CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39822 – Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers - Sensitive Information Exposure
https://notcve.org/view.php?id=CVE-2024-39822
Sensitive information exposure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct an information disclosure via network access. • https://www.zoom.com/en/trust/security-bulletin/zsb-24029 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39818 – Zoom Workplace Apps and SDKs - Protection Mechanism Failure
https://notcve.org/view.php?id=CVE-2024-39818
Protection mechanism failure for some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct information disclosure via network access. • https://www.zoom.com/en/trust/security-bulletin/zsb-24022 • CWE-522: Insufficiently Protected Credentials •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-39826 – Zoom Workplace Apps and SDKs - Path traversal
https://notcve.org/view.php?id=CVE-2024-39826
Path traversal in Team Chat for some Zoom Workplace Apps and SDKs for Windows may allow an authenticated user to conduct information disclosure via network access. El path traversal en Team Chat para algunas aplicaciones Zoom Workplace y SDK para Windows puede permitir que un usuario autenticado realice la divulgación de información a través del acceso a la red. • https://www.zoom.com/en/trust/security-bulletin/zsb-24023 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27238 – Zoom Apps and SDKs - Race Condition
https://notcve.org/view.php?id=CVE-2024-27238
Race condition in the installer for some Zoom Apps and SDKs for Windows before version 6.0.0 may allow an authenticated user to conduct a privilege escalation via local access. La condición de ejecución en el instalador de algunas aplicaciones de Zoom y SDK para Windows anteriores a la versión 6.0.0 puede permitir que un usuario autenticado realice una escalada de privilegios a través del acceso local. • https://www.zoom.com/en/trust/security-bulletin/zsb-24021 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-27241 – Zoom Apps and SDKs - Improper Input Validation
https://notcve.org/view.php?id=CVE-2024-27241
Improper input validation in some Zoom Apps and SDKs may allow an authenticated user to conduct a denial of service via network access. La validación de entrada incorrecta en algunas aplicaciones y SDK de Zoom puede permitir que un usuario autenticado realice una denegación de servicio a través del acceso a la red. • https://www.zoom.com/en/trust/security-bulletin/zsb-24020 • CWE-20: Improper Input Validation •