Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zoom vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-34116
Improper input validation in the Zoom Desktop Client for Windows before version 5.15.0 may allow an unauthorized user to enable an escalation of privilege via network access.
Zoom Zoom
NA
CVE-2023-34122
Improper input validation in the installer for Zoom for Windows clients prior to 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via local access.
Zoom Zoom
6.8
CVSSv2
CVE-2017-15048
Stack-based buffer overflow in the ZoomLauncher binary in the Zoom client for Linux prior to 2.0.115900.1201 allows remote malicious users to execute arbitrary code by leveraging the zoommtg:// scheme handler.
Zoom Zoom
1 EDB exploit
9.3
CVSSv2
CVE-2017-15049
The ZoomLauncher binary in the Zoom client for Linux prior to 2.0.115900.1201 does not properly sanitize user input when constructing a shell command, which allows remote malicious users to execute arbitrary code by leveraging the zoommtg:// scheme handler.
Zoom Zoom
1 EDB exploit
4.3
CVSSv2
CVE-2019-13449
In the Zoom Client prior to 4.4.2 on macOS, remote attackers can cause a denial of service (continual focus grabs) via a sequence of invalid launch?action=join&confno= requests to localhost port 19421.
Zoom Zoom
NA
CVE-2023-36534
Path traversal in Zoom Desktop Client for Windows prior to 5.14.7 may allow an unauthenticated user to enable an escalation of privilege via network access.
Zoom Zoom
NA
CVE-2023-36540
Untrusted search path in the installer for Zoom Desktop Client for Windows prior to 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access.
Zoom Zoom
NA
CVE-2023-36541
Insufficient verification of data authenticity in Zoom Desktop Client for Windows prior to 5.14.5 may allow an authenticated user to enable an escalation of privilege via network access.
Zoom Zoom
NA
CVE-2023-28598
Zoom for Linux clients before 5.13.10 contain an HTML injection vulnerability. If a victim starts a chat with a malicious user it could result in a Zoom application crash.
Zoom Zoom
NA
CVE-2023-28599
Zoom clients before 5.13.10 contain an HTML injection vulnerability. A malicious user could inject HTML into their display name potentially leading a victim to a malicious website during meeting creation.
Zoom Zoom
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »