10 matches found
Insights into your unpatched vulnerabilities
Every day, nearly 70 brand-new vulnerabilities are discovered in software products around the world. That’s almost 25,550 new problems each year, of which roughly 4,250 or every one-in-six will be classified as “critical.” But with little guidance beyond “critical” classifications—and with the...
Zoom Client for Meetings < 5.10.0 Vulnerability (ZSB-22007)
The version of Zoom Client for Meetings installed on the remote host is prior to 5.10.0. It is, therefore, affected by a vulnerability as referenced in the ZSB-22007 advisory. - The Zoom Client for Meetings for Android, iOS, Linux, macOS, and Windows before version 5.10.0 fails to properly...
Zoom Client < 5.10.0 Attack Chain Vulnerabilities
The version of Zoom Client for Meetings for Windows installed on the remote host is prior to 5.10.0. It is, therefore, affected by multiple vulnerabilities. - The Zoom Client for Meetings for Android, iOS, Linux, MacOS, and Windows before version 5.10.0 failed to properly parse XML stanzas in XMP...
New Zoom Flaws Could Let Attackers Hack Victims Just by Sending them a Message
Popular video conferencing service Zoom has resolved as many as four security vulnerabilities, which could be exploited to compromise another user over chat by sending specially crafted Extensible Messaging and Presence Protocol XMPP messages and execute malicious code. Tracked from CVE-2022-2278...
Zoom Client < 5.10.0 Multiple Vulnerabilities (ZSB-22006, ZSB-22007, ZSB-22009) - Linux
The Zoom Client is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Zoom Client < 5.10.0 Multiple Vulnerabilities (ZSB-22006, ZSB-22007, ZSB-22008, ZSB-22009) - Windows
The Zoom Client is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Zoom Client < 5.10.0 Multiple Vulnerabilities (ZSB-22006, ZSB-22007, ZSB-22009) - Mac OS X
The Zoom Client is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2022-22785 Improperly constrained session cookies in Zoom Client for Meetings
The Zoom Client for Meetings for Android, iOS, Linux, MacOS, and Windows before version 5.10.0 failed to properly constrain client session cookies to Zoom domains. This issue could be used in a more sophisticated attack to send an unsuspecting users Zoom-scoped session cookies to a non-Zoom domai...
CVE-2022-22785
The CVE-2022-22785 entry concerns the Zoom Client for Meetings across Android, iOS, Linux, macOS, and Windows. Before version 5.10.0, it failed to constrain Zoom session cookies to Zoom domains, enabling a more sophisticated attack that could send Zoom-scoped session cookies to a non‑Zoom domain ...
KLA12539 Multiple vulnerabilities in Zoom
Multiple vulnerabilities were found in Zoom. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Insufficient hostname validation vulnerability can be exploited remotely to gain...