Posted on

Microsoft Windows 7 SP1/Server 2008 R2 SP1/Server 2008 SP2 GDI information disclosure

A vulnerability classified as problematic was found in Microsoft Windows 7 SP1/Server 2008 SP2/Server 2008 R2 SP1 (Operating System). This vulnerability affects some unknown functionality of the component GDI. Applying a patch is able to eliminate this problem. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Posted on

Zoom/RingCentral Client on MacOS Web Server Video Call privilege escalation

A vulnerability was found in Zoom/RingCentral Client on MacOS (Unified Communication Software) (the affected version unknown). It has been classified as critical. This affects an unknown code block of the component Web Server. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Posted on

Python up to 2.7.16 on Windows MSI Installer C:Python27 privilege escalation [Disputed]

A vulnerability classified as critical was found in Python up to 2.7.16 on Windows (Programming Language Software). Affected by this vulnerability is an unknown functionality of the file C:Python27 of the component MSI Installer. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Posted on

Tootdon for Mastodon up to 3.4.1 on Android X.509 Certificate Validation Crafted Certificate Man-in-the-Middle weak authentication

A vulnerability, which was classified as critical, has been found in Tootdon for Mastodon up to 3.4.1 on Android (Android App Software). Affected by this issue is an unknown functionality of the component X.509 Certificate Validation. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.