Vulnerabilities > Zoom > Low

DATE CVE VULNERABILITY TITLE RISK
2023-07-11 CVE-2023-34117 Path Traversal vulnerability in Zoom Software Development KIT
Relative path traversal in the Zoom Client SDK before version 5.15.0 may allow an unauthorized user to enable information disclosure via local access.
local
low complexity
zoom CWE-22
3.3
2023-06-13 CVE-2023-34115 Classic Buffer Overflow vulnerability in Zoom Meeting SDK
Buffer copy without checking size of input in Zoom Meeting SDK before 5.13.0 may allow an authenticated user to potentially enable a denial of service via local access.
local
low complexity
zoom CWE-120
3.8
2022-11-14 CVE-2022-28764 Incomplete Cleanup vulnerability in Zoom Meetings, Rooms and VDI Windows Meeting Clients
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.6 is susceptible to a local information exposure vulnerability.
local
low complexity
zoom CWE-459
3.3
2020-04-01 CVE-2020-11470 Insufficient Verification of Data Authenticity vulnerability in Zoom Meetings 4.6.8
Zoom Client for Meetings through 4.6.8 on macOS has the disable-library-validation entitlement, which allows a local process (with the user's privileges) to obtain unprompted microphone and camera access by loading a crafted library and thereby inheriting Zoom Client's microphone and camera access.
local
low complexity
zoom CWE-345
3.3