Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zoom vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-24695
Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an authenticated user to conduct a disclosure of information via network access.
NA
CVE-2024-24696
Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an authenticated user to conduct a disclosure of information via network access.
NA
CVE-2024-24697
Untrusted search path in some Zoom 32 bit Windows clients may allow an authenticated user to conduct an escalation of privilege via local access.
NA
CVE-2024-24698
Improper authentication in some Zoom clients may allow a privileged user to conduct a disclosure of information via local access.
NA
CVE-2024-24699
Business logic error in some Zoom clients may allow an authenticated user to conduct information disclosure via network access.
6.5
CVSSv3
CVE-2022-41619
Missing Authorization vulnerability in SedLex Image Zoom.This issue affects Image Zoom: from n/a up to and including 1.8.8.
Sedlex Image Zoom
5.3
CVSSv3
CVE-2024-0236
The EventON WordPress plugin prior to 4.5.5, EventON WordPress plugin prior to 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve the settings of arbitrary virtual events, including any meeting password set (for example for Zoom)
Myeventon Eventon
7.8
CVSSv3
CVE-2023-49647
Improper access control in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows before version 5.16.10 may allow an authenticated user to conduct an escalation of privilege via local access.
Zoom Zoom
Zoom Video Software Development Kit
Zoom Meeting Software Development Kit
Zoom Virtual Desktop Infrastructure
9.8
CVSSv3
CVE-2023-51423
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saleswonder Team Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition.This issue affects Webinar Plugin: Creat...
Saleswonder Webinarignition
8.8
CVSSv3
CVE-2023-51422
Deserialization of Untrusted Data vulnerability in Saleswonder Team Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition.This issue affects Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoo...
Saleswonder Webinarignition
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »