40 matches found
CVE-2020-10857
Zulip Desktop before 5.0.0 improperly uses shell.openExternal and shell.openItem with untrusted content, leading to remote code execution...
CVE-2020-10858
Zulip Desktop before 5.0.0 allows attackers to perform recording via the webcam and microphone due to a missing permission request handler...
CVE-2020-24582
Zulip Desktop before 5.4.3 allows XSS because string escaping is mishandled during composition of the HTML for the user interface...
EUVD-2020-17301
Malware in sbrugna...
EUVD-2020-3263
Malware in sbrugna...
EUVD-2020-3264
Malware in sbrugna...
EUVD-2020-30263
Malware in sbrugna...
EUVD-2020-4938
Malware in sbrugna...
CVE-2020-9443
Zulip Desktop before 4.0.3 loaded untrusted content in an Electron webview with web security disabled, which can be exploited for XSS in a number of ways. This especially affects Zulip Desktop 2.3.82...
CVE-2020-12637
Zulip Desktop before 5.2.0 has Missing SSL Certificate Validation because all validation was inadvertently disabled during an attempt to recognize the ignoreCerts option...
Zulip Desktop License Issue Vulnerability
Zulip Desktop is a desktop version of the team chat application from Zulip USA. An authorization issue vulnerability exists in versions prior to Zulip Desktop 5.0.0, which stems from allowing an attacker to record from a webcam and microphone because of an unprivileged request processor...
Zulip Desktop Remote Code Execution Vulnerability
Zulip is a powerful open source group chat application that combines the immediacy of live chat with the productivity benefits of threaded conversations.Zulip Desktop is the Zulip desktop client. A remote code execution vulnerability exists in Zulip Desktop versions prior to 5.0.0. The...
CVE-2020-10858
Zulip Desktop before 5.0.0 allows attackers to perform recording via the webcam and microphone due to a missing permission request handler...
CVE-2020-10857
Zulip Desktop before 5.0.0 improperly uses shell.openExternal and shell.openItem with untrusted content, leading to remote code execution...
CVE-2020-10858
Zulip Desktop before 5.0.0 allows attackers to perform recording via the webcam and microphone due to a missing permission request handler...
CVE-2020-10857
Zulip Desktop before 5.0.0 improperly uses shell.openExternal and shell.openItem with untrusted content, leading to remote code execution...
Cross site request forgery (csrf)
Zulip Desktop before 5.0.0 allows attackers to perform recording via the webcam and microphone due to a missing permission request handler...
CVE-2020-10857
Zulip Desktop (Windows/macOS/Linux) has a remote code execution vulnerability in all versions before 5.0.0. The issue stems from improper use of shell.openExternal and shell.openItem with untrusted content, which can allow an attacker to execute arbitrary code on the user’s system. The Red Hat an...
CVE-2020-10857
Zulip Desktop before 5.0.0 improperly uses shell.openExternal and shell.openItem with untrusted content, leading to remote code execution...
CVE-2020-10858
Zulip Desktop before 5.0.0 allows attackers to perform recording via the webcam and microphone due to a missing permission request handler...