Workplace Desktop

workplace_desktop

Vendor: Zoom • 73 CVEs

CVEs (73)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2026-30903 1Zoom 2Workplace Desktop Workplace Virtual Desktop Infrastructure May 14, 2026 Mar 11, 2026 N/A· v4 9.8 CRITICAL· v3 N/A· v2 External Control of File Name or Path in the Mail feature of Zoom Workplace for Windows before 6.6.0 may allow an unauthenticated user to conduct an escalation of privilege via network access.
CVE-2026-30902 1Zoom 3Rooms Workplace DesktopWorkplace Virtual Desktop Infrastructure May 14, 2026 Mar 11, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Improper Privilege Management in certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access.
CVE-2026-30900 1Zoom 3Meeting Software Development Kit Workplace DesktopWorkplace Virtual Desktop Infrastructure May 14, 2026 Mar 11, 2026 N/A· v4 7.8 HIGH· v3 N/A· v2 Improper Check of minimum version in update functionality of certain Zoom Clients for Windows may allow an authenticated user to conduct an escalation of privilege via local access.
CVE-2025-64739 1Zoom 5Meeting Software Development Kit RoomsRooms Controller+2 more Jan 13, 2026 Nov 13, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 External control of file name or path in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via network access.
CVE-2025-64738 1Zoom 2Meeting Software Development Kit Workplace Desktop Jan 13, 2026 Nov 13, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 External control of file name or path in Zoom Workplace for macOS before version 6.5.10 may allow an authenticated user to conduct a disclosure of information via local access.
CVE-2025-62483 1Zoom 5Meeting Software Development Kit RoomsRooms Controller+2 more Jan 13, 2026 Nov 13, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Improper removal of sensitive information in certain Zoom Clients before version 6.5.10 may allow an unauthenticated user to conduct a disclosure of information via network access.
CVE-2025-62482 1Zoom 2Meeting Software Development Kit Workplace Desktop Jan 13, 2026 Nov 13, 2025 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Cross-site scripting in Zoom Workplace for Windows before version 6.5.10 may allow an unauthenticated user to impact integrity via network access.
CVE-2025-30669 1Zoom 3Meeting Software Development Kit Workplace DesktopWorkplace Virtual Desktop Infrastructure Jan 13, 2026 Nov 13, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Improper certificate validation in certain Zoom Clients may allow an unauthenticated user to conduct a disclosure of information via adjacent access.
CVE-2025-58132 1Zoom 4Meeting Software Development Kit RoomsWorkplace Desktop+1 more Oct 21, 2025 Oct 15, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Command injection in some Zoom Clients for Windows may allow an authenticated user to conduct a disclosure of information via network access.
CVE-2025-58135 1Zoom 5Meeting Software Development Kit RoomsRooms Controller+2 more Oct 6, 2025 Sep 9, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Improper action enforcement in certain Zoom Workplace Clients for Windows may allow an unauthenticated user to conduct a disclosure of information via network access.
CVE-2025-58134 1Zoom 5Meeting Software Development Kit RoomsRooms Controller+2 more Oct 6, 2025 Sep 9, 2025 N/A· v4 4.3 MEDIUM· v3 N/A· v2 Incorrect authorization in certain Zoom Workplace Clients for Windows may allow an authenticated user to conduct an impact to integrity via network access.
CVE-2025-49461 1Zoom 6Meeting Software Development Kit RoomsRooms Controller+3 more Oct 6, 2025 Sep 9, 2025 N/A· v4 7.4 HIGH· v3 N/A· v2 Cross-site scripting in certain Zoom Workplace Clients may allow an unauthenticated user to conduct a denial of service via network access.
CVE-2025-49460 1Zoom 6Meeting Software Development Kit RoomsRooms Controller+3 more Oct 17, 2025 Sep 9, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Uncontrolled resource consumption in certain Zoom Workplace Clients may allow an unauthenticated user to conduct a denial of service via network access.
CVE-2025-49458 1Zoom 5Meeting Software Development Kit RoomsRooms Controller+2 more Oct 17, 2025 Sep 9, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Buffer overflow in certain Zoom Workplace Clients may allow an authenticated user to conduct a denial of service via network access.
CVE-2025-49457 1Zoom 5Meeting Software Development Kit RoomsRooms Controller+2 more Sep 8, 2025 Aug 12, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to conduct an escalation of privilege via network access
CVE-2025-49456 1Zoom 5Meeting Software Development Kit RoomsRooms Controller+2 more Sep 8, 2025 Aug 12, 2025 N/A· v4 5.1 MEDIUM· v3 N/A· v2 Race condition in the installer for certain Zoom Clients for Windows may allow an unauthenticated user to impact application integrity via local access.
CVE-2025-46788 1Zoom 1Workplace Desktop Aug 5, 2025 Jul 10, 2025 N/A· v4 9.1 CRITICAL· v3 N/A· v2 Improper certificate validation in Zoom Workplace for Linux before version 6.4.13 may allow an unauthorized user to conduct an information disclosure via network access.
CVE-2025-46786 1Zoom 6Meeting Software Development Kit RoomsRooms Controller+3 more Nov 6, 2025 May 14, 2025 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Cross-site scripting in some Zoom Workplace Apps may allow an authenticated user to impact app integrity via network access.
CVE-2025-46785 1Zoom 5Meeting Software Development Kit RoomsRooms Controller+2 more Aug 19, 2025 May 14, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Buffer over-read in some Zoom Workplace Apps for Windows may allow an authenticated user to conduct a denial of service via network access.
CVE-2025-30668 1Zoom 6Meeting Software Development Kit RoomsRooms Controller+3 more Nov 4, 2025 May 14, 2025 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Integer underflow in some Zoom Workplace Apps may allow an authenticated user to conduct a denial of service via network access.

12 3 4 Next