CVE-2022-28750 : ZOOM ON-PREMISE MEETING CONNECTOR ZONE CONTROLLER PRIOR 4.8.20220419.112 STUN ERROR CODE STACK-BASED OVERFLOW

Description

Zoom On-Premise Meeting Connector Zone Controller (ZC) before version 4.8.20220419.112 fails to properly parse STUN error codes, which can result in memory corruption and could allow a malicious actor to crash the application. In versions older than 4.8.12.20211115, this vulnerability could also be leveraged to execute arbitrary code.

References

https://explore.zoom.us/en/trust/security/security-bulletin/

For More Information

MITRE

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2022-42302 : VERITAS NETBACKUP UP TO 10.0 NBFSMCLIENT SERVICE SQL INJECTION

CVE-2022-42302 : VERITAS NETBACKUP UP TO 10.0 NBFSMCLIENT SERVICE SQL INJECTION

Description An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable

CVE-2022-39266 : ISOLATED-VM UP TO 4.3.6 API PROTECTION MECHANISM

CVE-2022-39266 : ISOLATED-VM UP TO 4.3.6 API PROTECTION MECHANISM

Description isolated-vm is a library for nodejs which gives the user access to v8’s Isolate interface. In versions 4.3.6 and

CVE-2022-34424 : DELL OS10 10.5.1.X/10.5.2.X/10.5.3.X OUT-OF-BOUNDS WRITE

CVE-2022-34424 : DELL OS10 10.5.1.X/10.5.2.X/10.5.3.X OUT-OF-BOUNDS WRITE

Description Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system