Search

Search Results (364251 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-20846 1 Cisco 2 Ios Xr, Ios Xr Software 2025-08-05 4.3 Medium
A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the Cisco Discovery Protocol process to reload on an affected device. This vulnerability is due to a heap buffer overflow in certain Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause a heap overflow, which could cause the Cisco Discovery Protocol process to reload on the device. The bytes that can be written in the buffer overflow are restricted, which limits remote code execution.Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).  Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.This advisory is part of the September 2022 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see .
CVE-2025-49462 1 Zoom 1 Zoom 2025-08-05 3.5 Low
Cross-site scripting in certain Zoom Clients before version 6.4.5 may allow an authenticated user to conduct a disclosure of information via network access.
CVE-2025-49463 1 Zoom 1 Zoom 2025-08-05 6.5 Medium
Insufficient control flow management in certain Zoom Clients for iOS before version 6.4.5 may allow an unauthenticated user to conduct a disclosure of information via network access.
CVE-2025-49464 1 Zoom 1 Zoom 2025-08-05 6.5 Medium
Classic buffer overflow in certain Zoom Clients for Windows may allow an authorised user to conduct a denial of service via network access.
CVE-2025-30665 1 Zoom 5 Meeting Software Development Kit, Rooms, Rooms Controller and 2 more 2025-08-05 6.5 Medium
NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
CVE-2024-39827 1 Zoom 1 Workplace Desktop 2025-08-05 5.5 Medium
Improper input validation in the installer for Zoom Workplace Desktop App for Windows before version 6.0.10 may allow an authenticated user to conduct a denial of service via local access.
CVE-2025-30666 1 Zoom 5 Meeting Software Development Kit, Rooms, Rooms Controller and 2 more 2025-08-05 6.5 Medium
NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
CVE-2025-46788 1 Zoom 1 Workplace Desktop 2025-08-05 7.4 High
Improper certificate validation in Zoom Workplace for Linux before version 6.4.13 may allow an unauthorized user to conduct an information disclosure via network access.
CVE-2024-27238 1 Zoom 3 Meeting Software Development Kit, Rooms, Workplace Desktop 2025-08-05 7.1 High
Race condition in the installer for some Zoom Apps and SDKs for Windows before version 6.0.0 may allow an authenticated user to conduct a privilege escalation via local access.
CVE-2024-27240 1 Zoom 3 Rooms, Workplace Desktop, Workplace Virtual Desktop Infrastructure 2025-08-05 7.1 High
Improper input validation in the installer for some Zoom Apps for Windows may allow an authenticated user to conduct a privilege escalation via local access.
CVE-2024-39820 1 Zoom 1 Workplace Desktop 2025-08-05 6.6 Medium
Uncontrolled search path element in the installer for Zoom Workplace Desktop App for macOS before version 6.0.10 may allow an authenticated user to conduct a denial of service via local access.
CVE-2024-39821 1 Zoom 2 Rooms, Workplace Desktop 2025-08-05 6.6 Medium
Race condition in the installer for Zoom Workplace App for Windows and Zoom Rooms App for Windows may allow an authenticated user to conduct a denial of service via local access.
CVE-2021-1410 1 Cisco 1 Webex Meetings 2025-08-05 4.3 Medium
A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an authenticated, remote attacker to modify a distribution list that belongs to another user of their organization. The vulnerability is due to insufficient authorization enforcement for requests to update distribution lists. An attacker could exploit this vulnerability by sending a crafted request to the Webex Meetings interface to modify an existing distribution list. A successful exploit could allow the attacker to modify a distribution list that belongs to a user other than themselves.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
CVE-2021-1132 1 Cisco 1 Network Services Orchestrator 2025-08-05 5.3 Medium
A vulnerability in the API subsystem and in the web-management interface of Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote attacker to access sensitive data. This vulnerability exists because the web-management interface and certain HTTP-based APIs do not properly validate user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to an affected system. A successful exploit could allow the attacker to access sensitive files on the affected system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
CVE-2025-54980 2025-08-05 N/A
Not used
CVE-2025-54979 2025-08-05 N/A
Not used
CVE-2025-54978 2025-08-05 N/A
Not used
CVE-2025-54977 2025-08-05 N/A
Not used
CVE-2025-54976 2025-08-05 N/A
Not used
CVE-2025-54975 2025-08-05 N/A
Not used