Total
104 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-30666 | 1 Zoom | 5 Meeting Software Development Kit, Rooms, Rooms Controller and 2 more | 2025-08-05 | N/A | 6.5 MEDIUM |
| NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. | |||||
| CVE-2024-27238 | 1 Zoom | 3 Meeting Software Development Kit, Rooms, Workplace Desktop | 2025-08-05 | N/A | 7.1 HIGH |
| Race condition in the installer for some Zoom Apps and SDKs for Windows before version 6.0.0 may allow an authenticated user to conduct a privilege escalation via local access. | |||||
| CVE-2024-27240 | 1 Zoom | 3 Rooms, Workplace Desktop, Workplace Virtual Desktop Infrastructure | 2025-08-05 | N/A | 7.1 HIGH |
| Improper input validation in the installer for some Zoom Apps for Windows may allow an authenticated user to conduct a privilege escalation via local access. | |||||
| CVE-2024-39821 | 1 Zoom | 2 Rooms, Workplace Desktop | 2025-08-05 | N/A | 6.6 MEDIUM |
| Race condition in the installer for Zoom Workplace App for Windows and Zoom Rooms App for Windows may allow an authenticated user to conduct a denial of service via local access. | |||||
| CVE-2025-30671 | 1 Zoom | 5 Meeting Software Development Kit, Rooms, Rooms Controller and 2 more | 2025-08-01 | N/A | 6.5 MEDIUM |
| Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. | |||||
| CVE-2025-30670 | 1 Zoom | 5 Meeting Software Development Kit, Rooms, Rooms Controller and 2 more | 2025-08-01 | N/A | 6.5 MEDIUM |
| Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. | |||||
| CVE-2025-27443 | 1 Zoom | 4 Meeting Software Development Kit, Rooms, Rooms Controller and 1 more | 2025-08-01 | N/A | 2.8 LOW |
| Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a loss of integrity via local access. | |||||
| CVE-2025-0146 | 1 Zoom | 5 Meeting Software Development Kit, Rooms, Rooms Controller and 2 more | 2025-08-01 | N/A | 3.9 LOW |
| Symlink following in the installer for Zoom Workplace App for macOS before 6.2.10 may allow an authenticated user to conduct a denial of service via local access. | |||||
| CVE-2023-43591 | 1 Zoom | 1 Rooms | 2025-06-11 | N/A | 7.8 HIGH |
| Improper privilege management in Zoom Rooms for macOS before version 5.16.0 may allow an authenticated user to conduct an escalation of privilege via local access. | |||||
| CVE-2024-45425 | 1 Zoom | 6 Meeting Software Development Kit, Rooms, Rooms Controller and 3 more | 2025-03-05 | N/A | 4.9 MEDIUM |
| Incorrect user management in some Zoom Workplace Apps may allow a privileged user to conduct an information disclosure via network access. | |||||
| CVE-2024-45424 | 1 Zoom | 6 Meeting Software Development Kit, Rooms, Rooms Controller and 3 more | 2025-03-05 | N/A | 5.3 MEDIUM |
| Business logic error in some Zoom Workplace Apps may allow an unauthenticated user to conduct a disclosure of information via network access. | |||||
| CVE-2024-45421 | 1 Zoom | 7 Meeting Software Development Kit, Rooms, Rooms Controller and 4 more | 2025-03-05 | N/A | 8.5 HIGH |
| Buffer overflow in some Zoom Apps may allow an authenticated user to conduct an escalation of privilege via network access. | |||||
| CVE-2024-45426 | 1 Zoom | 6 Meeting Software Development Kit, Rooms, Rooms Controller and 3 more | 2025-03-04 | N/A | 4.9 MEDIUM |
| Incorrect ownership assignment in some Zoom Workplace Apps may allow a privileged user to conduct an information disclosure via network access. | |||||
| CVE-2024-45417 | 1 Zoom | 4 Meeting Software Development Kit, Rooms, Video Software Development Kit and 1 more | 2025-03-04 | N/A | 6.0 MEDIUM |
| Uncontrolled resource consumption in the installer for some Zoom apps for macOS before version 6.1.5 may allow a privileged user to conduct a disclosure of information via local access. | |||||
| CVE-2024-45418 | 1 Zoom | 4 Meeting Software Development Kit, Rooms, Video Software Development Kit and 1 more | 2025-03-04 | N/A | 5.4 MEDIUM |
| Symlink following in the installer for some Zoom apps for macOS before version 6.1.5 may allow an authenticated user to conduct an escalation of privilege via network access. | |||||
| CVE-2023-28597 | 2 Microsoft, Zoom | 4 Windows, Rooms, Virtual Desktop Infrastructure and 1 more | 2025-02-19 | N/A | 8.3 HIGH |
| Zoom clients prior to 5.13.5 contain an improper trust boundary implementation vulnerability. If a victim saves a local recording to an SMB location and later opens it using a link from Zoom’s web portal, an attacker positioned on an adjacent network to the victim client could set up a malicious SMB server to respond to client requests, causing the client to execute attacker controlled executables. This could result in an attacker gaining access to a user's device and data, and remote code execution. | |||||
| CVE-2024-24699 | 1 Zoom | 4 Meeting Sdk, Rooms, Vdi Windows Meeting Clients and 1 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| Business logic error in some Zoom clients may allow an authenticated user to conduct information disclosure via network access. | |||||
| CVE-2024-24698 | 1 Zoom | 4 Meeting Software Development Kit, Rooms, Vdi Windows Meeting Clients and 1 more | 2024-11-21 | N/A | 4.9 MEDIUM |
| Improper authentication in some Zoom clients may allow a privileged user to conduct a disclosure of information via local access. | |||||
| CVE-2024-24697 | 1 Zoom | 4 Meeting Software Development Kit, Rooms, Vdi Windows Meeting Clients and 1 more | 2024-11-21 | N/A | 7.2 HIGH |
| Untrusted search path in some Zoom 32 bit Windows clients may allow an authenticated user to conduct an escalation of privilege via local access. | |||||
| CVE-2024-24693 | 1 Zoom | 1 Rooms | 2024-11-21 | N/A | 7.2 HIGH |
| Improper access control in the installer for Zoom Rooms Client for Windows before version 5.17.5 may allow an authenticated user to conduct a denial of service via local access. | |||||