Filtered by vendor Zoom
Subscriptions
Total
181 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-0147 | 1 Zoom | 4 Meeting Software Development Kit, Video Software Development Kit, Workplace App and 1 more | 2025-08-01 | 8.8 High |
| Type confusion in the Zoom Workplace App for Linux before 6.2.10 may allow an authorized user to conduct an escalation of privilege via network access. | ||||
| CVE-2024-27247 | 1 Zoom | 2 Workplace Desktop, Zoom | 2025-07-31 | 5.5 Medium |
| Improper privilege management in the installer for Zoom Desktop Client for macOS before version 5.17.10 may allow a privileged user to conduct an escalation of privilege via local access. | ||||
| CVE-2024-27242 | 1 Zoom | 1 Zoom | 2025-07-31 | 4.1 Medium |
| Cross site scripting in Zoom Desktop Client for Linux before version 5.17.10 may allow an authenticated user to conduct a denial of service via network access. | ||||
| CVE-2024-24694 | 1 Zoom | 2 Workplace Desktop, Zoom | 2025-07-31 | 5.9 Medium |
| Improper privilege management in the installer for Zoom Desktop Client for Windows before version 5.17.10 may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2025-0143 | 1 Zoom | 3 Meeting Software Development Kit, Video Software Development Kit, Workplace Desktop | 2025-07-31 | 4.3 Medium |
| Out-of-bounds write in the Zoom Workplace App for Linux before version 6.2.5 may allow an unauthorized user to conduct a denial of service via network access. | ||||
| CVE-2025-0151 | 1 Zoom | 1 Workplace App | 2025-06-17 | 8.5 High |
| Use after free in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access. | ||||
| CVE-2023-43591 | 1 Zoom | 1 Rooms | 2025-06-11 | 7.8 High |
| Improper privilege management in Zoom Rooms for macOS before version 5.16.0 may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2023-49647 | 2 Microsoft, Zoom | 5 Windows, Meeting Software Development Kit, Video Software Development Kit and 2 more | 2025-06-03 | 8.8 High |
| Improper access control in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows before version 5.16.10 may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2022-28762 | 1 Zoom | 1 Meetings | 2025-05-14 | 7.3 High |
| Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with 5.10.6 and prior to 5.12.0 contains a debugging port misconfiguration. When camera mode rendering context is enabled as part of the Zoom App Layers API by running certain Zoom Apps, a local debugging port is opened by the Zoom client. A local malicious user could use this debugging port to connect to and control the Zoom Apps running in the Zoom client. | ||||
| CVE-2022-28760 | 1 Zoom | 1 Zoom On-premise Meeting Connector Mmr | 2025-05-14 | 6.5 Medium |
| Zoom On-Premise Meeting Connector MMR before version 4.8.20220815.130 contains an improper access control vulnerability. As a result, a malicious actor could obtain the audio and video feed of a meeting they were not authorized to join and cause other meeting disruptions. | ||||
| CVE-2022-28759 | 1 Zoom | 1 Zoom On-premise Meeting Connector Mmr | 2025-05-14 | 8.2 High |
| Zoom On-Premise Meeting Connector MMR before version 4.8.20220815.130 contains an improper access control vulnerability. As a result, a malicious actor could obtain the audio and video feed of a meeting they were not authorized to join and cause other meeting disruptions. | ||||
| CVE-2022-28761 | 1 Zoom | 1 Zoom On-premise Meeting Connector Mmr | 2025-05-14 | 6.5 Medium |
| Zoom On-Premise Meeting Connector MMR before version 4.8.20220916.131 contains an improper access control vulnerability. As a result, a malicious actor in a meeting or webinar they are authorized to join could prevent participants from receiving audio and video causing meeting disruptions. | ||||
| CVE-2024-24691 | 1 Zoom | 4 Meeting Software Development Kit, Rooms, Vdi Windows Meeting Clients and 1 more | 2025-05-12 | 9.6 Critical |
| Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access. | ||||
| CVE-2024-24697 | 1 Zoom | 4 Meeting Software Development Kit, Rooms, Vdi Windows Meeting Clients and 1 more | 2025-05-08 | 7.2 High |
| Untrusted search path in some Zoom 32 bit Windows clients may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2022-28763 | 1 Zoom | 3 Meetings, Rooms For Conference Rooms, Virtual Desktop Infrastructure | 2025-05-02 | 8.8 High |
| The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.2 is susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL is opened, the malicious link may direct the user to connect to an arbitrary network address, leading to additional attacks including session takeovers. | ||||
| CVE-2022-28768 | 1 Zoom | 1 Meetings | 2025-04-29 | 8.8 High |
| The Zoom Client for Meetings Installer for macOS (Standard and for IT Admin) before version 5.12.6 contains a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability during the install process to escalate their privileges to root. | ||||
| CVE-2022-28766 | 1 Zoom | 2 Meetings, Rooms | 2025-04-29 | 3.3 Low |
| Windows 32-bit versions of the Zoom Client for Meetings before 5.12.6 and Zoom Rooms for Conference Room before version 5.12.6 are susceptible to a DLL injection vulnerability. A local low-privileged user could exploit this vulnerability to run arbitrary code in the context of the Zoom client. | ||||
| CVE-2022-28764 | 1 Zoom | 3 Meetings, Rooms, Vdi Windows Meeting Clients | 2025-04-29 | 3.3 Low |
| The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.6 is susceptible to a local information exposure vulnerability. A failure to clear data from a local SQL database after a meeting ends and the usage of an insufficiently secure per-device key encrypting that database results in a local malicious user being able to obtain meeting information such as in-meeting chat for the previous meeting attended from that local user account. | ||||
| CVE-2022-36924 | 1 Zoom | 1 Rooms | 2025-04-28 | 8.8 High |
| The Zoom Rooms Installer for Windows prior to 5.12.6 contains a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability during the install process to escalate their privileges to the SYSTEM user. | ||||
| CVE-2017-15049 | 1 Zoom | 1 Zoom | 2025-04-20 | 8.8 High |
| The ZoomLauncher binary in the Zoom client for Linux before 2.0.115900.1201 does not properly sanitize user input when constructing a shell command, which allows remote attackers to execute arbitrary code by leveraging the zoommtg:// scheme handler. | ||||