Page 2 of 41 results (0.019 seconds)

CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 0

Buffer overflow in some Zoom clients may allow an unauthenticated user to conduct a denial of service via network access. El desbordamiento del búfer en algunos clientes de Zoom puede permitir que un usuario no autenticado realice una denegación de servicio a través del acceso a la red. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0

Exposure of information intended to be encrypted by some Zoom clients may lead to disclosure of sensitive information. La exposición de información destinada a ser cifrada por algunos clientes Zoom puede dar lugar a la divulgación de información sensible. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-325: Missing Cryptographic Step CWE-326: Inadequate Encryption Strength •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Zoom Client for IT Admin macOS installers before version 5.13.5 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability in an attack chain during the installation process to escalate their privileges to privileges to root. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-427: Uncontrolled Search Path Element •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

The eRoom – Zoom Meetings & Webinar plugin for WordPress is vulnerable to retrieve setting information due to a missing capability check on the stm_wpcfto_get_settings_callback function in versions up to, and including, 1.4.6. This makes it possible for authenticated attackers with subscriber-level access, and above, to retrieve setting information. • CWE-862: Missing Authorization •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Zoom Client for IT Admin Windows installers before version 5.13.5 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability in an attack chain during the installation process to escalate their privileges to the SYSTEM user. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •