Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Zoom
(Zoom)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 51 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-11-14 | CVE-2023-39206 | Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access. | Meetings, Rooms, Video_software_development_kit, Virtual_desktop_infrastructure, Zoom | 7.5 | ||
| 2023-11-15 | CVE-2023-43588 | Insufficient control flow management in some Zoom clients may allow an authenticated user to conduct an information disclosure via network access. | Meetings, Virtual_desktop_infrastructure, Zoom | 6.5 | ||
| 2023-11-15 | CVE-2023-43582 | Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation of privilege via network access. | Meetings, Rooms, Virtual_desktop_infrastructure, Zoom | 8.8 | ||
| 2019-07-09 | CVE-2019-13449 | In the Zoom Client before 4.4.2 on macOS, remote attackers can cause a denial of service (continual focus grabs) via a sequence of invalid launch?action=join&confno= requests to localhost port 19421. | Zoom | 6.5 | ||
| 2019-07-09 | CVE-2019-13450 | In the Zoom Client through 4.4.4 and RingCentral 7.0.136380.0312 on macOS, remote attackers can force a user to join a video call with the video camera active. This occurs because any web site can interact with the Zoom web server on localhost port 19421 or 19424. NOTE: a machine remains vulnerable if the Zoom Client was installed in the past and then uninstalled. Blocking exploitation requires additional steps, such as the ZDisableVideo preference and/or killing the web server, deleting the... | Ringcentral, Zoom | 6.5 | ||
| 2023-09-12 | CVE-2023-39215 | Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of service via network access. | Meeting_software_development_kit, Virtual_desktop_infrastructure, Zoom | 6.5 | ||
| 2023-09-12 | CVE-2023-39208 | Improper input validation in Zoom Desktop Client for Linux before version 5.15.10 may allow an unauthenticated user to conduct a denial of service via network access. | Zoom | 7.5 | ||
| 2023-08-08 | CVE-2023-39209 | Improper input validation in Zoom Desktop Client for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via network access. | Zoom | 6.5 | ||
| 2023-08-08 | CVE-2023-39211 | Improper privilege management in Zoom Desktop Client for Windows and Zoom Rooms for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via local access. | Rooms, Zoom | 7.8 | ||
| 2023-08-08 | CVE-2023-39213 | Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client before 5.15.2 may allow an unauthenticated user to enable an escalation of privilege via network access. | Virtual_desktop_infrastructure, Zoom | 9.8 |