Filtered by vendor Zoom
Subscriptions
Total
225 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-22844 | 1 Zoom | 1 Zoom | 2026-04-18 | 9.9 Critical |
| A Command Injection vulnerability in Zoom Node Multimedia Routers (MMRs) before version 5.2.1716.0 may allow a meeting participant to conduct remote code execution of the MMR via network access. | ||||
| CVE-2004-0680 | 1 Zoom | 1 Model 5560 X3 Ethernet Adsl Modem | 2026-04-16 | N/A |
| Zoom X3 ADSL modem has a terminal running on port 254 that can be accessed using the default HTML management password, even if the password has been changed for the HTTP interface, which could allow remote attackers to gain unauthorized access. | ||||
| CVE-2025-49459 | 3 Arm, Microsoft, Zoom | 5 Arm, Windows, Workplace and 2 more | 2026-04-15 | 7.8 High |
| Missing authorization in the installer for Zoom Workplace for Windows on ARM before version 6.5.0 may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2025-58131 | 2 Apple, Zoom | 4 Macos, Vdi Vmware, Workplace and 1 more | 2026-04-15 | 6.6 Medium |
| Race condition in the Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon before version 6.4.10 (or before 6.2.15 and 6.3.12 in their respective tracks) may allow an authenticated user to conduct a disclosure of information via network access. | ||||
| CVE-2024-27243 | 1 Zoom | 4 Meeting Software Development Kit, Workplace, Workplace Desktop and 1 more | 2026-04-06 | 6.5 Medium |
| Buffer overflow in some Zoom Workplace Apps and SDK’s may allow an authenticated user to conduct a denial of service via network access. | ||||
| CVE-2026-30900 | 1 Zoom | 1 Workplace | 2026-03-20 | 7.8 High |
| Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2026-30901 | 1 Zoom | 1 Rooms | 2026-03-20 | 7 High |
| Improper Input Validation in Zoom Rooms for Windows before 6.6.5 in Kiosk Mode may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2026-30902 | 1 Zoom | 1 Workplace | 2026-03-20 | 7.8 High |
| Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2025-30663 | 1 Zoom | 6 Meeting Software Development Kit, Rooms, Rooms Controller and 3 more | 2026-02-26 | 8.8 High |
| Time-of-check time-of-use race condition in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2025-30664 | 1 Zoom | 6 Meeting Software Development Kit, Rooms, Rooms Controller and 3 more | 2026-02-26 | 6.6 Medium |
| Cross-site scripting in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2025-49457 | 1 Zoom | 7 Meeting Software Development Kit, Rooms, Rooms Controller and 4 more | 2026-02-26 | 9.6 Critical |
| Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access | ||||
| CVE-2025-58132 | 2 Microsoft, Zoom | 6 Windows, Meeting Software Development Kit, Rooms and 3 more | 2026-02-26 | 4.1 Medium |
| Command injection in some Zoom Clients for Windows may allow an authenticated user to conduct a disclosure of information via network access. | ||||
| CVE-2025-64740 | 2 Microsoft, Zoom | 6 Windows, Workplace, Workplace App and 3 more | 2026-02-26 | 7.5 High |
| Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client for Windows may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2025-64741 | 2 Google, Zoom | 5 Android, Meeting Software Development Kit, Workplace and 2 more | 2026-02-26 | 8.1 High |
| Improper authorization handling in Zoom Workplace for Android before version 6.5.10 may allow an unauthenticated user to conduct an escalation of privilege via network access. | ||||
| CVE-2025-30662 | 2 Apple, Zoom | 5 Macos, Workplace, Workplace App and 2 more | 2026-02-26 | 6.6 Medium |
| Symlink following in the installer for the Zoom Workplace VDI Plugin macOS Universal installer before version 6.3.14, 6.4.14, and 6.5.10 in their respective tracks may allow an authenticated user to conduct a disclosure of information via network access. | ||||
| CVE-2025-62484 | 1 Zoom | 4 Meeting Software Development Kit, Workplace, Workplace App and 1 more | 2026-02-26 | 8.1 High |
| Inefficient regular expression complexity in certain Zoom Workplace Clients before version 6.5.10 may allow an unauthenticated user to conduct an escalation of privilege via network access. | ||||
| CVE-2025-67460 | 2 Microsoft, Zoom | 3 Windows, Rooms, Zoom | 2026-02-26 | 7.8 High |
| Protection Mechanism Failure of Software Downgrade in Zoom Rooms for Windows before 6.6.0 may allow an unauthenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2023-43586 | 1 Zoom | 4 Meeting Software Development Kit, Video Software Development Kit, Virtual Desktop Infrastructure and 1 more | 2026-02-25 | 7.3 High |
| Path traversal in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows may allow an authenticated user to conduct an escalation of privilege via network access. | ||||
| CVE-2025-30669 | 1 Zoom | 7 Meeting Software Development Kit, Workplace, Workplace App and 4 more | 2026-01-13 | 4.8 Medium |
| Improper certificate validation in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via adjacent access. | ||||
| CVE-2025-62482 | 2 Microsoft, Zoom | 6 Windows, Meeting Software Development Kit, Workplace and 3 more | 2026-01-13 | 4.3 Medium |
| Cross-site scripting in Zoom Workplace for Windows before version 6.5.10 may allow an unauthenticated user to impact integrity via network access. | ||||