Vulnerabilities > Zoom > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-13 | CVE-2024-24692 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Zoom Rooms Race condition in the installer for Zoom Rooms Client for Windows before version 5.17.5 may allow an authenticated user to conduct a denial of service via local access. | 4.7 |
| 2024-03-13 | CVE-2024-24693 | Unspecified vulnerability in Zoom Rooms Improper access control in the installer for Zoom Rooms Client for Windows before version 5.17.5 may allow an authenticated user to conduct a denial of service via local access. | 5.5 |
| 2023-12-13 | CVE-2023-43583 | Unspecified vulnerability in Zoom Cryptographic issues Zoom Mobile App for Android, Zoom Mobile App for iOS, and Zoom SDKs for Android and iOS before version 5.16.0 may allow a privileged user to conduct a disclosure of information via network access. | 4.9 |
| 2023-12-13 | CVE-2023-43585 | Unspecified vulnerability in Zoom products Improper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS before version 5.16.5 may allow an authenticated user to conduct a disclosure of information via network access. | 6.5 |
| 2023-12-13 | CVE-2023-49646 | Improper Authentication vulnerability in Zoom products Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated user to conduct a denial of service via network access. | 6.5 |
| 2023-11-15 | CVE-2023-43588 | Unspecified vulnerability in Zoom Meetings Insufficient control flow management in some Zoom clients may allow an authenticated user to conduct an information disclosure via network access. | 6.5 |
| 2023-11-14 | CVE-2023-39199 | Unspecified vulnerability in Zoom products Cryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to conduct an information disclosure via network access. | 6.5 |
| 2023-11-14 | CVE-2023-39202 | Untrusted Search Path vulnerability in Zoom Rooms and Virtual Desktop Infrastructure Untrusted search path in Zoom Rooms Client for Windows and Zoom VDI Client may allow a privileged user to conduct a denial of service via local access. | 5.5 |
| 2023-11-14 | CVE-2023-39205 | Improper Check for Unusual or Exceptional Conditions vulnerability in Zoom products Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to conduct a denial of service via network access. | 6.5 |
| 2023-09-12 | CVE-2023-39201 | Untrusted Search Path vulnerability in Zoom Cleanzoom Untrusted search path in CleanZoom before file date 07/24/2023 may allow a privileged user to conduct an escalation of privilege via local access. | 6.7 |