Published Advisories
The following is a list of all publicly disclosed vulnerabilities discovered by TrendAI™ Zero Day Initiative™ (ZDI) researchers. While the affected vendor is working on a patch for these vulnerabilities, TrendAI™ customers are protected from exploitation by security filters delivered ahead of public disclosure.
All security vulnerabilities that are acquired by TrendAI™ ZDI are handled according to TrendAI™ ZDI's disclosure policy. Once the affected vendor patches the vulnerability, we publish an accompanying security advisory that describes the issue, including links to the vendor's fixes.
Published
Upcoming
| ZDI ID | ZDI CAN | Vendor/Product | CVE | CVSS | Published | Updated | ||
|---|---|---|---|---|---|---|---|---|
ZDI-CAN-1437 |
Honeywell |
CVE-2012-2054 |
7.5 |
2012-12-21 |
Honeywell HMIWeb Browser ActiveX Control RequestDSPLoad Remote Code Execution Vulnerability |
|||
ZDI-CAN-1480 |
Oracle |
10.0 |
2012-12-21 |
Oracle Outside In WordPerfect File Processing Remote Code Execution Vulnerability |
||||
ZDI-CAN-1281 |
Microsoft |
CVE-2012-0182 |
7.5 |
2012-12-21 |
Microsoft Office Word PAPX Section Remote Code Execution Vulnerability |
|||
ZDI-CAN-1569 |
Microsoft |
CVE-2012-2548 |
7.5 |
2012-12-21 |
Microsoft Internet Explorer 9 CTreeNode Remote Code Execution Vulnerability |
|||
ZDI-CAN-1586 |
Microsoft |
CVE-2012-4969 |
7.5 |
2012-12-21 |
Microsoft Internet Explorer execCommand Remote Code Execution Vulnerability |
|||
ZDI-CAN-1574 |
Microsoft |
CVE-2012-2557 |
7.5 |
2012-12-21 |
Microsoft Internet Explorer CMarkup outerText Remote Code Execution Vulnerability |
|||
ZDI-CAN-1590 |
Oracle |
CVE-2012-1682 |
9.0 |
2012-12-21 |
Oracle Java java.beans.Statement Remote Code Execution Vulnerability |
|||
ZDI-CAN-1347 |
Novell |
CVE-2012-0417 |
10.0 |
2012-12-21 |
Novell Groupwise GWIA ber_get_stringa Remote Code Execution Vulnerability |
|||
ZDI-CAN-1322 |
RealNetworks |
CVE-2012-0928 |
7.5 |
2012-12-21 |
RealNetworks RealPlayer ATRAC Sample Decoding Remote Code Execution Vulnerability |
|||
ZDI-CAN-1523 |
Microsoft |
CVE-2012-1878 |
7.5 |
2012-12-21 |
Microsoft Internet Explorer OnBeforeDeactivate Event Remote Code Execution Vulnerability |
|||
ZDI-CAN-1524 |
Microsoft |
CVE-2012-1879 |
7.5 |
2012-12-21 |
Microsoft Internet Explorer insertAdjacentText Remote Code Execution Vulnerability |
|||
ZDI-CAN-1525 |
Microsoft |
CVE-2012-1880 |
7.5 |
2012-12-21 |
Microsoft Internet Explorer insertRow Remote Code Execution Vulnerability |
|||
ZDI-CAN-1528 |
WebKit.Org |
CVE-2011-3071 |
7.5 |
2012-12-21 |
Webkit HTMLMedia Element beforeLoad Remote Code Execution Vulnerability |
|||
ZDI-CAN-1520 |
Microsoft |
CVE-2012-1877 |
7.5 |
2012-12-21 |
Microsoft Internet Explorer Title Element Change Remote Code Execution Vulnerability |
|||
ZDI-CAN-1501 |
Oracle |
CVE-2012-1721 |
9.0 |
2012-12-21 |
Oracle Java WebStart Changing System Properties Remote Code Execution Vulnerability |
|||
ZDI-CAN-1526 |
Microsoft |
CVE-2012-1881 |
7.5 |
2012-12-21 |
Microsoft Internet Explorer OnRowsInserted Event Remote Code Execution Vulnerability |
|||
ZDI-CAN-1350 |
RealNetworks |
CVE-2012-0923 |
7.5 |
2012-11-19 |
RealNetworks RealPlayer RV20 Frame Size Array Remote Code Execution Vulnerability |
|||
ZDI-CAN-1402 |
Microsoft |
CVE-2012-0183 |
7.5 |
2012-11-15 |
Microsoft Office 2007 RTF Mismatch Remote Code Execution Vulnerability |
|||
ZDI-CAN-1385 |
Apple |
CVE-2012-0650 |
10.0 |
2012-11-15 |
Apple Mac OS X DirectoryService SwapProxyMessage Unchecked objOffset Remote Code Execution Vulnerability |
|||
ZDI-CAN-1373 |
Microsoft |
CVE-2012-2543 |
7.5 |
2012-11-15 |
Microsoft Excel Feature11/Feature12 Record Trusted Counter Remote Code Execution Vulnerability |
|||
ZDI-CAN-1191 |
RealNetworks |
CVE-2012-0925 |
9.0 |
2012-11-15 |
RealNetworks RealPlayer RV40 Remote Code Execution Vulnerability |
|||
ZDI-CAN-1529 |
EMC |
CVE-2012-2289 |
7.5 |
2012-08-29 |
EMC AppXtender WxSuperCtrl650.ocx ActiveX Control Remote Code Execution Vulnerability |
|||
ZDI-CAN-1466 |
Novell |
CVE-2011-4186 |
10.0 |
2012-08-29 |
Novell iPrint nipplib.dll client-file-name Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1434 |
Novell |
7.5 |
2012-08-29 |
Novell ZENWorks AdminStudio ISGrid.dll ActiveX Remote Code Execution Vulnerability |
||||
ZDI-CAN-1493 |
EMC |
CVE-2012-2289 |
7.5 |
2012-08-29 |
EMC ApplicationXtender Desktop Viewer AEXView ActiveX AnnoSave Remote Code Execution Vulnerability |
|||
ZDI-CAN-1472 |
Hewlett-Packard |
10.0 |
2012-08-29 |
(0Day) HP SiteScope SOAP Call update Remote Code Execution Vulnerability |
||||
ZDI-CAN-1465 |
Hewlett-Packard |
10.0 |
2012-08-29 |
(0Day) HP SiteScope SOAP Call loadFileContent Remote Code Execution Vulnerability |
||||
ZDI-CAN-1464 |
Hewlett-Packard |
10.0 |
2012-08-29 |
(0Day) HP SiteScope SOAP Call getFileInternal Remote Code Execution Vulnerability |
||||
ZDI-CAN-1463 |
Hewlett-Packard |
10.0 |
2012-08-29 |
(0Day) HP SiteScope SOAP Call create Remote Code Execution Vulnerability |
||||
ZDI-CAN-1462 |
Hewlett-Packard |
10.0 |
2012-08-29 |
(0Day) HP SiteScope UploadFilesHandler Remote Code Execution Vulnerability |
||||
ZDI-CAN-1461 |
Hewlett-Packard |
10.0 |
2012-08-29 |
(0Day) HP SiteScope SOAP Call getSiteScopeConfiguration Remote Code Execution Vulnerability |
||||
ZDI-CAN-1456 |
Hewlett-Packard |
10.0 |
2012-08-29 |
(0Day) HP Operations Orchestration RSScheduler Service JDBC Connector Remote Code Execution Vulnerability |
||||
ZDI-CAN-1348 |
Hewlett-Packard |
10.0 |
2012-08-29 |
(0Day) HP Intelligent Management Center UAM sprintf Remote Code Execution Vulnerability |
||||
ZDI-CAN-1327 |
Hewlett-Packard |
7.5 |
2012-08-29 |
(0Day) HP Application Lifecycle Management XGO.ocx ActiveX Control Remote Code Execution Vulnerability |
||||
ZDI-CAN-1491 |
GE |
CVE-2012-2516 |
7.5 |
2012-08-29 |
GE Proficy Historian KeyHelp ActiveX LaunchTriPane Remote Code Execution Vulnerability |
|||
ZDI-CAN-1342 |
Indusoft |
CVE-2011-0340 |
7.5 |
2012-08-29 |
InduSoft Thin Client ISSymbol InternationalSeparator Remote Code Execution Vulnerability |
|||
ZDI-CAN-1318 |
Novell |
10.0 |
2012-08-29 |
(0Day) Novell File Reporter NFRAgent.exe VOL Tag Remote Code Execution Vulnerability |
||||
ZDI-CAN-1467 |
Hewlett-Packard |
10.0 |
2012-08-22 |
(0Day) HP LeftHand Virtual SAN Appliance Unauthenticated Access Remote Command Execution Vulnerability |
||||
ZDI-CAN-1391 |
Hewlett-Packard |
10.0 |
2012-08-22 |
(0Day) HP Operations Agent for NonStop Server HEALTH Packet Parsing Remote Code Execution Vulnerability |
||||
ZDI-CAN-1389 |
Hewlett-Packard |
10.0 |
2012-08-22 |
(0Day) HP Intelligent Management Center img.exe Integer Wrap Remote Code Execution Vulnerability |
||||
ZDI-CAN-1358 |
Hewlett-Packard |
10.0 |
2012-08-22 |
(0Day) HP iNode Management Center iNodeMngChecker.exe Remote Code Execution Vulnerability |
||||
ZDI-CAN-1287 |
Hewlett-Packard |
10.0 |
2012-08-22 |
(0Day) HP Diagnostics Server magentservice.exe Remote Code Execution Vulnerability |
||||
ZDI-CAN-1487 |
EMC |
CVE-2012-0409 |
10.0 |
2012-08-22 |
EMC AutoStart ftAgent Opcode 0x2d Subcode 0x1194 Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1486 |
EMC |
CVE-2012-0409 |
10.0 |
2012-08-22 |
EMC AutoStart ftAgent Opcode 0x14 Subcode 0x7F8 Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1488 |
EMC |
CVE-2012-0409 |
10.0 |
2012-08-22 |
EMC AutoStart ftAgent Opcode 0x14 Subcode 0x7e7 Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1521 |
Microsoft |
CVE-2012-1891 |
7.5 |
2012-08-22 |
Microsoft Internet Explorer MSADO CacheSize Remote Code Execution Vulnerability |
|||
ZDI-CAN-1374 |
Microsoft |
CVE-2012-1847 |
7.5 |
2012-08-22 |
Microsoft Excel Series Record Parsing Type Mismatch Remote Code Execution Vulnerability |
|||
ZDI-CAN-1411 |
Cisco |
CVE-2012-2493 |
9.0 |
2012-08-22 |
Cisco AnyConnect VPN Client Arbitrary Program Instantiation Remote Code Execution Vulnerability |
|||
ZDI-CAN-1341 |
Indusoft |
CVE-2011-0340 |
7.5 |
2012-08-22 |
InduSoft Thin Client ISSymbol InternationalOrder Remote Code Execution Vulnerability |
|||
ZDI-CAN-1343 |
IBM |
CVE-2012-2174 |
7.5 |
2012-08-22 |
IBM Lotus Notes URL Command Injection Remote Code Execution Vulnerability |
|||
ZDI-CAN-1495 |
Apple |
CVE-2012-0670 |
7.5 |
2012-08-22 |
Apple QuickTime sean Atom Size Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1483 |
Oracle |
10.0 |
2012-08-22 |
Oracle Outside In Excel MergeCells Record Parsing Remote Code Execution Vulnerability |
||||
ZDI-CAN-1482 |
Oracle |
10.0 |
2012-08-22 |
Oracle Outside In Excel File TxO Parsing Remote Code Execution Vulnerability |
||||
ZDI-CAN-1481 |
Oracle |
10.0 |
2012-08-22 |
Oracle Outside In XPM Processing Remote Code Execution Vulnerability |
||||
ZDI-CAN-1412 |
Cisco |
CVE-2012-2494 |
9.0 |
2012-08-22 |
Cisco AnyConnect VPN Client Verification Bypass Remote Code Execution Vulnerability |
|||
ZDI-CAN-1419 |
GE |
CVE-2012-0232 |
9.4 |
2012-08-22 |
GE Proficy Real-Time Information Portal Remote Interface Service Remote Code Execution Vulnerability |
|||
ZDI-CAN-1416 |
WebKit.Org |
CVE-2011-3897 |
7.5 |
2012-08-22 |
WebKit ContentEditable swapInNode Use-After-Free Remote Code Execution Vulnerability |
|||
ZDI-CAN-1409 |
Novell |
10.0 |
2012-08-22 |
Novell eDirectory RelativeToFullDN Parsing Remote Code Execution Vulnerability |
||||
ZDI-CAN-1357 |
Symantec |
CVE-2012-0289 |
10.0 |
2012-08-22 |
Symantec Endpoint Protection SemSvc.exe AgentServlet Remote Code Execution Vulnerability |
|||
ZDI-CAN-1485 |
EMC |
CVE-2012-0409 |
10.0 |
2012-08-17 |
EMC AutoStart ftAgent Opcode 0x4B Subcode 0x1D4C Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1531 |
Microsoft |
CVE-2012-1888 |
7.5 |
2012-08-17 |
Microsoft Visio DWGDP MTEXT Remote Code Execution Vulnerability |
|||
ZDI-CAN-1502 |
Oracle |
CVE-2012-1713 |
9.0 |
2012-08-17 |
Oracle Java WebStart Browser Argument Injection Remote Code Execution Vulnerability |
|||
ZDI-CAN-1469 |
Microsoft |
CVE-2012-1855 |
7.5 |
2012-08-17 |
Microsoft .NET Framework Clipboard Unsafe Memory Access Remote Code Execution Vulnerability |
|||
ZDI-CAN-1406 |
McAfee |
10.0 |
2012-08-17 |
McAfee SmartFilter Administration Server SFAdminSrv.exe JBoss RMI Remote Code Execution Vulnerabilty |
||||
ZDI-CAN-1441 |
SAP |
10.0 |
2012-08-17 |
SAP Crystal Reports crystalras.exe OBUnmarshal Remote Code Execution Vulnerability |
||||
ZDI-CAN-1430 |
SAP |
7.5 |
2012-08-17 |
SAP Business Objects Financial Consolidation CtAppReg.dll username Remote Code Execution Vulnerability |
||||
ZDI-CAN-1386 |
Apple |
CVE-2012-0662 |
10.0 |
2012-08-17 |
Apple Mac OS X libsecurity_cdsa_plugin Malloc Integer Truncation Remote Code Execution Vulnerability |
|||
ZDI-CAN-1371 |
Apple |
CVE-2011-3220 |
7.5 |
2012-08-17 |
Apple QuickTime Invalid Public Movie Atom Remote Code Execution Vulnerability |
|||
ZDI-CAN-1459 |
Apple |
CVE-2012-0661 |
7.5 |
2012-08-03 |
Apple QuickTime JPEG2k Sample Size Atom Remote Code Execution Vulnerability |
|||
ZDI-CAN-1455 |
IBM |
CVE-2012-2176 |
7.5 |
2012-08-03 |
IBM Lotus Quickr QP2 ActiveX _Times Remote Code Execution Vulnerability |
|||
ZDI-CAN-1377 |
GE |
CVE-2012-0229 |
10.0 |
2012-08-03 |
GE Proficy Historian ihDataArchiver.exe Multiple Opcode Parsing Remote Code Execution Vulnerabilities |
|||
ZDI-CAN-1439 |
IBM |
CVE-2012-2175 |
7.5 |
2012-08-03 |
IBM Lotus iNotes dwa85W ActiveX Attachment_Times Remote Code Execution Vulnerability |
|||
ZDI-CAN-1432 |
Microsoft |
CVE-2012-0162 |
7.5 |
2012-08-03 |
Microsoft .NET Framework Undersized Glyph Buffer Remote Code Execution Vulnerability |
|||
ZDI-CAN-1382 |
Apple |
CVE-2011-3458 |
7.5 |
2012-08-03 |
Apple QuickTime Player MP4A Uninitialized Pointer Remote Code Execution Vulnerability |
|||
ZDI-CAN-1338 |
Microsoft |
CVE-2012-0159 |
10.0 |
2012-08-03 |
Microsoft Windows TrueType Font Parsing Remote Code Execution Vulnerability (Remote Kernel) |
|||
ZDI-CAN-1301 |
Mozilla |
CVE-2011-3671 |
7.5 |
2012-08-03 |
Mozilla Firefox nsHTMLSelectElement Remote Code Execution Vulnerability |
|||
ZDI-CAN-1190 |
Hewlett-Packard |
10.0 |
2012-07-18 |
(0Day) HP StorageWorks File Migration Agent RsaFTP.dll Remote Code Execution Vulnerability |
||||
ZDI-CAN-1189 |
Hewlett-Packard |
10.0 |
2012-07-18 |
(0Day) HP StorageWorks File Migration Agent RsaCIFS.dll Remote Code Execution Vulnerability |
||||
ZDI-CAN-1398 |
Apple |
CVE-2012-0666 |
7.5 |
2012-07-12 |
Apple Quicktime QTPlugin SetLanguage Remote Code Execution Vulnerability |
|||
ZDI-CAN-1450 |
EMC |
CVE-2012-0409 |
10.0 |
2012-07-12 |
EMC AutoStart ftAgent Opcode 50 Subcode 42 Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1449 |
EMC |
CVE-2012-0409 |
10.0 |
2012-07-12 |
EMC AutoStart ftAgent Opcode 50 Subcode 60 Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1448 |
EMC |
CVE-2012-0409 |
10.0 |
2012-07-12 |
EMC AutoStart ftAgent Opcode 65 Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1447 |
EMC |
CVE-2012-0409 |
10.0 |
2012-07-12 |
EMC AutoStart ftAgent Opcode 85 Subcode 01 Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1446 |
EMC |
CVE-2012-0409 |
10.0 |
2012-07-12 |
EMC AutoStart ftAgent Opcode 85 Subcode 22 Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1445 |
EMC |
CVE-2012-0409 |
10.0 |
2012-07-12 |
EMC AutoStart ftAgent Opcode 0x41 Subcode 0x00 Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1444 |
EMC |
CVE-2012-0409 |
10.0 |
2012-07-12 |
EMC AutoStart ftAgent Opcode 0x03 Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1443 |
EMC |
CVE-2012-0409 |
10.0 |
2012-07-12 |
EMC AutoStart ftAgent Opcode 50 Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1442 |
EMC |
CVE-2012-0409 |
10.0 |
2012-07-12 |
EMC AutoStart ftAgent Opcode 50 Subcode 04 Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1326 |
Hewlett-Packard |
CVE-2012-2020 |
10.0 |
2012-07-12 |
HP OpenView Performance Agent coda.exe Opcode 0x8C Remote Code Execution Vulnerability |
|||
ZDI-CAN-1325 |
Hewlett-Packard |
CVE-2012-2019 |
10.0 |
2012-07-12 |
HP OpenView Performance Agent coda.exe Opcode 0x34 Remote Code Execution Vulnerability |
|||
ZDI-CAN-1249 |
IBM |
CVE-2012-0708 |
7.5 |
2012-06-28 |
IBM Rational ClearQuest CQOle ActiveX Control Remote Code Execution Vulnerability |
|||
ZDI-CAN-1396 |
SAP |
9.0 |
2012-06-28 |
SAP Netweaver ABAP msg_server.exe Parameter Name Remote Code Execution Vulnerability |
||||
ZDI-CAN-1394 |
SAP |
10.0 |
2012-06-28 |
SAP Netweaver ABAP msg_server.exe Opcode 0x43 Remote Code Execution Vulnerability |
||||
ZDI-CAN-1413 |
Mozilla |
CVE-2011-3659 |
7.5 |
2012-06-28 |
Mozilla Firefox AttributeChildRemoved Use-After-Free Remote Code Execution Vulnerability |
|||
ZDI-CAN-1367 |
Apple |
CVE-2012-0663 |
7.5 |
2012-06-28 |
Apple Quicktime TeXML Karaoke Element Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1365 |
Apple |
CVE-2012-0663 |
7.5 |
2012-06-28 |
Apple Quicktime TeXML sampleData Element Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1364 |
Apple |
CVE-2012-0663 |
7.5 |
2012-06-28 |
Apple Quicktime TeXML Style Element Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1355 |
Avaya |
CVE-2012-3811 |
9.7 |
2012-06-28 |
Avaya IP Office Customer Call Reporter ImageUpload Remote Code Execution Vulnerability |
|||
ZDI-CAN-1408 |
Apple |
CVE-2012-0664 |
7.5 |
2012-06-27 |
2019-07-19 |
Apple QuickTime Text Track Descriptor Parsing Remote Code Execution Vulnerability |
||
ZDI-CAN-1395 |
SAP |
10.0 |
2012-06-27 |
SAP Netweaver ABAP msg_server.exe Parameter Value Remote Code Execution Vulnerability |
||||
ZDI-CAN-1369 |
Apple |
CVE-2011-3459 |
7.5 |
2012-06-27 |
Apple Quicktime Dataref URI Buffer Remote Code Execution Vulnerability |
|||
ZDI-CAN-1345 |
Novell |
CVE-2011-4187 |
9.0 |
2012-06-27 |
Novell iPrint Client nipplib.dll GetDriverSettings realm Remote Code Execution Vulnerability |
|||
ZDI-CAN-1418 |
IBM |
CVE-2012-0202 |
10.0 |
2012-06-27 |
IBM Cognos tm1admsd.exe Multiple Operations Remote Code Execution Vulnerabilities |
|||
ZDI-CAN-1340 |
Hewlett-Packard |
CVE-2012-0127 |
10.0 |
2012-06-21 |
HP OpenView Performance Manager PMParamHandler Remote Code Execution Vulnerability |
|||
ZDI-CAN-1263 |
Hewlett-Packard, DataDirect |
CVE-2011-4165 |
7.5 |
2012-06-21 |
DataDirect OpenAccess oaagent.exe GIOP Remote Code Execution Vulnerability |
|||
ZDI-CAN-1421 |
America Online |
7.5 |
2012-06-21 |
AOL Products dnUpdater ActiveX Uninitialized Pointer Remote Code Execution Vulnerability |
||||
ZDI-CAN-1392 |
Hewlett-Packard |
CVE-2012-0121 |
10.0 |
2012-06-21 |
HP Data Protector Express Opcode 0x320 Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1393 |
Hewlett-Packard |
CVE-2012-0122 |
10.0 |
2012-06-21 |
HP Data Protector Express Opcode 0x330 Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1363 |
Apple |
CVE-2012-0663 |
7.5 |
2012-06-21 |
Apple Quicktime TeXML transform Attribute Remote Code Execution Vulnerability |
|||
ZDI-CAN-1428 |
RealNetworks |
CVE-2012-0942 |
7.5 |
2012-06-21 |
RealNetworks Helix Server rn5auth Credential Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1547 |
Microsoft |
CVE-2012-1876 |
9.0 |
2012-06-12 |
(Pwn2Own) Microsoft Internet Explorer Fixed Table Colspan Remote Code Execution Vulnerability |
|||
ZDI-CAN-1313 |
RealNetworks |
CVE-2011-4247 |
7.5 |
2012-06-08 |
RealNetworks RealPlayer QCELP Stream Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1436 |
Symantec |
CVE-2012-0299 |
7.5 |
2012-06-08 |
Symantec Web Gateway upload_file Remote Code Execution Vulnerability |
|||
ZDI-CAN-1435 |
Symantec |
CVE-2012-0297 |
7.5 |
2012-06-08 |
Symantec Web Gateway Shell Command Injection Remote Code Execution Vulnerability |
|||
ZDI-CAN-1214 |
Hewlett-Packard, DataDirect |
CVE-2011-4164 |
10.0 |
2012-06-06 |
HP DataDirect OpenAccess GIOP Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1213 |
Hewlett-Packard, DataDirect |
CVE-2011-4163 |
10.0 |
2012-06-06 |
HP DataDirect OpenAccess GIOP Opcode 0x0E Remote Code Execution Vulnerability |
|||
ZDI-CAN-1352 |
RealNetworks |
CVE-2011-4260 |
7.5 |
2012-06-06 |
RealNetworks RealPlayer raac.dll stsz Remote Code Execution Vulnerability |
|||
ZDI-CAN-1361 |
RealNetworks |
CVE-2012-0922 |
7.5 |
2012-06-06 |
RealNetworks RealPlayer rvrender RMFF Flags Remote Code Execution Vulnerability |
|||
ZDI-CAN-1360 |
RealNetworks |
CVE-2011-4261 |
7.5 |
2012-06-06 |
RealNetworks RealPlayer dmp4 esds Width Remote Code Execution Vulnerability |
|||
ZDI-CAN-1293 |
RealNetworks |
CVE-2012-0926 |
9.0 |
2012-06-06 |
RealNetworks RealPlayer RV10 Encoded Height/Width Remote Code Execution Vulnerability |
|||
ZDI-CAN-1476 |
Oracle |
7.5 |
2012-06-06 |
Oracle Java OpenAL Library Pointer Manipulation Remote Code Execution Vulnerability |
||||
ZDI-CAN-1475 |
Oracle |
7.5 |
2012-06-06 |
Oracle Java OpenGL Arbitrary Native Library Loading Remote Code Execution Vulnerability |
||||
ZDI-CAN-1474 |
Oracle |
7.5 |
2012-06-06 |
Oracle Java GlueGen Arbitrary Native Library Loading Remote Code Execution Vulnerability |
||||
ZDI-CAN-1470 |
Adobe |
CVE-2012-0754 |
7.5 |
2012-06-06 |
Adobe Flash Player MP4 Stream Decoding Remote Code Execution Vulnerability |
|||
ZDI-CAN-1460 |
Apple |
CVE-2012-0665 |
7.5 |
2012-06-06 |
Apple QuickTime H264 Picture Width Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1440 |
Apple |
CVE-2012-0669 |
7.5 |
2012-06-06 |
Apple QuickTime SVQ3 Codec mb_skip_run Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1422 |
Apple |
CVE-2012-0667 |
7.5 |
2012-06-06 |
Apple QuickTime QTVR QTVRStringAtom Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1376 |
Apple |
CVE-2012-0659 |
7.5 |
2012-06-06 |
Apple QuickTime MPEG Stream Padding Remote Code Execution Vulnerability |
|||
ZDI-CAN-1370 |
Apple |
CVE-2012-0668 |
7.5 |
2012-06-06 |
Apple QuickTime RLE Sample Decoding Remote Code Execution Vulnerability |
|||
ZDI-CAN-1399 |
Oracle |
7.5 |
2012-04-19 |
Oracle Forms Recognition CroScPlt.dll ActiveX Control Remote Code Execution Vulnerabilty |
||||
ZDI-CAN-1356 |
Oracle |
7.5 |
2012-04-19 |
Oracle WebCenter Forms Recognition Sssplt30.ocx ActiveX Control Remote Code Execution Vulnerabilty |
||||
ZDI-CAN-1530 |
Samba |
CVE-2012-1182 |
10.0 |
2012-04-18 |
Samba ReportEventW Heap Overflow Remote Code Execution Vulnerability |
|||
ZDI-CAN-1505 |
Samba |
CVE-2012-1182 |
10.0 |
2012-04-18 |
Samba ndr_ValidatePassword heap overflow Remote Code Execution Vulnerability |
|||
ZDI-CAN-1506 |
Samba |
CVE-2012-1182 |
10.0 |
2012-04-18 |
Samba lsa_LookupNames Heap Overflow Remote Code Execution Vulnerability |
|||
ZDI-CAN-1504 |
Samba |
CVE-2012-1182 |
10.0 |
2012-04-18 |
Samba SetInfoPolicy AuditEventsInfo Remote Code Execution Vulnerability |
|||
ZDI-CAN-1503 |
Samba |
CVE-2012-1182 |
10.0 |
2012-04-18 |
Samba GetAliasMembership SidArray Remote Code Execution Vulnerability |
|||
ZDI-CAN-1484 |
WebKit.Org |
CVE-2012-0592 |
7.5 |
2012-04-18 |
WebKit.org Webkit Array.Splice Remote Code Execution Vulnerability |
|||
ZDI-CAN-1479 |
Microsoft |
7.5 |
2012-04-18 |
Internet Explorer CTagFactory Use-After-Free Remote Code Execution Vulnerability |
||||
ZDI-CAN-1471 |
Microsoft |
7.5 |
2012-04-18 |
Microsoft Internet Explorer selectAll Use-After-Free Remote Code Execution Vulnerability |
||||
ZDI-CAN-1539 |
Samba |
CVE-2012-1182 |
10.0 |
2012-04-18 |
Samba NDR PULL DFS EnumArray1 Heap Overflow Remote Code Execution Vulnerability |
|||
ZDI-CAN-1537 |
Samba |
CVE-2012-1182 |
10.0 |
2012-04-18 |
Samba NDR PULL SVCCTL StartServiceW Heap Overflow Remote Code Execution Vulnerability |
|||
ZDI-CAN-1538 |
Samba |
CVE-2012-1182 |
10.0 |
2012-04-18 |
Samba NDR PULL LSA TrustDomainInfoControllers Heap Overflow Remote Code Execution Vulnerability |
|||
ZDI-CAN-1540 |
Samba |
CVE-2012-1182 |
10.0 |
2012-04-18 |
Samba ndr_pull_dfs_Info3 Heap Overflow Remote Code Execution Vulnerability |
|||
ZDI-CAN-1496 |
Oracle |
CVE-2012-0498 |
7.5 |
2012-04-09 |
Oracle Java Runtime readMabCurveData nTblSize Remote Code Execution Vulnerability |
|||
ZDI-CAN-1477 |
Mozilla |
CVE-2012-0444 |
7.5 |
2012-04-09 |
Mozilla Firefox Ogg Vorbis Decoding Memory Corruption Remote Code Execution Vulnerability |
|||
ZDI-CAN-1372 |
Apple |
CVE-2011-3460 |
7.5 |
2012-04-09 |
Apple Quicktime PNG Depth Decoding Remote Code Execution Vulnerability |
|||
ZDI-CAN-1548 |
Adobe |
9.0 |
2012-04-09 |
(Pwn2Own) Adobe Flash Player NetStream addBytes Remote Code Execution Vulnerability |
||||
ZDI-CAN-1414 |
Mozilla |
CVE-2011-3658 |
7.5 |
2012-04-09 |
Mozilla Firefox nsSVGValue Out-of-Bounds Access Remote Code Execution Vulnerability |
|||
ZDI-CAN-1415 |
WebKit.Org |
CVE-2011-3928 |
7.5 |
2012-04-09 |
Webkit.org Webkit copyNonAttributeProperties Remote Code Execution Vulnerability |
|||
ZDI-CAN-1283 |
WebKit.Org |
CVE-2011-2825 |
7.5 |
2012-03-26 |
Webkit fontface Invalid Font Family Remote Code Execution Vulnerability |
|||
ZDI-CAN-1284 |
RealNetworks |
CVE-2011-4249 |
7.5 |
2012-03-26 |
RealNetworks RealPlayer RV30 Sample Arbitrary Index Remote Code Execution Vulnerability |
|||
ZDI-CAN-1192 |
Flexera Software |
10.0 |
2012-03-26 |
FlexNet License Server Manager lmgrd Remote Code Execution Vulnerability |
||||
ZDI-CAN-1286 |
RealNetworks |
CVE-2011-4254 |
7.5 |
2012-03-22 |
RealNetworks RealPlayer RTSP SETUP Request Remote Code Execution Vulnerability |
|||
ZDI-CAN-1319 |
RealNetworks |
CVE-2011-4262 |
7.5 |
2012-03-22 |
RealNetworks RealPlayer mp4fformat rdrf Remote Code Execution Vulnerability |
|||
ZDI-CAN-1359 |
RealNetworks |
CVE-2012-0927 |
9.0 |
2012-03-22 |
RealNetworks RealPlayer RealAudio coded_frame_size Remote Code Execution |
|||
ZDI-CAN-1368 |
RealNetworks |
CVE-2012-0924 |
9.0 |
2012-03-22 |
RealNetworks RealPlayer VIDOBJ_START_CODE Remote Code Execution Vulnerability |
|||
ZDI-CAN-1362 |
Adobe |
CVE-2012-0754 |
9.0 |
2012-03-22 |
Adobe Flash ASconstructor Function Call Remote Code Execution Vulnerability |
|||
ZDI-CAN-1276 |
RealNetworks |
CVE-2011-4257 |
7.5 |
2012-03-20 |
RealNetworks RealPlayer Cook Codec Channel Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1490 |
Oracle |
9.0 |
2012-03-20 |
Oracle Java JOGL NEWT Reflection Remote Code Execution Vulnerability |
||||
ZDI-CAN-1320 |
Microsoft |
CVE-2012-0002 |
10.0 |
2012-03-15 |
Microsoft Remote Desktop Protocol Channel Abort Condition Remote Code Execution Vulnerability |
|||
ZDI-CAN-1221 |
Libtiff |
CVE-2012-1173 |
7.5 |
2012-03-13 |
LibTIFF TileSize Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1247 |
Adobe |
CVE-2011-2113 |
9.0 |
2012-03-01 |
Adobe Shockwave iml32.dll DEMX Remote Code Execution Vulnerability |
|||
ZDI-CAN-1328 |
IBM |
CVE-2012-0198, CVE-2012-0199 |
10.0 |
2012-03-01 |
IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1 Multiple Remote Code Execution Vulnerabilities |
|||
ZDI-CAN-1410 |
Oracle |
9.0 |
2012-02-22 |
Oracle Java Web Start java-vm-args Command Argument Injection Remote Code Execution |
||||
ZDI-CAN-1453 |
Oracle |
7.5 |
2012-02-22 |
Oracle Java JavaFX Arbitrary Argument Remote Code Execution Vulnerability |
||||
ZDI-CAN-1407 |
Oracle |
7.5 |
2012-02-22 |
Oracle Java Web Start JNLP Double Quote Remote Code Execution Vulnerability |
||||
ZDI-CAN-1457 |
Microsoft |
CVE-2012-0155 |
7.5 |
2012-02-22 |
Microsoft Internet Explorer VML CDispScroller Remote Code Execution Vulnerability |
|||
ZDI-CAN-1299 |
Microsoft |
CVE-2012-0011 |
9.0 |
2012-02-22 |
Microsoft Internet Explorer CDispNode t:MEDIA Remote Code Execution Vulnerability |
|||
ZDI-CAN-1400 |
Microsoft |
CVE-2012-0150 |
7.5 |
2012-02-22 |
Microsoft Windows Media Player ASX Meta-File Parsing Remote Code Execution Vulnerability |
|||
ZDI-CAN-1260 |
ABB |
10.0 |
2012-02-22 |
ABB WebWare RobNetScanHost.exe Remote Code Execution Vulnerability |
||||
ZDI-CAN-1353 |
Oracle |
7.5 |
2012-02-22 |
Oracle Java Runtime Environment readMabCurveData Integer Overflow Remote Code Execution Vulnerability |
||||
ZDI-CAN-1354 |
Novell |
CVE-2011-4194 |
9.0 |
2012-02-08 |
Novell iPrint Server attributes-natural-language Remote Code Execution Vulnerability |
|||
ZDI-CAN-1246 |
IBM |
CVE-2011-1388 |
9.0 |
2012-02-08 |
IBM Rational Rhapsody BBFlashBack.Recorder.1 TestCompatibilityRecordMode Remote Code Execution Vulnerability |
|||
ZDI-CAN-1245 |
IBM |
CVE-2011-1391 |
9.0 |
2012-02-08 |
IBM Rational Rhapsody BBFlashBack.Recorder.1 InsertMarker Remote Code Execution Vulnerability |
|||
ZDI-CAN-1288 |
IBM |
CVE-2011-1392 |
9.0 |
2012-02-08 |
IBM Rational Rhapsody BBFlashBack.FBRecorder.1 Control Multiple Remote Code Execution Vulnerabilities |
|||
ZDI-CAN-1307 |
IBM |
CVE-2012-0189 |
7.5 |
2012-02-08 |
IBM SPSS VsVIEW6.ocx ActiveX Control SaveDoc Method Remote Code Execution Vulnerability |
|||
ZDI-CAN-1298 |
IBM |
CVE-2012-0190 |
7.5 |
2012-02-08 |
IBM SPSS ExportHTML.dll ActiveX Control Render Method Remote Code Execution Vulnerability |
|||
ZDI-CAN-1451 |
EMC |
CVE-2012-0395 |
10.0 |
2012-02-08 |
EMC Networker indexd.exe Opcode 0x01 Parsing Remote Code Execution |
|||
ZDI-CAN-1180 |
Total Defense |
7.5 |
2012-02-08 |
Total Defense Suite UNC Management Web Service uncsp_ViewReportsHomepage SQL Injection Vulnerability |
||||
ZDI-CAN-1123 |
Total Defense |
7.5 |
2012-02-08 |
Total Defense Suite UNC Management Web Service Database Credentials Disclosure Vulnerability |
||||
ZDI-CAN-1121 |
Total Defense |
10.0 |
2012-02-08 |
Total Defense Suite UNC Management Console ExportReport SQL Injection Vulnerability |
||||
ZDI-CAN-1426 |
Adobe |
CVE-2011-4373 |
7.5 |
2012-02-08 |
Adobe Reader BMP Resource Signedness Remote Code Execution Vulnerability |
|||
ZDI-CAN-1297 |
IBM |
CVE-2012-0189 |
7.5 |
2012-01-30 |
IBM SPSS VsVIEW6.ocx ActiveX Control Multiple Methods Remote Code Execution Vulnerability |
|||
ZDI-CAN-1295 |
IBM |
CVE-2012-0188 |
7.5 |
2012-01-30 |
IBM SPSS mraboutb.dll ActiveX Control SetLicenseInfoEx Method Remote Code Execution Vulnerability |
|||
ZDI-CAN-1273 |
Symantec |
CVE-2011-3478 |
9.7 |
2012-01-25 |
Symantec PCAnywhere awhost32 Remote Code Execution Vulnerability |
|||
ZDI-CAN-1306 |
Oracle |
9.7 |
2012-01-20 |
Oracle Outside In OOXML Relationship Tag Parsing Remote Code Execution Vulnerability |
||||
ZDI-CAN-1259 |
Hewlett-Packard |
CVE-2011-4789 |
10.0 |
2012-01-12 |
(0Day) HP Diagnostics Server magentservice.exe Remote Code Execution Vulnerability |
|||
ZDI-CAN-1243 |
Hewlett-Packard |
CVE-2011-4788 |
9.0 |
2012-01-12 |
(0Day) HP StorageWorks P2000 G3 Directory Traversal and Default Account Vulnerabilities |
|||
ZDI-CAN-1117 |
Hewlett-Packard |
CVE-2011-4787 |
9.0 |
2012-01-12 |
HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution Vulnerability |
|||
ZDI-CAN-1093 |
Hewlett-Packard |
CVE-2011-4786 |
9.0 |
2012-01-12 |
HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution Vulnerability |
|||
ZDI-CAN-1094 |
McAfee |
9.0 |
2012-01-12 |
(0Day) McAfee SaaS myCIOScn.dll ShowReport Method Remote Command Execution |
||||
ZDI-CAN-1206 |
Novell |
10.0 |
2012-01-10 |
Novell Netware XNFS caller_name xdrDecodeString Remote Code Execution Vulnerability |
||||
ZDI-CAN-1290 |
Citrix |
10.0 |
2012-01-10 |
Citrix Provisioning Services Stream Service 0x40020006 Remote Code Execution Vulnerability |
||||
ZDI-CAN-1291 |
Citrix |
10.0 |
2012-01-10 |
Citrix Provisioning Services Stream Service 0x40020000 Remote Code Execution Vulnerability |
||||
ZDI-CAN-1188 |
Citrix |
10.0 |
2012-01-10 |
Citrix Provisioning Services streamprocess.exe vDisk Name Parsing Remote Code Execution Vulnerability |
||||
ZDI-CAN-1269 |
Novell |
10.0 |
2012-01-05 |
Novell Netware XNFS.NLM STAT Notify Remote Code Execution Vulnerability |
||||
ZDI-CAN-1268 |
Novell |
10.0 |
2012-01-05 |
Novell Netware XNFS.NLM NFS Rename Remote Code Execution Vulnerability |
||||
ZDI-CAN-1378 |
Apple |
CVE-2011-3248 |
7.5 |
2012-01-05 |
Apple Quicktime RLE BGRA Decoding Remote Code Execution Vulnerability |
|||
ZDI-CAN-1184 |
Apple |
CVE-2011-3250 |
7.5 |
2012-01-05 |
Apple Quicktime JPEG2000 COD Remote Code Execution Vulnerability |
|||
ZDI-CAN-1209 |
Hewlett-Packard |
CVE-2011-3166 |
10.0 |
2012-01-05 |
HP OpenView NNM webappmon.exe parameter Remote Code Execution Vulnerability |
|||
ZDI-CAN-1210 |
Hewlett-Packard |
CVE-2011-3167 |
10.0 |
2012-01-05 |
HP OpenView NNM ov.dll _OVBuildPath Remote Code Execution Vulnerability |
|||
ZDI-CAN-1067 |
Hewlett-Packard |
CVE-2011-4169 |
9.0 |
2012-01-05 |
HP Managed Printing Administration img_id Multiple Vulnerabilities |