Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zoom zoom vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2023-34120
Improper privilege management in Zoom for Windows, Zoom Rooms for Windows, and Zoom VDI for Windows clients prior to 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via local access. Users may potentially utilize higher level system privil...
Zoom Virtual Desktop Infrastructure
8.8
CVSSv3
CVE-2023-34121
Improper input validation in the Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting clients prior to 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via network access.
Zoom Zoom
Zoom Rooms
Zoom Virtual Desktop Infrastructure
7.8
CVSSv3
CVE-2023-34122
Improper input validation in the installer for Zoom for Windows clients prior to 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via local access.
Zoom Zoom
5.4
CVSSv3
CVE-2023-28600
Zoom for MacOSclients before 5.14.0 contain an improper access control vulnerability. A malicious user may be able to delete/replace Zoom Client files potentially causing a loss of integrity and availability to the Zoom Client.
Zoom Zoom
6.5
CVSSv3
CVE-2023-28601
Zoom for Windows clients before 5.14.0 contain an improper restriction of operations within the bounds of a memory buffer vulnerability. A malicious user may alter protected Zoom Client memory buffer potentially causing integrity issues within the Zoom Client.
Zoom Zoom
7.7
CVSSv3
CVE-2023-28602
Zoom for Windows clients before 5.13.5 contain an improper verification of cryptographic signature vulnerability. A malicious user may potentially downgrade Zoom Client components to previous versions.
Zoom Zoom
7.1
CVSSv3
CVE-2023-28603
Zoom VDI client installer before 5.14.0 contains an improper access control vulnerability. A malicious user may potentially delete local files without proper permissions.
Zoom Virtual Desktop Infrastructure
6.5
CVSSv3
CVE-2023-28598
Zoom for Linux clients before 5.13.10 contain an HTML injection vulnerability. If a victim starts a chat with a malicious user it could result in a Zoom application crash.
Zoom Zoom
4.3
CVSSv3
CVE-2023-28599
Zoom clients before 5.13.10 contain an HTML injection vulnerability. A malicious user could inject HTML into their display name potentially leading a victim to a malicious website during meeting creation.
Zoom Zoom
7.8
CVSSv3
CVE-2023-28596
Zoom Client for IT Admin macOS installers before version 5.13.5 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability in an attack chain during the installation process to escalate their privileges to privileges to root.
Zoom Meetings
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »