4.8
CVE-2025-30669 - Zoom Workplace Clients - Improper Certificate Validation
Improper certificate validation in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via adjacent access.
8.1
CVE-2025-64741 - Zoom Workplace for Android - Improper Authorization Handling
Improper authorization handling in Zoom Workplace for Android before version 6.5.10 may allow an unauthenticated user to conduct an escalation of privilege via network access.
7.5
CVE-2025-64740 - Zoom Workplace VDI Client for Windows - Improper Verification of Cryptographic Signature
Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client for Windows may allow an authenticated user to conduct an escalation of privilege via local access.
5.3
CVE-2025-13117 - macrozheng mall-swarm cancelOrder improper authorization
A security vulnerability has been detected in macrozheng mall-swarm up to 1.0.3. Affected by this vulnerability is the function cancelOrder of the file /order/cancelOrder. The manipulation of the argument orderId leads to improper authorization. The attack can be initiated remotely. The exploit hasβ¦
4.3
CVE-2025-64739 - Zoom Clients - External Control of File Name or Path
External control of file name or path in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via network access.
5
CVE-2025-64738 - Zoom Workplace for macOS - External Control of File Name or Path
External control of file name or path in Zoom Workplace for macOS before version 6.5.10 may allow an authenticated user to conduct a disclosure of information via local access.
5.3
CVE-2025-13116 - macrozheng mall-swarm cancelUserOrder improper authorization
A weakness has been identified in macrozheng mall-swarm up to 1.0.3. Affected is the function cancelUserOrder of the file /order/cancelUserOrder. Executing manipulation of the argument orderId can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been madβ¦
5.3
CVE-2025-13115 - macrozheng mall-swarm Order Details detail improper authorization
A security flaw has been discovered in macrozheng mall-swarm up to 1.0.3. This impacts the function detail of the file /order/detail/ of the component Order Details Handler. Performing manipulation of the argument orderId results in improper authorization. It is possible to initiate the attack remoβ¦
5.3
CVE-2025-13114 - macrozheng mall-swarm attr updateAttr improper authorization
A vulnerability was identified in macrozheng mall-swarm up to 1.0.3. This affects the function updateAttr of the file /cart/update/attr. Such manipulation leads to improper authorization. The attack may be performed from remote. The exploit is publicly available and might be used. The vendor was coβ¦
5.3
CVE-2025-41069 - Insecure Direct Object References (IDOR) in DeporSite of T-Innova DeporSite
Insecure Direct Object Reference (IDOR) vulnerability in DeporSite of T-INNOVA. This vulnerability allows an attacker to access or modify unauthorized resources by manipulating requests using the 'idUsuario' parameter in β/ajax/TInnova_v2/Formulario_Consentimiento/llamadaAjax/obtenerDatosConsentimiβ¦