Lucene search
K

175 matches found

ThreatPost
ThreatPost
added 2021/03/18 3:52 p.m.64 views

Zoom Screen-Sharing Glitch ‘Briefly’ Leaks Sensitive Data

A security blip in the current version of Zoom could inadvertently leak users’ data to other meeting participants on a call. However, the data is only leaked briefly, making a potential attack difficult to carry out. The flaw CVE-2021-28133 stems from a glitch in the screen sharing function of...

4.8AI score0.16289EPSS
Exploits2References15
OSV
OSV
added 2021/03/18 2:15 p.m.4 views

CVE-2021-28133

Zoom through 5.5.4 sometimes allows attackers to read private information on a participant's screen, even though the participant never attempted to share the private part of their screen. When a user shares a specific application window via the Share Screen functionality, other meeting participan...

4.3CVSS6AI score0.16289EPSS
Exploits2References7
Prion
Prion
added 2021/03/18 2:15 p.m.34 views

Security feature bypass

Zoom through 5.5.4 sometimes allows attackers to read private information on a participant's screen, even though the participant never attempted to share the private part of their screen. When a user shares a specific application window via the Share Screen functionality, other meeting participan...

4.3CVSS4.6AI score0.16289EPSS
Exploits2References7Affected Software1
Cvelist
Cvelist
added 2021/03/18 1:59 p.m.48 views

CVE-2021-28133

Zoom through 5.5.4 sometimes allows attackers to read private information on a participant's screen, even though the participant never attempted to share the private part of their screen. When a user shares a specific application window via the Share Screen functionality, other meeting participan...

4.8AI score0.16289EPSS
Exploits2References7
NVD
NVD
added 2021/02/26 3:15 a.m.10 views

CVE-2021-23958

The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox 85...

6.5CVSS0.00882EPSS
Exploits0References2
OSV
OSV
added 2021/02/26 3:15 a.m.3 views

CVE-2021-23958

The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox 85...

6.5CVSS7.1AI score0.00882EPSS
Exploits0References2
Prion
Prion
added 2021/02/26 3:15 a.m.14 views

Design/Logic Flaw

The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox 85...

4.3CVSS6.7AI score0.00882EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/02/26 2:7 a.m.172 views

CVE-2021-23958

CVE-2021-23958 affects Mozilla Firefox versions before 85. The issue could confuse the browser into transferring a screen sharing state between tabs, potentially leaking screen sharing permissions/information. Affected product: Firefox (pre-85). Underlying cause: state transfer between tabs durin...

6.5CVSS6.5AI score0.00882EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2021/02/26 2:7 a.m.33 views

CVE-2021-23958

The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox 85...

6.5CVSS6.9AI score0.00882EPSS
Exploits0
Cvelist
Cvelist
added 2021/02/26 2:7 a.m.21 views

CVE-2021-23958

The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox 85...

6.9AI score0.00882EPSS
Exploits0References2
Veracode
Veracode
added 2021/01/27 7:32 p.m.20 views

Information Disclosure

firefox is vulnerable to information disclosure. The browsercan be confused into transferring a screen sharing state into another tab, which would leak confidential information...

6.5CVSS1.8AI score0.00882EPSS
Exploits0References4Affected Software7
Tenable Nessus
Tenable Nessus
added 2021/01/27 12:0 a.m.70 views

Mozilla Firefox < 85.0

The version of Firefox installed on the remote Windows host is prior to 85.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-03 advisory. - Mozilla developers Sebastian Hengst, Christian Holler, Tyson Smith reported memory safety bugs present in Firefox 84...

8.8CVSS8.1AI score0.01323EPSS
Exploits2References14
UbuntuCve
UbuntuCve
added 2021/01/26 12:0 a.m.27 views

CVE-2021-23958

The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox 85...

6.5CVSS6.8AI score0.00882EPSS
Exploits0References3
OSV
OSV
added 2021/01/26 12:0 a.m.7 views

UBUNTU-CVE-2021-23958

The browser could have been confused into transferring a screen sharing state into another tab, which would leak unintended information. This vulnerability affects Firefox 85...

6.5CVSS6.8AI score0.00882EPSS
Exploits0References4
CNVD
CNVD
added 2021/01/11 12:0 a.m.3 views

EV Screen Sharing Win suffers from dll hijacking vulnerability

EV Screen Sharing is a screen sharing program. EV Screen Sharing Win suffers from a dll hijacking vulnerability. An attacker can exploit the vulnerability to load a malicious dll and execute malicious code...

7.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/12/11 12:0 a.m.4 views

The vulnerability of the screen-sharing function in Google Chrome browsers allows attackers to perform spoofing attacks.

The vulnerability of the screen-sharing function in Google Chrome browser relates to information representation errors in the user interface. Exploiting this vulnerability can allow attackers to perform spoofing attacks remotely...

4.3CVSS6.7AI score0.00656EPSS
Exploits0References13Affected Software6
NVD
NVD
added 2020/11/18 7:15 p.m.19 views

CVE-2020-3419

A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to join a Webex session without appearing on the participant list. This vulnerability is due to improper handling of authentication tokens by a vulnerable Webex site. An attacke...

9.1CVSS7.2AI score0.01744EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2020/11/18 5:41 p.m.12 views

CVE-2020-3419 Cisco Webex Meetings and Cisco Webex Meetings Server Ghost Join Vulnerability

A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to join a Webex session without appearing on the participant list. This vulnerability is due to improper handling of authentication tokens by a vulnerable Webex site. An attacke...

6.5CVSS7.1AI score0.01744EPSS
Exploits0References1
Cisco
Cisco
added 2020/11/18 4:0 p.m.101 views

Cisco Webex Meetings and Cisco Webex Meetings Server Ghost Join Vulnerability

A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to join a Webex session without appearing on the participant list. This vulnerability is due to improper handling of authentication tokens by a vulnerable Webex site. An attacke...

6.5CVSS0.6AI score0.01744EPSS
Exploits0References1
Oracle linux
Oracle linux
added 2020/11/10 12:0 a.m.78 views

GNOME security, bug fix, and enhancement update

dleyna-renderer 0.6.0-3 - Add a manual Resolves: 1612579 frei0r-plugins 1.6.1-7 - Rebuild with newer annobin to fix rpmdiff problems - Fix the build with a newer opencv - Resolves: rhbz1703994 gdm 3.28.3-34 - Fix file descriptor leak Resolves: 1877853 3.28.3-33 - Fix problem with Xorg fallback...

9.8CVSS7.9AI score0.77246EPSS
Exploits9
Rows per page
Query Builder