Lucene search
K
ZoomWorkplace

42 matches found

CVE
CVE
added 2025/02/25 7:55 p.m.113 views

CVE-2024-45421

CVE-2024-45421 describes a buffer overflow in some Zoom Apps that could allow an authenticated user to escalate privileges over the network. The PT-2024-31624 entry specifies Zoom Product Suite versions prior to 6.2.0 as affected and recommends upgrading to 6.2.0 or later to address the issue. Ot...

8.8CVSS8.8AI score0.00564EPSS
CVE
CVE
added 2025/04/08 4:14 p.m.77 views

CVE-2025-27442

CVE-2025-27442 corresponds to a cross-site scripting vulnerability in Zoom Workplace Apps. The issue allows an unauthenticated attacker to potentially compromise integrity via adjacent network access, with user interaction required. The exploits/patch status is not detailed in the provided docume...

5.2CVSS6.8AI score0.00235EPSS
CVE
CVE
added 2024/08/14 4:38 p.m.74 views

CVE-2024-39822

CVE-2024-39822 affects Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers. Affected: Zoom components vulnerable to information disclosure via network access by an authenticated user. Root cause: sensitive information exposure in these Zoom products. Impact: confidentiality loss witho...

6.5CVSS6.2AI score0.00514EPSS
CVE
CVE
added 2024/08/14 4:34 p.m.74 views

CVE-2024-39825

CVE-2024-39825 affects Zoom Workplace Apps and Rooms Clients. The issue is a heap-based buffer overflow that can allow an authenticated, remote attacker to escalate privileges over the network. Exploitation context: network access; no user interaction required; impact reported as high for confide...

8.5CVSS8.8AI score0.00627EPSS
CVE
CVE
added 2025/01/30 7:44 p.m.74 views

CVE-2025-0144

CVE-2025-0144 describes an out-of-bounds write in Zoom Workplace Apps that can lead to loss of integrity over a network when processing a specific request. Multiple sources confirm the issue affects Zoom Workplace Desktop App prior to version 6.2.5 (per Nessus ZSB-25003) and indicate the vulnerab...

6.5CVSS3.9AI score0.00331EPSS
CVE
CVE
added 2024/08/14 4:39 p.m.72 views

CVE-2024-42435

The CVE-2024-42435 entry covers a sensitive information disclosure in Zoom components. Affected software includes Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers. The root cause and impact details in the provided sources indicate that a privileged user could obtain confidential da...

4.9CVSS4.9AI score0.00514EPSS
CVE
CVE
added 2024/08/14 4:36 p.m.71 views

CVE-2024-39818

CVE-2024-39818 affects Zoom Workplace Apps and SDKs. The issue is a protection mechanism failure that may allow an authenticated user to disclose information over the network. CVSSv3.1: base score 6.5 (MEDIUM) from NVD, with Confidentiality Impact: High, Attack Vector: Network, Attack Complexity:...

7.5CVSS7.2AI score0.00563EPSS
CVE
CVE
added 2024/08/14 4:39 p.m.70 views

CVE-2024-39824

CVE-2024-39824 affects Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers. The issue is missing authorization that may allow a privileged user to disclose information over the network. The description and connected documents consistently identify the affected Zoom products and the im...

4.9CVSS5.8AI score0.00509EPSS
CVE
CVE
added 2024/08/14 4:41 p.m.70 views

CVE-2024-42436

CVE-2024-42436 describes a buffer overflow in Zoom components: Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers. The underlying issue allows an authenticated user, leveraging network access, to cause a denial of service. The NVD metrics assign a CVSS v3.1 base score of 6.5 (Medium) with...

6.5CVSS6.5AI score0.00574EPSS
CVE
CVE
added 2024/08/14 4:39 p.m.69 views

CVE-2024-42434

The CVE-2024-42434 issue affects Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers. It is described as a Missing authorization vulnerability that could allow a privileged user to disclose information over the network. The NVD/CVE entries and related sources cite a network-access att...

4.9CVSS5.8AI score0.00487EPSS
CVE
CVE
added 2025/02/25 8:32 p.m.68 views

CVE-2024-27246

CVE-2024-27246 affects Zoom Workplace Apps and SDKs. The issue is a use-after-free in components handling network activity, allowing an authenticated user to cause a denial of service over the network. Used details: CVSS v3.1 base metrics indicate MEDIUM severity (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/...

6.5CVSS5AI score0.00594EPSS
CVE
CVE
added 2024/08/14 4:39 p.m.68 views

CVE-2024-39823

CVE-2024-39823 affects Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers. The connected sources indicate a missing authorization in these Zoom products could allow a privileged user to perform information disclosure over a network. The exact vulnerable components (versions, files) a...

4.9CVSS5.8AI score0.00487EPSS
CVE
CVE
added 2025/02/25 7:34 p.m.67 views

CVE-2024-45424

CVE-2024-45424 is described as a business logic error in Zoom Workplace Apps that could allow an unauthenticated user to disclose information over the network. Public details indicate affected software is Zoom Workplace/Desktop App prior to version 6.1.0, with the root cause tied to business logi...

7.5CVSS5.1AI score0.00341EPSS
CVE
CVE
added 2025/02/25 7:38 p.m.67 views

CVE-2024-45425

CVE-2024-45425 concerns Zoom Workplace Apps and refers to incorrect user management that may allow a privileged user to disclose information over the network. The provided sources consistently describe a network-accessible path to information disclosure with high confidentiality impact (per CVSS ...

6.5CVSS4.8AI score0.00297EPSS
CVE
CVE
added 2025/02/25 7:39 p.m.67 views

CVE-2024-45426

CVE-2024-45426 : Affected product is Zoom Workplace Apps. The root cause is an incorrect ownership assignment that can permit a privileged user to disclose information over the network. Reported impact is solely on confidentiality (high), with no integrity/availability effects per the sources. Th...

6.5CVSS4.9AI score0.00292EPSS
CVE
CVE
added 2024/11/19 7:28 p.m.66 views

CVE-2024-45419

CVE-2024-45419 concerns Zoom Apps and involves improper input validation that can allow an unauthenticated user to disclose information over the network. Affected software is Zoom Apps (per the CVE entry and multiple sources), with the vulnerability described as enabling information disclosure vi...

8.1CVSS7.9AI score0.00508EPSS
CVE
CVE
added 2024/08/14 4:41 p.m.65 views

CVE-2024-42438

The CVE-2024-42438 entry applies to Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers. The issue is a buffer overflow in these components that allows an authenticated user to trigger a denial of service over the network. The available connected records confirm the affected product a...

6.5CVSS6.5AI score0.00574EPSS
CVE
CVE
added 2025/02/25 8:33 p.m.64 views

CVE-2024-27239

CVE-2024-27239 is a use-after-free vulnerability in some Zoom Workplace Apps and SDKs that could allow an authenticated user to cause a denial-of-service over the network. Affected software is Zoom Workplace Apps and SDKs; root cause is use-after-free. Impact is DoS with network access; no explic...

6.5CVSS5.1AI score0.00594EPSS
CVE
CVE
added 2024/08/14 4:41 p.m.63 views

CVE-2024-42437

CVE-2024-42437 describes a buffer overflow in Zoom components: Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers. An authenticated user could cause a denial of service via network access due to the overflow vulnerability. The CVSS details indicate NETWORK access, low attack complexity, a...

6.5CVSS6.5AI score0.00574EPSS
CVE
CVE
added 2024/05/15 8:37 p.m.62 views

CVE-2024-27243

CVE-2024-27243 describes a buffer overflow in Zoom Workplace Apps and SDKs. The vulnerability affects Zoom’s Workplace components when processing untrusted input, allowing an authenticated user to cause a denial of service over a network connection. The CVSSv3.1 vector (AV:N/AC:L/PR:L/UI:N/S:U/C:...

6.5CVSS6.9AI score0.00413EPSS
CVE
CVE
added 2025/02/25 8:31 p.m.60 views

CVE-2024-27245

This CVE (CVE-2024-27245) affects Zoom Workplace Apps and SDKs. The vulnerability is a buffer overflow in these components that could allow an authenticated user to cause a denial of service over the network. The available sources confirm the affected product family (Zoom Workplace Apps and SDKs)...

6.5CVSS4.7AI score0.00591EPSS
CVE
CVE
added 2025/04/08 4:14 p.m.60 views

CVE-2025-27441

CVE-2025-27441 is a cross-site scripting issue in Zoom Workplace Apps caused by improper filtering of user-supplied input. The vulnerability could allow an unauthenticated attacker to compromise data integrity via adjacent network access. The connected sources corroborate the vulnerability and it...

5.2CVSS6.8AI score0.00246EPSS
CVE
CVE
added 2024/07/15 5:17 p.m.59 views

CVE-2024-27241

CVE-2024-27241 corresponds to an improper input validation flaw affecting Zoom Apps and SDKs. The connected Nessus entry specifies Zoom Workplace Desktop App

7.5CVSS5.2AI score0.00425EPSS
CVE
CVE
added 2025/03/11 5:4 p.m.59 views

CVE-2025-0149

CVE-2025-0149 affects Zoom Workplace Apps. The issue is insufficient verification of data authenticity, potentially allowing an unauthenticated, network-connected user to cause a denial-of-service. CVSS describes high availability impact (A: HIGH) with network access and no user interaction requi...

7.5CVSS6.4AI score0.00231EPSS
CVE
CVE
added 2025/03/11 5:10 p.m.59 views

CVE-2025-27439

Summary (CVE-2025-27439): Buffer underflow vulnerability in Zoom Workplace Apps may allow an authenticated user to escalate privileges over the network. Evidence from Nessus (Zoom Workplace Desktop App

8.8CVSS8.6AI score0.00413EPSS
CVE
CVE
added 2025/05/14 5:36 p.m.58 views

CVE-2025-30667

CVE-2025-30667 affects Zoom Workplace Apps for Windows and is caused by a NULL pointer dereference in the application. An authenticated user could trigger a denial-of-service via network access. The available sources (NVD/Red Hat/CVE listings) describe the issue but do not provide concrete inform...

6.5CVSS6.3AI score0.00472EPSS
CVE
CVE
added 2025/05/14 5:31 p.m.56 views

CVE-2025-30663

CVE-2025-30663 affects Zoom Workplace Apps. It describes a Time-of-check time-of-use race condition that could allow an authenticated user with local access to escalate privileges. Severity is high (CVSS v3.1 metrics show high impact to confidentiality, integrity, and availability; local attack w...

8.8CVSS7AI score0.0013EPSS
CVE
CVE
added 2024/11/19 7:45 p.m.53 views

CVE-2024-45422

CVE-2024-45422 affects Zoom Apps (Zoom, prior to 6.2.0) due to improper input validation, enabling an unauthenticated user to trigger a denial of service over the network. The issue is documented in multiple sources (including PT-2024-31625) with explicit affected version range and network-based ...

7.5CVSS6.5AI score0.00527EPSS
CVE
CVE
added 2025/05/14 5:39 p.m.52 views

CVE-2025-30668

CVE-2025-30668 affects Zoom Workplace Apps. An integer underflow in affected components may allow an authenticated user to cause a denial of service over the network. The description/references in the supplied documents confirm the vulnerability type and impact (DoS) but do not provide concrete e...

6.5CVSS6.3AI score0.00472EPSS
CVE
CVE
added 2025/03/11 5:6 p.m.51 views

CVE-2025-0150

CVE-2025-0150 affects Zoom Workplace Apps for iOS prior to 6.3.0, due to an incorrect behavior order that may allow an authenticated user with network access to cause a denial of service. The issue is documented across multiple sources, with PT-2025-10852 explicitly stating the affected versions ...

7.1CVSS6.6AI score0.00456EPSS
CVE
CVE
added 2025/03/11 5:11 p.m.49 views

CVE-2025-27440

CVE-2025-27440 describes a heap overflow in some Zoom Workplace Apps that enables an authenticated user to escalate privileges over the network. The most concrete public details point to Zoom Workplace Desktop App prior to 6.3.0 being affected (per Nessus ZSB-25012), with the vulnerability charac...

8.8CVSS8.8AI score0.00419EPSS
CVE
CVE
added 2025/03/11 5:8 p.m.48 views

CVE-2025-0151

CVE-2025-0151 affects Zoom Workplace Desktop App (Zoom Workplace/Zoom Apps) with a use-after-free condition that an authenticated user can exploit over the network to escalate privileges. The Nessus entry ties the issue to Zoom Workplace Desktop App versions before 6.3.0 (ZSB-ZSB-25010). The vuln...

8.8CVSS9AI score0.00401EPSS
CVE
CVE
added 2024/11/19 7:32 p.m.47 views

CVE-2024-45420

CVE-2024-45420 relates to Zoom Apps. The connected PT-2024-31623 note confirms the issue: an authenticated user can trigger a denial of service via network access due to uncontrolled resource consumption in Zoom Apps before version 6.2.0. Affected software: Zoom Apps prior to 6.2.0. Impact: DoS c...

6.5CVSS4.5AI score0.00448EPSS
CVE
CVE
added 2025/05/14 5:33 p.m.45 views

CVE-2025-30664

CVE-2025-30664 is a cross-site scripting issue in Zoom Workplace Apps that could enable an authenticated local attacker to escalate privileges. The reported vector is local, requiring low privileges and user interaction, with a focus on improper neutralization of special elements as the root caus...

8.2CVSS6.3AI score0.00236EPSS
CVE
CVE
added 2025/05/14 5:42 p.m.39 views

CVE-2025-46786

The CVE-2025-46786 entry concerns Zoom Workplace Apps (including Zoom Workplace Desktop App) with an improper neutralization of special elements that enables Cross-site Scripting by an authenticated user over the network, potentially impacting app integrity. The vulnerability affects the app’s ab...

6.1CVSS5.9AI score0.00251EPSS
CVE
CVE
added 2026/06/12 5:57 p.m.39 views

CVE-2026-53408

The CVE-2026-53408 vulnerability affects Zoom Workplace: Android before 7.0.4 and iOS before 7.0.3. It is due to Improper Authorization in the Handler for a Custom URL Scheme, enabling an unauthenticated privilege escalation via network access. The CVSSv3.1 base score is 8.1 (High) with Network a...

8.1CVSS5.3AI score0.00211EPSS
CVE
CVE
added 2026/06/12 5:56 p.m.29 views

CVE-2026-53407

CVE-2026-53407 relates to Zoom Workplace on Android and iOS, where the handler for custom URL schemes suffers improper authorization. The issue could allow an unauthenticated user to escalate privileges via network access. Affected products/versions: Zoom Workplace for Android before 7.0.4 and Zo...

9.8CVSS5.3AI score0.00231EPSS
CVE
CVE
added 2025/11/13 3:7 p.m.26 views

CVE-2025-62484

CVE-2025-62484 affects Zoom Workplace Clients prior to 6.5.10. The issue is described as inefficient regular expression complexity that may allow an unauthenticated user to escalate privileges via network access. Connected sources consistently state the vulnerable software and version range and t...

9.8CVSS6.9AI score0.00294EPSS
CVE
CVE
added 2025/09/09 9:42 p.m.20 views

CVE-2025-49461

CVE-2025-49461 concerns Zoom Workplace Clients affected by a cross-site scripting vulnerability that may allow an unauthenticated attacker to cause a denial of service over the network. The issue is described in the ZSB-25034 advisory and is associated with Zoom Workplace versions prior to 6.3.14...

7.4CVSS6AI score0.00287EPSS
CVE
CVE
added 2025/11/13 2:46 p.m.18 views

CVE-2025-64741

CVE-2025-64741 : Zoom Workplace for Android before 6.5.10 has improper authorization handling that could allow an unauthenticated attacker to escalate privileges over the network. Several connected advisories indicate Zoom fixed vulnerabilities in Zoom Workplace and Zoom Clients for versions prio...

9.8CVSS7AI score0.00411EPSS
CVE
CVE
added 2025/09/09 9:38 p.m.16 views

CVE-2025-49460

The CVE-2025-49460 issue affects Zoom Workplace family components (notably Zoom Workplace/VDI Client) with versions older than fixed releases. The publicly documented impact is Uncontrolled resource consumption that allows an unauthenticated remote attacker to cause a denial of service over the n...

7.5CVSS6.3AI score0.00254EPSS
CVE
CVE
added 2026/05/13 5:53 p.m.16 views

CVE-2026-30904

CVE-2026-30904 concerns Zoom Workplace for iOS prior to version 7.0.0, where a protection mechanism failure could allow an authenticated user with physical access to disclose information. The issue is described consistently across sources as a local, physical-access threat affecting the client, w...

4.3CVSS5.8AI score0.00143EPSS