Zoom Video Communications Inc Zoom For Windows vulnerabilities
3 known vulnerabilities affecting zoom_video_communications_inc/zoom_for_windows.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-34121P3HIGHCVSS 8.8vbefore 5.14.02023-06-13
CVE-2023-34121 [HIGH] CWE-79 CVE-2023-34121: Improper input validation in the Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting clients be
Improper input validation in the Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via network access.
nvd
CVE-2023-22880P3HIGHCVSS 7.5≥ unspecified, < 5.13.32023-03-16
CVE-2023-22880 [HIGH] CWE-200 CVE-2023-22880: Zoom for Windows clients before version 5.13.3, Zoom Rooms for Windows clients before version 5.13.5
Zoom for Windows clients before version 5.13.3, Zoom Rooms for Windows clients before version 5.13.5 and Zoom VDI for Windows clients before 5.13.1 contain an information disclosure vulnerability. A recent update to the Microsoft Edge WebView2 runtime used by the affected Zoom clients, transmitted text to Microsoft’s online Spellcheck service instead
nvd
CVE-2023-28599P4MEDIUMCVSS 4.3vbefore 5.13.102023-06-13
CVE-2023-28599 [MEDIUM] CWE-79 CVE-2023-28599: Zoom clients prior to 5.13.10 contain an HTML injection vulnerability. A malicious user could injec
Zoom clients prior to 5.13.10 contain an HTML injection vulnerability. A malicious user could inject HTML into their display name potentially leading a victim to a malicious website during meeting creation.
nvd