Page 6 of 104 results (0.010 seconds)

CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-27244 – Zoom Workplace VDI App for Windows - Insufficient Verification of Data Authenticity

https://notcve.org/view.php?id=CVE-2024-27244

Insufficient verification of data authenticity in the installer for Zoom Workplace VDI App for Windows may allow an authenticated user to conduct an escalation of privilege via local access. Una verificación insuficiente de la autenticidad de los datos en el instalador de la aplicación Zoom Workplace VDI para Windows puede permitir que un usuario autenticado realice una escalada de privilegios a través del acceso local. • https://www.zoom.com/en/trust/security-bulletin/zsb-24015 • CWE-345: Insufficient Verification of Data Authenticity CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-33584 – WordPress Video Conferencing with Zoom plugin <= 4.4.4 - Open Redirection vulnerability

https://notcve.org/view.php?id=CVE-2024-33584

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Deepen Bajracharya Video Conferencing with Zoom.This issue affects Video Conferencing with Zoom: from n/a through 4.4.4. Vulnerabilidad de redirección de URL a un sitio que no es de confianza ('Open Redirect') en Deepen Bajracharya Video Conferencing with Zoom. Este problema afecta a las videoconferencias con Zoom: desde n/a hasta 4.4.4. The Video Conferencing with Zoom plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 4.4.4. This is due to insufficient validation on a redirect url. • https://patchstack.com/database/vulnerability/video-conferencing-with-zoom-api/wordpress-video-conferencing-with-zoom-plugin-4-4-4-open-redirection-vulnerability?_s_id=cve • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVSS: 4.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-27242 – Zoom Desktop Client for Linux - Cross Site Scripting

https://notcve.org/view.php?id=CVE-2024-27242

Cross site scripting in Zoom Desktop Client for Linux before version 5.17.10 may allow an authenticated user to conduct a denial of service via network access. Cross site scripting en Zoom Desktop Client para Linux anteriores a la versión 5.17.10 pueden permitir que un usuario autenticado realice una denegación de servicio a través del acceso a la red. • https://www.zoom.com/en/trust/security-bulletin/zsb-24013 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-27247 – Zoom Desktop Client for macOS - Improper Privilege Management

https://notcve.org/view.php?id=CVE-2024-27247

Improper privilege management in the installer for Zoom Desktop Client for macOS before version 5.17.10 may allow a privileged user to conduct an escalation of privilege via local access. La gestión inadecuada de privilegios en el instalador de Zoom Desktop Client para macOS anterior a la versión 5.17.10 puede permitir que un usuario privilegiado realice una escalada de privilegios a través del acceso local. • https://www.zoom.com/en/trust/security-bulletin/zsb-24012 • CWE-269: Improper Privilege Management CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-24694 – Zoom Desktop Client for Windows - Improper Privilege Management

https://notcve.org/view.php?id=CVE-2024-24694

Improper privilege management in the installer for Zoom Desktop Client for Windows before version 5.17.10 may allow an authenticated user to conduct an escalation of privilege via local access. La gestión inadecuada de privilegios en el instalador de Zoom Desktop Client para Windows anterior a la versión 5.17.10 puede permitir que un usuario autenticado realice una escalada de privilegios a través del acceso local. • https://www.zoom.com/en/trust/security-bulletin/zsb-24011 • CWE-269: Improper Privilege Management CWE-347: Improper Verification of Cryptographic Signature •