18 matches found
EUVD-2022-33195
Malicious code in bioql PyPI...
Zoom Client for Meetings < 6.3.10 Insecure Default Variable Initialization Vulnerability (ZSB-25014)
The version of Zoom Client for Meetings installed on the remote host is prior to 6.3.10. It is, therefore, affected by a vulnerability as referenced in the ZSB-25014 advisory. - Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an authenticated user to...
Zoom Client for Meetings < 5.16.5 Vulnerability (ZSB-23062)
The version of Zoom Client for Meetings installed on the remote host is prior to 5.16.5. It is, therefore, affected by a vulnerability as referenced in the ZSB-23062 advisory. - Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated user to conduct a denial ...
Zoom Client for Meetings < 5.14.5 Vulnerability (ZSB-23028)
The version of Zoom Client for Meetings installed on the remote host is prior to 5.14.5. It is, therefore, affected by a vulnerability as referenced in the ZSB-23028 advisory. - Buffer overflow in Zoom Clients before 5.14.5 may allow an unauthenticated user to enable a denial of service via netwo...
Zoom Client for Meetings < 5.15.2 Vulnerability (ZSB-23038)
The version of Zoom Client for Meetings installed on the remote host is prior to 5.15.2. It is, therefore, affected by a vulnerability as referenced in the ZSB-23038 advisory. - Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client before 5.15.2 may...
Zoom Client for Meetings < 5.9.7 Vulnerability (ZSB-22004)
The version of Zoom Client for Meetings installed on the remote host is prior to 5.9.7. It is, therefore, affected by a vulnerability as referenced in the ZSB-22004 advisory. - The Zoom Client for Meetings for Windows prior to version 5.9.7, Zoom Rooms for Conference Room for Windows prior to...
CVE-2022-28766
Windows 32-bit versions of the Zoom Client for Meetings before 5.12.6 and Zoom Rooms for Conference Room before version 5.12.6 are susceptible to a DLL injection vulnerability. A local low-privileged user could exploit this vulnerability to run arbitrary code in the context of the Zoom client...
Zoom Client 信息泄露漏洞
Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. An information disclosure vulnerability exists in Zoom Client for Meetings for Android, iOS, Linux, macOS, and Windows versions prior to 5.12.6, which stems from failing to clear data from a loc...
Zoom Client 输入验证错误漏洞
Zoom Client is a video conferencing client application from Zoom Inc. that supports multiple platforms. A security vulnerability exists in Zoom Client for Meetings Android, iOS, Linux, macOS, Windows versions prior to 5.11.0, which stems from susceptibility to a URL parsing vulnerability. An...
CVE-2022-22786
The Zoom Client for Meetings for Windows before version 5.10.0 and Zoom Rooms for Conference Room for Windows before version 5.10.0, fails to properly check the installation version during the update process. This issue could be used in a more sophisticated attack to trick a user into downgrading...
CVE-2022-22786
The Zoom Client for Meetings for Windows before version 5.10.0 and Zoom Rooms for Conference Room for Windows before version 5.10.0, fails to properly check the installation version during the update process. This issue could be used in a more sophisticated attack to trick a user into downgrading...
CVE-2022-22781
The Zoom Client for Meetings for MacOS Standard and for IT Admin prior to version 5.9.6 failed to properly check the package version during the update process. This could lead to a malicious actor updating an unsuspecting user’s currently installed version to a less secure version...
ZOOM Client 代码问题漏洞
Zoom Client is a multi-platform video conferencing client application from Zoom, Inc. A server-side request forgery vulnerability exists in Zoom Client for Meetings prior to version 5.7.3, which stems from the product's failure to properly validate user input and could be exploited by attackers t...
CVE-2021-34424
A vulnerability was discovered in the Zoom Client for Meetings for Android, iOS, Linux, macOS, and Windows before version 5.8.4, Zoom Client for Meetings for Blackberry for Android and iOS before version 5.8.1, Zoom Client for Meetings for intune for Android and iOS before version 5.8.4, Zoom...
CVE-2020-11877
airhost.exe in Zoom Client for Meetings 4.6.11 uses 3423423432325249 as the Initialization Vector IV for AES-256 CBC encryption. NOTE: the vendor states that this IV is used only within unreachable code...
CVE-2020-11876
airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242 for initialization of an OpenSSL EVP AES-256 CBC context. NOTE: the vendor states that this initialization only occurs within unreachable code...
Zoom Client for Meetings Encryption Issue Vulnerability
Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. An encryption issue vulnerability exists in Zoom Client for Meetings version 4.6.9 and earlier, which stems from the fact that Zoom Client for Meetings uses ECB mode of AES for video and audio...
PT-2020-12650 · Microsoft +1 · Office 365 +2
Name of the Vulnerable Software and Affected Versions: Zoom Client for Meetings versions 4.6.9 and earlier Microsoft Office 365 affected versions not specified Description: The issue concerns the use of the ECB mode of AES for encryption, which can reveal structural information about encrypted...