CVE-2023-39213

CRITICAL Year: 2023
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-176
View all →

Vulnerability Description

Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client before 5.15.2 may allow an unauthenticated user to enable an escalation of privilege via network access.

Related Vulnerabilities

CVE-2024-24691

CRITICAL
CVSS:9.8(Critical)

Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an escalation of privilege via ...

CWE-1762024

CVE-2024-24691

CRITICAL
CVSS:9.8(Critical)

Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an escalation of privilege via ...

CWE-1762024

CVE-2023-31169

MEDIUM
CVSS:5.7(Medium)

An Improper Handling of Unicode Encoding vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software could allow an attacker to embed instructions that could be exe...

CWE-1762023

CVE-2020-8929

MEDIUM
CVSS:5.3(Medium)

A mis-handling of invalid unicode characters in the Java implementation of Tink versions prior to 1.5 allows an attacker to change the ID part of a ciphertext, which result in the creation of a second...

CWE-1762020

CVE-2023-41889

MEDIUM
CVSS:5.3(Medium)

SHIRASAGI is a Content Management System. Prior to version 1.18.0, SHIRASAGI is vulnerable to a Post-Unicode normalization issue. This happens when a logical validation or a security check is performe...

CWE-1762023

CVE-2022-29812

LOW
CVSS:2.3(Low)

In JetBrains IntelliJ IDEA before 2022.1 notification mechanisms about using Unicode directionality formatting characters were insufficient

CWE-1762022