Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zoom meetings vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-11877
airhost.exe in Zoom Client for Meetings 4.6.11 uses 3423423432325249 as the Initialization Vector (IV) for AES-256 CBC encryption. NOTE: the vendor states that this IV is used only within unreachable code
Zoom Meetings 4.6.11
7.5
CVSSv3
CVE-2020-11500
Zoom Client for Meetings up to and including 4.6.9 uses the ECB mode of AES for video and audio encryption. Within a meeting, all participants use a single 128-bit key.
Zoom Meetings
7.4
CVSSv3
CVE-2021-34420
The Zoom Client for Meetings for Windows installer before version 5.5.4 does not properly verify the signature of files with .msi, .ps1, and .bat extensions. This could lead to a malicious actor installing malicious software on a customer’s computer.
Zoom Zoom Client For Meetings
7.3
CVSSv3
CVE-2022-28766
Windows 32-bit versions of the Zoom Client for Meetings prior to 5.12.6 and Zoom Rooms for Conference Room before version 5.12.6 are susceptible to a DLL injection vulnerability. A local low-privileged user could exploit this vulnerability to run arbitrary code in the context of ...
Zoom Rooms
Zoom Meetings
7.1
CVSSv3
CVE-2022-22782
The Zoom Client for Meetings for Windows prior to version 5.9.7, Zoom Rooms for Conference Room for Windows prior to version 5.10.0, Zoom Plugins for Microsoft Outlook for Windows prior to version 5.10.3, and Zoom VDI Windows Meeting Clients prior to version 5.9.6; was susceptibl...
Zoom Vdi Windows Meeting Clients
Zoom Rooms For Conference Rooms
Zoom Zoom Plugin For Microsoft Outlook
Zoom Meetings
6.5
CVSSv3
CVE-2023-43588
Insufficient control flow management in some Zoom clients may allow an authenticated user to conduct an information disclosure via network access.
Zoom Meetings
Zoom Virtual Desktop Infrastructure
Zoom Zoom
6.5
CVSSv3
CVE-2023-39199
Cryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to conduct an information disclosure via network access.
Zoom Meetings
Zoom Virtual Desktop Infrastructure
Zoom Rooms
Zoom Zoom
6.5
CVSSv3
CVE-2023-39205
Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to conduct a denial of service via network access.
Zoom Meetings
Zoom Virtual Desktop Infrastructure
Zoom Zoom
Zoom Video Software Development Kit
6.5
CVSSv3
CVE-2022-22780
The Zoom Client for Meetings chat functionality was susceptible to Zip bombing attacks in the following product versions: Android before version 5.8.6, iOS before version 5.9.0, Linux before version 5.8.6, macOS before version 5.7.3, and Windows before version 5.6.3. This could l...
Zoom Meetings
6.1
CVSSv3
CVE-2022-28755
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.11.0 are susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL is opened, the malicious link may direct the user to connect to an arbitrary network address, leading t...
Zoom Zoom
Zoom Virtual Desktop Infrastructure
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »