Zoom Video Communications Inc Zoom Clients vulnerabilities
16 known vulnerabilities affecting zoom_video_communications_inc/zoom_clients.
Total CVEs
16
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH6MEDIUM10
Vulnerabilities
Page 1 of 1
CVE-2023-43582P3HIGHCVSS 8.8vsee references2023-11-15
CVE-2023-43582 [HIGH] CWE-939 CVE-2023-43582: Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation of
Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation of privilege via network access.
nvd
CVE-2023-36532P3HIGHCVSS 7.5vbefore 5.14.52023-08-08
CVE-2023-36532 [HIGH] CWE-122 CVE-2023-36532: Buffer overflow in Zoom Clients before 5.14.5 may allow an unauthenticated user to enable a denial o
Buffer overflow in Zoom Clients before 5.14.5 may allow an unauthenticated user to enable a denial of service via network access.
nvd
CVE-2023-39206P3HIGHCVSS 7.5vsee references2023-11-14
CVE-2023-39206 [HIGH] CWE-120 CVE-2023-39206: Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of servic
Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.
nvd
CVE-2023-39204P3HIGHCVSS 7.5vsee references2023-11-14
CVE-2023-39204 [HIGH] CWE-120 CVE-2023-39204: Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of servic
Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.
nvd
CVE-2024-24697P3HIGHCVSS 7.8vsee references2024-02-14
CVE-2024-24697 [HIGH] CWE-426 CVE-2024-24697: Untrusted search path in some Zoom 32 bit Windows clients may allow an authenticated user to conduct
Untrusted search path in some Zoom 32 bit Windows clients may allow an authenticated user to conduct an escalation of privilege via local access.
nvd
CVE-2023-36539P3HIGHCVSS 7.5vSee references link for ZSB-230252023-06-30
CVE-2023-36539 [HIGH] CWE-200 CVE-2023-36539: Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sens
Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive information.
nvd
CVE-2024-24699P3MEDIUMCVSS 6.5vsee references2024-02-14
CVE-2024-24699 [MEDIUM] CVE-2024-24699: Business logic error in some Zoom clients may allow an authenticated user to conduct information dis
Business logic error in some Zoom clients may allow an authenticated user to conduct information disclosure via network access.
nvd
CVE-2023-43588P3MEDIUMCVSS 6.5vsee references2023-11-15
CVE-2023-43588 [MEDIUM] CWE-449 CVE-2023-43588: Insufficient control flow management in some Zoom clients may allow an authenticated user to conduct
Insufficient control flow management in some Zoom clients may allow an authenticated user to conduct an information disclosure via network access.
nvd
CVE-2023-36535P3MEDIUMCVSS 6.5vbefore 5.14.102023-08-08
CVE-2023-36535 [MEDIUM] CWE-449 CVE-2023-36535: Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenti
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enable information disclosure via network access.
nvd
CVE-2023-39199P4MEDIUMCVSS 6.5vsee references2023-11-14
CVE-2023-39199 [MEDIUM] CWE-325 CVE-2023-39199: Cryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to condu
Cryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to conduct an information disclosure via network access.
nvd
CVE-2024-24690P4MEDIUMCVSS 6.5vsee references2024-02-14
CVE-2024-24690 [MEDIUM] CWE-1284 CVE-2024-24690: Improper input validation in some Zoom clients may allow an authenticated user to conduct a denial o
Improper input validation in some Zoom clients may allow an authenticated user to conduct a denial of service via network access.
nvd
CVE-2023-39215P4MEDIUMCVSS 6.5vsee reference2023-09-12
CVE-2023-39215 [MEDIUM] CWE-449 CVE-2023-39215: Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of servi
Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of service via network access.
nvd
CVE-2023-39205P4MEDIUMCVSS 6.5vsee references2023-11-14
CVE-2023-39205 [MEDIUM] CWE-754 CVE-2023-39205: Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to cond
Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to conduct a denial of service via network access.
nvd
CVE-2023-49646P4MEDIUMCVSS 6.5vSee references2023-12-13
CVE-2023-49646 [MEDIUM] CWE-347 CVE-2023-49646: Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated user t
Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated user to conduct a denial of service via network access.
nvd
CVE-2023-39218P4MEDIUMCVSS 4.9vbefore 5.14.102023-08-08
CVE-2023-39218 [MEDIUM] CWE-602 CVE-2023-39218: Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privilege
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privileged user to enable information disclosure via network access.
nvd
CVE-2024-24698P4MEDIUMCVSS 4.4vsee references2024-02-14
CVE-2024-24698 [MEDIUM] CWE-449 CVE-2024-24698: Improper authentication in some Zoom clients may allow a privileged user to conduct a disclosure of
Improper authentication in some Zoom clients may allow a privileged user to conduct a disclosure of information via local access.
nvd