TippingPoint Zero Day Initiative

Published Advisories

The following is a list of all publicly disclosed vulnerabilities discovered by TippingPoint Zero Day Initiative researchers. While the affected vendor is working on a patch for these vulnerabilities, TippingPoint customers are protected from exploitation by IPS filters delivered ahead of public disclosure. TippingPoint customers are additionally protected against 0day vulnerabilities discovered by our own DVLabs researchers. A list of published advisories discovered by TippingPoint's DVLabs research group is available from:

ZDI Advisories: 2015   |   2014   |   2013   |   2012   |   2011   |   2010   |   2009   |   2008   |   2007   |   2006   |   2005

ZDI-15-011 CVE: CVE-2014-4484 Published: 2015-01-27
Apple Mac OS X DFont Memory Corruption Remote Code Execution Vulnerability
ZDI-15-010 CVE: CVE-2014-8840 Published: 2015-01-27
(Mobile Pwn2Own) Apple iOS SSL Sandbox Bypass Vulnerability
ZDI-15-009 CVE: CVE-2014-4477 Published: 2015-01-27
(Mobile Pwn2Own) Apple Safari Set Use-After-Free Remote Code Execution Vulnerability
ZDI-15-008 CVE: CVE-2014-5211 Published: 2015-01-21
Attachmate Reflection FTP Client Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-15-007 CVE: CVE-2015-0307 Published: 2015-01-21
Adobe Flash Player AVSegmentedSource::getABRProfileInfoAtIndex Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-15-006 CVE: CVE-2014-5005 Published: 2015-01-07
ManageEngine Desktop Central MSP StatusUpdateServlet fileName File Upload Remote Code Execution Vulnerability
ZDI-15-005 CVE: CVE-2014-9188 Published: 2015-01-07
Schneider Electric ProClima MetaDraw ArrangeObjects Remote Code Execution Vulnerability
ZDI-15-004 CVE: CVE-2014-8512 Published: 2015-01-07
Schneider Electric ProClima ATX45 SetBodyAttribute Remote Code Execution Vulnerability
ZDI-15-003 CVE: CVE-2014-8511 Published: 2015-01-07
Schneider Electric ProClima ATX45 SetHtmlFileName Remote Code Execution Vulnerability
ZDI-15-002 CVE: CVE-2014-8514 Published: 2015-01-07
Schneider Electric ProClima MetaDraw ObjLinks Property Remote Code Execution Vulnerability
ZDI-15-001 CVE: CVE-2014-8513 Published: 2015-01-07
Schneider Electric ProClima MetaDraw ObjectOverlappedBy Remote Code Execution Vulnerability