Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zoom zoom vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-16273
DTEN D5 and D7 prior to 1.3.4 devices allow unauthenticated root shell access through Android Debug Bridge (adb), leading to arbitrary code execution and system administration. Also, this provides a covert ability to capture screen data from the Zoom Client on Windows by executin...
Dten D5 Firmware
Dten D7 Firmware
9.8
CVSSv3
CVE-2018-20401
Zoom 5352 v5.5.8.6Y devices allow remote malicious users to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
Zoomtel 5352 Firmware 5.5.8.6y
9.8
CVSSv3
CVE-2018-15715
Zoom clients on Windows (before version 4.1.34814.1119), Mac OS (before version 4.1.34801.1116), and Linux (2.4.129780.0915 and below) are vulnerable to unauthorized message processing. A remote unauthenticated attacker can spoof UDP messages from a meeting attendee or Zoom serve...
Zoom Zoom
9.8
CVSSv3
CVE-2015-2888
Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote malicious users to bypass authentication, related to the MySnapCam web service.
Summerinfant Baby Zoom Wifi Monitor Firmware -
9.6
CVSSv3
CVE-2022-28763
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.2 is susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL is opened, the malicious link may direct the user to connect to an arbitrary network address, leading to...
Zoom Virtual Desktop Infrastructure
Zoom Meetings
Zoom Rooms For Conference Rooms
9.1
CVSSv3
CVE-2022-22785
The Zoom Client for Meetings (for Android, iOS, Linux, MacOS, and Windows) before version 5.10.0 failed to properly constrain client session cookies to Zoom domains. This issue could be used in a more sophisticated attack to send an unsuspecting users Zoom-scoped session cookies ...
Zoom Meetings
8.8
CVSSv3
CVE-2023-51422
Deserialization of Untrusted Data vulnerability in Saleswonder Team Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoom Meetings | WebinarIgnition.This issue affects Webinar Plugin: Create live/evergreen/automated/instant webinars, stream & Zoo...
Saleswonder Webinarignition
8.8
CVSSv3
CVE-2023-43586
Path traversal in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows may allow an authenticated user to conduct an escalation of privilege via network access.
Zoom Meeting Software Development Kit
Zoom Video Software Development Kit
Zoom Virtual Desktop Infrastructure
Zoom Zoom
8.8
CVSSv3
CVE-2023-43582
Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation of privilege via network access.
Zoom Meetings
Zoom Virtual Desktop Infrastructure
Zoom Rooms
Zoom Zoom
8.8
CVSSv3
CVE-2023-36541
Insufficient verification of data authenticity in Zoom Desktop Client for Windows prior to 5.14.5 may allow an authenticated user to enable an escalation of privilege via network access.
Zoom Zoom
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »