Vulnerabilidades em Zoom Video Communications, Inc.
65 resultadosCVE-2024-24696MEDIUMZoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows - Improper Input ValidationEPSS 0.8%CVE-2024-24695MEDIUM Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows - Improper Input ValidationEPSS 0.8%CVE-2023-39209MEDIUMImproper input validation in Zoom Desktop Client for Windows before 5.15.5 may allow an authenticated user to enable an information disclosuEPSS 0.8%CVE-2023-28599MEDIUMZoom clients prior to 5.13.10 contain an HTML injection vulnerability. A malicious user could inject HTML into their display name potentiaEPSS 0.7%CVE-2023-36533HIGHUncontrolled resource consumption in Zoom SDKs before 5.14.7 may allow an unauthenticated user to enable a denial of service via network accEPSS 0.7%CVE-2023-43582MEDIUMImproper authorization in some Zoom clients may allow an authorized user to conduct an escalation of privilege via network access.EPSS 0.7%CVE-2023-43588LOWInsufficient control flow management in some Zoom clients may allow an authenticated user to conduct an information disclosure via network aEPSS 0.7%CVE-2023-39199MEDIUMCryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to conduct an information disclosure via networkEPSS 0.6%CVE-2023-43585HIGHImproper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS before version 5.16.5 may allow an authenticated user to conduct a EPSS 0.6%CVE-2024-24690MEDIUMZoom Clients - Improper Input ValidationEPSS 0.6%CVE-2023-43583MEDIUMCryptographic issues Zoom Mobile App for Android, Zoom Mobile App for iOS, and Zoom SDKs for Android and iOS before version 5.16.0 may allowEPSS 0.6%CVE-2023-28598HIGHZoom for Linux clients prior to 5.13.10 contain an HTML injection vulnerability. If a victim starts a chat with a malicious user it could rEPSS 0.5%CVE-2023-39208MEDIUMImproper input validation in Zoom Desktop Client for Linux before version 5.15.10 may allow an unauthenticated user to conduct a denial of sEPSS 0.5%CVE-2024-24698MEDIUMZoom Clients - Improper AuthenticationEPSS 0.5%CVE-2024-27242MEDIUMZoom Desktop Client for Linux - Cross Site ScriptingEPSS 0.5%CVE-2023-36541HIGHInsufficient verification of data authenticity in Zoom Desktop Client for Windows before 5.14.5 may allow an authenticated user to enable anEPSS 0.5%CVE-2023-36539MEDIUMExposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive information.EPSS 0.4%CVE-2024-27243MEDIUMZoom Apps - Buffer OverflowEPSS 0.4%CVE-2023-49646MEDIUMImproper authentication in some Zoom clients before version 5.16.5 may allow an authenticated user to conduct a denial of service via networEPSS 0.4%CVE-2023-28602LOWZoom for Windows clients prior to 5.13.5 contain an improper verification of cryptographic signature vulnerability. A malicious user may poEPSS 0.3%