Zoom Security Vulnerabilities
Insufficient verification of data authenticity in the installer for Zoom Workplace VDI App for Windows may allow an authenticated user to conduct an escalation of privilege via local...
6.7CVSS
7.5AI Score
0.0004EPSS
The eRoom – Zoom Meetings & Webinars plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.18 via the search_posts function. This makes it possible for authenticated attackers, with subscriber access and higher, to obtain post excerpts...
4.3CVSS
6.7AI Score
0.0004EPSS
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Deepen Bajracharya Video Conferencing with Zoom.This issue affects Video Conferencing with Zoom: from n/a through...
4.7CVSS
7.3AI Score
0.001EPSS
Server-Side Request Forgery (SSRF) vulnerability in Wappointment Appointment Bookings for Zoom GoogleMeet and more – Wappointment.This issue affects Appointment Bookings for Zoom GoogleMeet and more – Wappointment: from n/a through...
7.5AI Score
0.0004EPSS
The Video Conferencing with Zoom plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.4.5 via the get_assign_host_id AJAX action. This makes it possible for authenticated attackers, with subscriber access or higher, to enumerate usernames,...
4.3CVSS
6.8AI Score
0.0004EPSS
Cross site scripting in Zoom Desktop Client for Linux before version 5.17.10 may allow an authenticated user to conduct a denial of service via network...
4.1CVSS
6.8AI Score
0.0004EPSS
Improper privilege management in the installer for Zoom Desktop Client for macOS before version 5.17.10 may allow a privileged user to conduct an escalation of privilege via local...
5.5CVSS
7.4AI Score
0.0004EPSS
Improper privilege management in the installer for Zoom Desktop Client for Windows before version 5.17.10 may allow an authenticated user to conduct an escalation of privilege via local...
5.9CVSS
7.5AI Score
0.0004EPSS
Race condition in the installer for Zoom Rooms Client for Windows before version 5.17.5 may allow an authenticated user to conduct a denial of service via local...
4.7CVSS
7AI Score
0.0004EPSS
Improper access control in the installer for Zoom Rooms Client for Windows before version 5.17.5 may allow an authenticated user to conduct a denial of service via local...
5.5CVSS
7AI Score
0.0004EPSS
The Video Conferencing with Zoom plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'zoom_recordings_by_meeting' shortcode in all versions up to, and including, 4.4.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes.....
6.4CVSS
6.1AI Score
0.0004EPSS
Business logic error in some Zoom clients may allow an authenticated user to conduct information disclosure via network...
6.5CVSS
6.7AI Score
0.0004EPSS
Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an authenticated user to conduct a disclosure of information via network...
6.8CVSS
6.8AI Score
0.0004EPSS
Untrusted search path in some Zoom 32 bit Windows clients may allow an authenticated user to conduct an escalation of privilege via local...
7.2CVSS
7.5AI Score
0.0004EPSS
Improper authentication in some Zoom clients may allow a privileged user to conduct a disclosure of information via local...
4.9CVSS
6.9AI Score
0.0004EPSS
Improper input validation in some Zoom clients may allow an authenticated user to conduct a denial of service via network...
5.4CVSS
7.1AI Score
0.0004EPSS
Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an escalation of privilege via network...
9.6CVSS
8AI Score
0.0004EPSS
Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an authenticated user to conduct a disclosure of information via network...
6.8CVSS
6.8AI Score
0.0004EPSS
Missing Authorization vulnerability in SedLex Image Zoom.This issue affects Image Zoom: from n/a through...
6.5CVSS
7.2AI Score
0.0005EPSS
Improper access control in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows before version 5.16.10 may allow an authenticated user to conduct an escalation of privilege via local...
7.8CVSS
7.6AI Score
0.0004EPSS
Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated user to conduct a denial of service via network...
6.5CVSS
7.3AI Score
0.0004EPSS
Cryptographic issues Zoom Mobile App for Android, Zoom Mobile App for iOS, and Zoom SDKs for Android and iOS before version 5.16.0 may allow a privileged user to conduct a disclosure of information via network...
4.9CVSS
6.7AI Score
0.0005EPSS
Improper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS before version 5.16.5 may allow an authenticated user to conduct a disclosure of information via network...
6.5CVSS
6.6AI Score
0.0005EPSS
Path traversal in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows may allow an authenticated user to conduct an escalation of privilege via network...
8.8CVSS
7.7AI Score
0.0005EPSS
Improper privilege management in Zoom Rooms for macOS before version 5.16.0 may allow an authenticated user to conduct an escalation of privilege via local...
7.8CVSS
7.5AI Score
0.0004EPSS
Link following in Zoom Rooms for macOS before version 5.16.0 may allow an authenticated user to conduct an escalation of privilege via local...
7.8CVSS
7.5AI Score
0.0004EPSS
Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation of privilege via network...
8.8CVSS
7.8AI Score
0.001EPSS
Insufficient control flow management in some Zoom clients may allow an authenticated user to conduct an information disclosure via network...
6.5CVSS
6.8AI Score
0.0005EPSS
Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network...
7.5CVSS
7.7AI Score
0.001EPSS
Uncontrolled resource consumption in Zoom Team Chat for Zoom Desktop Client for Windows and Zoom VDI Client may allow an unauthenticated user to conduct a disclosure of information via network...
7.5CVSS
7.2AI Score
0.001EPSS
Cryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to conduct an information disclosure via network...
6.5CVSS
6.9AI Score
0.0005EPSS
Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network...
7.5CVSS
7.7AI Score
0.001EPSS
Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to conduct a denial of service via network...
6.5CVSS
7.2AI Score
0.0004EPSS
Untrusted search path in Zoom Rooms Client for Windows and Zoom VDI Client may allow a privileged user to conduct a denial of service via local...
5.5CVSS
7.2AI Score
0.0004EPSS
Improper input validation in Zoom Desktop Client for Linux before version 5.15.10 may allow an unauthenticated user to conduct a denial of service via network...
7.5CVSS
7.4AI Score
0.001EPSS
Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of service via network...
6.5CVSS
6.4AI Score
0.0004EPSS
Improper privilege management in Zoom Desktop Client for Windows and Zoom Rooms for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via local...
7.8CVSS
7.2AI Score
0.0004EPSS
Cleartext storage of sensitive information in Zoom Client SDK for Windows before 5.15.0 may allow an authenticated user to enable an information disclosure via local...
5.5CVSS
5.1AI Score
0.0004EPSS
Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated user to enable a denial of service via network...
8.1CVSS
7.7AI Score
0.0005EPSS
Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client before 5.15.2 may allow an unauthenticated user to enable an escalation of privilege via network...
9.8CVSS
9.6AI Score
0.001EPSS
Untrusted search path in Zoom Rooms for Windows before version 5.15.5 may allow an authenticated user to enable a denial of service via local...
5.5CVSS
5.3AI Score
0.0004EPSS
Improper input validation in Zoom Desktop Client for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via network...
6.5CVSS
6.1AI Score
0.0005EPSS
Improper input validation in Zoom Desktop Client for Windows before 5.14.7 may allow an unauthenticated user to enable an escalation of privilege via network...
9.8CVSS
9.6AI Score
0.001EPSS
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privileged user to enable information disclosure via network...
4.9CVSS
4.8AI Score
0.0005EPSS
Improper input validation in Zoom SDK’s before 5.14.10 may allow an unauthenticated user to enable a denial of service via network...
7.5CVSS
7.4AI Score
0.001EPSS
Insufficient verification of data authenticity in Zoom Desktop Client for Windows before 5.14.5 may allow an authenticated user to enable an escalation of privilege via network...
8.8CVSS
8.8AI Score
0.001EPSS
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enable information disclosure via network...
6.5CVSS
6.1AI Score
0.0005EPSS
Untrusted search path in the installer for Zoom Desktop Client for Windows before 5.14.5 may allow an authenticated user to enable an escalation of privilege via local...
7.8CVSS
7.8AI Score
0.0004EPSS
Uncontrolled resource consumption in Zoom SDKs before 5.14.7 may allow an unauthenticated user to enable a denial of service via network...
7.5CVSS
7.4AI Score
0.001EPSS
Path traversal in Zoom Desktop Client for Windows before 5.14.7 may allow an unauthenticated user to enable an escalation of privilege via network...
9.8CVSS
9.6AI Score
0.001EPSS