Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Meetings
(Zoom)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 37 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-11-14 | CVE-2022-28764 | The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.6 is susceptible to a local information exposure vulnerability. A failure to clear data from a local SQL database after a meeting ends and the usage of an insufficiently secure per-device key encrypting that database results in a local malicious user being able to obtain meeting information such as in-meeting chat for the previous meeting attended from that local user account. | Meetings, Rooms, Vdi_windows_meeting_clients | 3.3 | ||
| 2022-11-17 | CVE-2022-28766 | Windows 32-bit versions of the Zoom Client for Meetings before 5.12.6 and Zoom Rooms for Conference Room before version 5.12.6 are susceptible to a DLL injection vulnerability. A local low-privileged user could exploit this vulnerability to run arbitrary code in the context of the Zoom client. | Meetings, Rooms | 7.3 | ||
| 2022-11-17 | CVE-2022-28768 | The Zoom Client for Meetings Installer for macOS (Standard and for IT Admin) before version 5.12.6 contains a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability during the install process to escalate their privileges to root. | Meetings | 7.8 | ||
| 2023-03-16 | CVE-2023-22883 | Zoom Client for IT Admin Windows installers before version 5.13.5 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability in an attack chain during the installation process to escalate their privileges to the SYSTEM user. | Meetings | 7.8 | ||
| 2023-03-27 | CVE-2023-28596 | Zoom Client for IT Admin macOS installers before version 5.13.5 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability in an attack chain during the installation process to escalate their privileges to privileges to root. | Meetings | 7.8 | ||
| 2023-06-30 | CVE-2023-36539 | Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive information. | Meetings, Poly_ccx_600_firmware, Poly_ccx_700_firmware, Rooms, Video_software_development_kit, Yealink_mp54_firmware, Yealink_mp56_firmware, Yealink_vp59_firmware, Zoom | 7.5 | ||
| 2023-11-14 | CVE-2023-39199 | Cryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to conduct an information disclosure via network access. | Meetings, Rooms, Virtual_desktop_infrastructure, Zoom | 6.5 | ||
| 2023-11-14 | CVE-2023-39204 | Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access. | Meetings, Rooms, Video_software_development_kit, Virtual_desktop_infrastructure, Zoom | 7.5 | ||
| 2023-11-14 | CVE-2023-39205 | Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to conduct a denial of service via network access. | Meetings, Video_software_development_kit, Virtual_desktop_infrastructure, Zoom | 6.5 | ||
| 2023-11-14 | CVE-2023-39206 | Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access. | Meetings, Rooms, Video_software_development_kit, Virtual_desktop_infrastructure, Zoom | 7.5 |