CVE-2026-30902

Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access...

CVE-2024-27245

Buffer overflow in some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct a denial of service via network access...

CVE-2024-42435

Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access...

PT-2024-5135 · Zoom · Zoom

Name of the Vulnerable Software and Affected Versions: Zoom versions prior to 6.0.0 Description: The issue is related to a race condition error in the installer for some Zoom Apps and SDKs for Windows, which may allow an authenticated user to conduct a privilege escalation via local access. This ...

CVE-2023-43586

Path traversal in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows may allow an authenticated user to conduct an escalation of privilege via network access...

CVE-2023-43583

Cryptographic issues Zoom Mobile App for Android, Zoom Mobile App for iOS, and Zoom SDKs for Android and iOS before version 5.16.0 may allow a privileged user to conduct a disclosure of information via network access...

The vulnerability of the Zoom SDK software for conducting video conferences, related to uncontrolled resource consumption, allows a hacker to cause a service failure.

The vulnerability of Zoom, a video conferencing software, is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service failures...

PT-2023-26835 · Zoom · Zoom Sdks

Name of the Vulnerable Software and Affected Versions: Zoom SDK versions prior to 5.14.10 Description: The issue is related to improper input validation in the Zoom SDK, which may allow an unauthenticated user to enable a denial of service via network access. Recommendations: For versions prior t...

CVE-2023-28600

Zoom for MacOSclients prior to 5.14.0 contain an improper access control vulnerability. A malicious user may be able to delete/replace Zoom Client files potentially causing a loss of integrity and availability to the Zoom Client...

Zoom Client for Meetings < 5.14.0 Vulnerability (ZSB-23015)

The version of Zoom Client for Meetings installed on the remote host is prior to 5.14.0. It is, therefore, affected by a vulnerability as referenced in the ZSB-23015 advisory. - Insufficient verification of data authenticity in Zoom for Windows clients before 5.14.0 may allow an authenticated use...

CVE-2023-22882

Zoom clients before version 5.13.5 contain a STUN parsing vulnerability. A malicious actor could send specially crafted UDP traffic to a victim Zoom client to remotely cause the client to crash, causing a denial of service...

The vulnerability of Zoom’s video conferencing software, related to the handling of the zero pointer, allows a hacker to cause a service failure.

The vulnerability of Zoom video conferencing software relates to the handling of the zero pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2022-22782

The Zoom Client for Meetings for Windows prior to version 5.9.7, Zoom Rooms for Conference Room for Windows prior to version 5.10.0, Zoom Plugins for Microsoft Outlook for Windows prior to version 5.10.3, and Zoom VDI Windows Meeting Clients prior to version 5.9.6; was susceptible to a local...