Vulnerabilities > Zoom > Meetings
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-17 | CVE-2022-28768 | Race Condition vulnerability in Zoom Meetings The Zoom Client for Meetings Installer for macOS (Standard and for IT Admin) before version 5.12.6 contains a local privilege escalation vulnerability. | 7.8 |
| 2022-11-14 | CVE-2022-28764 | Incomplete Cleanup vulnerability in Zoom Meetings, Rooms and VDI Windows Meeting Clients The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.6 is susceptible to a local information exposure vulnerability. | 3.3 |
| 2022-10-31 | CVE-2022-28763 | Open Redirect vulnerability in Zoom Meetings and Virtual Desktop Infrastructure The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.2 is susceptible to a URL parsing vulnerability. | 9.6 |
| 2022-10-14 | CVE-2022-28762 | Unspecified vulnerability in Zoom Meetings 5.10.6/5.11.3/5.11.5 Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with 5.10.6 and prior to 5.12.0 contains a debugging port misconfiguration. | 7.8 |
| 2022-08-18 | CVE-2022-28757 | Unspecified vulnerability in Zoom Meetings The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and before 5.11.6 contains a vulnerability in the auto update process. | 7.8 |
| 2022-08-17 | CVE-2022-28751 | Improper Verification of Cryptographic Signature vulnerability in Zoom Meetings The Zoom Client for Meetings for MacOS (Standard and for IT Admin) before version 5.11.3 contains a vulnerability in the package signature validation during the update process. | 7.8 |
| 2022-08-15 | CVE-2022-28756 | Unspecified vulnerability in Zoom Meetings The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and before 5.11.5 contains a vulnerability in the auto update process. | 7.8 |
| 2022-06-15 | CVE-2022-22788 | Uncontrolled Search Path Element vulnerability in Zoom Meetings and Rooms The Zoom Opener installer is downloaded by a user from the Launch meeting page, when attempting to join a meeting without having the Zoom Meeting Client installed. | 7.8 |
| 2022-05-18 | CVE-2022-22787 | Improper Certificate Validation vulnerability in Zoom Meetings The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.10.0 fails to properly validate the hostname during a server switch request. | 7.5 |
| 2022-05-18 | CVE-2022-22784 | XML Injection (aka Blind XPath Injection) vulnerability in Zoom Meetings The Zoom Client for Meetings (for Android, iOS, Linux, MacOS, and Windows) before version 5.10.0 failed to properly parse XML stanzas in XMPP messages. | 8.1 |