Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zoom meetings vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2021-34412
During the installation process for all versions of the Zoom Client for Meetings for Windows prior to 5.4.0, it is possible to launch Internet Explorer. If the installer was launched with elevated privileges such as by SCCM this can result in a local privilege escalation.
Zoom Meetings
7.8
CVSSv3
CVE-2021-34409
It exists that the installation packages of the Zoom Client for Meetings for MacOS (Standard and for IT Admin) installation before version 5.2.0, Zoom Client Plugin for Sharing iPhone/iPad before version 5.2.0, and Zoom Rooms for Conference before version 5.1.0, copy pre- and pos...
Zoom Meetings
Zoom Rooms
Zoom Screen Sharing
7.8
CVSSv3
CVE-2020-11469
Zoom Client for Meetings up to and including 4.6.8 on macOS copies runwithroot to a user-writable temporary directory during installation, which allows a local process (with the user's privileges) to obtain root access by replacing runwithroot.
Zoom Meetings
7.5
CVSSv3
CVE-2023-39204
Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.
Zoom Zoom
Zoom Virtual Desktop Infrastructure
Zoom Video Software Development Kit
Zoom Meetings
Zoom Rooms
7.5
CVSSv3
CVE-2023-39206
Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.
Zoom Meetings
Zoom Virtual Desktop Infrastructure
Zoom Rooms
Zoom Zoom
Zoom Video Software Development Kit
7.5
CVSSv3
CVE-2023-36539
Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive information.
Zoom Video Software Development Kit 1.8.0
Zoom Meetings 5.15.0
Zoom Meetings 5.15.1
Zoom Zoom 5.15.0
Zoom Rooms 5.15.0
Zoom Zoom 5.15.1
Zoom Poly Ccx 700 Firmware 5.15.0
Zoom Poly Ccx 600 Firmware 5.15.0
Zoom Yealink Vp59 Firmware 5.15.0
Zoom Yealink Mp54 Firmware 5.15.0
Zoom Yealink Mp56 Firmware 5.15.0
7.5
CVSSv3
CVE-2022-22787
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.10.0 fails to properly validate the hostname during a server switch request. This issue could be used in a more sophisticated attack to trick an unsuspecting users client to connect to a m...
Zoom Meetings
1 Article
7.5
CVSSv3
CVE-2022-22781
The Zoom Client for Meetings for MacOS (Standard and for IT Admin) prior to version 5.9.6 failed to properly check the package version during the update process. This could lead to a malicious actor updating an unsuspecting user’s currently installed version to a less secur...
Zoom Meetings
7.5
CVSSv3
CVE-2021-34424
A vulnerability exists in the Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.8.4, Zoom Client for Meetings for Blackberry (for Android and iOS) before version 5.8.1, Zoom Client for Meetings for intune (for Android and iOS) before version ...
Zoom Meetings
Zoom Meetings For Blackberry
Zoom Meetings For Intune
Zoom Meetings For Chrome Os
Zoom Rooms For Conference Rooms
Zoom Controllers For Zoom Rooms
Zoom Virtual Desktop Infrastructure
Zoom Windows Meeting Sdk
Zoom Macos Meeting Sdk
Zoom Iphone Os Meeting Sdk
Zoom Android Meeting Sdk
Zoom Windows Video Sdk
Zoom Iphone Os Video Sdk
Zoom Macos Video Sdk
Zoom Android Video Sdk
Zoom Hybrid Mmr
Zoom Hybrid Zproxy
Zoom Zoom On-premise Meeting Connector Controller
Zoom Zoom On-premise Virtual Room Connector
Zoom Zoom On-premise Recording Connector
Zoom Zoom On-premise Virtual Room Connector Load Balancer
Zoom Zoom On-premise Meeting Connector Mmr
7.5
CVSSv3
CVE-2020-11876
airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242 for initialization of an OpenSSL EVP AES-256 CBC context. NOTE: the vendor states that this initialization only occurs within unreachable code
Zoom Meetings 4.6.11
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »