cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-24694,https://securityvulnerability.io/vulnerability/CVE-2024-24694,Potential Escalation of Privilege via Local Access in Zoom Installer,Improper privilege management in the installer for Zoom Desktop Client for Windows before version 5.17.10 may allow an authenticated user to conduct an escalation of privilege via local access.,Zoom,Zoom Desktop Client For Windows,5.9,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-09T17:13:08.845Z,0
CVE-2024-24693,https://securityvulnerability.io/vulnerability/CVE-2024-24693,Zoom Rooms Client for Windows Vulnerability Could Lead to Denial of Service via Local Access,"Improper access control in the installer for Zoom Rooms Client for Windows before version 5.17.5 may allow an authenticated user to conduct a denial of service via local access.

",Zoom,Zoom Rooms Client For Windows,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-03-13T19:30:22.311Z,0
CVE-2024-24692,https://securityvulnerability.io/vulnerability/CVE-2024-24692,Zoom Rooms Client Installer Vulnerability Could Lead to Denial of Service,Race condition in the installer for Zoom Rooms Client for Windows before version 5.17.5 may allow an authenticated user to conduct a denial of service via local access.,Zoom,Zoom Rooms Client For Windows,4.7,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-03-13T19:27:30.446Z,0
CVE-2024-24699,https://securityvulnerability.io/vulnerability/CVE-2024-24699,Zoom Clients Vulnerable to Information Disclosure via Network Access,"A business logic error present in various versions of the Zoom client allows an authenticated user to potentially expose sensitive information. This vulnerability is linked to how the application handles network access, posing risks to user privacy and data security. Ensuring the implementation of security updates is crucial for all affected client versions to mitigate the risks associated with this flaw.",Zoom,"Zoom,Vdi Windows Meeting Clients,Rooms,Meeting Sdk",6.5,MEDIUM,0.0005200000014156103,false,false,false,false,,false,false,2024-02-14T00:15:00.000Z,0
CVE-2024-24698,https://securityvulnerability.io/vulnerability/CVE-2024-24698,Privileged User May Access Information via Local Access,Improper authentication in some Zoom clients may allow a privileged user to conduct a disclosure of information via local access.,Zoom,"Vdi Windows Meeting Clients,Zoom,Meeting Software Development Kit,Rooms",4.4,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-02-14T00:15:00.000Z,0
CVE-2024-24697,https://securityvulnerability.io/vulnerability/CVE-2024-24697,Untrusted Search Path Vulnerability in Zoom 32 bit Windows Clients Could Lead to Escalation of Privilege,"A vulnerability exists in the 32-bit Windows client of Zoom, stemming from an untrusted search path issue. This flaw allows an authenticated user to leverage local access for privilege escalation. It highlights the importance of ensuring proper security measures and validation of search paths within applications to mitigate potential exploitation.",Zoom,"Vdi Windows Meeting Clients,Rooms,Zoom,Meeting Sdk",7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-02-14T00:15:00.000Z,0
CVE-2024-24696,https://securityvulnerability.io/vulnerability/CVE-2024-24696,Improper Input Validation in Zoom Desktop Client and SDK for Windows,"An improper input validation vulnerability exists within the Zoom Desktop Client, Zoom VDI Client, and Zoom Meeting SDK for Windows. This flaw enables an authenticated user to potentially disclose sensitive information through network access, which could compromise user privacy and security. It is critical for users to stay informed about this issue and apply necessary updates to safeguard against potential exploits.",Zoom,"Zoom,Vdi Windows Meeting Clients,Meeting Software Development Kit",6.5,MEDIUM,0.0005200000014156103,false,false,false,false,,false,false,2024-02-14T00:15:00.000Z,0
CVE-2024-24695,https://securityvulnerability.io/vulnerability/CVE-2024-24695,Improper Input Validation in Zoom Desktop Client and SDK for Windows,"An improper input validation issue in various Windows versions of the Zoom Desktop Client, Zoom VDI Client, and Zoom Meeting SDK can potentially allow an authenticated user to disclose confidential information through network access. This vulnerability may expose sensitive data inadvertently due to inadequate checks on input provided by users, stressing the importance of implementing robust security measures in software development.",Zoom,"Meeting Software Development Kit,Zoom,Vdi Windows Meeting Clients",6.5,MEDIUM,0.0005200000014156103,false,false,false,false,,false,false,2024-02-14T00:15:00.000Z,0
CVE-2024-24691,https://securityvulnerability.io/vulnerability/CVE-2024-24691,Unauthenticated Escalation of Privilege Vulnerability in Zoom Desktop Client for Windows,"A security flaw in various Zoom products, specifically the Zoom Desktop Client, Zoom VDI Client, and Zoom Meeting SDK for Windows, exists due to improper input validation. This vulnerability could enable an unauthenticated user to perform an elevation of privilege attack through network access, potentially compromising sensitive information and user permissions. It is crucial for users and administrators to remain vigilant and apply any security updates provided by Zoom to mitigate this vulnerability.","Zoom Video Communications, Inc.","Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows",9.8,CRITICAL,0.0010499999625608325,false,true,false,false,,true,true,2024-02-14T00:15:00.000Z,9953
CVE-2024-24690,https://securityvulnerability.io/vulnerability/CVE-2024-24690,Zoom Clients Vulnerable to Denial of Service Attacks via Network Access,Improper input validation in some Zoom clients may allow an authenticated user to conduct a denial of service via network access.,Zoom,"Zoom,Meeting Software Development Kit,Video Software Development Kit,Rooms,Vdi Windows Meeting Clients",6.5,MEDIUM,0.0005300000193528831,false,false,false,false,,false,false,2024-02-14T00:15:00.000Z,0
CVE-2023-49647,https://securityvulnerability.io/vulnerability/CVE-2023-49647,Zoom Desktop Client for Windows Vulnerability: Escalation of Privilege via Local Access,"An issue has been identified in the Zoom Desktop Client, VDI Client, and SDKs for Windows that presents an improper access control vulnerability. This flaw could enable an authenticated user to escalate privileges through local access, which may compromise the security of the affected systems. Users and organizations relying on these Zoom products should consider upgrading to versions 5.16.10 or later to mitigate the associated risks.","Zoom Video Communications, Inc.","Zoom Desktop Client For Windows, Zoom Vdi Client For Windows, And Zoom Sdks For Windows Before Version 5.16.10",7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-01-12T21:44:00.743Z,0
CVE-2023-43586,https://securityvulnerability.io/vulnerability/CVE-2023-43586,Path Traversal Vulnerability in Zoom Desktop Client and SDKs on Windows,"A path traversal vulnerability in the Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Windows allows authenticated users to exploit network access for privilege escalation. Attackers may leverage this weakness to access restricted files and execute unauthorized commands, posing a significant security risk.","Zoom Video Communications, Inc.","Zoom Desktop Client for Windows, Zoom VDI Client for Windows and Zoom SDKs for Windows",7.3,HIGH,0.0007999999797903001,false,false,false,false,,false,false,2023-12-13T23:15:00.000Z,0
CVE-2023-39203,https://securityvulnerability.io/vulnerability/CVE-2023-39203,Uncontrolled Resource Consumption in Zoom Desktop Client and VDI Client,"A vulnerability in Zoom Team Chat has been identified, which allows for uncontrolled resource consumption in both Zoom Desktop Client for Windows and Zoom VDI Client. An unauthenticated user can exploit this vulnerability via network access, potentially leading to unauthorized disclosure of information. Users should ensure they are updated with the latest security patches provided by Zoom to mitigate this risk.","Zoom Video Communications, Inc.",Zoom Rooms Client For Windows And Zoom Vdi Client,7.5,HIGH,0.000859999970998615,false,false,false,false,,false,false,2023-11-14T23:15:00.000Z,0
CVE-2023-39202,https://securityvulnerability.io/vulnerability/CVE-2023-39202,Denial of Service Vulnerability in Zoom Rooms Client and Zoom VDI Client,"The Zoom Rooms Client for Windows and Zoom VDI Client contain a vulnerability that can be exploited through an untrusted search path. A privileged user with local access may utilize this vulnerability to trigger a denial of service, leading to interruptions in service. This poses a significant risk to operational continuity when using these applications in various environments.","Zoom Video Communications, Inc.",Zoom Rooms Client For Windows And Zoom Vdi Client,3.1,LOW,0.0004400000034365803,false,false,false,false,,false,false,2023-11-14T23:15:00.000Z,0
CVE-2023-39211,https://securityvulnerability.io/vulnerability/CVE-2023-39211,Improper Privilege Management in Zoom Desktop Client and Rooms for Windows,"A flaw in the Zoom Desktop Client and Zoom Rooms for Windows allows authenticated users to potentially enable information disclosure through local access. This vulnerability arises from improper privilege management in versions prior to 5.15.5, which may expose sensitive information to users who should not have access.","Zoom Video Communications, Inc.",Zoom Desktop Client For Windows And Zoom Rooms For Windows,8.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2023-08-08T22:15:00.000Z,0
CVE-2023-39209,https://securityvulnerability.io/vulnerability/CVE-2023-39209,,Improper input validation in Zoom Desktop Client for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via network access.,"Zoom Video Communications, Inc.",Zoom Desktop Client For Windows,6.5,MEDIUM,0.0006099999882280827,false,false,false,false,,false,false,2023-08-08T22:15:00.000Z,0
CVE-2023-39210,https://securityvulnerability.io/vulnerability/CVE-2023-39210,,Cleartext storage of sensitive information in Zoom Client SDK for Windows before 5.15.0 may allow an authenticated user to enable an information disclosure via local access.,"Zoom Video Communications, Inc.",Zoom Client Sdk For Windows,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2023-08-08T22:15:00.000Z,0
CVE-2023-39213,https://securityvulnerability.io/vulnerability/CVE-2023-39213,Escalation of Privilege in Zoom Desktop Client and VDI Client,"A vulnerability affecting the Zoom Desktop Client and Zoom VDI Client prior to version 5.15.2 allows an unauthenticated user to exploit improper neutralization of special elements. This could lead to privilege escalation through network access, potentially compromising the integrity of the system.","Zoom Video Communications, Inc.",Zoom Desktop Client For Windows And Zoom Vdi Client,9.6,CRITICAL,0.0020000000949949026,false,false,false,false,,false,false,2023-08-08T22:15:00.000Z,0
CVE-2023-39216,https://securityvulnerability.io/vulnerability/CVE-2023-39216,Privilege Escalation Vulnerability in Zoom Desktop Client for Windows,An improper input validation flaw in the Zoom Desktop Client for Windows versions prior to 5.14.7 poses a risk by potentially allowing an unauthenticated user to exploit network access for privilege escalation. This vulnerability emphasizes the importance of securing user input to prevent unauthorized privilege gains.,"Zoom Video Communications, Inc.",Zoom Desktop Client For Windows,9.6,CRITICAL,0.0020000000949949026,false,false,false,false,,false,false,2023-08-08T18:15:00.000Z,0
CVE-2023-36540,https://securityvulnerability.io/vulnerability/CVE-2023-36540,Privilege Escalation Flaw in Zoom Desktop Client for Windows,"A vulnerability has been identified in the installer for the Zoom Desktop Client for Windows, permitting an authenticated user to exploit an untrusted search path. This may lead to an escalation of privileges, allowing the user to execute unauthorized actions within the system. Users of the affected versions are advised to update promptly to mitigate potential security risks.","Zoom Video Communications, Inc.",Zoom Desktop Client For Windows,7.3,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2023-08-08T18:15:00.000Z,0
CVE-2023-36541,https://securityvulnerability.io/vulnerability/CVE-2023-36541,Privilege Escalation Vulnerability in Zoom Desktop Client for Windows,"The Zoom Desktop Client for Windows contains a vulnerability that arises from insufficient verification of data authenticity. This flaw enables an authenticated user to potentially escalate privileges through network access, allowing them to perform actions that they are normally restricted from executing. It is essential that users upgrade to the latest version 5.14.5 or higher to safeguard against this issue and ensure the integrity of their systems.","Zoom Video Communications, Inc.",Zoom Desktop Client For Windows,8,HIGH,0.0009299999801442027,false,false,false,false,,false,false,2023-08-08T18:15:00.000Z,0
CVE-2023-36534,https://securityvulnerability.io/vulnerability/CVE-2023-36534,Path Traversal Vulnerability in Zoom Desktop Client for Windows,"The Zoom Desktop Client for Windows is susceptible to a path traversal vulnerability that can be exploited by unauthenticated users. This flaw allows attackers to gain escalated privileges through network access, posing potential risks to user security. Users are advised to upgrade to version 5.14.7 or later to mitigate any possible threats associated with this vulnerability.","Zoom Video Communications, Inc.",Zoom Desktop Client For Windows,9.3,CRITICAL,0.001829999964684248,false,false,false,false,,false,false,2023-08-08T18:15:00.000Z,0
CVE-2023-34116,https://securityvulnerability.io/vulnerability/CVE-2023-34116,Improper Input Validation in Zoom Desktop Client for Windows,"An improper input validation vulnerability exists in the Zoom Desktop Client for Windows, potentially allowing an unauthorized user to escalate privileges through network access. This flaw affects versions released prior to 5.15.0, posing a security risk that could allow attackers to gain additional permissions within the application. It is essential for users and organizations to upgrade to the latest version to mitigate this risk.","Zoom Video Communications, Inc.",Zoom Desktop Client For Windows,8.2,HIGH,0.0010300000431016088,false,false,false,false,,false,false,2023-07-11T17:15:00.000Z,0
CVE-2023-34114,https://securityvulnerability.io/vulnerability/CVE-2023-34114,,"Exposure of resource to wrong sphere in Zoom for Windows and Zoom for MacOS clients before 5.14.10  may allow an authenticated user to potentially enable information disclosure via network access. ","Zoom Video Communications, Inc.","Zoom for Windows Client,Zoom for MacOS Client",6.5,MEDIUM,0.000590000010561198,false,false,false,false,,false,false,2023-06-13T19:15:00.000Z,0
CVE-2023-28601,https://securityvulnerability.io/vulnerability/CVE-2023-28601,,Zoom for Windows clients prior to 5.14.0 contain an improper restriction of operations within the bounds of a memory buffer vulnerability.  A malicious user may alter protected Zoom Client memory buffer potentially causing integrity issues within the Zoom Client.,"Zoom Video Communications, Inc.",Zoom For Windows Client,6.5,MEDIUM,0.0004900000058114529,false,false,false,false,,false,false,2023-06-13T18:15:00.000Z,0