) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:zoom:zoom:5.13.5:*:*:*:*:android:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2023-49646 |
Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated user to conduct a denial of service via network access. Published: December 13, 2023; 6:15:08 PM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
| CVE-2023-43583 |
Cryptographic issues Zoom Mobile App for Android, Zoom Mobile App for iOS, and Zoom SDKs for Android and iOS before version 5.16.0 may allow a privileged user to conduct a disclosure of information via network access. Published: December 13, 2023; 6:15:07 PM -0500 |
V4.0:(not available) V3.1: 4.9 MEDIUM V2.0:(not available) |
| CVE-2023-43582 |
Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation of privilege via network access. Published: November 14, 2023; 7:15:08 PM -0500 |
V4.0:(not available) V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2023-39206 |
Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access. Published: November 14, 2023; 6:15:09 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2023-39205 |
Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to conduct a denial of service via network access. Published: November 14, 2023; 6:15:08 PM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
| CVE-2023-39204 |
Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access. Published: November 14, 2023; 6:15:08 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2023-39199 |
Cryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to conduct an information disclosure via network access. Published: November 14, 2023; 6:15:08 PM -0500 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
| CVE-2023-39215 |
Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of service via network access. Published: September 12, 2023; 4:15:09 PM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
| CVE-2023-39214 |
Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated user to enable a denial of service via network access. Published: August 08, 2023; 6:15:10 PM -0400 |
V4.0:(not available) V3.1: 8.1 HIGH V2.0:(not available) |
| CVE-2023-39218 |
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privileged user to enable information disclosure via network access. Published: August 08, 2023; 2:15:23 PM -0400 |
V4.0:(not available) V3.1: 4.9 MEDIUM V2.0:(not available) |
| CVE-2023-36535 |
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enable information disclosure via network access. Published: August 08, 2023; 2:15:14 PM -0400 |
V4.0:(not available) V3.1: 6.5 MEDIUM V2.0:(not available) |
| CVE-2023-36532 |
Buffer overflow in Zoom Clients before 5.14.5 may allow an unauthenticated user to enable a denial of service via network access. Published: August 08, 2023; 2:15:13 PM -0400 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2023-28599 |
Zoom clients prior to 5.13.10 contain an HTML injection vulnerability. A malicious user could inject HTML into their display name potentially leading a victim to a malicious website during meeting creation. Published: June 13, 2023; 1:15:14 PM -0400 |
V4.0:(not available) V3.1: 4.3 MEDIUM V2.0:(not available) |