cbcvebase.

Zoom Video Communications Inc Zoom Clients vulnerabilities

16 known vulnerabilities affecting zoom_video_communications_inc/zoom_clients.

Total CVEs
16
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH6MEDIUM10

Vulnerabilities

Page 1 of 1
CVE-2023-43582P3HIGHCVSS 8.8vsee references2023-11-15
CVE-2023-43582 [HIGH] CWE-939 CVE-2023-43582: Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation of Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation of privilege via network access.
nvd
CVE-2023-36532P3HIGHCVSS 7.5vbefore 5.14.52023-08-08
CVE-2023-36532 [HIGH] CWE-122 CVE-2023-36532: Buffer overflow in Zoom Clients before 5.14.5 may allow an unauthenticated user to enable a denial o Buffer overflow in Zoom Clients before 5.14.5 may allow an unauthenticated user to enable a denial of service via network access.
nvd
CVE-2023-39206P3HIGHCVSS 7.5vsee references2023-11-14
CVE-2023-39206 [HIGH] CWE-120 CVE-2023-39206: Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of servic Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.
nvd
CVE-2023-39204P3HIGHCVSS 7.5vsee references2023-11-14
CVE-2023-39204 [HIGH] CWE-120 CVE-2023-39204: Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of servic Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.
nvd
CVE-2024-24697P3HIGHCVSS 7.8vsee references2024-02-14
CVE-2024-24697 [HIGH] CWE-426 CVE-2024-24697: Untrusted search path in some Zoom 32 bit Windows clients may allow an authenticated user to conduct Untrusted search path in some Zoom 32 bit Windows clients may allow an authenticated user to conduct an escalation of privilege via local access.
nvd
CVE-2023-36539P3HIGHCVSS 7.5vSee references link for ZSB-230252023-06-30
CVE-2023-36539 [HIGH] CWE-200 CVE-2023-36539: Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sens Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive information.
nvd
CVE-2024-24699P3MEDIUMCVSS 6.5vsee references2024-02-14
CVE-2024-24699 [MEDIUM] CVE-2024-24699: Business logic error in some Zoom clients may allow an authenticated user to conduct information dis Business logic error in some Zoom clients may allow an authenticated user to conduct information disclosure via network access.
nvd
CVE-2023-43588P3MEDIUMCVSS 6.5vsee references2023-11-15
CVE-2023-43588 [MEDIUM] CWE-449 CVE-2023-43588: Insufficient control flow management in some Zoom clients may allow an authenticated user to conduct Insufficient control flow management in some Zoom clients may allow an authenticated user to conduct an information disclosure via network access.
nvd
CVE-2023-36535P3MEDIUMCVSS 6.5vbefore 5.14.102023-08-08
CVE-2023-36535 [MEDIUM] CWE-449 CVE-2023-36535: Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenti Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enable information disclosure via network access.
nvd
CVE-2023-39199P4MEDIUMCVSS 6.5vsee references2023-11-14
CVE-2023-39199 [MEDIUM] CWE-325 CVE-2023-39199: Cryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to condu Cryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to conduct an information disclosure via network access.
nvd
CVE-2024-24690P4MEDIUMCVSS 6.5vsee references2024-02-14
CVE-2024-24690 [MEDIUM] CWE-1284 CVE-2024-24690: Improper input validation in some Zoom clients may allow an authenticated user to conduct a denial o Improper input validation in some Zoom clients may allow an authenticated user to conduct a denial of service via network access.
nvd
CVE-2023-39215P4MEDIUMCVSS 6.5vsee reference2023-09-12
CVE-2023-39215 [MEDIUM] CWE-449 CVE-2023-39215: Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of servi Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of service via network access.
nvd
CVE-2023-39205P4MEDIUMCVSS 6.5vsee references2023-11-14
CVE-2023-39205 [MEDIUM] CWE-754 CVE-2023-39205: Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to cond Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to conduct a denial of service via network access.
nvd
CVE-2023-49646P4MEDIUMCVSS 6.5vSee references2023-12-13
CVE-2023-49646 [MEDIUM] CWE-347 CVE-2023-49646: Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated user t Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated user to conduct a denial of service via network access.
nvd
CVE-2023-39218P4MEDIUMCVSS 4.9vbefore 5.14.102023-08-08
CVE-2023-39218 [MEDIUM] CWE-602 CVE-2023-39218: Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privilege Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privileged user to enable information disclosure via network access.
nvd
CVE-2024-24698P4MEDIUMCVSS 4.4vsee references2024-02-14
CVE-2024-24698 [MEDIUM] CWE-449 CVE-2024-24698: Improper authentication in some Zoom clients may allow a privileged user to conduct a disclosure of Improper authentication in some Zoom clients may allow a privileged user to conduct a disclosure of information via local access.
nvd
Zoom Video Communications Inc Zoom Clients vulnerabilities | cvebase