36 matches found
CVE-2026-30902
Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access...
CVE-2026-30900
Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access...
CVE-2026-30902
Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access...
CVE-2026-30900
CVE-2026-30900 affects Zoom Clients for Windows. It describes an improper check of minimum version in the update functionality, enabling an authenticated user with local access to escalate privileges (local, required privileges: low; UI: none; scope: unchanged; impact: high on confidentiality, in...
CVE-2026-30900
Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access...
Zoom Clients for Windows 安全漏洞
Zoom Clients for Windows is a video conferencing software developed by the American company Zoom. There is a security vulnerability in Zoom Clients for Windows, which stems from improper version checking in the update function. This vulnerability could allow authenticated users to gain elevated...
Zoom Clients for Windows 安全漏洞
Zoom Clients for Windows is a video conferencing software developed by the American company Zoom. There is a security vulnerability in Zoom Clients for Windows, which stems from improper permission management. This vulnerability could allow authenticated users to elevate their permissions through...
CVE-2025-58132
Command injection in some Zoom Clients for Windows may allow an authenticated user to conduct a disclosure of information via network access...
EUVD-2025-34670
Command injection in some Zoom Clients for Windows may allow an authenticated user to conduct a disclosure of information via network access...
CVE-2025-58132
Command injection in some Zoom Clients for Windows may allow an authenticated user to conduct a disclosure of information via network access...
CVE-2025-58132 Zoom Clients for Windows - Command Injection
Command injection in some Zoom Clients for Windows may allow an authenticated user to conduct a disclosure of information via network access...
CVE-2025-58132 Zoom Clients for Windows - Command Injection
Command injection in some Zoom Clients for Windows may allow an authenticated user to conduct a disclosure of information via network access...
EUVD-2023-32271
Malicious code in bioql PyPI...
EUVD-2024-22096
Malicious code in bioql PyPI...
CVE-2025-49457
Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access...
Zoom and Xerox Release Critical Security Updates Fixing Privilege Escalation and RCE Flaws
Zoom and Xerox have addressed critical security flaws in Zoom Clients for Windows and FreeFlow Core that could allow privilege escalation and remote code execution. The vulnerability impacting Zoom Clients for Windows, tracked as CVE-2025-49457 CVSS score: 9.6, relates to a case of an untrusted...
CVE-2025-49457
Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access...
CVE-2025-49457 Zoom Clients for Windows - Untrusted Search Path
Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access...
CVE-2025-49457
CVE-2025-49457 affects Zoom Clients for Windows (multiple Zoom products: Zoom Workplace for Windows, Zoom Rooms for Windows, Zoom Rooms Controller, Zoom Meeting SDK for Windows) where an untrusted search path could allow an unauthenticated attacker to escalate privileges over the network. Affecte...
CVE-2025-49456 Zoom Clients for Windows- Race Condition
Race condition in the installer for certain Zoom Clients for Windows may allow an unauthenticated user to impact application integrity via local access...