CPE Details
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
CPE Name: cpe:2.3:a:zoom:zoom:5.13.0:*:*:*:*:android:*:*
Informations
Vendor
zoomProduct
zoomVersion
5.13.0Target Software
androidRelated CVE
| CVE ID | Publié | Description | Score | Gravité |
|---|---|---|---|---|
| Improper input validation in some Zoom clients may allow an authenticated user to conduct a denial of service via network access. | 6.5 |
Moyen |
||
| Business logic error in some Zoom clients may allow an authenticated user to conduct information disclosure via network access. | 6.5 |
Moyen |
||
| Improper authentication in some Zoom clients may allow a privileged user to conduct a disclosure of information via local access. | 4.9 |
Moyen |
||
| Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated user to conduct a denial of service via network access. | 6.5 |
Moyen |
||
| Cryptographic issues Zoom Mobile App for Android, Zoom Mobile App for iOS, and Zoom SDKs for Android and iOS before version 5.16.0 may allow a privileged user to conduct a disclosure of information via network access. | 4.9 |
Moyen |
||
| Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation of privilege via network access. | 8.8 |
Haute |
||
| Cryptographic issues with In-Meeting Chat for some Zoom clients may allow a privileged user to conduct an information disclosure via network access. | 6.5 |
Moyen |
||
| Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access. | 7.5 |
Haute |
||
| Improper conditions check in Zoom Team Chat for Zoom clients may allow an authenticated user to conduct a denial of service via network access. | 6.5 |
Moyen |
||
| Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access. | 7.5 |
Haute |
||
| Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of service via network access. | 7.1 |
Haute |
||
| Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated user to enable a denial of service via network access. | 8.1 |
Haute |
||
| Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privileged user to enable information disclosure via network access. | 6.1 |
Moyen |
||
| Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enable information disclosure via network access. | 7.1 |
Haute |
||
| Buffer overflow in Zoom Clients before 5.14.5 may allow an unauthenticated user to enable a denial of service via network access. | 7.5 |
Haute |
||
| Zoom clients prior to 5.13.10 contain an HTML injection vulnerability. A malicious user could inject HTML into their display name potentially leading a victim to a malicious website during meeting creation. | 4.3 |
Moyen |
||
| Zoom clients prior to 5.13.5 contain an improper trust boundary implementation vulnerability. If a victim saves a local recording to an SMB location and later opens it using a link from Zoom’s web portal, an attacker positioned on an adjacent network to the victim client could set up a malicious SMB server to respond to client requests, causing the client to execute attacker controlled executables. This could result in an attacker gaining access to a user's device and data, and remote code execution. | 8.3 |
Haute |
||
| Zoom clients before version 5.13.5 contain a STUN parsing vulnerability. A malicious actor could send specially crafted UDP traffic to a victim Zoom client to remotely cause the client to crash, causing a denial of service. | 7.5 |
Haute |
||
| Zoom clients before version 5.13.5 contain a STUN parsing vulnerability. A malicious actor could send specially crafted UDP traffic to a victim Zoom client to remotely cause the client to crash, causing a denial of service. | 7.5 |
Haute |
2025©
tesweb SA
