Zoom

Workplace Virtual Desktop Infrastructure

52 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2025-62483

  • EPSS 0.08%
  • Veröffentlicht 13.11.2025 15:03:07
  • Zuletzt bearbeitet 13.01.2026 20:50:10

Improper removal of sensitive information in certain Zoom Clients before version 6.5.10 may allow an unauthenticated user to conduct a disclosure of information via network access.

6.5

CVE-2025-30662

  • EPSS 0.02%
  • Veröffentlicht 13.11.2025 14:53:09
  • Zuletzt bearbeitet 09.01.2026 22:10:55

Symlink following in the installer for the Zoom Workplace VDI Plugin macOS Universal installer before version 6.3.14, 6.4.14, and 6.5.10 in their respective tracks may allow an authenticated user to conduct a disclosure of information via network acc...

6.5

CVE-2025-30669

  • EPSS 0.01%
  • Veröffentlicht 13.11.2025 14:49:54
  • Zuletzt bearbeitet 13.01.2026 20:50:57

Improper certificate validation in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via adjacent access.

7.8

CVE-2025-64740

  • EPSS 0.01%
  • Veröffentlicht 13.11.2025 14:35:39
  • Zuletzt bearbeitet 13.01.2026 20:51:36

Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client for Windows may allow an authenticated user to conduct an escalation of privilege via local access.

7.5

CVE-2025-64739

  • EPSS 0.07%
  • Veröffentlicht 13.11.2025 14:28:58
  • Zuletzt bearbeitet 13.01.2026 20:46:49

External control of file name or path in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via network access.

6.5

CVE-2025-58132

  • EPSS 0.12%
  • Veröffentlicht 15.10.2025 16:10:20
  • Zuletzt bearbeitet 21.10.2025 19:32:07

Command injection in some Zoom Clients for Windows may allow an authenticated user to conduct a disclosure of information via network access.

6.5

CVE-2025-58135

  • EPSS 0.04%
  • Veröffentlicht 09.09.2025 21:45:52
  • Zuletzt bearbeitet 06.10.2025 17:58:01

Improper action enforcement in certain Zoom Workplace Clients for Windows may allow an unauthenticated user to conduct a disclosure of information via network access.

4.3

CVE-2025-58134

  • EPSS 0.03%
  • Veröffentlicht 09.09.2025 21:44:01
  • Zuletzt bearbeitet 06.10.2025 17:47:34

Incorrect authorization in certain Zoom Workplace Clients for Windows may allow an authenticated user to conduct an impact to integrity via network access.

7.4

CVE-2025-49461

  • EPSS 0.05%
  • Veröffentlicht 09.09.2025 21:42:05
  • Zuletzt bearbeitet 06.10.2025 17:45:49

Cross-site scripting in certain Zoom Workplace Clients may allow an unauthenticated user to conduct a denial of service via network access.

7.5

CVE-2025-49460

  • EPSS 0.07%
  • Veröffentlicht 09.09.2025 21:38:40
  • Zuletzt bearbeitet 17.10.2025 19:42:52

Uncontrolled resource consumption in certain Zoom Workplace Clients may allow an unauthenticated user to conduct a denial of service via network access.