CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-38360 – Denial of service via Watched Words in Discourse
https://notcve.org/view.php?id=CVE-2024-38360
Discourse is an open source platform for community discussion. In affected versions by creating replacement words with an almost unlimited number of characters, a moderator can reduce the availability of a Discourse instance. This issue has been addressed in stable version 3.2.3 and in current betas. Users are advised to upgrade. Users unable to upgrade may manually remove the long watched words either via SQL or Rails console. • https://github.com/discourse/discourse/commit/7b53e610c17e38be982dffefa4e5b5a709a3b990 https://github.com/discourse/discourse/security/advisories/GHSA-68pm-hm8x-pq2p • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39821 – Zoom Workplace App for Windows and Zoom Rooms App for Windows - Race Condition
https://notcve.org/view.php?id=CVE-2024-39821
Race condition in the installer for Zoom Workplace App for Windows and Zoom Rooms App for Windows may allow an authenticated user to conduct a denial of service via local access. • https://www.zoom.com/en/trust/security-bulletin/zsb-24028 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39820 – Zoom Workplace Desktop App for macOS - Uncontrolled Search Path Element
https://notcve.org/view.php?id=CVE-2024-39820
Uncontrolled search path element in the installer for Zoom Workplace Desktop App for macOS before version 6.0.10 may allow an authenticated user to conduct a denial of service via local access. • https://www.zoom.com/en/trust/security-bulletin/zsb-24027 • CWE-427: Uncontrolled Search Path Element •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39827 – Zoom Workplace Desktop App for Windows - Improper Input Validation
https://notcve.org/view.php?id=CVE-2024-39827
Improper input validation in the installer for Zoom Workplace Desktop App for Windows before version 6.0.10 may allow an authenticated user to conduct a denial of service via local access. • https://www.zoom.com/en/trust/security-bulletin/zsb-24024 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27241 – Zoom Apps and SDKs - Improper Input Validation
https://notcve.org/view.php?id=CVE-2024-27241
Improper input validation in some Zoom Apps and SDKs may allow an authenticated user to conduct a denial of service via network access. • https://www.zoom.com/en/trust/security-bulletin/zsb-24020 • CWE-20: Improper Input Validation •