Zoom Video_software_development_kit

23 CVEs affecting Zoom Video_software_development_kit. Latest disclosed: 2025-02-25. Critical: 0, High: 7.

Top CVEs affecting Zoom Video_software_development_kit
CVESeverityScorePublishedSummary
CVE-2025-0147High8.82025-01-30Type confusion in the Zoom Workplace App for Linux before 6.2.10 may allow an authorized user to conduct an escalation of privilege via network access.
CVE-2023-49647High8.82024-01-12Improper access control in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows before version 5.16.10 may allow an authenti…
CVE-2024-45421High8.52025-02-25Buffer overflow in some Zoom Apps may allow an authenticated user to conduct an escalation of privilege via network access.
CVE-2024-45419High8.12024-11-19Improper input validation in some Zoom Apps may allow an unauthenticated user to conduct a disclosure of information via network access.
CVE-2023-43586High7.32023-12-13Path traversal in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows may allow an authenticated user to conduct an escalat…
CVE-2023-43585High7.12023-12-13Improper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS before version 5.16.5 may allow an authenticated user to conduct a disclosure of infor…
CVE-2023-36533High7.12023-08-08Uncontrolled resource consumption in Zoom SDKs before 5.14.7 may allow an unauthenticated user to enable a denial of service via network access.
CVE-2024-45422Medium6.52024-11-19Improper input validation in some Zoom Apps before version 6.2.0 may allow an unauthenticated user to conduct a denial of service via network access.
CVE-2023-49646Medium6.42023-12-13Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated user to conduct a denial of service via network access.
CVE-2024-45417Medium6.02025-02-25Uncontrolled resource consumption in the installer for some Zoom apps for macOS before version 6.1.5 may allow a privileged user to conduct a disclosure of inf…
CVE-2024-45418Medium5.42025-02-25Symlink following in the installer for some Zoom apps for macOS before version 6.1.5 may allow an authenticated user to conduct an escalation of privilege via…
CVE-2024-24690Medium5.42024-02-14Improper input validation in some Zoom clients may allow an authenticated user to conduct a denial of service via network access.
CVE-2023-39217Medium5.32023-08-08Improper input validation in Zoom SDK’s before 5.14.10 may allow an unauthenticated user to enable a denial of service via network access.
CVE-2023-36539Medium5.32023-06-30Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive information.
CVE-2023-43583Medium4.92023-12-13Cryptographic issues Zoom Mobile App for Android, Zoom Mobile App for iOS, and Zoom SDKs for Android and iOS before version 5.16.0 may allow a privileged user…
CVE-2025-0145Medium4.62025-01-30Untrusted search path in the installer for some Zoom Workplace Apps for Windows may allow an authorized user to conduct an escalation of privilege via local ac…
CVE-2025-0143Medium4.32025-01-30Out-of-bounds write in the Zoom Workplace App for Linux before version 6.2.5 may allow an unauthorized user to conduct a denial of service via network access.
CVE-2024-45420Medium4.32024-11-19Uncontrolled resource consumption in some Zoom Apps before version 6.2.0 may allow an authenticated user to conduct a denial of service via network access.
CVE-2023-39205Medium4.32023-11-14Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to conduct a denial of service via network access.
CVE-2023-39204Medium4.32023-11-14Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access.