) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): Zoom
- Search Type: Search All
- CPE Name Search: false
- CPE Vendor: cpe:/:zoom
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2023-39213 |
Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client before 5.15.2 may allow an unauthenticated user to enable an escalation of privilege via network access. Published: August 08, 2023; 6:15:10 PM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
| CVE-2023-39212 |
Untrusted search path in Zoom Rooms for Windows before version 5.15.5 may allow an authenticated user to enable a denial of service via local access. Published: August 08, 2023; 6:15:10 PM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-39211 |
Improper privilege management in Zoom Desktop Client for Windows and Zoom Rooms for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via local access. Published: August 08, 2023; 6:15:10 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-39210 |
Cleartext storage of sensitive information in Zoom Client SDK for Windows before 5.15.0 may allow an authenticated user to enable an information disclosure via local access. Published: August 08, 2023; 6:15:10 PM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
| CVE-2023-39209 |
Improper input validation in Zoom Desktop Client for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via network access. Published: August 08, 2023; 6:15:09 PM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
| CVE-2023-39218 |
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privileged user to enable information disclosure via network access. Published: August 08, 2023; 2:15:23 PM -0400 |
V3.1: 4.9 MEDIUM V2.0:(not available) |
| CVE-2023-39217 |
Improper input validation in Zoom SDK’s before 5.14.10 may allow an unauthenticated user to enable a denial of service via network access. Published: August 08, 2023; 2:15:23 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2023-39216 |
Improper input validation in Zoom Desktop Client for Windows before 5.14.7 may allow an unauthenticated user to enable an escalation of privilege via network access. Published: August 08, 2023; 2:15:23 PM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
| CVE-2023-36541 |
Insufficient verification of data authenticity in Zoom Desktop Client for Windows before 5.14.5 may allow an authenticated user to enable an escalation of privilege via network access. Published: August 08, 2023; 2:15:14 PM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2023-36540 |
Untrusted search path in the installer for Zoom Desktop Client for Windows before 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access. Published: August 08, 2023; 2:15:14 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-36535 |
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enable information disclosure via network access. Published: August 08, 2023; 2:15:14 PM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
| CVE-2023-36534 |
Path traversal in Zoom Desktop Client for Windows before 5.14.7 may allow an unauthenticated user to enable an escalation of privilege via network access. Published: August 08, 2023; 2:15:14 PM -0400 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
| CVE-2023-36533 |
Uncontrolled resource consumption in Zoom SDKs before 5.14.7 may allow an unauthenticated user to enable a denial of service via network access. Published: August 08, 2023; 2:15:14 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2023-36532 |
Buffer overflow in Zoom Clients before 5.14.5 may allow an unauthenticated user to enable a denial of service via network access. Published: August 08, 2023; 2:15:13 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2023-36538 |
Improper access control in Zoom Rooms for Windows before version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access. Published: July 11, 2023; 2:15:20 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-36537 |
Improper privilege management in Zoom Rooms for Windows before version 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access. Published: July 11, 2023; 2:15:20 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-36536 |
Untrusted search path in the installer for Zoom Rooms for Windows before version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access. Published: July 11, 2023; 2:15:20 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-34119 |
Insecure temporary file in the installer for Zoom Rooms for Windows before version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access. Published: July 11, 2023; 2:15:16 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-34118 |
Improper privilege management in Zoom Rooms for Windows before version 5.14.5 may allow an authenticated user to enable an escalation of privilege via local access. Published: July 11, 2023; 2:15:16 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
| CVE-2023-34117 |
Relative path traversal in the Zoom Client SDK before version 5.15.0 may allow an unauthorized user to enable information disclosure via local access. Published: July 11, 2023; 1:15:13 PM -0400 |
V3.1: 3.3 LOW V2.0:(not available) |