CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-39211
https://notcve.org/view.php?id=CVE-2023-39211
Improper privilege management in Zoom Desktop Client for Windows and Zoom Rooms for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via local access. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-269: Improper Privilege Management CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39210
https://notcve.org/view.php?id=CVE-2023-39210
Cleartext storage of sensitive information in Zoom Client SDK for Windows before 5.15.0 may allow an authenticated user to enable an information disclosure via local access. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2023-35391 – ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-35391
ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35391 •
CVSS: 6.1EPSS: 0%CPEs: 10EXPL: 0CVE-2023-39218
https://notcve.org/view.php?id=CVE-2023-39218
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privileged user to enable information disclosure via network access. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-602: Client-Side Enforcement of Server-Side Security •
CVSS: 7.1EPSS: 0%CPEs: 10EXPL: 0CVE-2023-36535
https://notcve.org/view.php?id=CVE-2023-36535
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enable information disclosure via network access. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-449: The UI Performs the Wrong Action CWE-602: Client-Side Enforcement of Server-Side Security •