DevDojo Voyager through version 1.8.0 is vulnerable to reflected XSS via /admin/compass. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Symlink following in the installer for Zoom Workplace App for macOS before 6.2.10 may allow an authenticated user to conduct a denial of service via local access. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds write in some Zoom Workplace Apps may allow an authorized user to conduct a loss of integrity via network access. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.