Filtered by vendor Zoom
Subscriptions
Total
229 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-30905 | 1 Zoom | 2 Workplace Vdi Plugin, Workplace Virtual Desktop Infrastructure | 2026-06-03 | 7.8 High |
| External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2026-30906 | 1 Zoom | 1 Rooms | 2026-06-03 | 7.8 High |
| Untrusted search path in the installer for Zoom Rooms for Windows before version 7.0.0 may allow an authenticated user to enable an escalation of privilege via local access. | ||||
| CVE-2026-30904 | 2 Zoom, Zoom Communications | 2 Workplace, Zoom Workplace | 2026-06-03 | 1.8 Low |
| Protection Mechanism Failure in Zoom Workplace for iOS before version 7.0.0 may allow an authenticated user to conduct a disclosure of information via physical access. | ||||
| CVE-2022-22786 | 1 Zoom | 2 Meetings, Rooms | 2026-06-02 | 7.5 High |
| The Zoom Client for Meetings for Windows before version 5.10.0 and Zoom Rooms for Conference Room for Windows before version 5.10.0, fails to properly check the installation version during the update process. This issue could be used in a more sophisticated attack to trick a user into downgrading their Zoom client to a less secure version. | ||||
| CVE-2025-27442 | 1 Zoom | 6 Meeting Software Development Kit, Rooms, Rooms Controller and 3 more | 2026-05-15 | 4.6 Medium |
| Cross site scripting in some Zoom Workplace Apps may allow an unauthenticated user to conduct a loss of integrity via adjacent network access. | ||||
| CVE-2025-27441 | 1 Zoom | 6 Meeting Software Development Kit, Rooms, Rooms Controller and 3 more | 2026-05-15 | 4.6 Medium |
| Cross site scripting in some Zoom Workplace Apps may allow an unauthenticated user to conduct a loss of integrity via adjacent network access. | ||||
| CVE-2026-30903 | 2 Zoom, Zoom Communications | 3 Workplace Desktop, Workplace Virtual Desktop Infrastructure, Zoom Workplace | 2026-05-14 | 9.6 Critical |
| External Control of File Name or Path in the Mail feature of Zoom Workplace for Windows before 6.6.0 may allow an unauthenticated user to conduct an escalation of privilege via network access. | ||||
| CVE-2026-30901 | 1 Zoom | 1 Rooms | 2026-05-14 | 7 High |
| Improper Input Validation in Zoom Rooms for Windows before 6.6.5 in Kiosk Mode may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2026-30902 | 1 Zoom | 4 Rooms, Workplace, Workplace Desktop and 1 more | 2026-05-14 | 7.8 High |
| Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2026-22844 | 1 Zoom | 1 Zoom | 2026-04-18 | 9.9 Critical |
| A Command Injection vulnerability in Zoom Node Multimedia Routers (MMRs) before version 5.2.1716.0 may allow a meeting participant to conduct remote code execution of the MMR via network access. | ||||
| CVE-2004-0680 | 1 Zoom | 1 Model 5560 X3 Ethernet Adsl Modem | 2026-04-16 | N/A |
| Zoom X3 ADSL modem has a terminal running on port 254 that can be accessed using the default HTML management password, even if the password has been changed for the HTTP interface, which could allow remote attackers to gain unauthorized access. | ||||
| CVE-2025-49459 | 3 Arm, Microsoft, Zoom | 5 Arm, Windows, Workplace and 2 more | 2026-04-15 | 7.8 High |
| Missing authorization in the installer for Zoom Workplace for Windows on ARM before version 6.5.0 may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2025-58131 | 2 Apple, Zoom | 4 Macos, Vdi Vmware, Workplace and 1 more | 2026-04-15 | 6.6 Medium |
| Race condition in the Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon before version 6.4.10 (or before 6.2.15 and 6.3.12 in their respective tracks) may allow an authenticated user to conduct a disclosure of information via network access. | ||||
| CVE-2024-27243 | 1 Zoom | 4 Meeting Software Development Kit, Workplace, Workplace Desktop and 1 more | 2026-04-06 | 6.5 Medium |
| Buffer overflow in some Zoom Workplace Apps and SDK’s may allow an authenticated user to conduct a denial of service via network access. | ||||
| CVE-2026-30900 | 1 Zoom | 1 Workplace | 2026-03-20 | 7.8 High |
| Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2025-30663 | 1 Zoom | 6 Meeting Software Development Kit, Rooms, Rooms Controller and 3 more | 2026-02-26 | 8.8 High |
| Time-of-check time-of-use race condition in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2025-30664 | 1 Zoom | 6 Meeting Software Development Kit, Rooms, Rooms Controller and 3 more | 2026-02-26 | 6.6 Medium |
| Cross-site scripting in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access. | ||||
| CVE-2025-49457 | 1 Zoom | 7 Meeting Software Development Kit, Rooms, Rooms Controller and 4 more | 2026-02-26 | 9.6 Critical |
| Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access | ||||
| CVE-2025-58132 | 2 Microsoft, Zoom | 6 Windows, Meeting Software Development Kit, Rooms and 3 more | 2026-02-26 | 4.1 Medium |
| Command injection in some Zoom Clients for Windows may allow an authenticated user to conduct a disclosure of information via network access. | ||||
| CVE-2025-64740 | 2 Microsoft, Zoom | 6 Windows, Workplace, Workplace App and 3 more | 2026-02-26 | 7.5 High |
| Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client for Windows may allow an authenticated user to conduct an escalation of privilege via local access. | ||||