Security Vulnerabilities - CVEs Published In February 2024
Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for initial installation has a high vulnerability that can result in local privilege escalation (LPE). This vulnerability only affects first-time installations done prior to 8th March 2023
CVSS Score
7.2
EPSS Score
0.0
Published
2024-02-14
Dell Mobility - E-Lab Navigator, version(s) 3.1.9, 3.2.0, contain(s) an Authorization Bypass Through User-Controlled Key vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to Launch of phishing attacks.
CVSS Score
4.4
EPSS Score
0.001
Published
2024-02-14
Digdag is an open source tool that to build, run, schedule, and monitor complex pipelines of tasks across various platforms. Treasure Data's digdag workload automation system is susceptible to a path traversal vulnerability if it's configured to store log files locally. This issue may lead to information disclosure and has been addressed in release version 0.10.5.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS Score
5.3
EPSS Score
0.073
Published
2024-02-14
Business logic error in some Zoom clients may allow an authenticated user to conduct information disclosure via network access.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-02-14
Improper input validation in some Zoom clients may allow an authenticated user to conduct a denial of service via network access.
CVSS Score
5.4
EPSS Score
0.001
Published
2024-02-14
Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access.
CVSS Score
9.6
EPSS Score
0.003
Published
2024-02-14
Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an authenticated user to conduct a disclosure of information via network access.
CVSS Score
6.8
EPSS Score
0.002
Published
2024-02-14
Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an authenticated user to conduct a disclosure of information via network access.
CVSS Score
6.8
EPSS Score
0.002
Published
2024-02-14
Untrusted search path in some Zoom 32 bit Windows clients may allow an authenticated user to conduct an escalation of privilege via local access.
CVSS Score
7.2
EPSS Score
0.001
Published
2024-02-14
Improper authentication in some Zoom clients may allow a privileged user to conduct a disclosure of information via local access.
CVSS Score
4.9
EPSS Score
0.001
Published
2024-02-14