Zoom Video_software_development_kit
23 CVEs affecting Zoom Video_software_development_kit. Latest disclosed: 2025-02-25. Critical: 0, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-0147 | High | 8.8 | 2025-01-30 | Type confusion in the Zoom Workplace App for Linux before 6.2.10 may allow an authorized user to conduct an escalation of privilege via network access. |
CVE-2023-49647 | High | 8.8 | 2024-01-12 | Improper access control in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows before version 5.16.10 may allow an authenti… |
CVE-2024-45421 | High | 8.5 | 2025-02-25 | Buffer overflow in some Zoom Apps may allow an authenticated user to conduct an escalation of privilege via network access. |
CVE-2024-45419 | High | 8.1 | 2024-11-19 | Improper input validation in some Zoom Apps may allow an unauthenticated user to conduct a disclosure of information via network access. |
CVE-2023-43586 | High | 7.3 | 2023-12-13 | Path traversal in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows may allow an authenticated user to conduct an escalat… |
CVE-2023-43585 | High | 7.1 | 2023-12-13 | Improper access control in Zoom Mobile App for iOS and Zoom SDKs for iOS before version 5.16.5 may allow an authenticated user to conduct a disclosure of infor… |
CVE-2023-36533 | High | 7.1 | 2023-08-08 | Uncontrolled resource consumption in Zoom SDKs before 5.14.7 may allow an unauthenticated user to enable a denial of service via network access. |
CVE-2024-45422 | Medium | 6.5 | 2024-11-19 | Improper input validation in some Zoom Apps before version 6.2.0 may allow an unauthenticated user to conduct a denial of service via network access. |
CVE-2023-49646 | Medium | 6.4 | 2023-12-13 | Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated user to conduct a denial of service via network access. |
CVE-2024-45417 | Medium | 6.0 | 2025-02-25 | Uncontrolled resource consumption in the installer for some Zoom apps for macOS before version 6.1.5 may allow a privileged user to conduct a disclosure of inf… |
CVE-2024-45418 | Medium | 5.4 | 2025-02-25 | Symlink following in the installer for some Zoom apps for macOS before version 6.1.5 may allow an authenticated user to conduct an escalation of privilege via… |
CVE-2024-24690 | Medium | 5.4 | 2024-02-14 | Improper input validation in some Zoom clients may allow an authenticated user to conduct a denial of service via network access. |
CVE-2023-39217 | Medium | 5.3 | 2023-08-08 | Improper input validation in Zoom SDK’s before 5.14.10 may allow an unauthenticated user to enable a denial of service via network access. |
CVE-2023-36539 | Medium | 5.3 | 2023-06-30 | Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive information. |
CVE-2023-43583 | Medium | 4.9 | 2023-12-13 | Cryptographic issues Zoom Mobile App for Android, Zoom Mobile App for iOS, and Zoom SDKs for Android and iOS before version 5.16.0 may allow a privileged user… |
CVE-2025-0145 | Medium | 4.6 | 2025-01-30 | Untrusted search path in the installer for some Zoom Workplace Apps for Windows may allow an authorized user to conduct an escalation of privilege via local ac… |
CVE-2025-0143 | Medium | 4.3 | 2025-01-30 | Out-of-bounds write in the Zoom Workplace App for Linux before version 6.2.5 may allow an unauthorized user to conduct a denial of service via network access. |
CVE-2024-45420 | Medium | 4.3 | 2024-11-19 | Uncontrolled resource consumption in some Zoom Apps before version 6.2.0 may allow an authenticated user to conduct a denial of service via network access. |
CVE-2023-39205 | Medium | 4.3 | 2023-11-14 | Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to conduct a denial of service via network access. |
CVE-2023-39204 | Medium | 4.3 | 2023-11-14 | Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access. |