of these group conversations without being part of it. ...
Hcltech Sametime 11.6
4.3
CVSSv2
CVE-2021-27773
This vulnerability allows users to execute a clickjacking attack in the meeting's chat.
Hcltech Sametime 11.6
6.8
CVSSv2
CVE-2021-27770
The vulnerability exists within the “FaviconService”. The service takes a base64-encoded URL which is then requested by the webserver. We assume this service is used by the “meetings”-function where users can specify an external URL where the online meetin...
Hcltech Sametime 11.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
NEXT »