Filtered by vendor Zoom
Subscriptions
Filtered by product Rooms
Subscriptions
Total
49 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-39824 | 1 Zoom | 6 Meeting Software Development Kit, Rooms, Rooms Controller and 3 more | 2024-09-04 | 4.9 Medium |
| Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access. | ||||
| CVE-2024-39823 | 1 Zoom | 6 Meeting Software Development Kit, Rooms, Rooms Controller and 3 more | 2024-09-04 | 4.9 Medium |
| Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access. | ||||
| CVE-2024-39822 | 1 Zoom | 5 Meeting Software Development Kit, Rooms, Rooms Controller and 2 more | 2024-09-04 | 6.5 Medium |
| Sensitive information exposure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct an information disclosure via network access. | ||||
| CVE-2023-43591 | 1 Zoom | 1 Rooms | 2024-08-29 | 7.8 High |
| Improper privilege management in Zoom Rooms for macOS before version 5.16.0 may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2023-43590 | 1 Zoom | 1 Rooms | 2024-08-29 | 7.8 High |
| Link following in Zoom Rooms for macOS before version 5.16.0 may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2023-39206 | 1 Zoom | 5 Meetings, Rooms, Video Software Development Kit and 2 more | 2024-08-29 | 3.7 Low |
| Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access. | ||||
| CVE-2023-39202 | 1 Zoom | 2 Rooms, Virtual Desktop Infrastructure | 2024-08-29 | 3.1 Low |
| Untrusted search path in Zoom Rooms Client for Windows and Zoom VDI Client may allow a privileged user to conduct a denial of service via local access. | ||||
| CVE-2023-39204 | 1 Zoom | 5 Meetings, Rooms, Video Software Development Kit and 2 more | 2024-08-29 | 4.3 Medium |
| Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access. | ||||
| CVE-2024-42438 | 1 Zoom | 6 Meeting Software Development Kit, Rooms, Rooms Controller and 3 more | 2024-08-29 | 6.5 Medium |
| Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access. | ||||
| CVE-2024-42440 | 1 Zoom | 4 Macos Meeting Sdk, Meeting Software Development Kit, Rooms and 1 more | 2024-08-28 | 6.2 Medium |
| Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access. | ||||
| CVE-2024-42441 | 1 Zoom | 4 Macos Meeting Sdk, Meeting Software Development Kit, Rooms and 1 more | 2024-08-28 | 6.2 Medium |
| Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access. | ||||
| CVE-2021-34411 | 1 Zoom | 1 Rooms | 2024-08-04 | 7.8 High |
| During the installation process forZoom Rooms for Conference Room for Windows before version 5.3.0 it is possible to launch Internet Explorer with elevated privileges. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege escalation. | ||||
| CVE-2022-36929 | 1 Zoom | 1 Rooms | 2024-08-03 | 7.8 High |
| The Zoom Rooms Installer for Windows prior to 5.12.6 contains a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability during the install process to escalate their privileges to the SYSTEM user. | ||||
| CVE-2022-36930 | 1 Zoom | 1 Rooms | 2024-08-03 | 8.8 High |
| Zoom Rooms for Windows installers before version 5.13.0 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability in an attack chain to escalate their privileges to the SYSTEM user. | ||||
| CVE-2022-36926 | 1 Zoom | 1 Rooms | 2024-08-03 | 8.8 High |
| Zoom Rooms for macOS clients before version 5.11.3 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability to escalate their privileges to root. | ||||
| CVE-2022-36925 | 1 Zoom | 1 Rooms | 2024-08-03 | 4.4 Medium |
| Zoom Rooms for macOS clients before version 5.11.4 contain an insecure key generation mechanism. The encryption key used for IPC between the Zoom Rooms daemon service and the Zoom Rooms client was generated using parameters that could be obtained by a local low-privileged application. That key can then be used to interact with the daemon service to execute privileged functions and cause a local denial of service. | ||||
| CVE-2022-36927 | 1 Zoom | 1 Rooms | 2024-08-03 | 8.8 High |
| Zoom Rooms for macOS clients before version 5.11.3 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability to escalate their privileges to root. | ||||
| CVE-2023-39214 | 1 Zoom | 3 Meeting Software Development Kit, Rooms, Zoom | 2024-08-02 | 7.6 High |
| Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated user to enable a denial of service via network access. | ||||
| CVE-2023-39212 | 1 Zoom | 1 Rooms | 2024-08-02 | 7.9 High |
| Untrusted search path in Zoom Rooms for Windows before version 5.15.5 may allow an authenticated user to enable a denial of service via local access. | ||||
| CVE-2023-39218 | 1 Zoom | 3 Rooms, Virtual Desktop Infrastructure, Zoom | 2024-08-02 | 6.1 Medium |
| Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privileged user to enable information disclosure via network access. | ||||