Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zoom vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-28601
Zoom for Windows clients before 5.14.0 contain an improper restriction of operations within the bounds of a memory buffer vulnerability. A malicious user may alter protected Zoom Client memory buffer potentially causing integrity issues within the Zoom Client.
Zoom Zoom
NA
CVE-2023-28602
Zoom for Windows clients before 5.13.5 contain an improper verification of cryptographic signature vulnerability. A malicious user may potentially downgrade Zoom Client components to previous versions.
Zoom Zoom
NA
CVE-2023-28603
Zoom VDI client installer before 5.14.0 contains an improper access control vulnerability. A malicious user may potentially delete local files without proper permissions.
Zoom Virtual Desktop Infrastructure
NA
CVE-2023-34113
Insufficient verification of data authenticity in Zoom for Windows clients prior to 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via network access.
Zoom Zoom
NA
CVE-2023-34120
Improper privilege management in Zoom for Windows, Zoom Rooms for Windows, and Zoom VDI for Windows clients prior to 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via local access. Users may potentially utilize higher level system privil...
Zoom Virtual Desktop Infrastructure
NA
CVE-2023-34121
Improper input validation in the Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting clients prior to 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via network access.
Zoom Zoom
Zoom Rooms
Zoom Virtual Desktop Infrastructure
NA
CVE-2023-34122
Improper input validation in the installer for Zoom for Windows clients prior to 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via local access.
Zoom Zoom
NA
CVE-2023-28598
Zoom for Linux clients before 5.13.10 contain an HTML injection vulnerability. If a victim starts a chat with a malicious user it could result in a Zoom application crash.
Zoom Zoom
NA
CVE-2023-28599
Zoom clients before 5.13.10 contain an HTML injection vulnerability. A malicious user could inject HTML into their display name potentially leading a victim to a malicious website during meeting creation.
Zoom Zoom
NA
CVE-2023-28597
Zoom clients before 5.13.5 contain an improper trust boundary implementation vulnerability. If a victim saves a local recording to an SMB location and later opens it using a link from Zoom’s web portal, an attacker positioned on an adjacent network to the victim client coul...
Zoom Rooms
Zoom Zoom
Zoom Virtual Desktop Infrastructure
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »