CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-39202
https://notcve.org/view.php?id=CVE-2023-39202
Untrusted search path in Zoom Rooms Client for Windows and Zoom VDI Client may allow a privileged user to conduct a denial of service via local access. Una ruta de búsqueda no confiable en Zoom Rooms Client para Windows y Zoom VDI Client puede permitir que un usuario privilegiado realice una denegación de servicio a través del acceso local. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-426: Untrusted Search Path •
CVSS: 8.1EPSS: 0%CPEs: 12EXPL: 0CVE-2023-39214
https://notcve.org/view.php?id=CVE-2023-39214
Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated user to enable a denial of service via network access. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39212
https://notcve.org/view.php?id=CVE-2023-39212
Untrusted search path in Zoom Rooms for Windows before version 5.15.5 may allow an authenticated user to enable a denial of service via local access. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-144: Improper Neutralization of Line Delimiters CWE-426: Untrusted Search Path •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-39211
https://notcve.org/view.php?id=CVE-2023-39211
Improper privilege management in Zoom Desktop Client for Windows and Zoom Rooms for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via local access. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-269: Improper Privilege Management •
CVSS: 6.1EPSS: 0%CPEs: 10EXPL: 0CVE-2023-39218
https://notcve.org/view.php?id=CVE-2023-39218
Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privileged user to enable information disclosure via network access. • https://explore.zoom.us/en/trust/security/security-bulletin • CWE-602: Client-Side Enforcement of Server-Side Security •