Lucene search
+L

242 matches found

CVE
CVE
added yesterday14 views

CVE-2026-53411

CVE-2026-53411 affects Zoom Workplace VDI Plugin for Windows prior to 6.6.14. The issue is described in CVE sources as an improper input validation that could enable an authenticated local user to escalate privileges. Exploitation details are not provided in the documents. The CVSS v3.1 base scor...

7.8CVSS6.2AI score
Exploits0References1
The Hacker News
The Hacker News
added yesterday9 views

Zoom Patches Critical Windows Flaw That Could Enable Account Takeover

Zoom has released security updates for a critical security flaw impacting Zoom Workplace for Windows that could facilitate account takeover. The vulnerability, tracked as CVE-2026-53412 CVSS score: 9.8, affects Zoom Workplace for Windows before version 7.0.0 and Zoom Workplace VDI Client for...

9.8CVSS6.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2 days ago13 views

PT-2026-60396

A time-of-check to time-of-use TOCTOU race condition in the installation and uninstallation process of certain Zoom Clients for Windows could allow an authenticated local user to escalate privileges...

7.8CVSS6.2AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 3 days ago9 views

PT-2026-60395

Name of the Vulnerable Software and Affected Versions Zoom Clients for Windows affected versions not specified Description A time-of-check to time-of-use TOCTOU race condition occurs during the installation and uninstallation process. This flaw allows an authenticated local user to escalate...

7CVSS6.2AI score
Exploits0References5
Tenable Nessus
Tenable Nessus
added 3 days ago5 views

Zoom Workplace VDI Client < 7.0.10 Vulnerability (ZSB-26014)

The version of Zoom Workplace VDI Client installed on the remote host is prior to 7.0.10. It is, therefore, affected by a vulnerability as referenced in the ZSB-26014 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

9.8CVSS6.2AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/15 7:57 a.m.17 views

CVE-2026-30905

External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an authenticated user to conduct an escalation of privilege via local access...

7.8CVSS5.8AI score0.00118EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/13 9:32 p.m.11 views

EUVD-2026-30111

External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an authenticated user to conduct an escalation of privilege via local access...

7.8CVSS5.8AI score0.00118EPSS
Exploits0References2
NVD
NVD
added 2026/05/13 7:17 p.m.25 views

CVE-2026-30905

External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an authenticated user to conduct an escalation of privilege via local access...

7.8CVSS0.00118EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/13 6:0 p.m.11 views

CVE-2026-30905

External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an authenticated user to conduct an escalation of privilege via local access...

7.8CVSS5.8AI score0.00118EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/13 6:0 p.m.7 views

CVE-2026-30905

External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an authenticated user to conduct an escalation of privilege via local access...

5.8AI score0.00118EPSS
Exploits0References2
CVE
CVE
added 2026/05/13 6:0 p.m.21 views

CVE-2026-30905

CVE-2026-30905 concerns the Zoom Workplace VDI Plugin Windows Universal Installer. The issue arises from external control of a file name or path in the installer, potentially allowing an authenticated user to escalate privileges through local access on installations prior to version 6.6.11. Affec...

7.8CVSS5.8AI score0.00118EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.12 views

Zoom Workplace VDI Plugin Windows Universal Installer 安全漏洞

The Zoom Workplace VDI Plugin Windows Universal Installer is a Windows plugin provided by the US company Zoom, designed for use in virtual desktop infrastructure environments. Versions of the Zoom Workplace VDI Plugin Windows Universal Installer prior to version 6.6.11 contained security...

7.8CVSS5.8AI score0.00118EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.16 views

PT-2026-40760

Name of the Vulnerable Software and Affected Versions Zoom Workplace VDI Plugin Windows Universal Installer versions prior to 6.6.11 Description An issue exists where external control of a file name or path may allow an authenticated user with local access to achieve escalation of privilege...

7.8CVSS5.8AI score0.00118EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/06 11:28 a.m.40 views

CVE-2026-43229 media: chips-media: wave5: Fix device cleanup order to prevent kernel panic

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of the remove function to ensure all video operations are stopped before cleaning up the worker thread...

0.00127EPSS
Exploits0References4
OSV
OSV
added 2026/05/06 11:28 a.m.4 views

CVE-2026-43229 media: chips-media: wave5: Fix device cleanup order to prevent kernel panic

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of the remove function to ensure all video operations are stopped before cleaning up the worker thread...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.3 views

Zoom Workplace VDI Client 6.6 < 6.6.11 Vulnerability (ZSB-26002)

The version of Zoom Workplace VDI Client installed on the remote host is between 6.6 and 6.6.11. It is, therefore, affected by a vulnerability as referenced in the ZSB-26002 advisory. - Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an...

7.8CVSS5.9AI score0.00125EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.8 views

Zoom Workplace VDI Client < 6.4.17 Vulnerability (ZSB-26005)

The version of Zoom Workplace VDI Client installed on the remote host is prior to 6.4.17. It is, therefore, affected by a vulnerability as referenced in the ZSB-26005 advisory. - External Control of File Name or Path in the Mail feature of Zoom Workplace for Windows before 6.6.0 may allow an...

9.8CVSS5.9AI score0.00328EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2025/12/16 12:0 a.m.4 views

Fortinet FortiSandbox upload_vdi_file Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fortinet FortiSandbox. Authentication is required to exploit this vulnerability. The specific flaw exists within the uploadvdifile endpoint. The issue results from the lack of proper validation of a...

8.8CVSS7.6AI score0.15797EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/13 3:30 p.m.4 views

EUVD-2025-175323

Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client for Windows may allow an authenticated user to conduct an escalation of privilege via local access...

7.5CVSS6.5AI score0.00097EPSS
Exploits0References2
OSV
OSV
added 2025/11/13 3:15 p.m.4 views

CVE-2025-64740

Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client for Windows may allow an authenticated user to conduct an escalation of privilege via local access...

7.8CVSS5.8AI score0.00097EPSS
Exploits0References1
Rows per page
Query Builder