CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45422 – Zoom Apps - Improper Input Validation
https://notcve.org/view.php?id=CVE-2024-45422
Improper input validation in some Zoom Apps before version 6.2.0 may allow an unauthenticated user to conduct a denial of service via network access. • https://www.zoom.com/en/trust/security-bulletin/zsb-24044 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45420 – Zoom Apps - Uncontrolled Resource Consumption
https://notcve.org/view.php?id=CVE-2024-45420
Uncontrolled resource consumption in some Zoom Apps before version 6.2.0 may allow an authenticated user to conduct a denial of service via network access. • https://www.zoom.com/en/trust/security-bulletin/zsb-24042 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45419 – Zoom Apps - Improper Input Validation
https://notcve.org/view.php?id=CVE-2024-45419
Improper input validation in some Zoom Apps may allow an unauthenticated user to conduct a disclosure of information via network access. • https://www.zoom.com/en/trust/security-bulletin/zsb-24041 • CWE-252: Unchecked Return Value •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-50556 – WordPress WM Zoom plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-50556
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MD. Mamunur Roshid WM Zoom allows DOM-Based XSS.This issue affects WM Zoom: from n/a through 1.0. The WM Zoom plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://patchstack.com/database/vulnerability/wm-zoom/wordpress-wm-zoom-plugin-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42441 – Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS, Zoom Rooms Client for macOS - Improper Privilege Management
https://notcve.org/view.php?id=CVE-2024-42441
Improper privilege management in the installer for Zoom Workplace Desktop App for macOS, Zoom Meeting SDK for macOS and Zoom Rooms Client for macOS before 6.1.5 may allow a privileged user to conduct an escalation of privilege via local access. • https://www.zoom.com/en/trust/security-bulletin/zsb-24034 • CWE-269: Improper Privilege Management •