Workplace Desktop Security Vulnerabilities and Issues — Workplace Desktop CVE List

Lucene search

ZoomWorkplace Desktop

35 matches found

CVE•added 2025/02/25 8:15 p.m.•65 views

CVE-2024-45421

Buffer overflow in some Zoom Apps may allow an authenticated user to conduct an escalation of privilege via network access.

8.8CVSS8.8AI score0.00076EPSS

CVE•added 2025/02/25 8:15 p.m.•60 views

CVE-2024-45417

Uncontrolled resource consumption in the installer for some Zoom apps for macOS before version 6.1.5 may allow a privileged user to conduct a disclosure of information via local access.

6CVSS6.4AI score0.00018EPSS

CVE•added 2024/08/14 5:15 p.m.•56 views

CVE-2024-39818

Protection mechanism failure for some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct information disclosure via network access.

7.5CVSS7.2AI score0.00164EPSS

CVE•added 2024/08/14 5:15 p.m.•56 views

CVE-2024-39825

Buffer overflow in some Zoom Workplace Apps and Rooms Clients may allow an authenticated user to conduct an escalation of privilege via network access.

8.5CVSS8.8AI score0.00257EPSS

CVE•added 2024/08/14 5:15 p.m.•55 views

CVE-2024-39822

Sensitive information exposure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct an information disclosure via network access.

6.5CVSS6.2AI score0.00224EPSS

CVE•added 2025/02/25 8:15 p.m.•52 views

CVE-2024-45418

Symlink following in the installer for some Zoom apps for macOS before version 6.1.5 may allow an authenticated user to conduct an escalation of privilege via network access.

8.8CVSS5.7AI score0.00044EPSS

CVE•added 2024/08/14 5:15 p.m.•50 views

CVE-2024-42434

Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.

4.9CVSS4.9AI score0.00168EPSS

CVE•added 2024/08/14 5:15 p.m.•49 views

CVE-2024-42435

Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.

4.9CVSS4.9AI score0.00168EPSS

CVE•added 2024/08/14 5:15 p.m.•49 views

CVE-2024-42436

Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.

6.5CVSS6.5AI score0.00284EPSS

CVE•added 2025/02/25 8:15 p.m.•49 views

CVE-2024-45426

Incorrect ownership assignment in some Zoom Workplace Apps may allow a privileged user to conduct an information disclosure via network access.

6.5CVSS4.9AI score0.00046EPSS

CVE•added 2024/07/15 6:15 p.m.•48 views

CVE-2024-27238

Race condition in the installer for some Zoom Apps and SDKs for Windows before version 6.0.0 may allow an authenticated user to conduct a privilege escalation via local access.

7.1CVSS7AI score0.00025EPSS

CVE•added 2025/02/25 8:15 p.m.•48 views

CVE-2024-45424

Business logic error in some Zoom Workplace Apps may allow an unauthenticated user to conduct a disclosure of information via network access.

7.5CVSS5.1AI score0.00116EPSS

CVE•added 2024/07/15 6:15 p.m.•47 views

CVE-2024-39827

Improper input validation in the installer for Zoom Workplace Desktop App for Windows before version 6.0.10 may allow an authenticated user to conduct a denial of service via local access.

5.5CVSS5.3AI score0.00028EPSS

CVE•added 2024/07/15 6:15 p.m.•46 views

CVE-2024-39821

Race condition in the installer for Zoom Workplace App for Windows and Zoom Rooms App for Windows may allow an authenticated user to conduct a denial of service via local access.

6.6CVSS6.3AI score0.00022EPSS

CVE•added 2024/08/14 5:15 p.m.•46 views

CVE-2024-39824

Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.

4.9CVSS4.9AI score0.00182EPSS

CVE•added 2024/07/15 6:15 p.m.•45 views

CVE-2024-39820

Uncontrolled search path element in the installer for Zoom Workplace Desktop App for macOS before version 6.0.10 may allow an authenticated user to conduct a denial of service via local access.

6.6CVSS6.1AI score0.00028EPSS

CVE•added 2025/01/30 8:15 p.m.•45 views

CVE-2025-0147

Type confusion in the Zoom Workplace App for Linux before 6.2.10 may allow an authorized user to conduct an escalation of privilege via network access.

9.8CVSS8.9AI score0.00087EPSS

CVE•added 2024/08/14 5:15 p.m.•43 views

CVE-2024-39823

Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.

4.9CVSS4.9AI score0.00182EPSS

CVE•added 2024/07/15 6:15 p.m.•43 views

CVE-2024-39826

Path traversal in Team Chat for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct information disclosure via network access.

6.8CVSS6.4AI score0.00061EPSS

CVE•added 2024/08/14 5:15 p.m.•43 views

CVE-2024-42437

Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.

6.5CVSS6.5AI score0.00248EPSS

CVE•added 2024/08/14 5:15 p.m.•43 views

CVE-2024-42438

Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.

6.5CVSS6.5AI score0.00284EPSS

CVE•added 2024/08/14 5:15 p.m.•43 views

CVE-2024-42440

Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access.

6.7CVSS6.4AI score0.00031EPSS

CVE•added 2025/02/25 8:15 p.m.•43 views

CVE-2024-45425

Incorrect user management in some Zoom Workplace Apps may allow a privileged user to conduct an information disclosure via network access.

6.5CVSS4.8AI score0.00046EPSS

CVE•added 2025/01/30 8:15 p.m.•42 views

CVE-2025-0143

Out-of-bounds write in the Zoom Workplace App for Linux before version 6.2.5 may allow an unauthorized user to conduct a denial of service via network access.

6.5CVSS4.6AI score0.00088EPSS

CVE•added 2025/04/08 5:15 p.m.•42 views

CVE-2025-30670

Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.

6.5CVSS7AI score0.00142EPSS

CVE•added 2025/04/08 5:15 p.m.•42 views

CVE-2025-30671

Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.

6.5CVSS7AI score0.00142EPSS

CVE•added 2024/08/14 5:15 p.m.•41 views

CVE-2024-42441

6.7CVSS6.4AI score0.00031EPSS

CVE•added 2025/01/30 8:15 p.m.•41 views

CVE-2025-0146

Symlink following in the installer for Zoom Workplace App for macOS before 6.2.10 may allow an authenticated user to conduct a denial of service via local access.

5CVSS4AI score0.00026EPSS

CVE•added 2024/07/15 6:15 p.m.•40 views

CVE-2024-27240

Improper input validation in the installer for some Zoom Apps for Windows may allow an authenticated user to conduct a privilege escalation via local access.

7.8CVSS7AI score0.00029EPSS

CVE•added 2025/04/08 5:15 p.m.•40 views

CVE-2025-27443

Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a loss of integrity via local access.

5.5CVSS6.8AI score0.00022EPSS

CVE•added 2024/08/14 5:15 p.m.•39 views

CVE-2024-42439

Untrusted search path in the installer for Zoom Workplace Desktop App for macOS and Zoom Meeting SDK for macOS before 6.1.0 may allow a privileged user to conduct an escalation of privilege via local access.

6.5CVSS6.6AI score0.00028EPSS

CVE•added 2024/07/15 6:15 p.m.•38 views

CVE-2024-39819

Improper privilege management in the installer for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct a privilege escalation via local access.

7.3CVSS6.6AI score0.00024EPSS

CVE•added 2025/05/14 6:15 p.m.•36 views

CVE-2025-30666

NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.

6.5CVSS6.4AI score0.00062EPSS

CVE•added 2025/05/14 6:15 p.m.•31 views

CVE-2025-30665

NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.

6.5CVSS6.8AI score0.00062EPSS

CVE•added 2025/07/10 4:15 p.m.•11 views

CVE-2025-46788

Improper certificate validation in Zoom Workplace for Linux before version 6.4.13 may allow an unauthorized user to conduct an information disclosure via network access.

9.1CVSS6.2AI score0.00022EPSS