Zoom

Rooms

104 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2025-67460

  • EPSS 0.05%
  • Veröffentlicht 10.12.2025 20:37:03
  • Zuletzt bearbeitet 30.12.2025 18:32:22

Protection Mechanism Failure of Software Downgrade in Zoom Rooms for Windows before 6.6.0 may allow an unauthenticated user to conduct an escalation of privilege via local access.

5.5

CVE-2025-67461

  • EPSS 0.02%
  • Veröffentlicht 10.12.2025 20:29:36
  • Zuletzt bearbeitet 30.12.2025 18:23:47

External control of file name or path in Zoom Rooms for macOS before version 6.6.0 may allow an authenticated user to conduct a disclosure of information via local access.

7.5

CVE-2025-62483

  • EPSS 0.08%
  • Veröffentlicht 13.11.2025 15:03:07
  • Zuletzt bearbeitet 13.01.2026 20:50:10

Improper removal of sensitive information in certain Zoom Clients before version 6.5.10 may allow an unauthenticated user to conduct a disclosure of information via network access.

7.5

CVE-2025-64739

  • EPSS 0.07%
  • Veröffentlicht 13.11.2025 14:28:58
  • Zuletzt bearbeitet 13.01.2026 20:46:49

External control of file name or path in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via network access.

7.5

CVE-2025-58133

  • EPSS 0.21%
  • Veröffentlicht 15.10.2025 16:13:28
  • Zuletzt bearbeitet 21.10.2025 19:33:55

Authentication bypass in some Zoom Rooms Clients before version 6.5.1 may allow an unauthenticated user to conduct a disclosure of information via network access.

6.5

CVE-2025-58132

  • EPSS 0.12%
  • Veröffentlicht 15.10.2025 16:10:20
  • Zuletzt bearbeitet 21.10.2025 19:32:07

Command injection in some Zoom Clients for Windows may allow an authenticated user to conduct a disclosure of information via network access.

6.5

CVE-2025-58135

  • EPSS 0.04%
  • Veröffentlicht 09.09.2025 21:45:52
  • Zuletzt bearbeitet 06.10.2025 17:58:01

Improper action enforcement in certain Zoom Workplace Clients for Windows may allow an unauthenticated user to conduct a disclosure of information via network access.

4.3

CVE-2025-58134

  • EPSS 0.03%
  • Veröffentlicht 09.09.2025 21:44:01
  • Zuletzt bearbeitet 06.10.2025 17:47:34

Incorrect authorization in certain Zoom Workplace Clients for Windows may allow an authenticated user to conduct an impact to integrity via network access.

7.4

CVE-2025-49461

  • EPSS 0.05%
  • Veröffentlicht 09.09.2025 21:42:05
  • Zuletzt bearbeitet 06.10.2025 17:45:49

Cross-site scripting in certain Zoom Workplace Clients may allow an unauthenticated user to conduct a denial of service via network access.

7.5

CVE-2025-49460

  • EPSS 0.07%
  • Veröffentlicht 09.09.2025 21:38:40
  • Zuletzt bearbeitet 17.10.2025 19:42:52

Uncontrolled resource consumption in certain Zoom Workplace Clients may allow an unauthenticated user to conduct a denial of service via network access.