CVE-2023-39213 : ZOOM DESKTOP CLIENT/VDI CLIENT UP TO 5.15.1 ON WINDOWS INJECTION

Description

Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client before 5.15.2 may allow an unauthenticated user to enable an escalation of privilege via network access.

References

https://explore.zoom.us/en/trust/security/security-bulletin/

For More Information

CVERecord

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-37079 : VMWARE VCENTER SERVER/CLOUD FOUNDATION DCERPC HEP-BASED OVERFLOW

CVE-2024-37079 : VMWARE VCENTER SERVER/CLOUD FOUNDATION DCERPC HEP-BASED OVERFLOW

Description vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access

CVE-2024-5469 : GITLAB COMMUNITY EDITION/ENTERPRISE EDITION UP TO 16.10.5/16.11.2 KAS RESOURCE CONSUMPTION

CVE-2024-5469 : GITLAB COMMUNITY EDITION/ENTERPRISE EDITION UP TO 16.10.5/16.11.2 KAS RESOURCE CONSUMPTION

Description DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0 prior to 16.10.6 and 16.11.0 prior to 16.11.3

CVE-2024-27172 : TOSHIBA TEC E-STUDIO MULTI-FUNCTION PERIPHERAL OS COMMAND INJECTION

CVE-2024-27172 : TOSHIBA TEC E-STUDIO MULTI-FUNCTION PERIPHERAL OS COMMAND INJECTION

Description Remote Command program allows an attacker to get Remote Code Execution. As for the affected products/models/versions, see the reference