2 results (0.000 seconds)

CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0

Code injection vulnerability exists in Chatwork Desktop Application (Mac) 2.6.43 and earlier. If this vulnerability is exploited, a non-administrative user of the Mac where the product is installed may store and obtain audio and image data from the product without the user's consent. • https://go.chatwork.com/ja/download https://jvn.jp/en/jp/JVN96828492 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Untrusted search path vulnerability in installer of ChatWork Desktop App for Windows 2.3.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Una vulnerabilidad de tipo ruta de búsqueda no confiable en el instalador de ChatWork Desktop App para Windows 2.3.0 y anteriores permite que un atacante consiga privilegios utilizando un archivo DLL troyano en un directorio no especificado. • http://jvn.jp/en/jp/JVN39171169/index.html https://go.chatwork.com/download • CWE-426: Untrusted Search Path •