EUVD-2018-7585

Malware in sbrugna...

Zoom Client Unauthorized Message Processing Vulnerability (ZSB-18001)

Zoom Client is prone to an unauthorization message processing vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

SolarWinds Orion Platform < 2019.4.2 Remote Code Execution

The Collector Service in SolarWinds Orion Platform before 2019.4.2 uses MSMQ Microsoft Message Queue and doesn't set permissions on its private queues. As a result, remote unauthenticated clients can send messages to TCP port 1801 that the Collector Service will process. Additionally, upon...

Design/Logic Flaw

Zoom clients on Windows before version 4.1.34814.1119, Mac OS before version 4.1.34801.1116, and Linux 2.4.129780.0915 and below are vulnerable to unauthorized message processing. A remote unauthenticated attacker can spoof UDP messages from a meeting attendee or Zoom server in order to invoke...

CVE-2018-15715

CVE-2018-15715 affects Zoom Client for Meetings on Windows, macOS, and Linux (before specific builds). The vulnerability stems from Zoom’s internal messaging pump sending both UDP (untrusted) and TCP (trusted) messages to the same handler, enabling a remote, unauthenticated attacker to craft UDP ...