CVE-2024-23917 – Qualys ThreatPROTECT

Improper Input Validation vulnerability in Zoom Windows Apps (CVE-2024-24691)

Posted by Diksha Ojha on February 15, 2024February 15, 2024

Zoom addressed a vulnerability that impacts the Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows. Tracked as CVE-2024-24691, the vulnerability has a critical severity with a CVSS score 9.6. The vulnerability may allow an unauthenticated user to escalate privilege with the help of network access.

JetBrains TeamCity On-Premises Authentication Bypass vulnerability (CVE-2024-23917)

Posted by Diksha Ojha on February 7, 2024February 7, 2024

JetBrains has released a patch to address a critical flaw tracked as CVE-2024-23917. The vulnerability in TeamCity On-Premises may allow an attacker to gain admin privileges on successful exploitation.