Rooms Controller

rooms_controller

Vendor: Zoom • 44 CVEs

CVEs (44)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-64739 1Zoom 5Meeting Software Development Kit RoomsRooms Controller+2 more Jan 13, 2026 Nov 13, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 External control of file name or path in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via network access.
CVE-2025-62483 1Zoom 5Meeting Software Development Kit RoomsRooms Controller+2 more Jan 13, 2026 Nov 13, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Improper removal of sensitive information in certain Zoom Clients before version 6.5.10 may allow an unauthenticated user to conduct a disclosure of information via network access.
CVE-2025-58135 1Zoom 5Meeting Software Development Kit RoomsRooms Controller+2 more Oct 6, 2025 Sep 9, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Improper action enforcement in certain Zoom Workplace Clients for Windows may allow an unauthenticated user to conduct a disclosure of information via network access.
CVE-2025-58134 1Zoom 5Meeting Software Development Kit RoomsRooms Controller+2 more Oct 6, 2025 Sep 9, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Incorrect authorization in certain Zoom Workplace Clients for Windows may allow an authenticated user to conduct an impact to integrity via network access.
CVE-2025-49461 1Zoom 6Meeting Software Development Kit RoomsRooms Controller+3 more Oct 6, 2025 Sep 9, 2025 N/A· v4 7.4 HIGH· v3 N/A· v2 Cross-site scripting in certain Zoom Workplace Clients may allow an unauthenticated user to conduct a denial of service via network access.
CVE-2025-49460 1Zoom 6Meeting Software Development Kit RoomsRooms Controller+3 more Oct 17, 2025 Sep 9, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Uncontrolled resource consumption in certain Zoom Workplace Clients may allow an unauthenticated user to conduct a denial of service via network access.
CVE-2025-49458 1Zoom 5Meeting Software Development Kit RoomsRooms Controller+2 more Oct 17, 2025 Sep 9, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Buffer overflow in certain Zoom Workplace Clients may allow an authenticated user to conduct a denial of service via network access.
CVE-2025-49457 1Zoom 5Meeting Software Development Kit RoomsRooms Controller+2 more Sep 8, 2025 Aug 12, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access
CVE-2025-49456 1Zoom 5Meeting Software Development Kit RoomsRooms Controller+2 more Sep 8, 2025 Aug 12, 2025 N/A· v4 5.1 MEDIUM· v3 N/A· v2 Race condition in the installer for certain Zoom Clients for Windows may allow an unauthenticated user to impact application integrity via local access.
CVE-2025-46786 1Zoom 6Meeting Software Development Kit RoomsRooms Controller+3 more Nov 6, 2025 May 14, 2025 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Cross-site scripting in some Zoom Workplace Apps may allow an authenticated user to impact app integrity via network access.
CVE-2025-46785 1Zoom 5Meeting Software Development Kit RoomsRooms Controller+2 more Aug 19, 2025 May 14, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Buffer over-read in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
CVE-2025-30668 1Zoom 6Meeting Software Development Kit RoomsRooms Controller+3 more Nov 4, 2025 May 14, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Integer underflow in some Zoom Workplace Apps may allow an authenticated user to conduct a denial of service via network access.
CVE-2025-30667 1Zoom 6Meeting Software Development Kit RoomsRooms Controller+3 more Nov 4, 2025 May 14, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
CVE-2025-30666 1Zoom 5Meeting Software Development Kit RoomsRooms Controller+2 more Aug 5, 2025 May 14, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
CVE-2025-30665 1Zoom 5Meeting Software Development Kit RoomsRooms Controller+2 more Aug 5, 2025 May 14, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 NULL pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
CVE-2025-30664 1Zoom 6Meeting Software Development Kit RoomsRooms Controller+3 more Nov 6, 2025 May 14, 2025 N/A· v4 8.2 HIGH· v3 N/A· v2 Cross-site scripting in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access.
CVE-2025-30663 1Zoom 6Meeting Software Development Kit RoomsRooms Controller+3 more Nov 6, 2025 May 14, 2025 N/A· v4 7.0 HIGH· v3 N/A· v2 Time-of-check time-of-use race condition in some Zoom Workplace Apps may allow an authenticated user to conduct an escalation of privilege via local access.
CVE-2025-30671 1Zoom 5Meeting Software Development Kit RoomsRooms Controller+2 more Aug 1, 2025 Apr 8, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
CVE-2025-30670 1Zoom 5Meeting Software Development Kit RoomsRooms Controller+2 more Aug 1, 2025 Apr 8, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Null pointer dereference in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
CVE-2025-27443 1Zoom 4Meeting Software Development Kit RoomsRooms Controller+1 more Aug 1, 2025 Apr 8, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a loss of integrity via local access.

12 3 Next