Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zoom meetings vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2022-22787
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.10.0 fails to properly validate the hostname during a server switch request. This issue could be used in a more sophisticated attack to trick an unsuspecting users client to connect to a m...
Zoom Meetings
1 Article
NA
CVE-2022-28756
The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and prior to 5.11.5 contains a vulnerability in the auto update process. A local low-privileged user could exploit this vulnerability to escalate their privileges to root.
Zoom Meetings
NA
CVE-2022-28757
The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and prior to 5.11.6 contains a vulnerability in the auto update process. A local low-privileged user could exploit this vulnerability to escalate their privileges to root.
Zoom Meetings
NA
CVE-2022-28762
Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with 5.10.6 and before 5.12.0 contains a debugging port misconfiguration. When camera mode rendering context is enabled as part of the Zoom App Layers API by running certain Zoom Apps, a local debugging port ...
Zoom Meetings
NA
CVE-2022-28763
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.2 is susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL is opened, the malicious link may direct the user to connect to an arbitrary network address, leading to...
Zoom Virtual Desktop Infrastructure
Zoom Meetings
Zoom Rooms For Conference Rooms
5
CVSSv2
CVE-2020-11876
airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242 for initialization of an OpenSSL EVP AES-256 CBC context. NOTE: the vendor states that this initialization only occurs within unreachable code
Zoom Meetings 4.6.11
5
CVSSv2
CVE-2020-11877
airhost.exe in Zoom Client for Meetings 4.6.11 uses 3423423432325249 as the Initialization Vector (IV) for AES-256 CBC encryption. NOTE: the vendor states that this IV is used only within unreachable code
Zoom Meetings 4.6.11
6.6
CVSSv2
CVE-2022-22782
The Zoom Client for Meetings for Windows prior to version 5.9.7, Zoom Rooms for Conference Room for Windows prior to version 5.10.0, Zoom Plugins for Microsoft Outlook for Windows prior to version 5.10.3, and Zoom VDI Windows Meeting Clients prior to version 5.9.6; was susceptibl...
Zoom Vdi Windows Meeting Clients
Zoom Rooms For Conference Rooms
Zoom Zoom Plugin For Microsoft Outlook
Zoom Meetings
4.3
CVSSv2
CVE-2022-25614
Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.7 allows an malicious user to Sync with Zoom Meetings.
Stylemixthemes Eroom - Zoom Meetings \\& Webinar
4.3
CVSSv2
CVE-2022-25615
Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.8 allows cache deletion.
Stylemixthemes Eroom - Zoom Meetings \\& Webinar
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »