📦 Rooms

This vulnerability allows an unauthenticated attacker on the same network to escalate privileges on Windows systems running vulnerable Zoom clients. Attackers can exploit an untrusted search path issu...

This vulnerability allows an unauthenticated attacker on the same network to escalate privileges on Windows systems running affected Zoom software. It affects Zoom Desktop Client for Windows, Zoom VDI...

A protection mechanism failure in Zoom Rooms for Windows allows unauthenticated local attackers to downgrade software versions and escalate privileges. This affects organizations using Zoom Rooms for ...

A time-of-check time-of-use race condition vulnerability in Zoom Workplace Apps allows authenticated local users to escalate privileges. This affects users running vulnerable versions of Zoom Workplac...

This CVE describes a use-after-free vulnerability in Zoom Workplace Apps that allows authenticated users to escalate privileges through network access. The vulnerability affects users of Zoom Workplac...

A buffer overflow vulnerability in some Zoom Apps allows authenticated users to escalate privileges through network access. This affects Zoom Apps users who have network connectivity to vulnerable sys...

An improper input validation vulnerability in certain Zoom Apps allows unauthenticated attackers to access sensitive information via network access. This affects Zoom Apps that haven't been updated to...

A buffer overflow vulnerability in Zoom Workplace Apps and Rooms Clients allows authenticated users to escalate privileges through network access. This affects organizations using Zoom's workplace col...

This CVE describes a protection mechanism failure in some Zoom Workplace Apps and SDKs that allows authenticated users to access sensitive information via network connections. The vulnerability enable...

This vulnerability allows authenticated Windows users with local access to escalate privileges through improper input validation in Zoom Apps installers. Attackers could gain elevated system permissio...

An improper access control vulnerability in the Zoom Rooms Client for Windows installer allows authenticated local users to cause denial of service. This affects organizations using Zoom Rooms on Wind...

This vulnerability allows an authenticated user on a Windows system to escalate privileges by exploiting an untrusted search path in Zoom's 32-bit client. Attackers could gain higher system permission...

This vulnerability in Zoom Rooms for macOS allows authenticated users with local access to escalate privileges through improper link following. Attackers could gain higher system permissions than inte...

This vulnerability in Zoom Desktop Client and Zoom Rooms for Windows allows authenticated local users to access sensitive information they shouldn't have permission to view. It affects Windows users r...

This vulnerability in Zoom Rooms for Windows allows authenticated local users to escalate their privileges on the system. Attackers with standard user accounts could gain administrative access. Only W...

This vulnerability in Zoom Rooms for Windows allows authenticated users with local access to escalate privileges on the system. It affects organizations using Zoom Rooms software on Windows devices be...

Zoom clients before version 5.13.5 have a vulnerability where saving recordings to SMB locations and opening them via Zoom's web portal can allow adjacent network attackers to intercept requests with ...

This vulnerability allows attackers to trick users into downgrading their Zoom client to a less secure version by exploiting improper version checking during updates. It affects Windows users running ...

This vulnerability allows a malicious actor with local access to a macOS system to exploit improper permissions on installation scripts, potentially executing arbitrary commands with elevated privileg...

This vulnerability allows local privilege escalation during Zoom Rooms for Windows installation. If the installer runs with elevated privileges (like via SCCM), attackers can launch Internet Explorer ...

This vulnerability in Zoom Rooms for macOS allows authenticated local users to control file paths, potentially leading to information disclosure. It affects Zoom Rooms for macOS versions before 6.6.0 ...

This vulnerability in Zoom Clients allows unauthenticated attackers to control file paths, potentially leading to information disclosure via network access. It affects Zoom users running vulnerable cl...

This vulnerability in Zoom Clients allows unauthenticated attackers to access sensitive information through network access due to improper data removal. It affects Zoom Client users running versions b...

An authentication bypass vulnerability in Zoom Rooms Clients allows unauthenticated attackers to access sensitive information via network access. This affects organizations using Zoom Rooms software f...

This CVE describes a command injection vulnerability in Zoom Clients for Windows that allows authenticated users to execute arbitrary commands, potentially leading to information disclosure. The vulne...

This vulnerability in Zoom Workplace Clients for Windows allows unauthenticated attackers to access sensitive information through network connections. It affects Windows users running vulnerable versi...

A cross-site scripting vulnerability in certain Zoom Workplace Clients allows unauthenticated attackers to conduct denial of service attacks via network access. This affects users running vulnerable v...

This CVE describes an incorrect authorization vulnerability in Zoom Workplace Clients for Windows that allows authenticated users to potentially modify data or settings via network access. The vulnera...

A race condition vulnerability in Zoom Client for Windows installers could allow an unauthenticated local attacker to compromise application integrity during installation. This affects users installin...

A buffer over-read vulnerability in Zoom Workplace Apps for Windows allows authenticated users to cause denial of service through network access. This affects Zoom Workplace users on Windows systems w...

A NULL pointer dereference vulnerability in Zoom Workplace Apps for Windows allows authenticated users to cause a denial of service through network access. This affects Zoom Workplace users on Windows...

A NULL pointer dereference vulnerability in Zoom Workplace Apps for Windows allows authenticated users to cause denial of service through network access. This affects Zoom Workplace users on Windows s...

A null pointer dereference vulnerability in Zoom Workplace Apps for Windows allows authenticated users to cause denial of service through network access. This affects users running vulnerable versions...

This cross-site scripting (XSS) vulnerability in Zoom Workplace Apps allows an unauthenticated attacker on the same network to inject malicious scripts into web pages. The vulnerability enables integr...

This vulnerability in Zoom Workplace Apps allows unprivileged users to cause denial of service attacks by exploiting insufficient data authenticity verification. Attackers can disrupt Zoom services vi...

A use-after-free vulnerability in Zoom Workplace Apps and SDKs allows authenticated users to cause denial of service through network access. This affects users of vulnerable Zoom applications who have...

A use-after-free vulnerability in Zoom Workplace Apps and SDKs allows authenticated users to cause denial of service through network access. This affects users of vulnerable Zoom applications who have...

This vulnerability in Zoom macOS installers allows authenticated users to escalate privileges via symlink attacks when network access is available. It affects macOS users running Zoom apps before vers...

A business logic error in certain Zoom Workplace applications allows unauthenticated attackers to access sensitive information via network access. This affects organizations using vulnerable Zoom Work...

This vulnerability in Zoom Workplace Apps allows privileged users to access information they shouldn't have permission to view through incorrect ownership assignment. It affects organizations using Zo...

This CVE describes a local privilege escalation vulnerability in Zoom Workplace Apps for Windows installers. An authorized user with local access can exploit an untrusted search path to gain elevated ...

An improper input validation vulnerability in Zoom Apps before version 6.2.0 allows unauthenticated attackers to cause denial of service via network access. This affects Zoom Apps users running vulner...

A buffer overflow vulnerability in Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers allows authenticated users to cause denial of service via network access. This affects organizations ...

A privilege escalation vulnerability in Zoom's macOS installers allows local privileged users to gain higher system privileges. This affects Zoom Workplace Desktop App, Zoom Meeting SDK, and Zoom Room...

This vulnerability allows privileged users within Zoom Workplace environments to access sensitive information through network connections. It affects Zoom Workplace Apps, SDKs, Rooms Clients, and Room...

This CVE describes a missing authorization vulnerability in Zoom Workplace components that could allow privileged users to access sensitive information they shouldn't have permission to view. The vuln...