Zoom Workplace Apps
by Zoom Video Communications, Inc.
CVEs (29)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-30663 | Hig | 0.57 | 8.8 | 0.00 | May 14, 2025 | Time-of-check time-of-use race condition in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access. | ||
| CVE-2025-27440 | Hig | 0.55 | 8.5 | 0.00 | Mar 11, 2025 | Heap overflow in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access. | ||
| CVE-2025-27439 | Hig | 0.55 | 8.5 | 0.00 | Mar 11, 2025 | Buffer underflow in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access. | ||
| CVE-2025-0151 | Hig | 0.55 | 8.5 | 0.00 | Mar 11, 2025 | Use after free in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access. | ||
| CVE-2025-30664 | Med | 0.43 | 6.6 | 0.00 | May 14, 2025 | Cross-site scripting in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access. | ||
| CVE-2025-46785 | Med | 0.42 | 6.5 | 0.01 | May 14, 2025 | Buffer over-read in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. | ||
| CVE-2025-30668 | Med | 0.42 | 6.5 | 0.00 | May 14, 2025 | Integer underflow in some Zoom Workplace Apps may allow an authenticated user to conduct a denial of service via network access. | ||
| CVE-2025-30667 | Med | 0.42 | 6.5 | 0.00 | May 14, 2025 | NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. | ||
| CVE-2025-30666 | Med | 0.42 | 6.5 | 0.00 | May 14, 2025 | NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. | ||
| CVE-2025-30665 | Med | 0.42 | 6.5 | 0.00 | May 14, 2025 | NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. | ||
| CVE-2025-30671 | Med | 0.42 | 6.5 | 0.00 | Apr 8, 2025 | Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. | ||
| CVE-2025-30670 | Med | 0.42 | 6.5 | 0.00 | Apr 8, 2025 | Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access. | ||
| CVE-2025-0149 | Med | 0.42 | 6.5 | 0.00 | Mar 11, 2025 | Insufficient verification of data authenticity in some Zoom Workplace Apps may allow an unprivileged user to conduct a denial of service via network access. | ||
| CVE-2024-42438 | Med | 0.42 | 6.5 | 0.01 | Aug 14, 2024 | Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access. | ||
| CVE-2024-42437 | Med | 0.42 | 6.5 | 0.01 | Aug 14, 2024 | Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access. | ||
| CVE-2024-42436 | Med | 0.42 | 6.5 | 0.01 | Aug 14, 2024 | Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access. | ||
| CVE-2024-39822 | Med | 0.42 | 6.5 | 0.01 | Aug 14, 2024 | Sensitive information exposure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct an information disclosure via network access. | ||
| CVE-2024-45424 | Med | 0.34 | 5.3 | 0.00 | Feb 25, 2025 | Business logic error in some Zoom Workplace Apps may allow an unauthenticated user to conduct a disclosure of information via network access. | ||
| CVE-2024-45426 | Med | 0.32 | 4.9 | 0.00 | Feb 25, 2025 | Incorrect ownership assignment in some Zoom Workplace Apps may allow a privileged user to conduct an information disclosure via network access. | ||
| CVE-2024-45425 | Med | 0.32 | 4.9 | 0.00 | Feb 25, 2025 | Incorrect user management in some Zoom Workplace Apps may allow a privileged user to conduct an information disclosure via network access. |
- risk 0.57cvss 8.8epss 0.00
Time-of-check time-of-use race condition in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access.
- risk 0.55cvss 8.5epss 0.00
Heap overflow in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access.
- risk 0.55cvss 8.5epss 0.00
Buffer underflow in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access.
- risk 0.55cvss 8.5epss 0.00
Use after free in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via network access.
- risk 0.43cvss 6.6epss 0.00
Cross-site scripting in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access.
- risk 0.42cvss 6.5epss 0.01
Buffer over-read in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
- risk 0.42cvss 6.5epss 0.00
Integer underflow in some Zoom Workplace Apps may allow an authenticated user to conduct a denial of service via network access.
- risk 0.42cvss 6.5epss 0.00
NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
- risk 0.42cvss 6.5epss 0.00
NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
- risk 0.42cvss 6.5epss 0.00
NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
- risk 0.42cvss 6.5epss 0.00
Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
- risk 0.42cvss 6.5epss 0.00
Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
- risk 0.42cvss 6.5epss 0.00
Insufficient verification of data authenticity in some Zoom Workplace Apps may allow an unprivileged user to conduct a denial of service via network access.
- risk 0.42cvss 6.5epss 0.01
Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.
- risk 0.42cvss 6.5epss 0.01
Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.
- risk 0.42cvss 6.5epss 0.01
Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access.
- risk 0.42cvss 6.5epss 0.01
Sensitive information exposure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct an information disclosure via network access.
- risk 0.34cvss 5.3epss 0.00
Business logic error in some Zoom Workplace Apps may allow an unauthenticated user to conduct a disclosure of information via network access.
- risk 0.32cvss 4.9epss 0.00
Incorrect ownership assignment in some Zoom Workplace Apps may allow a privileged user to conduct an information disclosure via network access.
- risk 0.32cvss 4.9epss 0.00
Incorrect user management in some Zoom Workplace Apps may allow a privileged user to conduct an information disclosure via network access.
Page 1 of 2