Vulnerabilities > Zoom > Virtual Desktop Infrastructure > 5.7.2

DATE CVE VULNERABILITY TITLE RISK
2023-11-14 CVE-2023-39206 Classic Buffer Overflow vulnerability in Zoom products
Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.
network
low complexity
zoom CWE-120
7.5
7.5
2023-09-12 CVE-2023-39215 Improper Authentication vulnerability in Zoom Meeting Software Development KIT and Zoom
Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of service via network access.
network
low complexity
zoom CWE-287
6.5
6.5
2023-08-08 CVE-2023-39213 Injection vulnerability in Zoom Virtual Desktop Infrastructure and Zoom
Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client before 5.15.2 may allow an unauthenticated user to enable an escalation of privilege via network access.
network
low complexity
zoom CWE-74
critical
 9.8
9.8
2023-08-08 CVE-2023-36532 Out-of-bounds Write vulnerability in Zoom Rooms and Zoom
Buffer overflow in Zoom Clients before 5.14.5 may allow an unauthenticated user to enable a denial of service via network access.
network
low complexity
zoom CWE-787
7.5
7.5
2023-08-08 CVE-2023-36535 Unspecified vulnerability in Zoom
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enable information disclosure via network access.
network
low complexity
zoom
6.5
6.5
2023-08-08 CVE-2023-39218 Unspecified vulnerability in Zoom
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privileged user to enable information disclosure via network access.
network
low complexity
zoom
4.9
4.9
2023-06-13 CVE-2023-28603 Unspecified vulnerability in Zoom Virtual Desktop Infrastructure
Zoom VDI client installer prior to 5.14.0 contains an improper access control vulnerability.
local
low complexity
zoom
7.1
7.1
2023-06-13 CVE-2023-34120 Unspecified vulnerability in Zoom Virtual Desktop Infrastructure
Improper privilege management in Zoom for Windows, Zoom Rooms for Windows, and Zoom VDI for Windows clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via local access.
local
low complexity
zoom
7.8
7.8
2023-06-13 CVE-2023-34121 Unspecified vulnerability in Zoom
Improper input validation in the Zoom for Windows, Zoom Rooms, Zoom VDI Windows Meeting clients before 5.14.0 may allow an authenticated user to potentially enable an escalation of privilege via network access.
network
low complexity
zoom
8.8
8.8