| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Improper authorization handling in Zoom Workplace for Android before version 6.5.10 may allow an unauthenticated user to conduct an escalation of privilege via network access. |
| Improper certificate validation in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via adjacent access. |
| Cross-site scripting in Zoom Workplace for Windows before version 6.5.10 may allow an unauthenticated user to impact integrity via network access. |
| Improper removal of sensitive information in certain Zoom Clients before version 6.5.10 may allow an unauthenticated user to conduct a disclosure of information via network access. |
| External control of file name or path in Zoom Workplace for macOS before version 6.5.10 may allow an authenticated user to conduct a disclosure of information via local access. |
| External control of file name or path in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via network access. |
| Inefficient regular expression complexity in certain Zoom Workplace Clients before version 6.5.10 may allow an unauthenticated user to conduct an escalation of privilege via network access. |
| Cross-site scripting in some Zoom Workplace Apps may allow an authenticated user to impact app integrity via network access. |
| Cross-site scripting in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access. |
| Time-of-check time-of-use race condition in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access. |
| NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. |
| Integer underflow in some Zoom Workplace Apps may allow an authenticated user to conduct a denial of service via network access. |
| Cross site scripting in some Zoom Workplace Apps may allow an unauthenticated user to conduct a loss of integrity via adjacent network access. |
| Cross site scripting in some Zoom Workplace Apps may allow an unauthenticated user to conduct a loss of integrity via adjacent network access. |
| Use after free in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access. |
| Buffer underflow in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access. |
| Heap overflow in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access. |
| Command injection in some Zoom Clients for Windows may allow an authenticated user to conduct a disclosure of information via network access. |
| Buffer overflow in certain Zoom Workplace Clients may allow an authenticated user to conduct a denial of service via network access. |
| Uncontrolled resource consumption in certain Zoom Workplace Clients may allow an unauthenticated user to conduct a denial of service via network access. |
