Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zoom zoom vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2019-19810
Zoom Call Recording 6.3.1 from Eleveo is vulnerable to Java Deserialization attacks targeting the inbuilt RMI service. A remote unauthenticated attacker can exploit this vulnerability by sending crafted RMI requests to execute arbitrary code on the target host.
Eleveo Call Recording 6.3.1
10
CVSSv2
CVE-2021-33907
The Zoom Client for Meetings for Windows in all versions prior to 5.3.0 fails to properly validate the certificate information used to sign .msi files when performing an update of the client. This could lead to remote code execution in an elevated privileged context.
Zoom Meetings
10
CVSSv2
CVE-2019-16273
DTEN D5 and D7 prior to 1.3.4 devices allow unauthenticated root shell access through Android Debug Bridge (adb), leading to arbitrary code execution and system administration. Also, this provides a covert ability to capture screen data from the Zoom Client on Windows by executin...
Dten D5 Firmware
Dten D7 Firmware
10
CVSSv2
CVE-2004-0680
Zoom X3 ADSL modem has a terminal running on port 254 that can be accessed using the default HTML management password, even if the password has been changed for the HTTP interface, which could allow remote malicious users to gain unauthorized access.
Zoom Model 5560 X3 Ethernet Adsl Modem
9.3
CVSSv2
CVE-2017-15049
The ZoomLauncher binary in the Zoom client for Linux prior to 2.0.115900.1201 does not properly sanitize user input when constructing a shell command, which allows remote malicious users to execute arbitrary code by leveraging the zoommtg:// scheme handler.
Zoom Zoom
1 EDB exploit
9.3
CVSSv2
CVE-2009-0076
Microsoft Internet Explorer 7, when XHTML strict mode is used, allows remote malicious users to execute arbitrary code via the zoom style directive in conjunction with unspecified other directives in a malformed Cascading Style Sheets (CSS) stylesheet in a crafted HTML document, ...
Microsoft Internet Explorer 7
3 EDB exploits
9.3
CVSSv2
CVE-2008-4922
Buffer overflow in the DjVu ActiveX Control 3.0 for Microsoft Office (DjVu_ActiveX_MSOffice.dll) allows remote malicious users to execute arbitrary code via a long (1) ImageURL property, and possibly the (2) Mode, (3) Page, or (4) Zoom properties.
Djvu Activex Control For Microsoft Office 2000
2 EDB exploits
9
CVSSv2
CVE-2021-34417
The network proxy page on the web portal for the Zoom On-Premise Meeting Connector Controller before version 4.6.365.20210703, Zoom On-Premise Meeting Connector MMR before version 4.6.365.20210703, Zoom On-Premise Recording Connector before version 3.8.45.20210703, Zoom On-Premis...
Zoom Zoom On-premise Meeting Connector Controller
Zoom Zoom On-premise Meeting Connector Mmr
Zoom Zoom On-premise Recording Connector
Zoom Zoom On-premise Virtual Room Connector
Zoom Zoom On-premise Virtual Room Connector Load Balancer
9
CVSSv2
CVE-2021-30480
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated malicious users to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is speci...
Zoom Chat
9
CVSSv2
CVE-2019-18822
A privilege escalation vulnerability in ZOOM Call Recording 6.3.1 allows its user account (i.e., the account under which the program runs - by default, the callrec account) to elevate privileges to root by abusing the callrec-rs@.service. The callrec-rs@.service starts the /opt/c...
Eleveo Call Recording 6.3.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »