Approved changes feed: RSS · Atom
cpe:2.3:a:zoom:rooms:*:*:*:*:*:iphone_os:*:*
part: a version: * update: *
| Vendor | Zoom (f27b522e-dea8-5818-ba42-864516f1d399) |
|---|---|
| Product | Rooms (894ebd39-3d92-555f-83c4-48fdb7c82fc8) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | iphone_os |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-64739 |
vulnerable | 2026-06-03 15:09:39.735903 |
Zoom Clients - External Control of File Name or Path
MEDIUM (4.3)
External control of file name or path in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via network access.
Published: 2025-11-13T14:28:58.527Z
Updated: 2025-11-14T16:51:41.747Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-62483 |
vulnerable | 2026-06-03 15:07:58.911212 |
Zoom Clients - Improper Removal of Sensitive Information
MEDIUM (5.3)
Improper removal of sensitive information in certain Zoom Clients before version 6.5.10 may allow an unauthenticated user to conduct a disclosure of information via network access.
Published: 2025-11-13T15:03:07.612Z
Updated: 2025-11-13T15:15:51.024Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-58133 |
vulnerable | 2026-06-03 15:06:20.753849 |
Zoom Rooms Clients - Authentication Bypass
MEDIUM (5.3)
Authentication bypass in some Zoom Rooms Clients before version 6.5.1 may allow an unauthenticated user to conduct a disclosure of information via network access.
Published: 2025-10-15T16:13:28.273Z
Updated: 2025-11-13T14:01:37.953Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-49458 |
vulnerable | 2026-06-03 15:01:44.807912 |
Zoom Workplace Clients - Buffer Overflow
MEDIUM (6.5)
Buffer overflow in certain Zoom Workplace Clients may allow an authenticated user to conduct a denial of service via network access.
Published: 2025-09-09T21:25:52.133Z
Updated: 2025-09-10T19:34:03.844Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-28597 |
vulnerable | 2026-06-03 14:51:13.082293 |
Improper trust boundary implementation for SMB in Zoom Clients
HIGH (8.3)
Zoom clients prior to 5.13.5 contain an improper trust boundary implementation vulnerability. If a victim saves a local recording to an SMB location and later opens it using a link from Zoom’s web portal, an attacker positioned on an adjacent network to the victim client could set up a malicious SMB server to respond to client requests, causing the client to execute attacker controlled executables. This could result in an attacker gaining access to a user's device and data, and remote code execution.
Published: 2023-03-27T00:00:00.000Z
Updated: 2025-02-19T15:27:48.810Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-28764 |
vulnerable | 2026-06-03 14:46:55.986297 |
Local information exposure in Zoom Clients
LOW (3.3)
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.6 is susceptible to a local information exposure vulnerability. A failure to clear data from a local SQL database after a meeting ends and the usage of an insufficiently secure per-device key encrypting that database results in a local malicious user being able to obtain meeting information such as in-meeting chat for the previous meeting attended from that local user account.
Published: 2022-11-14T20:17:59.455Z
Updated: 2025-04-29T19:19:29.673Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.