CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 1CVE-2022-26364 – Xen PV Guest Non-SELFSNOOP CPU Memory Corruption
https://notcve.org/view.php?id=CVE-2022-26364
x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, Xen's safety logic doesn't account for CPU-induced cache non-coherency; cases where the CPU can cause the content of the cache to be different to the content in main memory. • http://packetstormsecurity.com/files/167710/Xen-PV-Guest-Non-SELFSNOOP-CPU-Memory-Corruption.html http://www.openwall.com/lists/oss-security/2022/06/09/4 http://xenbits.xen.org/xsa/advisory-402.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OH65U6FTTB5MLH5A6Q3TW7KVCGOG4MYI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q https://security.gentoo.org/glsa/202208-23 https://www.debian.org/s •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2022-26363
https://notcve.org/view.php?id=CVE-2022-26363
x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, Xen's safety logic doesn't account for CPU-induced cache non-coherency; cases where the CPU can cause the content of the cache to be different to the content in main memory. • http://www.openwall.com/lists/oss-security/2022/06/09/4 http://xenbits.xen.org/xsa/advisory-402.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OH65U6FTTB5MLH5A6Q3TW7KVCGOG4MYI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q https://security.gentoo.org/glsa/202208-23 https://www.debian.org/security/2022/dsa-5184 https://xenbits.xenproject.org/xsa/advisory-402.txt •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-22787 – Insufficient hostname validation during Clusterswitch message in Zoom Client for Meetings
https://notcve.org/view.php?id=CVE-2022-22787
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.10.0 fails to properly validate the hostname during a server switch request. This issue could be used in a more sophisticated attack to trick an unsuspecting users client to connect to a malicious server when attempting to use Zoom services. Zoom Client for Meetings (para Android, iOS, Linux, macOS y Windows) anterior a la versión 5.10.0 no comprueba correctamente el nombre de host durante una petición de cambio de servidor. Este problema podría usarse en un ataque más sofisticado para engañar a un cliente de usuario desprevenido para que sea conectado a un servidor malicioso cuando intente usar los servicios de Zoom • http://packetstormsecurity.com/files/167238/Zoom-XMPP-Stanza-Smuggling-Remote-Code-Execution.html https://explore.zoom.us/en/trust/security/security-bulletin • CWE-295: Improper Certificate Validation •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-22786 – Update package downgrade in Zoom Client for Meetings for Windows
https://notcve.org/view.php?id=CVE-2022-22786
The Zoom Client for Meetings for Windows before version 5.10.0 and Zoom Rooms for Conference Room for Windows before version 5.10.0, fails to properly check the installation version during the update process. This issue could be used in a more sophisticated attack to trick a user into downgrading their Zoom client to a less secure version. Zoom Client for Meetings para Windows versiones anteriores a 5.10.0 y Zoom Rooms for Conference Room para Windows versiones anteriores a 5.10.0, no comprueban apropiadamente la versión de instalación durante el proceso de actualización. Este problema podría ser usado en un ataque más sofisticado para engañar a un usuario para que actualice su cliente Zoom a una versión menos segura • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-494: Download of Code Without Integrity Check •
CVSS: 9.1EPSS: 0%CPEs: 5EXPL: 0CVE-2022-22785 – Improperly constrained session cookies in Zoom Client for Meetings
https://notcve.org/view.php?id=CVE-2022-22785
The Zoom Client for Meetings (for Android, iOS, Linux, MacOS, and Windows) before version 5.10.0 failed to properly constrain client session cookies to Zoom domains. This issue could be used in a more sophisticated attack to send an unsuspecting users Zoom-scoped session cookies to a non-Zoom domain. This could potentially allow for spoofing of a Zoom user. Zoom Client for Meetings (para Android, iOS, Linux, MacOS y Windows) versiones anteriores a 5.10.0, no restringe apropiadamente las cookies de sesión del cliente a los dominios de Zoom. Este problema podría ser usado en un ataque más sofisticado para enviar a un usuario desprevenido las cookies de sesión de Zoom a un dominio que no es de Zoom. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-565: Reliance on Cookies without Validation and Integrity Checking •