Vulnerabilities > Zoom > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-02-14 CVE-2024-24698 Unspecified vulnerability in Zoom products
Improper authentication in some Zoom clients may allow a privileged user to conduct a disclosure of information via local access.
local
low complexity
zoom
4.4
2024-02-14 CVE-2024-24699 Unspecified vulnerability in Zoom products
Business logic error in some Zoom clients may allow an authenticated user to conduct information disclosure via network access.
network
low complexity
zoom
6.5
2023-12-13 CVE-2023-43583 Unspecified vulnerability in Zoom
Cryptographic issues Zoom Mobile App for Android, Zoom Mobile App for iOS, and Zoom SDKs for Android and iOS before version 5.16.0 may allow a privileged user to conduct a disclosure of information via network access.
network
low complexity
zoom
4.9
2023-12-13 CVE-2023-43585 Unspecified vulnerability in Zoom products
Improper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS before version 5.16.5 may allow an authenticated user to conduct a disclosure of information via network access.
network
low complexity
zoom
6.5
2023-12-13 CVE-2023-49646 Improper Authentication vulnerability in Zoom products
Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated user to conduct a denial of service via network access.
network
low complexity
zoom CWE-287
6.5
2023-11-15 CVE-2023-43588 Unspecified vulnerability in Zoom Meetings
Insufficient control flow management in some Zoom clients may allow an authenticated user to conduct an information disclosure via network access.
network
low complexity
zoom
6.5
2023-11-14 CVE-2023-39199 Unspecified vulnerability in Zoom products
Cryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to conduct an information disclosure via network access.
network
low complexity
zoom
6.5
2023-11-14 CVE-2023-39202 Untrusted Search Path vulnerability in Zoom Rooms and Virtual Desktop Infrastructure
Untrusted search path in Zoom Rooms Client for Windows and Zoom VDI Client may allow a privileged user to conduct a denial of service via local access.
local
low complexity
zoom CWE-426
5.5
2023-11-14 CVE-2023-39205 Improper Check for Unusual or Exceptional Conditions vulnerability in Zoom products
Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to conduct a denial of service via network access.
network
low complexity
zoom CWE-754
6.5
2023-09-12 CVE-2023-39201 Untrusted Search Path vulnerability in Zoom Cleanzoom
Untrusted search path in CleanZoom before file date 07/24/2023 may allow a privileged user to conduct an escalation of privilege via local access.
local
low complexity
zoom CWE-426
6.7