Zoom Workplace Apps
by Zoom Video Communications, Inc.
CVEs (29)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-42435 | Med | 0.32 | 4.9 | 0.01 | Aug 14, 2024 | Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access. | ||
| CVE-2024-42434 | Med | 0.32 | 4.9 | 0.00 | Aug 14, 2024 | Missing authorization in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access. | ||
| CVE-2024-39824 | Med | 0.32 | 4.9 | 0.01 | Aug 14, 2024 | Missing authorization in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access. | ||
| CVE-2024-39823 | Med | 0.32 | 4.9 | 0.00 | Aug 14, 2024 | Missing authorization in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access. | ||
| CVE-2025-27442 | Med | 0.30 | 4.6 | 0.00 | Apr 8, 2025 | Cross site scripting in some Zoom Workplace Apps may allow an unauthenticated user to conduct a loss of integrity via adjacent network access. | ||
| CVE-2025-27441 | Med | 0.30 | 4.6 | 0.00 | Apr 8, 2025 | Cross site scripting in some Zoom Workplace Apps may allow an unauthenticated user to conduct a loss of integrity via adjacent network access. | ||
| CVE-2025-46786 | Med | 0.28 | 4.3 | 0.00 | May 14, 2025 | Cross-site scripting in some Zoom Workplace Apps may allow an authenticated user to impact app integrity via network access. | ||
| CVE-2025-0144 | Low | 0.20 | 3.1 | 0.00 | Jan 30, 2025 | Out-of-bounds write in some Zoom Workplace Apps may allow an authorized user to conduct a loss of integrity via network access. | ||
| CVE-2025-27443 | Low | 0.18 | 2.8 | 0.00 | Apr 8, 2025 | Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a loss of integrity via local access. |
- risk 0.32cvss 4.9epss 0.01
Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.
- risk 0.32cvss 4.9epss 0.00
Missing authorization in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.
- risk 0.32cvss 4.9epss 0.01
Missing authorization in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.
- risk 0.32cvss 4.9epss 0.00
Missing authorization in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access.
- risk 0.30cvss 4.6epss 0.00
Cross site scripting in some Zoom Workplace Apps may allow an unauthenticated user to conduct a loss of integrity via adjacent network access.
- risk 0.30cvss 4.6epss 0.00
Cross site scripting in some Zoom Workplace Apps may allow an unauthenticated user to conduct a loss of integrity via adjacent network access.
- risk 0.28cvss 4.3epss 0.00
Cross-site scripting in some Zoom Workplace Apps may allow an authenticated user to impact app integrity via network access.
- risk 0.20cvss 3.1epss 0.00
Out-of-bounds write in some Zoom Workplace Apps may allow an authorized user to conduct a loss of integrity via network access.
- risk 0.18cvss 2.8epss 0.00
Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a loss of integrity via local access.
Page 2 of 2