NA - CVE-2024-10026 - A weak hashing algorithm and small sizes of...
A weak hashing algorithm and small sizes of seeds/secrets in Google's gVisor allowed for a remote attacker to calculate a local IP address and a per-boot identifier that could aid in tracking...
NA - CVE-2024-10603 - Weaknesses in the generation of TCP/UDP source...
Weaknesses in the generation of TCP/UDP source ports and some other header values in Google's gVisor allowed them to be predicted by an external attacker in some circumstances.
NA - CVE-2024-10604 - Vulnerabilities in the algorithms used by...
Vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields, specifically the TCP ISN, TCP timestamp, TCP and UDP source ports, and IPv4/IPv6 fragment ID allow for...
NA - CVE-2025-0142 - Cleartext storage of sensitive information in...
Cleartext storage of sensitive information in the Zoom Jenkins Marketplace plugin before version 1.4 may allow an authenticated user to conduct a disclosure of information via network access.
NA - CVE-2025-0143 - Out-of-bounds write in the Zoom Workplace App...
Out-of-bounds write in the Zoom Workplace App for Linux before version 6.2.5 may allow an unauthorized user to conduct a denial of service via network access.
NA - CVE-2025-0145 - Untrusted search path in the installer for some...
Untrusted search path in the installer for some Zoom Workplace Apps for Windows may allow an authorized user to conduct an escalation of privilege via local access.
NA - CVE-2025-0146 - Symlink following in the installer for Zoom...
Symlink following in the installer for Zoom Workplace App for macOS before 6.2.10 may allow an authenticated user to conduct a denial of service via local access.
NA - CVE-2025-0147 - Type confusion in the Zoom Workplace App for...
Type confusion in the Zoom Workplace App for Linux before 6.2.10 may allow an authorized user to conduct an escalation of privilege via network access.