Vulnerabilities > Zoom > Virtual Desktop Infrastructure > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-12-13 CVE-2023-49646 Improper Authentication vulnerability in Zoom products
Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated user to conduct a denial of service via network access.
network
low complexity
zoom CWE-287
6.5
2023-11-15 CVE-2023-43588 Unspecified vulnerability in Zoom Meetings
Insufficient control flow management in some Zoom clients may allow an authenticated user to conduct an information disclosure via network access.
network
low complexity
zoom
6.5
2023-11-14 CVE-2023-39199 Unspecified vulnerability in Zoom products
Cryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to conduct an information disclosure via network access.
network
low complexity
zoom
6.5
2023-11-14 CVE-2023-39202 Untrusted Search Path vulnerability in Zoom Rooms and Virtual Desktop Infrastructure
Untrusted search path in Zoom Rooms Client for Windows and Zoom VDI Client may allow a privileged user to conduct a denial of service via local access.
local
low complexity
zoom CWE-426
5.5
2023-11-14 CVE-2023-39205 Improper Check for Unusual or Exceptional Conditions vulnerability in Zoom products
Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to conduct a denial of service via network access.
network
low complexity
zoom CWE-754
6.5
2023-09-12 CVE-2023-39215 Improper Authentication vulnerability in Zoom Meeting Software Development KIT and Zoom
Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of service via network access.
network
low complexity
zoom CWE-287
6.5
2023-08-08 CVE-2023-36535 Unspecified vulnerability in Zoom
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enable information disclosure via network access.
network
low complexity
zoom
6.5
2023-08-08 CVE-2023-39218 Unspecified vulnerability in Zoom
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privileged user to enable information disclosure via network access.
network
low complexity
zoom
4.9
2022-08-11 CVE-2022-28755 Open Redirect vulnerability in Zoom
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.11.0 are susceptible to a URL parsing vulnerability.
network
low complexity
zoom CWE-601
6.1