Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Meetings
(Zoom)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 37 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-04-17 | CVE-2020-11876 | airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242 for initialization of an OpenSSL EVP AES-256 CBC context. NOTE: the vendor states that this initialization only occurs within unreachable code | Meetings | 7.5 | ||
| 2020-04-17 | CVE-2020-11877 | airhost.exe in Zoom Client for Meetings 4.6.11 uses 3423423432325249 as the Initialization Vector (IV) for AES-256 CBC encryption. NOTE: the vendor states that this IV is used only within unreachable code | Meetings | 7.5 | ||
| 2023-11-14 | CVE-2023-39199 | Cryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to conduct an information disclosure via network access. | Meetings, Rooms, Virtual_desktop_infrastructure, Zoom | 6.5 | ||
| 2023-11-14 | CVE-2023-39204 | Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access. | Meetings, Rooms, Video_software_development_kit, Virtual_desktop_infrastructure, Zoom | 7.5 | ||
| 2023-11-14 | CVE-2023-39205 | Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to conduct a denial of service via network access. | Meetings, Video_software_development_kit, Virtual_desktop_infrastructure, Zoom | 6.5 | ||
| 2023-11-14 | CVE-2023-39206 | Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access. | Meetings, Rooms, Video_software_development_kit, Virtual_desktop_infrastructure, Zoom | 7.5 | ||
| 2023-11-15 | CVE-2023-43588 | Insufficient control flow management in some Zoom clients may allow an authenticated user to conduct an information disclosure via network access. | Meetings, Virtual_desktop_infrastructure, Zoom | 6.5 | ||
| 2023-11-15 | CVE-2023-43582 | Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation of privilege via network access. | Meetings, Rooms, Virtual_desktop_infrastructure, Zoom | 8.8 | ||
| 2022-04-28 | CVE-2022-22782 | The Zoom Client for Meetings for Windows prior to version 5.9.7, Zoom Rooms for Conference Room for Windows prior to version 5.10.0, Zoom Plugins for Microsoft Outlook for Windows prior to version 5.10.3, and Zoom VDI Windows Meeting Clients prior to version 5.9.6; was susceptible to a local privilege escalation issue during the installer repair operation. A malicious actor could utilize this to potentially delete system level files or folders, causing integrity or availability issues on the... | Meetings, Rooms_for_conference_rooms, Vdi_windows_meeting_clients, Zoom_plugin_for_microsoft_outlook | 7.1 | ||
| 2023-06-30 | CVE-2023-36539 | Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive information. | Meetings, Poly_ccx_600_firmware, Poly_ccx_700_firmware, Rooms, Video_software_development_kit, Yealink_mp54_firmware, Yealink_mp56_firmware, Yealink_vp59_firmware, Zoom | 7.5 |