Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zoom zoom vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-34116
Improper input validation in the Zoom Desktop Client for Windows before version 5.15.0 may allow an unauthorized user to enable an escalation of privilege via network access.
Zoom Zoom
8.8
CVSSv3
CVE-2023-34113
Insufficient verification of data authenticity in Zoom for Windows clients prior to 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via network access.
Zoom Zoom
8.8
CVSSv3
CVE-2023-34121
Improper input validation in the Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting clients prior to 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via network access.
Zoom Zoom
Zoom Rooms
Zoom Virtual Desktop Infrastructure
8.8
CVSSv3
CVE-2022-22786
The Zoom Client for Meetings for Windows before version 5.10.0 and Zoom Rooms for Conference Room for Windows before version 5.10.0, fails to properly check the installation version during the update process. This issue could be used in a more sophisticated attack to trick a user...
Zoom Meetings
Zoom Rooms
8.8
CVSSv3
CVE-2021-30480
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated malicious users to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is speci...
Zoom Chat
8.8
CVSSv3
CVE-2020-6110
An exploitable partial path traversal vulnerability exists in the way Zoom Client version 4.6.10 processes messages including shared code snippets. A specially crafted chat message can cause an arbitrary binary planting which could be abused to achieve arbitrary code execution. A...
Zoom Zoom 4.6.10
1 Article
8.8
CVSSv3
CVE-2019-18822
A privilege escalation vulnerability in ZOOM Call Recording 6.3.1 allows its user account (i.e., the account under which the program runs - by default, the callrec account) to elevate privileges to root by abusing the callrec-rs@.service. The callrec-rs@.service starts the /opt/c...
Eleveo Call Recording 6.3.1
8.8
CVSSv3
CVE-2019-13567
The Zoom Client prior to 4.4.53932.0709 on macOS allows remote code execution, a different vulnerability than CVE-2019-13450. If the ZoomOpener daemon (aka the hidden web server) is running, but the Zoom Client is not installed or can't be opened, an attacker can remotely ex...
Zoom Zoom
8.8
CVSSv3
CVE-2017-15048
Stack-based buffer overflow in the ZoomLauncher binary in the Zoom client for Linux prior to 2.0.115900.1201 allows remote malicious users to execute arbitrary code by leveraging the zoommtg:// scheme handler.
Zoom Zoom
1 EDB exploit
8.8
CVSSv3
CVE-2017-15049
The ZoomLauncher binary in the Zoom client for Linux prior to 2.0.115900.1201 does not properly sanitize user input when constructing a shell command, which allows remote malicious users to execute arbitrary code by leveraging the zoommtg:// scheme handler.
Zoom Zoom
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »