Vulnerabilities > Zoom > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-13 | CVE-2023-43585 | Unspecified vulnerability in Zoom products Improper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS before version 5.16.5 may allow an authenticated user to conduct a disclosure of information via network access. | 6.5 |
| 2023-12-13 | CVE-2023-49646 | Improper Authentication vulnerability in Zoom products Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated user to conduct a denial of service via network access. | 6.5 |
| 2023-11-15 | CVE-2023-43588 | Unspecified vulnerability in Zoom Meetings Insufficient control flow management in some Zoom clients may allow an authenticated user to conduct an information disclosure via network access. | 6.5 |
| 2023-11-14 | CVE-2023-39199 | Unspecified vulnerability in Zoom products Cryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to conduct an information disclosure via network access. | 6.5 |
| 2023-11-14 | CVE-2023-39202 | Untrusted Search Path vulnerability in Zoom Rooms and Virtual Desktop Infrastructure Untrusted search path in Zoom Rooms Client for Windows and Zoom VDI Client may allow a privileged user to conduct a denial of service via local access. | 5.5 |
| 2023-11-14 | CVE-2023-39205 | Improper Check for Unusual or Exceptional Conditions vulnerability in Zoom products Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to conduct a denial of service via network access. | 6.5 |
| 2023-09-12 | CVE-2023-39201 | Untrusted Search Path vulnerability in Zoom Cleanzoom Untrusted search path in CleanZoom before file date 07/24/2023 may allow a privileged user to conduct an escalation of privilege via local access. | 6.7 |
| 2023-09-12 | CVE-2023-39215 | Improper Authentication vulnerability in Zoom Meeting Software Development KIT and Zoom Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of service via network access. | 6.5 |
| 2023-08-08 | CVE-2023-39209 | Improper Input Validation vulnerability in Zoom Improper input validation in Zoom Desktop Client for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via network access. | 6.5 |
| 2023-08-08 | CVE-2023-39210 | Cleartext Storage of Sensitive Information vulnerability in Zoom Meeting Software Development KIT 5.14.10/5.14.7 Cleartext storage of sensitive information in Zoom Client SDK for Windows before 5.15.0 may allow an authenticated user to enable an information disclosure via local access. | 5.5 |