Meeting Software Development Kit
Approved changes feed: RSS · Atom
cpe:2.3:a:zoom:meeting_software_development_kit:*:*:*:*:*:windows:*:*
part: a version: * update: *
| Vendor | Zoom (f27b522e-dea8-5818-ba42-864516f1d399) |
|---|---|
| Product | Meeting Software Development Kit (78c389b8-f75e-5941-8bb0-2ea14c65cfca) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | windows |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-30900 |
vulnerable | 2026-06-03 15:19:26.077989 |
Zoom Workplace Clients for Windows - Improper Check
HIGH (7.8)
Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access.
Published: 2026-03-11T14:44:36.366Z
Updated: 2026-03-12T03:55:30.656Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-64739 |
vulnerable | 2026-06-03 15:09:39.734946 |
Zoom Clients - External Control of File Name or Path
MEDIUM (4.3)
External control of file name or path in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via network access.
Published: 2025-11-13T14:28:58.527Z
Updated: 2025-11-14T16:51:41.747Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-62483 |
vulnerable | 2026-06-03 15:07:58.910035 |
Zoom Clients - Improper Removal of Sensitive Information
MEDIUM (5.3)
Improper removal of sensitive information in certain Zoom Clients before version 6.5.10 may allow an unauthenticated user to conduct a disclosure of information via network access.
Published: 2025-11-13T15:03:07.612Z
Updated: 2025-11-13T15:15:51.024Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-62482 |
vulnerable | 2026-06-03 15:07:58.906344 |
Zoom Workplace for Windows - Cross-site Scripting
MEDIUM (4.3)
Cross-site scripting in Zoom Workplace for Windows before version 6.5.10 may allow an unauthenticated user to impact integrity via network access.
Published: 2025-11-13T14:56:25.642Z
Updated: 2025-11-13T15:38:29.563Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-58135 |
vulnerable | 2026-06-03 15:06:20.763940 |
Zoom Workplace Clients for Windows - Improper Action Enforcement
MEDIUM (5.3)
Improper action enforcement in certain Zoom Workplace Clients for Windows may allow an unauthenticated user to conduct a disclosure of information via network access.
Published: 2025-09-09T21:45:52.362Z
Updated: 2025-09-10T19:33:42.439Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-58134 |
vulnerable | 2026-06-03 15:06:20.761202 |
Zoom Workplace Clients for Windows - Incorrect Authorization
MEDIUM (4.3)
Incorrect authorization in certain Zoom Workplace Clients for Windows may allow an authenticated user to conduct an impact to integrity via network access.
Published: 2025-09-09T21:44:01.928Z
Updated: 2025-09-10T20:24:12.585Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-58132 |
vulnerable | 2026-06-03 15:06:20.744382 |
Zoom Clients for Windows - Command Injection
MEDIUM (4.1)
Command injection in some Zoom Clients for Windows may allow an authenticated user to conduct a disclosure of information via network access.
Published: 2025-10-15T16:10:20.442Z
Updated: 2026-02-26T16:57:29.169Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-49461 |
vulnerable | 2026-06-03 15:01:44.822399 |
Zoom Workplace Clients - Cross-site Scripting
MEDIUM (4.3)
Cross-site scripting in certain Zoom Workplace Clients may allow an unauthenticated user to conduct a denial of service via network access.
Published: 2025-09-09T21:42:05.838Z
Updated: 2025-09-10T20:24:36.497Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-49460 |
vulnerable | 2026-06-03 15:01:44.815664 |
Zoom Workplace Clients - Argument Injection
MEDIUM (4.3)
Uncontrolled resource consumption in certain Zoom Workplace Clients may allow an unauthenticated user to conduct a denial of service via network access.
Published: 2025-09-09T21:38:40.910Z
Updated: 2025-09-10T20:25:08.077Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-49458 |
vulnerable | 2026-06-03 15:01:44.807012 |
Zoom Workplace Clients - Buffer Overflow
MEDIUM (6.5)
Buffer overflow in certain Zoom Workplace Clients may allow an authenticated user to conduct a denial of service via network access.
Published: 2025-09-09T21:25:52.133Z
Updated: 2025-09-10T19:34:03.844Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-49457 |
vulnerable | 2026-06-03 15:01:44.801907 |
Zoom Clients for Windows - Untrusted Search Path
CRITICAL (9.6)
Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access
Published: 2025-08-12T22:54:20.362Z
Updated: 2026-02-26T17:48:42.934Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-49456 |
vulnerable | 2026-06-03 15:01:44.798407 |
Zoom Clients for Windows- Race Condition
MEDIUM (6.2)
Race condition in the installer for certain Zoom Clients for Windows may allow an unauthenticated user to impact application integrity via local access.
Published: 2025-08-12T22:52:22.718Z
Updated: 2025-08-13T13:24:11.169Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-46786 |
vulnerable | 2026-06-03 15:01:28.023085 |
Zoom Workplace Apps - Cross-site Scripting
MEDIUM (4.3)
Cross-site scripting in some Zoom Workplace Apps may allow an authenticated user to impact app integrity via network access.
Published: 2025-05-14T17:42:30.374Z
Updated: 2025-10-02T20:59:29.011Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-46785 |
vulnerable | 2026-06-03 15:01:28.014417 |
Zoom Workplace Apps for Windows - Buffer Over-read
MEDIUM (6.5)
Buffer over-read in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
Published: 2025-05-14T17:41:06.374Z
Updated: 2025-05-14T19:00:08.453Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-30671 |
vulnerable | 2026-06-03 15:00:29.250633 |
Zoom Workplace Apps for Windows - Null Pointer
MEDIUM (6.5)
Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
Published: 2025-04-08T16:21:01.713Z
Updated: 2025-04-08T20:14:04.268Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-30670 |
vulnerable | 2026-06-03 15:00:29.250015 |
Zoom Workplace Apps for Windows - Null Pointer
MEDIUM (6.5)
Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
Published: 2025-04-08T16:20:54.607Z
Updated: 2025-04-08T20:20:47.470Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-30669 |
vulnerable | 2026-06-03 15:00:29.249280 |
Zoom Workplace Clients - Improper Certificate Validation
MEDIUM (4.8)
Improper certificate validation in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via adjacent access.
Published: 2025-11-13T14:49:54.870Z
Updated: 2025-11-13T15:17:54.292Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-30668 |
vulnerable | 2026-06-03 15:00:29.242138 |
Zoom Workplace Apps - NULL Pointer Dereference
MEDIUM (6.5)
Integer underflow in some Zoom Workplace Apps may allow an authenticated user to conduct a denial of service via network access.
Published: 2025-05-14T17:39:55.588Z
Updated: 2025-10-02T20:44:44.793Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-30667 |
vulnerable | 2026-06-03 15:00:29.240711 |
Zoom Workplace Apps - NULL Pointer Dereference
MEDIUM (6.5)
NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
Published: 2025-05-14T17:36:19.136Z
Updated: 2025-05-14T19:00:20.154Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-30666 |
vulnerable | 2026-06-03 15:00:29.239771 |
Zoom Workplace Apps for Windows - NULL Pointer Dereference
MEDIUM (6.5)
NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
Published: 2025-05-14T17:35:15.485Z
Updated: 2025-05-14T19:00:27.119Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-30665 |
vulnerable | 2026-06-03 15:00:29.239117 |
Zoom Workplace Apps for Windows - NULL Pointer Dereference
MEDIUM (6.5)
NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
Published: 2025-05-14T17:35:06.968Z
Updated: 2025-05-14T19:00:31.446Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-30664 |
vulnerable | 2026-06-03 15:00:29.235295 |
Zoom Workplace Apps - Cross-site Scripting
MEDIUM (6.6)
Cross-site scripting in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access.
Published: 2025-05-14T17:33:18.777Z
Updated: 2026-02-26T18:28:08.837Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-30663 |
vulnerable | 2026-06-03 15:00:29.226224 |
Zoom Workplace Apps - Time-of-check Time-of-use
HIGH (8.8)
Time-of-check time-of-use race condition in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access.
Published: 2025-05-14T17:31:03.695Z
Updated: 2026-02-26T18:28:09.221Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-27443 |
vulnerable | 2026-06-03 15:00:12.487482 |
Zoom Workplace Apps for Windows - Insecure Default Variable Initialization
LOW (2.8)
Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a loss of integrity via local access.
Published: 2025-04-08T16:16:38.148Z
Updated: 2025-04-08T20:32:12.324Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-27442 |
vulnerable | 2026-06-03 15:00:12.479523 |
Zoom Workplace Apps - Cross Site Scripting
MEDIUM (4.6)
Cross site scripting in some Zoom Workplace Apps may allow an unauthenticated user to conduct a loss of integrity via adjacent network access.
Published: 2025-04-08T16:14:53.396Z
Updated: 2026-05-15T18:15:47.314Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-27441 |
vulnerable | 2026-06-03 15:00:12.477729 |
Zoom Workplace Apps - Cross Site Scripting
MEDIUM (4.6)
Cross site scripting in some Zoom Workplace Apps may allow an unauthenticated user to conduct a loss of integrity via adjacent network access.
Published: 2025-04-08T16:14:40.782Z
Updated: 2026-05-15T18:15:16.837Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-27440 |
vulnerable | 2026-06-03 15:00:12.476320 |
Zoom Apps - Heap-based Buffer Overflow
HIGH (8.5)
Heap overflow in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access.
Published: 2025-03-11T17:11:16.928Z
Updated: 2025-03-11T17:40:56.534Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-27439 |
vulnerable | 2026-06-03 15:00:12.464547 |
Zoom Apps - Buffer Underflow
HIGH (8.5)
Buffer underflow in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access.
Published: 2025-03-11T17:10:28.524Z
Updated: 2025-03-11T18:58:55.987Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-0151 |
vulnerable | 2026-06-03 14:58:23.833087 |
Zoom Apps - Use After Free
HIGH (8.5)
Use after free in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access.
Published: 2025-03-11T17:08:50.327Z
Updated: 2025-03-11T17:44:08.820Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-0149 |
vulnerable | 2026-06-03 14:58:23.827142 |
Zoom Apps - Insufficient Verification of Data Authenticity
MEDIUM (6.5)
Insufficient verification of data authenticity in some Zoom Workplace Apps may allow an unprivileged user to conduct a denial of service via network access.
Published: 2025-03-11T17:04:02.453Z
Updated: 2025-03-11T19:18:34.860Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-0145 |
vulnerable | 2026-06-03 14:58:23.814913 |
Zoom Workplace Apps for Windows - Untrusted Search Path
MEDIUM (4.6)
Untrusted search path in the installer for some Zoom Workplace Apps for Windows may allow an authorized user to conduct an escalation of privilege via local access.
Published: 2025-01-30T19:45:39.432Z
Updated: 2025-01-30T21:23:22.776Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-0144 |
vulnerable | 2026-06-03 14:58:23.800606 |
Zoom Workplace Apps - Out-of-bounds Write
LOW (3.1)
Out-of-bounds write in some Zoom Workplace Apps may allow an authorized user to conduct a loss of integrity via network access.
Published: 2025-01-30T19:44:06.908Z
Updated: 2025-01-30T21:29:47.382Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-45426 |
vulnerable | 2026-06-03 14:56:56.567960 |
Zoom Workplace Apps - Incorrect Ownership Assignment
MEDIUM (4.9)
Incorrect ownership assignment in some Zoom Workplace Apps may allow a privileged user to conduct an information disclosure via network access.
Published: 2025-02-25T19:39:48.596Z
Updated: 2025-02-26T16:49:25.061Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-45425 |
vulnerable | 2026-06-03 14:56:56.561954 |
Zoom Workplace Apps - Incorrect User Management
MEDIUM (4.9)
Incorrect user management in some Zoom Workplace Apps may allow a privileged user to conduct an information disclosure via network access.
Published: 2025-02-25T19:38:02.925Z
Updated: 2025-02-26T16:57:20.637Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-45424 |
vulnerable | 2026-06-03 14:56:56.561145 |
Zoom Workplace Apps - Business Logic Error
MEDIUM (5.3)
Business logic error in some Zoom Workplace Apps may allow an unauthenticated user to conduct a disclosure of information via network access.
Published: 2025-02-25T19:34:24.811Z
Updated: 2025-02-25T19:39:53.249Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-45422 |
vulnerable | 2026-06-03 14:56:56.555698 |
Zoom Apps - Improper Input Validation
MEDIUM (6.5)
Improper input validation in some Zoom Apps before version 6.2.0 may allow an unauthenticated user to conduct a denial of service via network access.
Published: 2024-11-19T19:45:25.914Z
Updated: 2024-11-20T15:42:40.830Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-45421 |
vulnerable | 2026-06-03 14:56:56.549571 |
Zoom Apps - Buffer Overflow
HIGH (8.5)
Buffer overflow in some Zoom Apps may allow an authenticated user to conduct an escalation of privilege via network access.
Published: 2025-02-25T19:55:02.666Z
Updated: 2025-02-25T20:09:12.193Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-45420 |
vulnerable | 2026-06-03 14:56:56.544038 |
Zoom Apps - Uncontrolled Resource Consumption
MEDIUM (4.3)
Uncontrolled resource consumption in some Zoom Apps before version 6.2.0 may allow an authenticated user to conduct a denial of service via network access.
Published: 2024-11-19T19:32:02.656Z
Updated: 2024-11-20T15:16:27.856Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-45419 |
vulnerable | 2026-06-03 14:56:56.533721 |
Zoom Apps - Improper Input Validation
HIGH (8.1)
Improper input validation in some Zoom Apps may allow an unauthenticated user to conduct a disclosure of information via network access.
Published: 2024-11-19T19:28:48.335Z
Updated: 2024-11-19T21:46:16.379Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-42438 |
vulnerable | 2026-06-03 14:56:36.847277 |
Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Buffer Overflow
MEDIUM (6.5)
Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.
Published: 2024-08-14T16:41:18.732Z
Updated: 2024-08-16T20:05:07.811Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-42437 |
vulnerable | 2026-06-03 14:56:36.846143 |
Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Buffer Overflow
MEDIUM (6.5)
Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.
Published: 2024-08-14T16:41:12.866Z
Updated: 2024-08-14T17:44:29.139Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-42436 |
vulnerable | 2026-06-03 14:56:36.845445 |
Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Buffer Overflow
MEDIUM (6.5)
Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.
Published: 2024-08-14T16:41:03.844Z
Updated: 2024-08-14T18:25:52.686Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-42435 |
vulnerable | 2026-06-03 14:56:36.844570 |
Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure
MEDIUM (4.9)
Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.
Published: 2024-08-14T16:39:46.183Z
Updated: 2024-08-15T13:58:02.205Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-42434 |
vulnerable | 2026-06-03 14:56:36.836836 |
Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Missing Authorization
MEDIUM (4.9)
Missing authorization in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.
Published: 2024-08-14T16:39:38.167Z
Updated: 2025-10-07T13:15:09.341Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-39826 |
vulnerable | 2026-06-03 14:56:22.539107 |
Zoom Workplace Apps and SDKs - Path traversal
MEDIUM (6.8)
Race condition in Team Chat for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct information disclosure via network access.
Published: 2024-07-15T17:24:05.124Z
Updated: 2025-10-02T20:43:25.105Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-39824 |
vulnerable | 2026-06-03 14:56:22.524077 |
Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Missing Authorization
MEDIUM (4.9)
Missing authorization in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.
Published: 2024-08-14T16:39:26.880Z
Updated: 2025-10-02T20:51:37.705Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-39823 |
vulnerable | 2026-06-03 14:56:22.523150 |
Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Missing Authorization
MEDIUM (4.9)
Missing authorization in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.
Published: 2024-08-14T16:39:13.132Z
Updated: 2025-10-02T20:49:49.959Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-39819 |
vulnerable | 2026-06-03 14:56:22.509310 |
Zoom Workplace Apps and SDK for Windows - Improper Privilege Management
MEDIUM (6.7)
Integrity check in the installer for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct a privilege escalation via local access.
Published: 2024-07-15T17:27:41.216Z
Updated: 2025-10-02T20:47:51.225Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-27246 |
vulnerable | 2026-06-03 14:55:17.125263 |
Zoom Workplace Apps and SDKs - Use After Free
MEDIUM (4.3)
Use after free in some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct a denial of service via network access.
Published: 2025-02-25T20:32:33.638Z
Updated: 2025-02-25T21:08:59.293Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-27245 |
vulnerable | 2026-06-03 14:55:17.124498 |
Zoom Workplace Apps and SDKs - Buffer Overflow
MEDIUM (4.3)
Buffer overflow in some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct a denial of service via network access.
Published: 2025-02-25T20:31:28.555Z
Updated: 2025-02-25T21:08:19.978Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-27243 |
vulnerable | 2026-06-03 14:55:17.120279 |
Zoom Apps - Buffer Overflow
MEDIUM (6.5)
Buffer overflow in some Zoom Workplace Apps and SDK’s may allow an authenticated user to conduct a denial of service via network access.
Published: 2024-05-15T20:37:45.264Z
Updated: 2024-09-20T14:34:14.212Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-27241 |
vulnerable | 2026-06-03 14:55:17.114233 |
Zoom Apps and SDKs - Improper Input Validation
MEDIUM (5.3)
Improper input validation in some Zoom Apps and SDKs may allow an authenticated user to conduct a denial of service via network access.
Published: 2024-07-15T17:17:01.679Z
Updated: 2024-08-02T00:27:59.870Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-27239 |
vulnerable | 2026-06-03 14:55:17.094527 |
Zoom Workplace Apps and SDKs - Divide By Zero
MEDIUM (4.3)
Use after free in some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct a denial of service via network access.
Published: 2025-02-25T20:33:42.787Z
Updated: 2025-10-01T22:45:02.250Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-27238 |
vulnerable | 2026-06-03 14:55:17.090014 |
Zoom Apps and SDKs - Race Condition
HIGH (7.1)
Race condition in the installer for some Zoom Apps and SDKs for Windows before version 6.0.0 may allow an authenticated user to conduct a privilege escalation via local access.
Published: 2024-07-15T17:20:39.157Z
Updated: 2024-08-02T00:27:59.915Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-24698 |
vulnerable | 2026-06-03 14:55:05.555514 |
Zoom Clients - Improper Authentication
MEDIUM (4.9)
Improper authentication in some Zoom clients may allow a privileged user to conduct a disclosure of information via local access.
Published: 2024-02-13T23:56:14.515Z
Updated: 2024-09-27T19:28:28.333Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-24697 |
vulnerable | 2026-06-03 14:55:05.555062 |
Zoom Clients - Untrusted Search Path
HIGH (7.2)
Untrusted search path in some Zoom 32 bit Windows clients may allow an authenticated user to conduct an escalation of privilege via local access.
Published: 2024-02-13T23:53:43.589Z
Updated: 2025-05-08T15:34:41.744Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-24696 |
vulnerable | 2026-06-03 14:55:05.554634 |
Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows - Improper Input Validation
MEDIUM (6.8)
Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an authenticated user to conduct a disclosure of information via network access.
Published: 2024-02-13T23:51:34.285Z
Updated: 2024-08-01T23:28:11.800Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-24695 |
vulnerable | 2026-06-03 14:55:05.554195 |
Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows - Improper Input Validation
MEDIUM (6.8)
Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an authenticated user to conduct a disclosure of information via network access.
Published: 2024-02-13T23:50:22.837Z
Updated: 2025-04-10T18:55:17.333Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-24691 |
vulnerable | 2026-06-03 14:55:05.547093 |
Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows - Improper Input Validation
CRITICAL (9.6)
Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access.
Published: 2024-02-14T00:01:30.884Z
Updated: 2025-05-12T15:07:21.269Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-24690 |
vulnerable | 2026-06-03 14:55:05.537076 |
Zoom Clients - Improper Input Validation
MEDIUM (5.4)
Improper input validation in some Zoom clients may allow an authenticated user to conduct a denial of service via network access.
Published: 2024-02-14T00:00:04.089Z
Updated: 2024-09-20T14:50:06.835Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-49647 |
vulnerable | 2026-06-03 14:53:20.927746 |
Zoom Desktop Client for Windows - Improper Access Control
HIGH (8.8)
Improper access control in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows before version 5.16.10 may allow an authenticated user to conduct an escalation of privilege via local access.
Published: 2024-01-12T21:44:00.743Z
Updated: 2025-06-03T14:03:40.061Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-43586 |
vulnerable | 2026-06-03 14:53:04.329954 |
Details available
HIGH (7.3)
Path traversal in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows may allow an authenticated user to conduct an escalation of privilege via network access.
Published: 2023-12-13T22:17:48.264Z
Updated: 2026-02-25T16:34:33.938Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-39217 |
vulnerable | 2026-06-03 14:52:37.944150 |
Details available
MEDIUM (5.3)
Improper input validation in Zoom SDK’s before 5.14.10 may allow an unauthenticated user to enable a denial of service via network access.
Published: 2023-08-08T17:49:38.142Z
Updated: 2024-10-10T16:21:43.772Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-39214 |
vulnerable | 2026-06-03 14:52:37.938783 |
Details available
HIGH (7.6)
Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated user to enable a denial of service via network access.
Published: 2023-08-08T21:38:25.554Z
Updated: 2024-09-27T19:07:24.020Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-39210 |
vulnerable | 2026-06-03 14:52:37.931830 |
Details available
MEDIUM (5.5)
Cleartext storage of sensitive information in Zoom Client SDK for Windows before 5.15.0 may allow an authenticated user to enable an information disclosure via local access.
Published: 2023-08-08T21:27:52.422Z
Updated: 2024-10-04T17:30:57.766Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-36533 |
vulnerable | 2026-06-03 14:52:26.590529 |
Details available
HIGH (7.1)
Uncontrolled resource consumption in Zoom SDKs before 5.14.7 may allow an unauthenticated user to enable a denial of service via network access.
Published: 2023-08-08T17:33:47.868Z
Updated: 2024-10-04T15:05:48.927Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.