Vulnerabilities > Zoom > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-08-08 CVE-2023-39212 Untrusted Search Path vulnerability in Zoom Rooms
Untrusted search path in Zoom Rooms for Windows before version 5.15.5 may allow an authenticated user to enable a denial of service via local access.
local
low complexity
zoom CWE-426
5.5
2023-08-08 CVE-2023-36535 Unspecified vulnerability in Zoom
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enable information disclosure via network access.
network
low complexity
zoom
6.5
2023-08-08 CVE-2023-39218 Unspecified vulnerability in Zoom
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privileged user to enable information disclosure via network access.
network
low complexity
zoom
4.9
2023-06-13 CVE-2023-34114 Exposure of Resource to Wrong Sphere vulnerability in Zoom
Exposure of resource to wrong sphere in Zoom for Windows and Zoom for MacOS clients before 5.14.10 may allow an authenticated user to potentially enable information disclosure via network access.
network
low complexity
zoom CWE-668
6.5
2023-06-13 CVE-2023-28600 Unspecified vulnerability in Zoom
Zoom for MacOSclients prior to 5.14.0 contain an improper access control vulnerability.
network
low complexity
zoom
5.4
2023-06-13 CVE-2023-28601 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Zoom
Zoom for Windows clients prior to 5.14.0 contain an improper restriction of operations within the bounds of a memory buffer vulnerability.
network
low complexity
zoom CWE-119
6.5
2023-06-13 CVE-2023-28598 Injection vulnerability in Zoom
Zoom for Linux clients prior to 5.13.10 contain an HTML injection vulnerability.
network
low complexity
zoom CWE-74
6.5
2023-06-13 CVE-2023-28599 Injection vulnerability in Zoom
Zoom clients prior to 5.13.10 contain an HTML injection vulnerability.
network
low complexity
zoom CWE-74
4.3
2022-10-14 CVE-2022-28760 Unspecified vulnerability in Zoom On-Premise Meeting Connector MMR 4.6.239.20200613/4.6.365.20210703/4.8.102.20220310
Zoom On-Premise Meeting Connector MMR before version 4.8.20220815.130 contains an improper access control vulnerability.
network
low complexity
zoom
6.5
2022-10-14 CVE-2022-28761 Unspecified vulnerability in Zoom On-Premise Meeting Connector MMR
Zoom On-Premise Meeting Connector MMR before version 4.8.20220916.131 contains an improper access control vulnerability.
network
low complexity
zoom
6.5