Approved changes feed: RSS · Atom
cpe:2.3:a:zoom:rooms:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Zoom (f27b522e-dea8-5818-ba42-864516f1d399) |
|---|---|
| Product | Rooms (894ebd39-3d92-555f-83c4-48fdb7c82fc8) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-24699 |
vulnerable | 2026-06-03 14:55:05.559437 |
Zoom Clients - Business Logic Error
MEDIUM (6.5)
Business logic error in some Zoom clients may allow an authenticated user to conduct information disclosure via network access.
Published: 2024-02-13T23:58:44.327Z
Updated: 2025-03-13T17:31:26.034Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-24697 |
vulnerable | 2026-06-03 14:55:05.555083 |
Zoom Clients - Untrusted Search Path
HIGH (7.2)
Untrusted search path in some Zoom 32 bit Windows clients may allow an authenticated user to conduct an escalation of privilege via local access.
Published: 2024-02-13T23:53:43.589Z
Updated: 2025-05-08T15:34:41.744Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-24690 |
vulnerable | 2026-06-03 14:55:05.537669 |
Zoom Clients - Improper Input Validation
MEDIUM (5.4)
Improper input validation in some Zoom clients may allow an authenticated user to conduct a denial of service via network access.
Published: 2024-02-14T00:00:04.089Z
Updated: 2024-09-20T14:50:06.835Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-34409 |
vulnerable | 2026-06-03 14:44:44.908540 |
Zoom Client Installer Local Privilege Escalation
HIGH (7.8)
It was discovered that the installation packages of the Zoom Client for Meetings for MacOS (Standard and for IT Admin) installation before version 5.2.0, Zoom Client Plugin for Sharing iPhone/iPad before version 5.2.0, and Zoom Rooms for Conference before version 5.1.0, copy pre- and post- installation shell scripts to a user-writable directory. In the affected products listed below, a malicious actor with local access to a user's machine could use this flaw to potentially run arbitrary system commands in a higher privileged context during the installation process.
Published: 2021-09-27T13:55:40.225Z
Updated: 2024-09-16T23:46:09.631Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.