| ZDI-24-966 |
ZDI-CAN-23533 |
Docker |
CVE-2024-5652 |
6.1 |
2024-07-26 |
2024-07-26 |
Docker Desktop Daemon CLI External Control of File Path Denial-of-Service Vulnerability |
| ZDI-24-965 |
ZDI-CAN-23325 |
Apple |
CVE-2024-27829 |
8.8 |
2024-07-26 |
2024-07-26 |
Apple macOS VideoToolbox Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-964 |
ZDI-CAN-23904 |
Autodesk |
CVE-2024-23147 |
7.8 |
2024-07-25 |
2024-07-25 |
Autodesk AutoCAD STEP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-963 |
ZDI-CAN-23840 |
Autodesk |
CVE-2024-23146 |
7.8 |
2024-07-25 |
2024-07-25 |
Autodesk AutoCAD X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-962 |
ZDI-CAN-23830 |
Autodesk |
CVE-2024-23146 |
7.8 |
2024-07-25 |
2024-07-25 |
Autodesk AutoCAD X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-961 |
ZDI-CAN-23772 |
Autodesk |
CVE-2024-23147 |
7.8 |
2024-07-25 |
2024-07-25 |
Autodesk AutoCAD X_B File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-960 |
ZDI-CAN-23846 |
Autodesk |
CVE-2024-23152 |
7.8 |
2024-07-25 |
2024-07-25 |
Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-959 |
ZDI-CAN-23839 |
Autodesk |
CVE-2024-37007 |
7.8 |
2024-07-25 |
2024-07-25 |
Autodesk AutoCAD X_T File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-958 |
ZDI-CAN-23829 |
Autodesk |
CVE-2024-37005 |
7.8 |
2024-07-25 |
2024-07-25 |
Autodesk AutoCAD X_T File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-957 |
ZDI-CAN-22831 |
Comodo |
|
7.8 |
2024-07-23 |
2024-07-23 |
(0Day) Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-956 |
ZDI-CAN-22832 |
Comodo |
|
7.8 |
2024-07-23 |
2024-07-23 |
(0Day) Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-955 |
ZDI-CAN-22829 |
Comodo |
|
7.8 |
2024-07-23 |
2024-07-23 |
(0Day) Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-954 |
ZDI-CAN-21794 |
Comodo |
|
7.8 |
2024-07-23 |
2024-07-23 |
(0Day) Comodo Firewall Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-953 |
ZDI-CAN-19055 |
Comodo |
|
7.8 |
2024-07-23 |
2024-07-23 |
(0Day) Comodo Internet Security Pro Directory Traversal Local Privilege Escalation Vulnerability |
| ZDI-24-952 |
ZDI-CAN-23926 |
Delta Electronics |
CVE-2024-39881 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-951 |
ZDI-CAN-23925 |
Delta Electronics |
CVE-2024-39883 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-950 |
ZDI-CAN-23924 |
Delta Electronics |
CVE-2024-39881 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-949 |
ZDI-CAN-23923 |
Delta Electronics |
CVE-2024-39883 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-948 |
ZDI-CAN-23920 |
Delta Electronics |
CVE-2024-39882 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-947 |
ZDI-CAN-23919 |
Delta Electronics |
CVE-2024-39881 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-946 |
ZDI-CAN-23918 |
Delta Electronics |
CVE-2024-39881 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-945 |
ZDI-CAN-23917 |
Delta Electronics |
CVE-2024-39881 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-944 |
ZDI-CAN-23916 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-943 |
ZDI-CAN-23915 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-942 |
ZDI-CAN-23914 |
Delta Electronics |
CVE-2024-39882 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-941 |
ZDI-CAN-23842 |
Delta Electronics |
CVE-2024-39881 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-940 |
ZDI-CAN-23841 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-939 |
ZDI-CAN-23832 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-938 |
ZDI-CAN-23831 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-937 |
ZDI-CAN-23811 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-936 |
ZDI-CAN-23809 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-935 |
ZDI-CAN-23807 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-934 |
ZDI-CAN-23770 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-933 |
ZDI-CAN-23769 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-932 |
ZDI-CAN-23767 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-931 |
ZDI-CAN-23766 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-930 |
ZDI-CAN-23765 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-929 |
ZDI-CAN-23764 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-928 |
ZDI-CAN-23763 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-927 |
ZDI-CAN-23648 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-926 |
ZDI-CAN-23581 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-925 |
ZDI-CAN-23580 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-924 |
ZDI-CAN-23579 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 ALM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-923 |
ZDI-CAN-23578 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 ALM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-922 |
ZDI-CAN-23577 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 CMT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-921 |
ZDI-CAN-23576 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 ALM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-920 |
ZDI-CAN-23575 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 ALM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-919 |
ZDI-CAN-23574 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 ALM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-918 |
ZDI-CAN-23573 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 ALM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-917 |
ZDI-CAN-23572 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-07-22 |
Delta Electronics CNCSoft-G2 ALM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-916 |
ZDI-CAN-23061 |
SolarWinds |
CVE-2024-23475 |
10.0 |
2024-07-18 |
2024-07-18 |
SolarWinds Access Rights Manager AddReportResult Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability |
| ZDI-24-915 |
ZDI-CAN-23062 |
SolarWinds |
CVE-2024-23472 |
10.0 |
2024-07-18 |
2024-07-18 |
SolarWinds Access Rights Manager AddGeneratedReport Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability |
| ZDI-24-914 |
ZDI-CAN-23063 |
SolarWinds |
CVE-2024-23474 |
8.6 |
2024-07-18 |
2024-07-18 |
SolarWinds Access Rights Manager deleteTransferFile Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability |
| ZDI-24-913 |
ZDI-CAN-23060 |
SolarWinds |
CVE-2024-23468 |
8.6 |
2024-07-18 |
2024-07-18 |
SolarWinds Access Rights Manager deleteTransferFile Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability |
| ZDI-24-912 |
ZDI-CAN-23039 |
SolarWinds |
CVE-2024-23469 |
10.0 |
2024-07-18 |
2024-07-18 |
SolarWinds Access Rights Manager EndUpdate Exposed Dangerous Method Remote Code Execution Vulnerability |
| ZDI-24-911 |
ZDI-CAN-22712 |
SolarWinds |
CVE-2024-23470 |
10.0 |
2024-07-18 |
2024-07-18 |
SolarWinds Access Rights Manager UserScriptHumster Exposed Dangerous Method Remote Command Execution Vulnerability |
| ZDI-24-910 |
ZDI-CAN-22711 |
SolarWinds |
CVE-2024-23471 |
10.0 |
2024-07-18 |
2024-07-18 |
SolarWinds Access Rights Manager CreateFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-909 |
ZDI-CAN-22697 |
SolarWinds |
CVE-2024-23467 |
10.0 |
2024-07-18 |
2024-07-18 |
SolarWinds Access Rights Manager ExpandZipFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-908 |
ZDI-CAN-22681 |
SolarWinds |
CVE-2024-23466 |
10.0 |
2024-07-18 |
2024-07-18 |
SolarWinds Access Rights Manager Connect Method Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-907 |
ZDI-CAN-23053 |
SolarWinds |
CVE-2024-23465 |
9.0 |
2024-07-18 |
2024-07-18 |
SolarWinds Access Rights Manager ChangeHumster Exposed Dangerous Method Authentication Bypass Vulnerability |
| ZDI-24-906 |
ZDI-CAN-22554 |
SolarWinds |
CVE-2024-28074 |
10.0 |
2024-07-18 |
2024-07-18 |
SolarWinds Access Rights Manager createGlobalServerChannelInternal Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-905 |
ZDI-CAN-23515 |
SolarWinds |
CVE-2024-28992 |
8.6 |
2024-07-18 |
2024-07-18 |
SolarWinds Access Rights Manager deleteTransferFile Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability |
| ZDI-24-904 |
ZDI-CAN-23273 |
IrfanView |
CVE-2024-6812 |
7.8 |
2024-07-18 |
2024-07-18 |
IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-903 |
ZDI-CAN-24192 |
IrfanView |
CVE-2024-6811 |
7.8 |
2024-07-18 |
2024-07-18 |
IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-902 |
ZDI-CAN-23207 |
NETGEAR |
CVE-2024-6813 |
8.8 |
2024-07-18 |
2024-07-18 |
NETGEAR ProSAFE Network Management System getSortString SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-901 |
ZDI-CAN-23399 |
NETGEAR |
CVE-2024-6814 |
8.8 |
2024-07-18 |
2024-07-18 |
NETGEAR ProSAFE Network Management System getFilterString SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-900 |
ZDI-CAN-19105 |
Parse |
CVE-2024-27298 |
8.6 |
2024-07-16 |
2024-07-16 |
Parse Server literalizeRegexPart SQL Injection Information Disclosure Vulnerability |
| ZDI-24-899 |
ZDI-CAN-23078 |
Centreon |
CVE-2024-39841 |
8.8 |
2024-07-15 |
2024-07-15 |
Centreon testServiceExistence SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-898 |
ZDI-CAN-23314 |
ESET |
CVE-2024-2003 |
7.3 |
2024-06-22 |
2024-07-05 |
ESET Smart Security Premium Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-897 |
ZDI-CAN-22968 |
Trend Micro |
CVE-2024-39753 |
7.5 |
2024-07-05 |
2024-07-05 |
Trend Micro Apex One modOSCE SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-896 |
ZDI-CAN-23894 |
Parse |
CVE-2024-39309 |
9.8 |
2024-07-03 |
2024-07-03 |
Parse Server literalizeRegexPart SQL Injection Authentication Bypass Vulnerability |
| ZDI-24-895 |
ZDI-CAN-22319 |
Progress Software |
CVE-2024-5008 |
8.8 |
2024-07-03 |
2024-07-03 |
Progress Software WhatsUp Gold APM Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-24-894 |
ZDI-CAN-23913 |
Progress Software |
CVE-2024-4884 |
9.8 |
2024-07-03 |
2024-07-03 |
Progress Software WhatsUp Gold CommunityController Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-24-893 |
ZDI-CAN-24003 |
Progress Software |
CVE-2024-4885 |
9.8 |
2024-07-03 |
2024-07-03 |
Progress Software WhatsUp Gold GetFileWithoutZip Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-892 |
ZDI-CAN-23663 |
Progress Software |
CVE-2024-4883 |
9.8 |
2024-07-03 |
2024-07-03 |
Progress Software WhatsUp Gold WriteDataFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-891 |
ZDI-CAN-23668 |
Progress Software |
CVE-2024-5016 |
7.2 |
2024-07-03 |
2024-07-03 |
Progress Software WhatsUp Gold OnMessage Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-890 |
ZDI-CAN-23670 |
Progress Software |
CVE-2024-5015 |
7.1 |
2024-07-03 |
2024-07-03 |
Progress Software WhatsUp Gold SessionControler Server-Side Request Forgery Information Disclosure Vulnerability |
| ZDI-24-889 |
ZDI-CAN-23869 |
Progress Software |
CVE-2024-5013 |
7.5 |
2024-07-03 |
2024-07-03 |
Progress Software WhatsUp Gold InstallController Denial-of-Service Vulnerability |
| ZDI-24-888 |
ZDI-CAN-23659 |
Progress Software |
CVE-2024-5015 |
7.5 |
2024-07-03 |
2024-07-03 |
Progress Software WhatsUp Gold Missing Authentication GetWindowsCredential Information Disclosure Vulnerability |
| ZDI-24-887 |
ZDI-CAN-23564 |
Progress Software |
CVE-2024-5014 |
7.1 |
2024-07-03 |
2024-07-03 |
Progress Software WhatsUp Gold GetASPReport Server-Side Request Forgery Information Disclosure Vulnerability |
| ZDI-24-886 |
ZDI-CAN-24004 |
Progress Software |
CVE-2024-5009 |
8.4 |
2024-07-03 |
2024-07-03 |
Progress Software WhatsUp Gold SetAdminPassword Improper Access Control Privilege Escalation Vulnerability |
| ZDI-24-885 |
ZDI-CAN-23760 |
Progress Software |
CVE-2024-5018 |
5.3 |
2024-07-03 |
2024-07-03 |
Progress Software WhatsUp Gold LoadUsingBasePath Directory Traversal Information Disclosure Vulnerability |
| ZDI-24-884 |
ZDI-CAN-23874 |
Progress Software |
CVE-2024-5019 |
5.3 |
2024-07-03 |
2024-07-03 |
Progress Software WhatsUp Gold LoadCSSUsingBasePath Directory Traversal Information Disclosure Vulnerability |
| ZDI-24-883 |
ZDI-CAN-21408 |
Zen Cart |
CVE-2024-5762 |
8.1 |
2024-06-26 |
2024-07-01 |
Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability |
| ZDI-24-882 |
ZDI-CAN-20007 |
VMware |
CVE-2024-37087 |
5.3 |
2024-06-25 |
2024-07-01 |
VMware vCenter Server Appliance License Server Uncontrolled Memory Allocation Denial-of-Service Vulnerability |
| ZDI-24-881 |
ZDI-CAN-23318 |
Ubiquiti Networks |
CVE-2024-29206 |
8.0 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Ubiquiti Networks EV Station setDebugPortEnabled Exposed Dangerous Method Remote Code Execution Vulnerability |
| ZDI-24-880 |
ZDI-CAN-23187 |
Ubiquiti Networks |
CVE-2024-29207 |
6.3 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Ubiquiti Networks EV Station EVCLauncher Improper Certificate Validation Vulnerability |
| ZDI-24-879 |
ZDI-CAN-23186 |
Ubiquiti Networks |
CVE-2024-29208 |
8.8 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Ubiquiti Networks EV Station changeUserPassword Missing Authentication Remote Code Execution Vulnerability |
| ZDI-24-878 |
ZDI-CAN-23319 |
Sony |
CVE-2024-23922 |
6.8 |
2024-06-21 |
2024-07-01 |
Sony XAV-AX5500 Insufficient Verification of Data Authenticity Remote Code Execution Vulnerability |
| ZDI-24-877 |
ZDI-CAN-23238 |
Sony |
CVE-2024-23933 |
6.8 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Sony XAV-AX5500 CarPlay TLV Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-876 |
ZDI-CAN-23185 |
Sony |
CVE-2024-23972 |
6.8 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Sony XAV-AX5500 USB Configuration Descriptor Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-875 |
ZDI-CAN-22994 |
Sony |
CVE-2024-23934 |
8.8 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-874 |
ZDI-CAN-22939 |
Sony |
CVE-2024-23922 |
6.8 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Sony XAV-AX5500 Insufficient Firmware Update Validation Remote Code Execution Vulnerability |
| ZDI-24-873 |
ZDI-CAN-23396 |
Silicon Labs |
CVE-2024-23973 |
8.8 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Silicon Labs Gecko OS HTTP GET Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-872 |
ZDI-CAN-23392 |
Silicon Labs |
CVE-2024-24737 |
6.5 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Silicon Labs Gecko OS DNS Response Processing Infinite Loop Denial-of-Service Vulnerability |
| ZDI-24-871 |
ZDI-CAN-23245 |
Silicon Labs |
CVE-2024-24736 |
8.8 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Silicon Labs Gecko OS HTTP Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-870 |
ZDI-CAN-23226 |
Silicon Labs |
CVE-2024-24731 |
7.5 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Silicon Labs Gecko OS http_download Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-869 |
ZDI-CAN-23189 |
Silicon Labs |
CVE-2024-23937 |
4.3 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Silicon Labs Gecko OS Debug Interface Format String Information Disclosure Vulnerability |
| ZDI-24-868 |
ZDI-CAN-23184 |
Silicon Labs |
CVE-2024-23938 |
8.8 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-867 |
ZDI-CAN-24096 |
Phoenix Contact |
CVE-2024-25994 |
5.3 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 CharxUpdateAgent Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-24-866 |
ZDI-CAN-24095 |
Phoenix Contact |
CVE-2024-26004 |
6.5 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 CANopenDevice Null Pointer Dereference Denial-of-Service Vulnerability |
| ZDI-24-865 |
ZDI-CAN-21407 |
Phoenix Contact |
CVE-2024-25999 |
7.8 |
2024-06-21 |
2024-07-01 |
Phoenix Contact CHARX SEC-3100 charx_pack_logs Improper Input Validation Local Privilege Escalation Vulnerability |
| ZDI-24-864 |
ZDI-CAN-23320 |
Phoenix Contact |
CVE-2024-25998 |
7.5 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 OCPP Protocol UpdateFirmware Command Injection Remote Code Execution Vulnerability |
| ZDI-24-863 |
ZDI-CAN-23305 |
Phoenix Contact |
CVE-2024-26002 |
7.8 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 plctool Improper Privilege Management Local Privilege Escalation Vulnerability |
| ZDI-24-862 |
ZDI-CAN-23304 |
Phoenix Contact |
CVE-2024-26001 |
5.0 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 MQTT Protocol JSON Parsing Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-861 |
ZDI-CAN-23303 |
Phoenix Contact |
CVE-2024-26005 |
8.8 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 ClientSession Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-860 |
ZDI-CAN-23244 |
Phoenix Contact |
CVE-2024-26003 |
4.3 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 HomePlug Protocol Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-859 |
ZDI-CAN-23239 |
Phoenix Contact |
CVE-2024-26000 |
4.3 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 MTQQ Protocol JSON Parsing Type Confusion Information Disclosure Vulnerability |
| ZDI-24-858 |
ZDI-CAN-23225 |
Phoenix Contact |
CVE-2024-26288 |
6.3 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 OCPP Protocol Missing Encryption Authentication Bypass Vulnerability |
| ZDI-24-857 |
ZDI-CAN-23221 |
Phoenix Contact |
CVE-2024-25996 |
5.0 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 Improper Access Control Firewall Bypass Vulnerability |
| ZDI-24-856 |
ZDI-CAN-23158 |
Phoenix Contact |
CVE-2024-25995 |
7.5 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 Config Manager Improper Input Validation Remote Code Execution Vulnerability |
| ZDI-24-855 |
ZDI-CAN-23321 |
Phoenix Contact |
CVE-2024-25997 |
3.1 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 OCPP Protocol Improper Log Output Neutralization Remote Code Execution Vulnerability |
| ZDI-24-854 |
ZDI-CAN-23241 |
Autel |
CVE-2024-23957 |
8.8 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Autel MaxiCharger AC Elite Business C50 DLB_HostHeartBeat Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-853 |
ZDI-CAN-23230 |
Autel |
CVE-2024-23967 |
8.0 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-852 |
ZDI-CAN-23196 |
Autel |
CVE-2024-23958 |
6.5 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass Vulnerability |
| ZDI-24-851 |
ZDI-CAN-23194 |
Autel |
CVE-2024-23959 |
8.0 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Autel MaxiCharger AC Elite Business C50 BLE AppChargingControl Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-850 |
ZDI-CAN-23312 |
Alpine |
CVE-2024-23963 |
8.0 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Alpine Halo9 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-849 |
ZDI-CAN-23306 |
Alpine |
CVE-2024-23961 |
6.8 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Alpine Halo9 UPDM_wemCmdUpdFSpeDecomp Command Injection Remote Code Execution Vulnerability |
| ZDI-24-848 |
ZDI-CAN-23249 |
Alpine |
CVE-2024-23935 |
8.0 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-847 |
ZDI-CAN-23246 |
Alpine |
CVE-2024-23962 |
5.3 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Alpine Halo9 Missing Authentication Information Disclosure Vulnerability |
| ZDI-24-846 |
ZDI-CAN-23105 |
Alpine |
CVE-2024-23924 |
6.8 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Alpine Halo9 UPDM_wemCmdCreatSHA256Hash Command Injection Remote Code Execution Vulnerability |
| ZDI-24-845 |
ZDI-CAN-23102 |
Alpine |
CVE-2024-23960 |
4.6 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Alpine Halo9 Improper Verification of Cryptographic Signature Vulnerability |
| ZDI-24-844 |
ZDI-CAN-22945 |
Alpine |
CVE-2024-23923 |
8.8 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Alpine Halo9 prh_l2_sar_data_ind Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-843 |
ZDI-CAN-22273 |
Linux |
|
7.1 |
2024-06-21 |
2024-07-01 |
Linux Kernel USB/IP VHCI Driver Race Condition Privilege Escalation Vulnerability |
| ZDI-24-842 |
ZDI-CAN-22579 |
Linux |
CVE-2023-6200 |
8.3 |
2024-06-21 |
2024-07-01 |
Linux Kernel ICMPv6 Router Advertisement Race Condition Remote Code Execution Vulnerability |
| ZDI-24-841 |
ZDI-CAN-21491 |
Zope |
|
7.5 |
2024-06-21 |
2024-07-01 |
(0Day) Zope CMFCore Uncontrolled Resource Consumption Denial-of-Service Vulnerability |
| ZDI-24-840 |
ZDI-CAN-22419 |
Wyze |
CVE-2024-6249 |
8.8 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Wyze Cam v3 TCP Traffic Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-839 |
ZDI-CAN-22393 |
Wyze |
CVE-2024-6248 |
7.5 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Wyze Cam v3 Cloud Infrastructure Improper Authentication Remote Code Execution Vulnerability |
| ZDI-24-838 |
ZDI-CAN-22337 |
Wyze |
CVE-2024-6247 |
6.8 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Wyze Cam v3 Wi-Fi SSID OS Command Injection Remote Code Execution Vulnerability |
| ZDI-24-837 |
ZDI-CAN-22310 |
Wyze |
CVE-2024-6246 |
9.6 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Wyze Cam v3 Realtek Wi-Fi Driver Heap-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-836 |
ZDI-CAN-22461 |
Synology |
|
6.8 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Synology BC500 update_ntp_config Command Injection Remote Code Execution Vulnerability |
| ZDI-24-835 |
ZDI-CAN-22460 |
Synology |
CVE-2024-39352 |
6.8 |
2024-06-21 |
2024-07-11 |
(Pwn2Own) Synology BC500 Protection Mechanism Failure Software Downgrade Vulnerability |
| ZDI-24-834 |
ZDI-CAN-22311 |
Synology |
CVE-2024-39350 |
7.8 |
2024-06-21 |
2024-07-11 |
(Pwn2Own) Synology BC500 Improper Compartmentalization Local Privilege Escalation Vulnerability |
| ZDI-24-833 |
ZDI-CAN-22418 |
Synology |
CVE-2024-39349 |
8.8 |
2024-06-21 |
2024-07-11 |
(Pwn2Own) Synology BC500 synocam_param.cgi Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-832 |
ZDI-CAN-22430 |
Synology |
CVE-2024-39347 |
6.6 |
2024-06-21 |
2024-07-11 |
(Pwn2Own) Synology RT6600ax Improper Access Control Firewall Bypass Vulnerability |
| ZDI-24-831 |
ZDI-CAN-22404 |
Samsung |
|
8.8 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Samsung Galaxy S23 Galaxy Store Deeplink Permissive List of Allowed Inputs Remote Code Execution Vulnerability |
| ZDI-24-830 |
ZDI-CAN-22368 |
Samsung |
CVE-2023-42581 |
8.8 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Samsung Galaxy S23 Instant Plays Improper Input Validation Remote Code Execution Vulnerability |
| ZDI-24-829 |
ZDI-CAN-22409 |
Samsung |
|
8.8 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Samsung Galaxy S23 McsWebViewActivity Permissive List of Allowed Inputs Remote Code Execution Vulnerability |
| ZDI-24-828 |
ZDI-CAN-22441 |
Samsung |
CVE-2023-42580 |
8.8 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) Samsung Galaxy S23 instantgame Improper Input Validation Remote Code Execution Vulnerability |
| ZDI-24-827 |
ZDI-CAN-22497 |
QNAP |
CVE-2024-32766 |
8.8 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) QNAP TS-464 username Command Injection Remote Code Execution Vulnerability |
| ZDI-24-826 |
ZDI-CAN-22496 |
QNAP |
CVE-2024-32766 |
9.8 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) QNAP TS-464 Improper Validation Authentication Bypass Vulnerability |
| ZDI-24-825 |
ZDI-CAN-22463 |
QNAP |
CVE-2023-51364 |
8.1 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) QNAP TS-464 Log Upload Command Injection Remote Code Execution Vulnerability |
| ZDI-24-824 |
ZDI-CAN-22462 |
QNAP |
CVE-2024-27124 |
7.5 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) QNAP TS-464 Cloud Utility Command Injection Remote Code Execution Vulnerability |
| ZDI-24-823 |
ZDI-CAN-22422 |
QNAP |
CVE-2024-32764 |
7.3 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) QNAP TS-464 TURN Server create_session Server-Side Request Forgery Vulnerability |
| ZDI-24-822 |
ZDI-CAN-22377 |
HP |
CVE-2024-0794 |
8.8 |
2024-06-21 |
2024-07-01 |
(Pwn2Own) HP Color LaserJet Pro MFP 4301fdw CFF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-821 |
ZDI-CAN-23852 |
Linux |
CVE-2024-36886 |
9.0 |
2024-06-20 |
2024-07-01 |
Linux Kernel TIPC Message Reassembly Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-820 |
ZDI-CAN-23441 |
Windscribe |
CVE-2024-6141 |
7.8 |
2024-06-20 |
2024-07-01 |
Windscribe Directory Traversal Local Privilege Escalation Vulnerability |
| ZDI-24-819 |
ZDI-CAN-22345 |
VIPRE |
CVE-2024-5930 |
7.8 |
2024-06-20 |
2024-07-01 |
VIPRE Advanced Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability |
| ZDI-24-818 |
ZDI-CAN-22316 |
VIPRE |
CVE-2024-5929 |
7.8 |
2024-06-20 |
2024-07-01 |
VIPRE Advanced Security PMAgent Uncontrolled Search Path Element Local Privilege Escalation Vulnerability |
| ZDI-24-817 |
ZDI-CAN-22315 |
VIPRE |
CVE-2024-5928 |
7.8 |
2024-06-20 |
2024-07-01 |
VIPRE Advanced Security PMAgent Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-816 |
ZDI-CAN-23370 |
Microsoft |
CVE-2024-30082 |
8.8 |
2024-06-20 |
2024-07-01 |
Microsoft Windows Menu DC Bitmap Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-24-815 |
ZDI-CAN-23111 |
Toshiba |
CVE-2024-3498 |
7.8 |
2024-06-18 |
2024-07-01 |
Toshiba e-STUDIO2518A vsftpd Incorrect Permission Assignment Privilege Escalation Vulnerability |
| ZDI-24-814 |
ZDI-CAN-23109 |
Toshiba |
CVE-2024-3497 |
8.8 |
2024-06-18 |
2024-07-01 |
Toshiba e-STUDIO2518A unzip Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-813 |
ZDI-CAN-23108 |
Toshiba |
CVE-2024-3496 |
8.8 |
2024-06-18 |
2024-07-01 |
Toshiba e-STUDIO2518A Authentication Bypass Vulnerability |
| ZDI-24-812 |
ZDI-CAN-22691 |
Hewlett Packard Enterprise |
CVE-2021-40438 |
8.2 |
2024-06-18 |
2024-07-01 |
Hewlett Packard Enterprise OneView Apache Server-Side Request Forgery Vulnerability |
| ZDI-24-811 |
ZDI-CAN-22455 |
Hewlett Packard Enterprise |
CVE-2023-50275 |
7.5 |
2024-06-18 |
2024-07-01 |
Hewlett Packard Enterprise OneView clusterService Authentication Bypass Denial-of-Service Vulnerability |
| ZDI-24-810 |
ZDI-CAN-22454 |
Hewlett Packard Enterprise |
CVE-2023-50274 |
7.8 |
2024-06-18 |
2024-07-01 |
Hewlett Packard Enterprise OneView startUpgradeCommon Command Injection Local Privilege Escalation Vulnerability |
| ZDI-24-809 |
ZDI-CAN-21418 |
Actiontec |
CVE-2024-6146 |
8.8 |
2024-06-18 |
2024-07-01 |
(0Day) Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-808 |
ZDI-CAN-21417 |
Actiontec |
CVE-2024-6145 |
8.8 |
2024-06-18 |
2024-07-01 |
(0Day) Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability |
| ZDI-24-807 |
ZDI-CAN-21416 |
Actiontec |
CVE-2024-6144 |
8.8 |
2024-06-18 |
2024-07-01 |
(0Day) Actiontec WCB6200Q Multipart Boundary Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-806 |
ZDI-CAN-21414 |
Actiontec |
CVE-2024-6143 |
8.8 |
2024-06-18 |
2024-07-01 |
(0Day) Actiontec WCB6200Q uh_tcp_recv_header Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-805 |
ZDI-CAN-21410 |
Actiontec |
CVE-2024-6142 |
8.8 |
2024-06-18 |
2024-07-01 |
(0Day) Actiontec WCB6200Q uh_tcp_recv_content Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-804 |
ZDI-CAN-20450 |
Parallels |
CVE-2024-6154 |
8.2 |
2024-06-18 |
2024-07-01 |
Parallels Desktop Toolgate Heap-based Buffer Overflow Local Privilege Escalation Vulnerability |
| ZDI-24-803 |
ZDI-CAN-19481 |
Parallels |
CVE-2024-6153 |
7.8 |
2024-06-18 |
2024-07-01 |
Parallels Desktop Updater Protection Mechanism Failure Software Downgrade Vulnerability |
| ZDI-24-802 |
ZDI-CAN-18271 |
Poly |
CVE-2024-6147 |
7.8 |
2024-06-18 |
2024-07-01 |
(0Day) Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-801 |
ZDI-CAN-21959 |
Tenable |
CVE-2023-5622 |
7.8 |
2024-06-18 |
2024-07-01 |
Tenable Nessus Network Monitor Uncontrolled Search Path Element Local Privilege Escalation Vulnerability |
| ZDI-24-800 |
ZDI-CAN-23905 |
Autodesk |
CVE-2024-23157 |
7.8 |
2024-06-18 |
2024-07-01 |
(0Day) Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-799 |
ZDI-CAN-23897 |
Autodesk |
CVE-2024-23156 |
7.8 |
2024-06-18 |
2024-07-01 |
(0Day) Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-798 |
ZDI-CAN-23505 |
Autodesk |
CVE-2024-23158 |
7.8 |
2024-06-18 |
2024-07-01 |
(0Day) Autodesk AutoCAD IGES File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-797 |
ZDI-CAN-23464 |
Autodesk |
CVE-2024-23152 |
7.8 |
2024-06-18 |
2024-07-01 |
(0Day) Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-796 |
ZDI-CAN-23431 |
Autodesk |
CVE-2024-23156 |
7.8 |
2024-06-18 |
2024-07-01 |
(0Day) Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-795 |
ZDI-CAN-23426 |
Autodesk |
CVE-2024-23153 |
7.8 |
2024-06-18 |
2024-07-01 |
(0Day) Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-794 |
ZDI-CAN-23409 |
Autodesk |
CVE-2024-23159 |
7.8 |
2024-06-18 |
2024-07-01 |
(0Day) Autodesk AutoCAD STP File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-24-793 |
ZDI-CAN-23390 |
Autodesk |
CVE-2024-23151 |
7.8 |
2024-06-18 |
2024-07-01 |
(0Day) Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-792 |
ZDI-CAN-23376 |
Autodesk |
CVE-2024-23150 |
7.8 |
2024-06-18 |
2024-07-01 |
(0Day) Autodesk AutoCAD PRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-791 |
ZDI-CAN-23369 |
Autodesk |
CVE-2024-23152 |
7.8 |
2024-06-18 |
2024-07-01 |
(0Day) Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-790 |
ZDI-CAN-23361 |
Autodesk |
CVE-2024-23154 |
7.8 |
2024-06-18 |
2024-07-01 |
(0Day) Autodesk AutoCAD SLDPRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-789 |
ZDI-CAN-23359 |
Autodesk |
CVE-2024-36999 |
7.8 |
2024-06-18 |
2024-07-01 |
(0Day) Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-788 |
ZDI-CAN-23340 |
Autodesk |
CVE-2024-23152 |
7.8 |
2024-06-18 |
2024-07-01 |
(0Day) Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-787 |
ZDI-CAN-23335 |
Autodesk |
CVE-2024-23155 |
7.8 |
2024-06-18 |
2024-07-01 |
(0Day) Autodesk AutoCAD MODEL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-786 |
ZDI-CAN-20965 |
PaperCut |
CVE-2023-39470 |
7.2 |
2024-06-18 |
2024-07-01 |
PaperCut NG print.script.sandboxed Exposed Dangerous Function Remote Code Execution Vulnerability |
| ZDI-24-785 |
ZDI-CAN-23481 |
PaperCut |
CVE-2024-1882 |
7.2 |
2024-06-18 |
2024-07-01 |
PaperCut MF EmailRenderer Server-Side Template Injection Remote Code Execution Vulnerability |
| ZDI-24-784 |
ZDI-CAN-23254 |
PaperCut |
CVE-2024-1883 |
8.8 |
2024-06-18 |
2024-07-01 |
PaperCut MF handleServiceException Cross-Site Scripting Authentication Bypass Vulnerability |
| ZDI-24-783 |
ZDI-CAN-23116 |
PaperCut |
CVE-2024-1884 |
8.2 |
2024-06-18 |
2024-07-01 |
PaperCut MF pc-upconnector-service Server-Side Request Forgery Information Disclosure Vulnerability |
| ZDI-24-782 |
ZDI-CAN-22812 |
PaperCut |
CVE-2024-1222 |
8.6 |
2024-06-18 |
2024-07-01 |
PaperCut NG PrintDeployProxyController Incorrect Authorization Authentication Bypass Vulnerability |
| ZDI-24-781 |
ZDI-CAN-22328 |
PaperCut |
CVE-2024-1654 |
7.2 |
2024-06-18 |
2024-07-01 |
PaperCut NG generateNextFileName Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-780 |
ZDI-CAN-23074 |
PaperCut |
CVE-2024-1221 |
6.5 |
2024-06-18 |
2024-07-01 |
PaperCut NG upload Link Following Information Disclosure Vulnerability |
| ZDI-24-779 |
ZDI-CAN-22165 |
PaperCut |
CVE-2024-1223 |
8.2 |
2024-06-18 |
2024-07-01 |
PaperCut NG VendorKeys Hardcoded Credentials Authentication Bypass Vulnerability |
| ZDI-24-778 |
ZDI-CAN-22042 |
Linux |
|
7.1 |
2024-06-14 |
2024-07-01 |
Linux Kernel USB Core Out-Of-Bounds Read Local Privilege Escalation Vulnerability |
| ZDI-24-777 |
ZDI-CAN-21826 |
Linux |
|
4.0 |
2024-06-14 |
2024-07-01 |
Linux Kernel ksmbd Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-776 |
ZDI-CAN-23777 |
Oracle |
CVE-2024-21121 |
8.2 |
2024-06-14 |
2024-07-01 |
(Pwn2Own) Oracle VirtualBox OHCI USB Controller Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-24-775 |
ZDI-CAN-23838 |
Autodesk |
CVE-2024-23120 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STEP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-774 |
ZDI-CAN-23725 |
Autodesk |
CVE-2024-23129 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-773 |
ZDI-CAN-23724 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-772 |
ZDI-CAN-23723 |
Autodesk |
CVE-2024-23147 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD X_B File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-771 |
ZDI-CAN-23722 |
Autodesk |
CVE-2024-37005 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD X_B File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-770 |
ZDI-CAN-23721 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-769 |
ZDI-CAN-23654 |
Autodesk |
CVE-2024-23130 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-768 |
ZDI-CAN-23652 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-767 |
ZDI-CAN-23651 |
Autodesk |
CVE-2024-23120 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-766 |
ZDI-CAN-23639 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-765 |
ZDI-CAN-23638 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-764 |
ZDI-CAN-23637 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-763 |
ZDI-CAN-23636 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-762 |
ZDI-CAN-23635 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-761 |
ZDI-CAN-23634 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-760 |
ZDI-CAN-23633 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-759 |
ZDI-CAN-23632 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-758 |
ZDI-CAN-23631 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-757 |
ZDI-CAN-23630 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-756 |
ZDI-CAN-23629 |
Autodesk |
CVE-2024-37004 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD SLDPRT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-755 |
ZDI-CAN-23628 |
Autodesk |
CVE-2024-23127 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD SLDPRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-754 |
ZDI-CAN-23627 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-753 |
ZDI-CAN-23615 |
Autodesk |
CVE-2024-23130 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-752 |
ZDI-CAN-23613 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-751 |
ZDI-CAN-23612 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-750 |
ZDI-CAN-23611 |
Autodesk |
CVE-2024-23147 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STEP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-749 |
ZDI-CAN-23610 |
Autodesk |
CVE-2024-37000 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-748 |
ZDI-CAN-23560 |
Autodesk |
CVE-2024-37000 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-747 |
ZDI-CAN-23559 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-746 |
ZDI-CAN-23535 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-745 |
ZDI-CAN-23512 |
Autodesk |
CVE-2024-23137 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD SLDPRT File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-24-744 |
ZDI-CAN-23511 |
Autodesk |
CVE-2024-23149 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD SLDDRW File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-743 |
ZDI-CAN-23510 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-742 |
ZDI-CAN-23509 |
Autodesk |
CVE-2024-0446 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-741 |
ZDI-CAN-23508 |
Autodesk |
CVE-2024-0446 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-740 |
ZDI-CAN-23507 |
Autodesk |
CVE-2024-37000 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-739 |
ZDI-CAN-23506 |
Autodesk |
CVE-2024-23134 |
7.8 |
2024-06-17 |
2024-07-01 |
Autodesk AutoCAD IGS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-738 |
ZDI-CAN-23497 |
Autodesk |
CVE-2024-23127 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD SLDPRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-737 |
ZDI-CAN-23496 |
Autodesk |
CVE-2024-37003 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD SLDPRT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-736 |
ZDI-CAN-23495 |
Autodesk |
CVE-2024-23130 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD SLDPRT File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-735 |
ZDI-CAN-23494 |
Autodesk |
CVE-2024-23127 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD SLDASM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-734 |
ZDI-CAN-23493 |
Autodesk |
CVE-2024-23137 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD SLDPRT File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-24-733 |
ZDI-CAN-23492 |
Autodesk |
CVE-2024-23127 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD SLDASM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-732 |
ZDI-CAN-23491 |
Autodesk |
CVE-2024-23130 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-731 |
ZDI-CAN-23470 |
Autodesk |
CVE-2024-23146 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-730 |
ZDI-CAN-23469 |
Autodesk |
CVE-2024-23146 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-729 |
ZDI-CAN-23468 |
Autodesk |
CVE-2024-23146 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-728 |
ZDI-CAN-23467 |
Autodesk |
CVE-2024-23146 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-727 |
ZDI-CAN-23463 |
Autodesk |
CVE-2024-23129 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-726 |
ZDI-CAN-23455 |
Autodesk |
CVE-2024-23142 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-725 |
ZDI-CAN-23432 |
Autodesk |
CVE-2024-23143 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD X_B File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-724 |
ZDI-CAN-23430 |
Autodesk |
CVE-2024-23141 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-723 |
ZDI-CAN-23427 |
Autodesk |
CVE-2024-0446 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-722 |
ZDI-CAN-23425 |
Autodesk |
CVE-2024-23143 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-721 |
ZDI-CAN-23424 |
Autodesk |
CVE-2024-37002 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-24-720 |
ZDI-CAN-23423 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-719 |
ZDI-CAN-23412 |
Autodesk |
CVE-2024-23143 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-718 |
ZDI-CAN-23411 |
Autodesk |
CVE-2024-37000 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD X_B File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-717 |
ZDI-CAN-23410 |
Autodesk |
CVE-2024-23143 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-716 |
ZDI-CAN-23408 |
Autodesk |
CVE-2024-37001 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD 3DM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-715 |
ZDI-CAN-23407 |
Autodesk |
CVE-2024-23142 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-714 |
ZDI-CAN-23406 |
Autodesk |
CVE-2024-23142 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-713 |
ZDI-CAN-23404 |
Autodesk |
CVE-2024-37006 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD CATPRODUCT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-712 |
ZDI-CAN-23395 |
Autodesk |
CVE-2024-23143 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-711 |
ZDI-CAN-23394 |
Autodesk |
CVE-2024-23140 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-710 |
ZDI-CAN-23389 |
Autodesk |
CVE-2024-0446 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-709 |
ZDI-CAN-23380 |
Autodesk |
CVE-2024-23147 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD CATPART File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-708 |
ZDI-CAN-23379 |
Autodesk |
CVE-2024-23146 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-707 |
ZDI-CAN-23378 |
Autodesk |
CVE-2024-23123 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-706 |
ZDI-CAN-23377 |
Autodesk |
CVE-2024-23128 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-705 |
ZDI-CAN-23365 |
Autodesk |
CVE-2024-23142 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-704 |
ZDI-CAN-23364 |
Autodesk |
CVE-2024-23140 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-703 |
ZDI-CAN-23363 |
Autodesk |
CVE-2024-23145 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD PRT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-702 |
ZDI-CAN-23362 |
Autodesk |
CVE-2024-23128 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-701 |
ZDI-CAN-23360 |
Autodesk |
CVE-2024-0446 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-700 |
ZDI-CAN-23352 |
Autodesk |
CVE-2024-23141 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Double Free Remote Code Execution Vulnerability |
| ZDI-24-699 |
ZDI-CAN-23351 |
Autodesk |
CVE-2024-23144 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-698 |
ZDI-CAN-23350 |
Autodesk |
CVE-2024-23143 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-697 |
ZDI-CAN-23349 |
Autodesk |
CVE-2024-23143 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-696 |
ZDI-CAN-23348 |
Autodesk |
CVE-2024-23143 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-695 |
ZDI-CAN-23347 |
Autodesk |
CVE-2024-23122 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-694 |
ZDI-CAN-23346 |
Autodesk |
CVE-2024-23130 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-693 |
ZDI-CAN-23342 |
Autodesk |
CVE-2024-23142 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD CATPART File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-692 |
ZDI-CAN-23341 |
Autodesk |
CVE-2024-23144 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-691 |
ZDI-CAN-23339 |
Autodesk |
CVE-2024-23129 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-690 |
ZDI-CAN-23338 |
Autodesk |
CVE-2024-23146 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-689 |
ZDI-CAN-23337 |
Autodesk |
CVE-2024-23130 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-688 |
ZDI-CAN-23336 |
Autodesk |
CVE-2024-23130 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-687 |
ZDI-CAN-23334 |
Autodesk |
CVE-2024-23127 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-686 |
ZDI-CAN-23333 |
Autodesk |
CVE-2024-23130 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-685 |
ZDI-CAN-23332 |
Autodesk |
CVE-2024-23157 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD SLDPRT File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-684 |
ZDI-CAN-23331 |
Autodesk |
CVE-2024-23128 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-683 |
ZDI-CAN-22302 |
Autodesk |
CVE-2024-37003 |
7.8 |
2024-06-13 |
2024-07-01 |
Autodesk AutoCAD DWG File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-682 |
ZDI-CAN-22958 |
Siemens |
CVE-2024-35303 |
7.8 |
2024-06-13 |
2024-07-01 |
Siemens Tecnomatix Plant Simulation MODEL File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-681 |
ZDI-CAN-22747 |
Fuji Electric |
CVE-2024-37029 |
7.8 |
2024-06-13 |
2024-07-01 |
Fuji Electric Tellus Lite V-Simulator 6 V10 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-680 |
ZDI-CAN-22813 |
Fuji Electric |
CVE-2024-37029 |
7.8 |
2024-06-13 |
2024-07-01 |
Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-679 |
ZDI-CAN-22875 |
Fuji Electric |
CVE-2024-37029 |
7.8 |
2024-06-13 |
2024-07-01 |
Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-678 |
ZDI-CAN-22746 |
Fuji Electric |
CVE-2024-37022 |
7.8 |
2024-06-13 |
2024-07-01 |
Fuji Electric Tellus Lite V-Simulator 6 X1 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-677 |
ZDI-CAN-23991 |
Dropbox |
CVE-2024-5924 |
8.8 |
2024-06-13 |
2024-07-01 |
(0Day) Dropbox Desktop Folder Sharing Mark-of-the-Web Bypass Vulnerability |
| ZDI-24-676 |
ZDI-CAN-23174 |
Deep Sea Electronics |
CVE-2024-5952 |
4.3 |
2024-06-13 |
2024-07-01 |
(0Day) Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability |
| ZDI-24-675 |
ZDI-CAN-23173 |
Deep Sea Electronics |
CVE-2024-5951 |
7.1 |
2024-06-13 |
2024-07-01 |
(0Day) Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability |
| ZDI-24-674 |
ZDI-CAN-23172 |
Deep Sea Electronics |
CVE-2024-5950 |
8.8 |
2024-06-13 |
2024-07-01 |
(0Day) Deep Sea Electronics DSE855 Multipart Value Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-673 |
ZDI-CAN-23171 |
Deep Sea Electronics |
CVE-2024-5949 |
4.3 |
2024-06-13 |
2024-07-01 |
(0Day) Deep Sea Electronics DSE855 Multipart Boundary Infinite Loop Denial-of-Service Vulnerability |
| ZDI-24-672 |
ZDI-CAN-23170 |
Deep Sea Electronics |
CVE-2024-5948 |
8.8 |
2024-06-13 |
2024-07-01 |
(0Day) Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-671 |
ZDI-CAN-22679 |
Deep Sea Electronics |
CVE-2024-5947 |
6.5 |
2024-06-13 |
2024-07-01 |
(0Day) Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability |
| ZDI-24-670 |
ZDI-CAN-20768 |
Famatech |
CVE-2024-30376 |
7.3 |
2024-06-13 |
2024-07-01 |
(0Day) Famatech Advanced IP Scanner Uncontrolled Search Path Element Local Privilege Escalation Vulnerability |
| ZDI-24-669 |
ZDI-CAN-23973 |
IrfanView |
CVE-2024-5876 |
7.8 |
2024-06-12 |
2024-07-01 |
IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-668 |
ZDI-CAN-23972 |
IrfanView |
CVE-2024-5875 |
7.8 |
2024-06-12 |
2024-07-01 |
IrfanView SHP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-667 |
ZDI-CAN-23969 |
IrfanView |
CVE-2024-5874 |
7.8 |
2024-06-12 |
2024-07-01 |
IrfanView PNT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-666 |
ZDI-CAN-23974 |
IrfanView |
CVE-2024-5877 |
7.8 |
2024-06-12 |
2024-07-01 |
IrfanView PIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-665 |
ZDI-CAN-23848 |
Mozilla |
CVE-2024-29944 |
7.8 |
2024-06-12 |
2024-07-01 |
(Pwn2Own) Mozilla Firefox Exposed Dangerous Function Sandbox Escape Vulnerability |
| ZDI-24-664 |
ZDI-CAN-23794 |
Mozilla |
CVE-2024-29943 |
5.4 |
2024-06-12 |
2024-07-01 |
(Pwn2Own) Mozilla Firefox SpiderMonkey JIT Compiler Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-663 |
ZDI-CAN-23014 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-662 |
ZDI-CAN-23016 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-661 |
ZDI-CAN-23017 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-660 |
ZDI-CAN-23031 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-659 |
ZDI-CAN-23032 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-658 |
ZDI-CAN-23034 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-657 |
ZDI-CAN-23045 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft ALM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-656 |
ZDI-CAN-23046 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft ALM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-655 |
ZDI-CAN-23047 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft CMT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-654 |
ZDI-CAN-23048 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft ALM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-653 |
ZDI-CAN-23068 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft TBK File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-652 |
ZDI-CAN-23079 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-651 |
ZDI-CAN-23085 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-650 |
ZDI-CAN-23080 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-649 |
ZDI-CAN-23081 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-648 |
ZDI-CAN-23142 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-647 |
ZDI-CAN-23143 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-646 |
ZDI-CAN-23165 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-645 |
ZDI-CAN-23166 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-644 |
ZDI-CAN-23167 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-643 |
ZDI-CAN-23175 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-642 |
ZDI-CAN-23168 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-641 |
ZDI-CAN-23176 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-640 |
ZDI-CAN-23177 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-639 |
ZDI-CAN-23169 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-638 |
ZDI-CAN-23178 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-637 |
ZDI-CAN-23179 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-636 |
ZDI-CAN-23134 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-635 |
ZDI-CAN-23135 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-634 |
ZDI-CAN-23136 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-633 |
ZDI-CAN-23087 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-632 |
ZDI-CAN-23084 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-631 |
ZDI-CAN-23083 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-630 |
ZDI-CAN-23082 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-629 |
ZDI-CAN-23137 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-628 |
ZDI-CAN-23138 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-627 |
ZDI-CAN-23139 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-626 |
ZDI-CAN-23140 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-625 |
ZDI-CAN-23141 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-624 |
ZDI-CAN-23144 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-623 |
ZDI-CAN-23132 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-622 |
ZDI-CAN-23133 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-621 |
ZDI-CAN-23088 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-620 |
ZDI-CAN-23086 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-07-01 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-619 |
ZDI-CAN-24167 |
Logsign |
CVE-2024-5719 |
8.8 |
2024-06-12 |
2024-07-01 |
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability |
| ZDI-24-618 |
ZDI-CAN-24166 |
Logsign |
CVE-2024-5718 |
8.1 |
2024-06-12 |
2024-07-01 |
Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability |
| ZDI-24-617 |
ZDI-CAN-24165 |
Logsign |
CVE-2024-5717 |
8.8 |
2024-06-12 |
2024-07-01 |
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability |
| ZDI-24-616 |
ZDI-CAN-24164 |
Logsign |
CVE-2024-5716 |
8.6 |
2024-06-12 |
2024-07-01 |
Logsign Unified SecOps Platform Authentication Bypass Vulnerability |
| ZDI-24-615 |
ZDI-CAN-24169 |
Logsign |
CVE-2024-5721 |
8.1 |
2024-06-12 |
2024-07-01 |
Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability |
| ZDI-24-614 |
ZDI-CAN-24170 |
Logsign |
CVE-2024-5722 |
8.8 |
2024-06-12 |
2024-07-01 |
Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution Vulnerability |
| ZDI-24-613 |
ZDI-CAN-24168 |
Logsign |
CVE-2024-5720 |
8.8 |
2024-06-12 |
2024-07-01 |
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability |
| ZDI-24-612 |
ZDI-CAN-23163 |
Luxion |
|
7.8 |
2024-06-12 |
2024-07-01 |
(0Day) Luxion KeyShot Viewer JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-611 |
ZDI-CAN-23124 |
Luxion |
|
7.8 |
2024-06-12 |
2024-07-01 |
Luxion KeyShot Viewer X_T File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-610 |
ZDI-CAN-17863 |
Advantech |
CVE-2023-52335 |
7.5 |
2024-06-12 |
2024-07-01 |
Advantech iView ConfigurationServlet SQL Injection Information Disclosure Vulnerability |
| ZDI-24-609 |
ZDI-CAN-23461 |
Microsoft |
CVE-2024-30082 |
8.8 |
2024-06-12 |
2024-07-01 |
Microsoft Windows Menu DC Pen Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-24-608 |
ZDI-CAN-23462 |
Microsoft |
CVE-2024-30082 |
8.8 |
2024-06-12 |
2024-07-01 |
Microsoft Windows Menu DC Brush Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-24-607 |
ZDI-CAN-23789 |
Microsoft |
CVE-2024-30089 |
8.8 |
2024-06-12 |
2024-07-01 |
(Pwn2Own) Microsoft Windows mskssrv Driver Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-24-606 |
ZDI-CAN-23449 |
Microsoft |
CVE-2024-30088 |
8.8 |
2024-06-12 |
2024-07-01 |
(Pwn2Own) Microsoft Windows NtQueryInformationToken Race Condition Local Privilege Escalation Vulnerability |
| ZDI-24-605 |
ZDI-CAN-23774 |
Microsoft |
CVE-2024-30087 |
8.8 |
2024-06-12 |
2024-07-01 |
(Pwn2Own) Microsoft Windows win32kfull Improper Input Validation Local Privilege Escalation Vulnerability |
| ZDI-24-604 |
ZDI-CAN-23788 |
Microsoft |
CVE-2024-35250 |
8.8 |
2024-06-12 |
2024-07-01 |
(Pwn2Own) Microsoft Windows UnserializePropertySet Privilege Context Switching Error Local Privilege Escalation Vulnerability |
| ZDI-24-603 |
ZDI-CAN-23773 |
Microsoft |
CVE-2024-30084 |
8.8 |
2024-06-12 |
2024-07-01 |
(Pwn2Own) Microsoft Windows UnserializePropertySet Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability |
| ZDI-24-602 |
ZDI-CAN-23791 |
Microsoft |
CVE-2024-30086 |
8.8 |
2024-06-12 |
2024-07-01 |
(Pwn2Own) Microsoft Windows DirectComposition Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-24-601 |
ZDI-CAN-23845 |
Microsoft |
CVE-2024-30085 |
7.8 |
2024-06-12 |
2024-07-01 |
(Pwn2Own) Microsoft Windows cldflt Heap-based Buffer Overflow Local Privilege Escalation Vulnerability |
| ZDI-24-600 |
ZDI-CAN-21034 |
Schneider Electric |
|
9.8 |
2024-06-11 |
2024-07-01 |
Schneider Electric APC Easy UPS Online startRun Exposed Dangerous Method Remote Code Execution Vulnerability |
| ZDI-24-599 |
ZDI-CAN-24054 |
Adobe |
CVE-2024-34115 |
7.8 |
2024-06-11 |
2024-07-01 |
Adobe Substance 3D Stager SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-598 |
ZDI-CAN-16220 |
Microsoft |
|
7.7 |
2024-06-11 |
2024-07-01 |
(0Day) Microsoft Windows Incorrect Permission Assignment Information Disclosure Vulnerability |
| ZDI-24-597 |
ZDI-CAN-22683 |
Centreon |
CVE-2024-5725 |
8.8 |
2024-06-10 |
2024-07-01 |
Centreon initCurveList SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-596 |
ZDI-CAN-23561 |
Centreon |
CVE-2024-32501 |
8.8 |
2024-06-10 |
2024-07-01 |
Centreon updateServiceHost_MC SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-595 |
ZDI-CAN-23294 |
Centreon |
CVE-2024-5723 |
8.8 |
2024-06-10 |
2024-07-01 |
Centreon updateServiceHost SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-594 |
ZDI-CAN-22974 |
Siemens |
CVE-2024-32639 |
7.8 |
2024-06-10 |
2024-07-01 |
Siemens Tecnomatix Plant Simulation MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-593 |
ZDI-CAN-18568 |
Linux |
CVE-2023-31436 |
8.2 |
2024-06-10 |
2024-07-01 |
Linux Kernel Net Scheduler Out-Of-Bounds Access Local Privilege Escalation Vulnerability |
| ZDI-24-592 |
ZDI-CAN-18745 |
Linux |
CVE-2023-39189 |
5.1 |
2024-06-10 |
2024-07-01 |
Linux Kernel nftables Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-591 |
ZDI-CAN-18387 |
Linux |
CVE-2023-42755 |
6.7 |
2024-06-10 |
2024-07-01 |
Linux Kernel RSVP Filter Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-590 |
ZDI-CAN-21824 |
Linux |
CVE-2023-4458 |
4.0 |
2024-06-10 |
2024-07-01 |
Linux Kernel ksmbd smb2_open Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-589 |
ZDI-CAN-21588 |
Linux |
CVE-2023-39180 |
4.0 |
2024-06-10 |
2024-07-01 |
Linux Kernel ksmbd Read Request Memory Leak Denial-of-Service Vulnerability |
| ZDI-24-588 |
ZDI-CAN-21587 |
Linux |
CVE-2023-39179 |
7.5 |
2024-06-10 |
2024-07-01 |
Linux Kernel ksmbd Read Request Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-587 |
ZDI-CAN-21598 |
Linux |
|
6.8 |
2024-06-10 |
2024-07-01 |
Linux Kernel ksmbd SetInfo Request Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-586 |
ZDI-CAN-21589 |
Linux |
CVE-2023-39176 |
5.8 |
2024-06-10 |
2024-07-01 |
Linux Kernel ksmbd Transform Header Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-585 |
ZDI-CAN-22715 |
Trend Micro |
CVE-2024-36473 |
5.3 |
2024-06-10 |
2024-07-01 |
Trend Micro VPN Proxy One Pro Link Following Denial-of-Service Vulnerability |
| ZDI-24-584 |
ZDI-CAN-19843 |
NETGEAR |
CVE-2023-51635 |
8.8 |
2024-06-10 |
2024-07-01 |
(Pwn2Own) NETGEAR RAX30 fing_dil Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-583 |
ZDI-CAN-19589 |
NETGEAR |
CVE-2023-51634 |
7.5 |
2024-06-10 |
2024-07-01 |
(Pwn2Own) NETGEAR RAX30 Improper Certificate Validation Remote Code Execution Vulnerability |
| ZDI-24-582 |
ZDI-CAN-19094 |
SEW-EURODRIVE |
CVE-2024-1167 |
5.5 |
2024-06-06 |
2024-07-01 |
SEW-EURODRIVE MOVITOOLS MotionStudio XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-24-581 |
ZDI-CAN-22281 |
Microsoft |
|
10.0 |
2024-06-06 |
2024-07-01 |
Microsoft Azure SQL Managed Instance Documentation SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability |
| ZDI-24-580 |
ZDI-CAN-22149 |
Microsoft |
|
9.8 |
2024-06-06 |
2024-07-01 |
Microsoft Artifact Registry Container Images Empty Password Authentication Bypass Vulnerability |
| ZDI-24-579 |
ZDI-CAN-22309 |
Apple |
CVE-2024-27836 |
7.8 |
2024-06-12 |
2024-07-01 |
Apple macOS PPM Image Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-578 |
ZDI-CAN-22897 |
Apple |
CVE-2024-23286 |
3.3 |
2024-06-06 |
2024-07-01 |
Apple macOS CoreGraphics Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-577 |
ZDI-CAN-21599 |
Trend Micro |
CVE-2024-37289 |
7.8 |
2024-06-06 |
2024-07-01 |
Trend Micro Apex One Improper Access Control Local Privilege Escalation Vulnerability |
| ZDI-24-576 |
ZDI-CAN-22269 |
Trend Micro |
CVE-2024-32849 |
7.8 |
2024-06-06 |
2024-07-01 |
Trend Micro Maximum Security coreServiceShell Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-575 |
ZDI-CAN-21461 |
Trend Micro |
CVE-2024-36358 |
7.8 |
2024-06-06 |
2024-07-01 |
Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-574 |
ZDI-CAN-21495 |
Trend Micro |
CVE-2024-36359 |
5.4 |
2024-06-06 |
2024-07-01 |
Trend Micro InterScan Web Security Virtual Appliance Cross-Site Scripting Privilege Escalation Vulnerability |
| ZDI-24-573 |
ZDI-CAN-22032 |
Trend Micro |
CVE-2024-36307 |
4.7 |
2024-06-06 |
2024-07-01 |
Trend Micro Apex One Security Agent Link Following Information Disclosure Vulnerability |
| ZDI-24-572 |
ZDI-CAN-22693 |
Trend Micro |
CVE-2024-36305 |
7.8 |
2024-06-06 |
2024-07-01 |
Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-571 |
ZDI-CAN-22667 |
Trend Micro |
CVE-2024-36304 |
7.8 |
2024-06-06 |
2024-07-01 |
Trend Micro Apex One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability |
| ZDI-24-570 |
ZDI-CAN-22481 |
Trend Micro |
CVE-2024-36303 |
7.8 |
2024-06-06 |
2024-07-01 |
Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability |
| ZDI-24-569 |
ZDI-CAN-22039 |
Trend Micro |
CVE-2024-36302 |
7.8 |
2024-06-06 |
2024-07-01 |
Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability |
| ZDI-24-568 |
ZDI-CAN-22038 |
Trend Micro |
CVE-2024-36306 |
6.1 |
2024-06-06 |
2024-07-01 |
Trend Micro Apex One Damage Cleanup Engine Link Following Denial-of-Service Vulnerability |
| ZDI-24-567 |
ZDI-CAN-22873 |
GStreamer |
CVE-2024-0444 |
7.5 |
2024-06-05 |
2024-07-01 |
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-566 |
ZDI-CAN-22449 |
Luxion |
CVE-2024-30374 |
7.8 |
2024-06-05 |
2024-07-01 |
Luxion KeyShot Viewer KSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-565 |
ZDI-CAN-22515 |
Luxion |
CVE-2024-30375 |
7.8 |
2024-06-05 |
2024-07-01 |
Luxion KeyShot Viewer KSP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-564 |
ZDI-CAN-22748 |
Fuji Electric |
CVE-2024-5597 |
7.8 |
2024-06-05 |
2024-07-01 |
Fuji Electric Monitouch V-SFT V9 File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-563 |
ZDI-CAN-22724 |
NETGEAR |
CVE-2024-5505 |
8.8 |
2024-06-04 |
2024-07-01 |
NETGEAR ProSAFE Network Management System UpLoadServlet Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-562 |
ZDI-CAN-22557 |
Canon |
CVE-2023-6234 |
8.8 |
2024-05-31 |
2024-07-01 |
Canon imageCLASS MF753Cdw setResource Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-561 |
ZDI-CAN-23879 |
Progress Software |
CVE-2024-4358 |
9.8 |
2024-05-31 |
2024-07-01 |
Progress Software Telerik Reporting Register Authentication Bypass Vulnerability |
| ZDI-24-560 |
ZDI-CAN-22550 |
Lexmark |
CVE-2023-50738 |
6.3 |
2024-05-31 |
2024-07-01 |
Lexmark CX331adwe Firmware Downgrade Remote Code Execution Vulnerability |
| ZDI-24-559 |
ZDI-CAN-22312 |
G DATA |
CVE-2024-1867 |
7.8 |
2024-05-31 |
2024-07-01 |
G DATA Total Security Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-558 |
ZDI-CAN-22313 |
G DATA |
CVE-2024-1868 |
7.8 |
2024-05-31 |
2024-07-01 |
G DATA Total Security Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-557 |
ZDI-CAN-22092 |
Kofax |
CVE-2024-30373 |
7.8 |
2024-05-31 |
2024-07-01 |
Kofax Power PDF JPF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-556 |
ZDI-CAN-22044 |
Kofax |
CVE-2024-5513 |
7.8 |
2024-05-31 |
2024-07-01 |
Kofax Power PDF JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-555 |
ZDI-CAN-22021 |
Kofax |
CVE-2024-5512 |
3.3 |
2024-05-31 |
2024-07-01 |
Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-554 |
ZDI-CAN-22020 |
Kofax |
CVE-2024-5511 |
7.8 |
2024-05-31 |
2024-07-01 |
Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-553 |
ZDI-CAN-22019 |
Kofax |
CVE-2024-5510 |
7.8 |
2024-05-31 |
2024-07-01 |
Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-552 |
ZDI-CAN-22933 |
Kofax |
CVE-2024-5307 |
3.3 |
2024-05-31 |
2024-07-01 |
Kofax Power PDF AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-551 |
ZDI-CAN-22930 |
Kofax |
CVE-2024-5306 |
7.8 |
2024-05-31 |
2024-07-01 |
Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-550 |
ZDI-CAN-22921 |
Kofax |
CVE-2024-5305 |
7.8 |
2024-05-31 |
2024-07-01 |
Kofax Power PDF PDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-549 |
ZDI-CAN-22920 |
Kofax |
CVE-2024-5304 |
7.8 |
2024-05-31 |
2024-07-01 |
Kofax Power PDF TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-548 |
ZDI-CAN-22919 |
Kofax |
CVE-2024-5303 |
7.8 |
2024-05-31 |
2024-07-01 |
Kofax Power PDF PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-547 |
ZDI-CAN-22918 |
Kofax |
CVE-2024-5302 |
7.8 |
2024-05-31 |
2024-07-01 |
Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-546 |
ZDI-CAN-22917 |
Kofax |
CVE-2024-5301 |
7.8 |
2024-05-31 |
2024-07-01 |
Kofax Power PDF PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-545 |
ZDI-CAN-22459 |
Sonos |
CVE-2024-5269 |
8.8 |
2024-05-31 |
2024-07-01 |
(Pwn2Own) Sonos Era 100 SMB2 Message Handling Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-544 |
ZDI-CAN-22428 |
Sonos |
CVE-2024-5268 |
4.3 |
2024-05-31 |
2024-07-01 |
(Pwn2Own) Sonos Era 100 SMB2 Message Handling Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-543 |
ZDI-CAN-22384 |
Sonos |
CVE-2024-5267 |
8.8 |
2024-05-31 |
2024-07-01 |
(Pwn2Own) Sonos Era 100 SMB2 Message Handling Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-542 |
ZDI-CAN-22336 |
Sonos |
CVE-2024-5256 |
4.3 |
2024-05-31 |
2024-07-01 |
(Pwn2Own) Sonos Era 100 SMB2 Message Handling Integer Underflow Information Disclosure Vulnerability |
| ZDI-24-541 |
ZDI-CAN-22266 |
Luxion |
CVE-2024-5507 |
7.8 |
2024-05-31 |
2024-07-01 |
Luxion KeyShot Viewer KSP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-540 |
ZDI-CAN-22738 |
Luxion |
CVE-2024-5509 |
7.8 |
2024-05-31 |
2024-07-01 |
Luxion KeyShot BIP File Parsing Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-539 |
ZDI-CAN-22267 |
Luxion |
CVE-2024-5508 |
7.8 |
2024-05-31 |
2024-07-01 |
Luxion KeyShot Viewer KSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-538 |
ZDI-CAN-22514 |
Luxion |
CVE-2024-5506 |
7.8 |
2024-05-31 |
2024-07-01 |
Luxion KeyShot Viewer KSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-537 |
ZDI-CAN-21419 |
Fuji Electric |
CVE-2024-34579 |
7.8 |
2024-05-31 |
2024-07-01 |
Fuji Electric Alpha5 C5V File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-536 |
ZDI-CAN-21423 |
Fuji Electric |
CVE-2024-34579 |
7.8 |
2024-05-31 |
2024-07-01 |
Fuji Electric Alpha5 C5V File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-535 |
ZDI-CAN-22908 |
Fuji Electric |
CVE-2024-34171 |
7.8 |
2024-05-31 |
2024-07-01 |
Fuji Electric Monitouch V-SFT V9C File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-534 |
ZDI-CAN-22896 |
Fuji Electric |
CVE-2024-34171 |
7.8 |
2024-05-31 |
2024-07-01 |
Fuji Electric Monitouch V-SFT V9C File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-533 |
ZDI-CAN-22874 |
Fuji Electric |
CVE-2024-34171 |
7.8 |
2024-05-31 |
2024-07-01 |
Fuji Electric Monitouch V-SFT V9C File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-532 |
ZDI-CAN-22815 |
Fuji Electric |
CVE-2024-34171 |
7.8 |
2024-05-31 |
2024-07-01 |
Fuji Electric Monitouch V-SFT V10 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-531 |
ZDI-CAN-22814 |
Fuji Electric |
CVE-2024-5271 |
7.8 |
2024-05-31 |
2024-07-01 |
Fuji Electric Monitouch V-SFT V9C File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-530 |
ZDI-CAN-22749 |
Fuji Electric |
CVE-2024-34171 |
7.8 |
2024-05-31 |
2024-07-01 |
Fuji Electric Monitouch V-SFT V9C File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-529 |
ZDI-CAN-23782 |
VMware |
CVE-2024-22269 |
6.0 |
2024-05-31 |
2024-07-01 |
(Pwn2Own) VMware Workstation UrbBuf_getDataBuf Uninitialized Variable Information Disclosure Vulnerability |
| ZDI-24-528 |
ZDI-CAN-23783 |
VMware |
CVE-2024-22270 |
6.0 |
2024-05-31 |
2024-07-01 |
(Pwn2Own) VMware Workstation hgfsVMCI_fileread Use of Uninitialized Variable Information Disclosure Vulnerability |
| ZDI-24-527 |
ZDI-CAN-23847 |
VMware |
CVE-2024-22267 |
8.2 |
2024-05-31 |
2024-07-01 |
(Pwn2Own) VMWare Workstation VBluetoothHCI_PacketOut Use-After-Free Privilege Escalation Vulnerability |
| ZDI-24-526 |
ZDI-CAN-23844 |
VMware |
CVE-2024-22267 |
8.2 |
2024-05-30 |
2024-07-01 |
(Pwn2Own) VMware Workstation VBluetoothHCI_PacketOut Use-After-Free Privilege Escalation Vulnerability |
| ZDI-24-525 |
ZDI-CAN-22754 |
A10 |
CVE-2024-30369 |
7.8 |
2024-05-29 |
2024-07-01 |
A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability |
| ZDI-24-524 |
ZDI-CAN-22517 |
A10 |
CVE-2024-30368 |
7.2 |
2024-05-29 |
2024-07-01 |
A10 Thunder ADC CsrRequestView Command Injection Remote Code Execution Vulnerability |
| ZDI-24-523 |
ZDI-CAN-20923 |
Phoenix Contact |
CVE-2024-28137 |
7.8 |
2024-05-29 |
2024-07-01 |
Phoenix Contact CHARX SEC-3100 Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-522 |
ZDI-CAN-23330 |
Phoenix Contact |
CVE-2024-28135 |
6.8 |
2024-05-29 |
2024-07-01 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 Filename Command Injection Remote Code Execution Vulnerability |
| ZDI-24-521 |
ZDI-CAN-23391 |
Phoenix Contact |
CVE-2024-28136 |
7.5 |
2024-05-29 |
2024-07-01 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 OCPP charx_pack_logs Command Injection Remote Code Execution Vulnerability |
| ZDI-24-520 |
ZDI-CAN-23418 |
Phoenix Contact |
CVE-2024-28134 |
7.5 |
2024-05-29 |
2024-07-01 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 Missing Encryption Authentication Bypass Vulnerability |
| ZDI-24-519 |
ZDI-CAN-23419 |
Phoenix Contact |
CVE-2024-28133 |
7.8 |
2024-05-29 |
2024-07-01 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 Untrusted Search Path Local Privilege Escalation Vulnerability |
| ZDI-24-518 |
ZDI-CAN-23880 |
Progress Software |
CVE-2024-4357 |
6.5 |
2024-05-29 |
2024-07-01 |
Progress Software Telerik Reporting ValidateMetadaUri XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-24-517 |
ZDI-CAN-23353 |
Progress Software |
CVE-2024-4561 |
4.2 |
2024-05-29 |
2024-07-01 |
Progress Software WhatsUp Gold FaviconController Server-Side Request Forgery Information Disclosure Vulnerability |
| ZDI-24-516 |
ZDI-CAN-23447 |
Progress Software |
CVE-2024-4562 |
7.1 |
2024-05-28 |
2024-07-01 |
Progress Software WhatsUp Gold HttpContentActiveController Server-Side Request Forgery Information Disclosure Vulnerability |
| ZDI-24-515 |
ZDI-CAN-22951 |
NETGEAR |
CVE-2024-5247 |
8.8 |
2024-05-24 |
2024-07-01 |
NETGEAR ProSAFE Network Management System UpLoadServlet Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-24-514 |
ZDI-CAN-23549 |
Ivanti |
CVE-2024-29846 |
7.2 |
2024-05-24 |
2024-07-01 |
Ivanti Endpoint Manager GetVulnerabilitiesDataTable SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-513 |
ZDI-CAN-23538 |
Ivanti |
CVE-2024-29830 |
7.2 |
2024-05-24 |
2024-07-01 |
Ivanti Endpoint Manager GetLogFileRulesNameUniqueSQL SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-512 |
ZDI-CAN-23537 |
Ivanti |
CVE-2024-29829 |
7.2 |
2024-05-24 |
2024-07-01 |
Ivanti Endpoint Manager GetLogFileRulesSQL SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-511 |
ZDI-CAN-23536 |
Ivanti |
CVE-2024-29828 |
7.2 |
2024-05-24 |
2024-07-01 |
Ivanti Endpoint Manager GetRulesetsSQL SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-510 |
ZDI-CAN-23517 |
Ivanti |
CVE-2024-29827 |
9.8 |
2024-05-24 |
2024-07-01 |
Ivanti Endpoint Manager GetDBPatchProducts SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-509 |
ZDI-CAN-23516 |
Ivanti |
CVE-2024-29826 |
9.8 |
2024-05-24 |
2024-07-01 |
Ivanti Endpoint Manager GetDBPatches SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-508 |
ZDI-CAN-23484 |
Ivanti |
CVE-2024-29825 |
9.8 |
2024-05-24 |
2024-07-01 |
Ivanti Endpoint Manager RecordBrokenApp SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-507 |
ZDI-CAN-23482 |
Ivanti |
CVE-2024-29824 |
9.8 |
2024-05-24 |
2024-07-01 |
Ivanti Endpoint Manager RecordGoodApp SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-506 |
ZDI-CAN-23518 |
Ivanti |
CVE-2024-29823 |
9.8 |
2024-05-24 |
2024-07-01 |
Ivanti Endpoint Manager GetDBVulnerabilities SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-505 |
ZDI-CAN-23483 |
Ivanti |
CVE-2024-29822 |
9.8 |
2024-05-24 |
2024-07-01 |
Ivanti Endpoint Manager RecordGoodApp SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-504 |
ZDI-CAN-23525 |
Ivanti |
CVE-2024-29848 |
7.2 |
2024-05-24 |
2024-07-01 |
Ivanti Avalanche FileStoreConfig Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-24-503 |
ZDI-CAN-22439 |
TP-Link |
CVE-2024-5244 |
5.0 |
2024-05-23 |
2024-07-01 |
(Pwn2Own) TP-Link Omada ER605 Reliance on Security Through Obscurity Vulnerability |
| ZDI-24-502 |
ZDI-CAN-22523 |
TP-Link |
CVE-2024-5243 |
7.5 |
2024-05-23 |
2024-07-01 |
(Pwn2Own) TP-Link Omada ER605 Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-501 |
ZDI-CAN-22522 |
TP-Link |
CVE-2024-5242 |
7.5 |
2024-05-23 |
2024-07-01 |
(Pwn2Own) TP-Link Omada ER605 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-500 |
ZDI-CAN-22383 |
TP-Link |
CVE-2024-5228 |
7.5 |
2024-05-23 |
2024-07-01 |
(Pwn2Own) TP-Link Omada ER605 Comexe DDNS Response Handling Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-499 |
ZDI-CAN-22446 |
TP-Link |
CVE-2024-5227 |
7.5 |
2024-05-23 |
2024-07-01 |
(Pwn2Own) TP-Link Omada ER605 PPTP VPN username Command Injection Remote Code Execution Vulnerability |
| ZDI-24-498 |
ZDI-CAN-22923 |
NETGEAR |
CVE-2024-5247 |
8.8 |
2024-05-22 |
2024-07-01 |
NETGEAR ProSAFE Network Management System UpLoadServlet Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-24-497 |
ZDI-CAN-22868 |
NETGEAR |
CVE-2024-5246 |
8.8 |
2024-05-22 |
2024-07-01 |
NETGEAR ProSAFE Network Management System Tomcat Remote Code Execution Vulnerability |
| ZDI-24-496 |
ZDI-CAN-22755 |
NETGEAR |
CVE-2024-5245 |
7.8 |
2024-05-22 |
2024-07-01 |
NETGEAR ProSAFE Network Management System Default Credentials Local Privilege Escalation Vulnerability |
| ZDI-24-495 |
ZDI-CAN-23790 |
Microsoft |
CVE-2024-30037 |
8.8 |
2024-05-22 |
2024-07-01 |
(Pwn2Own) Microsoft Windows CLFS Integer Underflow Local Privilege Escalation Vulnerability |
| ZDI-24-494 |
ZDI-CAN-23490 |
VMware |
CVE-2024-22268 |
9.6 |
2024-05-22 |
2024-07-01 |
VMware Workstation SVGA Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-493 |
ZDI-CAN-22887 |
Adobe |
CVE-2024-30279 |
7.8 |
2024-05-22 |
2024-07-01 |
Adobe Acrobat Reader DC JPEG2000 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-492 |
ZDI-CAN-22867 |
Adobe |
CVE-2024-30280 |
7.8 |
2024-05-22 |
2024-07-01 |
Adobe Acrobat Pro DC AcroForm Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-491 |
ZDI-CAN-23035 |
WithSecure |
CVE-2024-4454 |
7.3 |
2024-05-22 |
2024-07-01 |
WithSecure Elements Endpoint Protection Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-490 |
ZDI-CAN-22364 |
LAquis |
CVE-2024-5040 |
7.8 |
2024-05-22 |
2024-07-01 |
LAquis SCADA LGX Report Processing AddComboFile Path Traversal Remote Code Execution Vulnerability |
| ZDI-24-489 |
ZDI-CAN-22465 |
LAquis |
CVE-2024-5040 |
7.8 |
2024-05-22 |
2024-07-01 |
LAquis SCADA LGX Report File Open Path Traversal Remote Code Execution Vulnerability |
| ZDI-24-488 |
ZDI-CAN-22358 |
LAquis |
CVE-2024-5040 |
7.8 |
2024-05-22 |
2024-07-01 |
LAquis SCADA LGX Report TextFile Open Path Traversal Remote Code Execution Vulnerability |
| ZDI-24-487 |
ZDI-CAN-22468 |
LAquis |
CVE-2024-5040 |
5.5 |
2024-05-22 |
2024-07-01 |
LAquis SCADA LGX Report STRING READFROMFILE Path Traversal Information Disclosure Vulnerability |
| ZDI-24-486 |
ZDI-CAN-22467 |
LAquis |
CVE-2024-5040 |
7.8 |
2024-05-22 |
2024-07-01 |
LAquis SCADA LGX Report STRING WRITETOFILE Path Traversal Remote Code Execution Vulnerability |
| ZDI-24-485 |
ZDI-CAN-22469 |
LAquis |
CVE-2024-5040 |
7.8 |
2024-05-22 |
2024-07-01 |
LAquis SCADA LGX Report TextFile OpenWithoutMemory Path Traversal Remote Code Execution Vulnerability |
| ZDI-24-484 |
ZDI-CAN-22470 |
LAquis |
CVE-2024-5040 |
7.8 |
2024-05-22 |
2024-07-01 |
LAquis SCADA LGX Report Table Save Path Traversal Remote Code Execution Vulnerability |
| ZDI-24-483 |
ZDI-CAN-23327 |
Adobe |
CVE-2024-30310 |
7.8 |
2024-05-19 |
2024-07-01 |
Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-482 |
ZDI-CAN-23474 |
Adobe |
CVE-2024-34094 |
7.8 |
2024-05-19 |
2024-07-01 |
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-481 |
ZDI-CAN-23475 |
Adobe |
CVE-2024-34095 |
7.8 |
2024-05-19 |
2024-07-01 |
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-480 |
ZDI-CAN-23472 |
Adobe |
CVE-2024-34096 |
7.8 |
2024-05-19 |
2024-07-01 |
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-479 |
ZDI-CAN-23466 |
Adobe |
CVE-2024-30284 |
7.8 |
2024-05-19 |
2024-07-01 |
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-478 |
ZDI-CAN-23473 |
Adobe |
CVE-2024-34097 |
7.8 |
2024-05-19 |
2024-07-01 |
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-477 |
ZDI-CAN-23614 |
Adobe |
CVE-2024-34101 |
3.3 |
2024-05-19 |
2024-07-01 |
Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-476 |
ZDI-CAN-22407 |
QNAP |
CVE-2023-51365 |
6.5 |
2024-05-19 |
2024-07-01 |
(Pwn2Own) QNAP TS-464 HLS_tmp Directory Traversal Arbitrary File Creation Vulnerability |
| ZDI-24-475 |
ZDI-CAN-22410 |
QNAP |
CVE-2023-51364 |
6.5 |
2024-05-19 |
2024-07-01 |
(Pwn2Own) QNAP TS-464 File Upload Directory Traversal Arbitrary File Creation Vulnerability |
| ZDI-24-474 |
ZDI-CAN-22495 |
QNAP |
CVE-2024-32766 |
6.5 |
2024-05-19 |
2024-07-01 |
(Pwn2Own) QNAP TS-464 Exposed Dangerous Method Privilege Escalation Vulnerability |
| ZDI-24-473 |
ZDI-CAN-22378 |
QNAP |
CVE-2024-27124 |
6.5 |
2024-05-19 |
2024-07-01 |
(Pwn2Own) QNAP TS-464 Authentication Service Improper Certificate Validation Vulnerability |
| ZDI-24-472 |
ZDI-CAN-22457 |
QNAP |
CVE-2024-32764 |
7.4 |
2024-05-19 |
2024-07-01 |
(Pwn2Own) QNAP TS-464 Netmgr Endpoint CRLF Injection Arbitrary Configuration Update Vulnerability |
| ZDI-24-471 |
ZDI-CAN-22494 |
QNAP |
CVE-2024-21901 |
8.8 |
2024-05-19 |
2024-07-01 |
(Pwn2Own) QNAP TS-464 authLogin SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-470 |
ZDI-CAN-22493 |
QNAP |
CVE-2024-21899 |
9.1 |
2024-05-19 |
2024-07-01 |
(Pwn2Own) QNAP TS-464 QR Code Device CRLF Injection Arbitrary Configuration Change Vulnerability |
| ZDI-24-469 |
ZDI-CAN-21600 |
Avira |
CVE-2023-51636 |
7.8 |
2024-05-17 |
2024-07-01 |
Avira Prime Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-468 |
ZDI-CAN-21579 |
Sante |
CVE-2023-51637 |
9.8 |
2024-05-17 |
2024-07-01 |
Sante PACS Server PG Patient Query SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-467 |
ZDI-CAN-23896 |
GStreamer |
CVE-2024-4453 |
7.8 |
2024-05-17 |
2024-07-01 |
GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability |
| ZDI-24-466 |
ZDI-CAN-21578 |
Siemens |
CVE-2024-32066 |
7.8 |
2024-05-17 |
2024-07-01 |
Siemens Simcenter Femap IGS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-465 |
ZDI-CAN-21564 |
Siemens |
CVE-2024-32059 |
7.8 |
2024-05-17 |
2024-07-01 |
Siemens Simcenter Femap IGS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-464 |
ZDI-CAN-21566 |
Siemens |
CVE-2024-32061 |
7.8 |
2024-05-17 |
2024-07-01 |
Siemens Simcenter Femap IGS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-463 |
ZDI-CAN-21568 |
Siemens |
CVE-2024-32062 |
7.8 |
2024-05-17 |
2024-07-01 |
Siemens Simcenter Femap IGS File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-462 |
ZDI-CAN-21573 |
Siemens |
CVE-2024-32063 |
7.8 |
2024-05-17 |
2024-07-01 |
Siemens Simcenter Femap IGS File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-461 |
ZDI-CAN-21575 |
Siemens |
CVE-2024-32064 |
7.8 |
2024-05-17 |
2024-07-01 |
Siemens Simcenter Femap IGS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-460 |
ZDI-CAN-21577 |
Siemens |
CVE-2024-32065 |
7.8 |
2024-05-17 |
2024-07-01 |
Siemens Simcenter Femap IGS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-459 |
ZDI-CAN-21565 |
Siemens |
CVE-2024-32060 |
7.8 |
2024-05-17 |
2024-07-01 |
Siemens Simcenter Femap IGS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-458 |
ZDI-CAN-21562 |
Siemens |
CVE-2024-32057 |
7.8 |
2024-05-17 |
2024-07-01 |
Siemens Simcenter Femap IGS File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-457 |
ZDI-CAN-21563 |
Siemens |
CVE-2024-32058 |
7.8 |
2024-05-17 |
2024-07-01 |
Siemens Simcenter Femap IGS File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-456 |
ZDI-CAN-21906 |
NI |
CVE-2024-4044 |
7.8 |
2024-05-15 |
2024-07-01 |
NI FlexLogger FLXPROJ File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-455 |
ZDI-CAN-23500 |
SolarWinds |
CVE-2024-28075 |
9.9 |
2024-05-15 |
2024-07-01 |
SolarWinds Access Rights Manager JsonSerializationBinder Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-454 |
ZDI-CAN-23059 |
SolarWinds |
CVE-2024-23473 |
8.6 |
2024-05-15 |
2024-07-01 |
SolarWinds Access Rights Manager Hard-Coded Credentials Authentication Bypass Vulnerability |
| ZDI-24-453 |
ZDI-CAN-23586 |
Microsoft |
CVE-2024-30043 |
7.1 |
2024-05-14 |
2024-07-01 |
Microsoft SharePoint BaseXmlDataSource XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-24-452 |
ZDI-CAN-22417 |
Microsoft |
CVE-2024-30034 |
8.4 |
2024-05-14 |
2024-07-01 |
Microsoft Windows cldflt Type Confusion Information Disclosure Vulnerability |
| ZDI-24-451 |
ZDI-CAN-22907 |
Microsoft |
CVE-2024-30033 |
7.0 |
2024-05-14 |
2024-07-01 |
Microsoft Windows Search Service Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-450 |
ZDI-CAN-21828 |
D-Link |
CVE-2024-5299 |
8.8 |
2024-05-24 |
2024-07-01 |
(0Day) D-Link D-View execMonitorScript Exposed Dangerous Method Remote Code Execution Vulnerability |
| ZDI-24-449 |
ZDI-CAN-21842 |
D-Link |
CVE-2024-5298 |
8.8 |
2024-05-24 |
2024-07-01 |
(0Day) D-Link D-View queryDeviceCustomMonitorResult Exposed Dangerous Method Remote Code Execution Vulnerability |
| ZDI-24-448 |
ZDI-CAN-21821 |
D-Link |
CVE-2024-5297 |
8.8 |
2024-05-24 |
2024-07-01 |
(0Day) D-Link D-View executeWmicCmd Command Injection Remote Code Execution Vulnerability |
| ZDI-24-447 |
ZDI-CAN-21991 |
D-Link |
CVE-2024-5296 |
9.8 |
2024-05-24 |
2024-07-01 |
(0Day) D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability |
| ZDI-24-446 |
ZDI-CAN-21294 |
D-Link |
CVE-2024-5295 |
8.8 |
2024-05-24 |
2024-07-01 |
(0Day) D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability |
| ZDI-24-445 |
ZDI-CAN-21668 |
D-Link |
CVE-2024-5294 |
4.3 |
2024-05-24 |
2024-07-01 |
(0Day) D-Link DIR-3040 prog.cgi websSecurityHandler Memory Leak Denial-of-Service Vulnerability |
| ZDI-24-444 |
ZDI-CAN-21853 |
D-Link |
CVE-2024-5293 |
8.8 |
2024-05-24 |
2024-07-01 |
(0Day) D-Link DIR-2640 HTTP Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-443 |
ZDI-CAN-21426 |
D-Link |
CVE-2024-5292 |
7.3 |
2024-05-24 |
2024-07-01 |
(0Day) D-Link Network Assistant Uncontrolled Search Path Element Local Privilege Escalation Vulnerability |
| ZDI-24-442 |
ZDI-CAN-21235 |
D-Link |
CVE-2024-5291 |
8.8 |
2024-05-24 |
2024-07-01 |
(0Day) D-Link DIR-2150 GetDeviceSettings Target Command Injection Remote Code Execution Vulnerability |
| ZDI-24-441 |
ZDI-CAN-21884 |
Delta Electronics |
CVE-2024-1595 |
7.8 |
2024-05-13 |
2024-07-01 |
Delta Electronics CNCSoft-B DOPSoft Uncontrolled Search Path Remote Code Execution Vulnerability |
| ZDI-24-440 |
ZDI-CAN-22502 |
Delta Electronics |
CVE-2023-46604 |
9.8 |
2024-05-13 |
2024-07-01 |
Delta Electronics InfraSuite Device Master ActiveMQ Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-439 |
ZDI-CAN-20464 |
Microsoft |
CVE-2023-24948 |
7.6 |
2024-05-09 |
2024-07-01 |
Microsoft Windows Bluetooth AVDTP Protocol Integer Underflow Remote Code Execution Vulnerability |
| ZDI-24-438 |
ZDI-CAN-22618 |
Dassault Systèmes |
CVE-2024-3298 |
7.8 |
2024-05-09 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-437 |
ZDI-CAN-22619 |
Dassault Systèmes |
CVE-2024-3298 |
7.8 |
2024-05-09 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer DXF File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-436 |
ZDI-CAN-22620 |
Dassault Systèmes |
CVE-2024-3298 |
7.8 |
2024-05-09 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-435 |
ZDI-CAN-22624 |
Dassault Systèmes |
CVE-2024-3298 |
7.8 |
2024-05-09 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer DXF File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-434 |
ZDI-CAN-22625 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-05-09 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer SAT File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-24-433 |
ZDI-CAN-22621 |
Dassault Systèmes |
CVE-2024-3298 |
7.8 |
2024-05-09 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-432 |
ZDI-CAN-22616 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-05-09 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer JT File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-431 |
ZDI-CAN-22623 |
Dassault Systèmes |
CVE-2024-3298 |
7.8 |
2024-05-09 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-430 |
ZDI-CAN-22617 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-05-09 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer JT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-429 |
ZDI-CAN-22622 |
Dassault Systèmes |
CVE-2024-3298 |
7.8 |
2024-05-09 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-428 |
ZDI-CAN-22615 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-05-09 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer JT File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-427 |
ZDI-CAN-23106 |
Adobe |
CVE-2024-30306 |
7.8 |
2024-05-07 |
2024-07-01 |
Adobe Acrobat Reader DC AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-426 |
ZDI-CAN-23077 |
Adobe |
CVE-2024-30302 |
3.3 |
2024-05-07 |
2024-07-01 |
Adobe Acrobat Reader DC AcroForm Use-After-Free Information Disclosure Vulnerability |
| ZDI-24-425 |
ZDI-CAN-23044 |
Adobe |
CVE-2024-30303 |
7.8 |
2024-05-07 |
2024-07-01 |
Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-424 |
ZDI-CAN-23043 |
Adobe |
CVE-2024-30305 |
7.8 |
2024-05-07 |
2024-07-01 |
Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-423 |
ZDI-CAN-23042 |
Adobe |
CVE-2024-30301 |
7.8 |
2024-05-07 |
2024-07-01 |
Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-422 |
ZDI-CAN-23040 |
Adobe |
CVE-2024-30304 |
7.8 |
2024-05-07 |
2024-07-01 |
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-421 |
ZDI-CAN-23521 |
SonicWALL |
CVE-2024-29011 |
7.5 |
2024-05-07 |
2024-07-01 |
SonicWALL GMS Virtual Appliance ECMClientAuthenticator Hard-Coded Credential Authentication Bypass Vulnerability |
| ZDI-24-420 |
ZDI-CAN-22675 |
SonicWALL |
CVE-2024-29010 |
7.1 |
2024-05-07 |
2024-07-01 |
SonicWALL GMS Virtual Appliance ECMPolicy XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-24-419 |
ZDI-CAN-22332 |
Xiaomi |
CVE-2024-4406 |
8.8 |
2024-05-01 |
2024-07-01 |
(Pwn2Own) Xiaomi Pro 13 GetApps integral-dialog-page Cross-Site Scripting Remote Code Execution Vulnerability |
| ZDI-24-418 |
ZDI-CAN-22379 |
Xiaomi |
CVE-2024-4405 |
8.8 |
2024-05-01 |
2024-07-01 |
(Pwn2Own) Xiaomi Pro 13 mimarket manual-upgrade Cross-Site Scripting Remote Code Execution Vulnerability |
| ZDI-24-417 |
ZDI-CAN-22559 |
Xiaomi |
CVE-2023-26322 |
8.8 |
2024-05-01 |
2024-07-01 |
Xiaomi Pro 13 isUrlMatchLevel Permissive List of Allowed Inputs Remote Code Execution Vulnerability |
| ZDI-24-416 |
ZDI-CAN-20731 |
Centreon |
CVE-2023-51633 |
7.5 |
2024-04-29 |
2024-07-01 |
Centreon sysName Cross-Site Scripting Remote Code Execution Vulnerability |
| ZDI-24-415 |
ZDI-CAN-23775 |
Oracle |
CVE-2024-21113 |
6.0 |
2024-04-26 |
2024-07-01 |
(Pwn2Own) Oracle VirtualBox E1000 Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-24-414 |
ZDI-CAN-23787 |
Oracle |
CVE-2024-21112 |
6.0 |
2024-04-26 |
2024-07-01 |
(Pwn2Own) Oracle VirtualBox AHCI Controller Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-24-413 |
ZDI-CAN-23796 |
Oracle |
CVE-2024-21115 |
8.2 |
2024-04-26 |
2024-07-01 |
(Pwn2Own) Oracle VirtualBox DevVGA Out-Of-Bounds Write Local Privilege Escalation Vulnerability |
| ZDI-24-412 |
ZDI-CAN-23797 |
Oracle |
CVE-2024-21114 |
8.2 |
2024-04-26 |
2024-07-01 |
(Pwn2Own) Oracle VirtualBox VirtIOCore Buffer Overflow Local Privilege Escalation Vulnerability |
| ZDI-24-411 |
ZDI-CAN-23798 |
Oracle |
CVE-2024-21121 |
6.0 |
2024-04-26 |
2024-07-01 |
(Pwn2Own) Oracle VirtualBox BusLogic Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-24-410 |
ZDI-CAN-23403 |
Oracle |
CVE-2024-21116 |
7.8 |
2024-04-26 |
2024-07-01 |
Oracle VirtualBox vboxdrv Improper Privilege Management Local Privilege Escalation Vulnerability |
| ZDI-24-409 |
ZDI-CAN-23388 |
Oracle |
CVE-2024-21110 |
7.3 |
2024-04-26 |
2024-07-01 |
Oracle VirtualBox Guest Additions Improper Access Control Local Privilege Escalation Vulnerability |
| ZDI-24-408 |
ZDI-CAN-23076 |
Oracle |
CVE-2024-21109 |
5.9 |
2024-04-26 |
2024-07-01 |
Oracle VirtualBox Web Service Exposure of Resource to Wrong Sphere Information Disclosure Vulnerability |
| ZDI-24-407 |
ZDI-CAN-22880 |
X.Org |
CVE-2024-31083 |
7.8 |
2024-04-26 |
2024-07-01 |
X.Org Server ProcRenderAddGlyphs Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-24-406 |
ZDI-CAN-22173 |
Adobe |
CVE-2023-48633 |
7.8 |
2024-04-26 |
2024-07-01 |
Adobe After Effects AEP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-405 |
ZDI-CAN-22549 |
Lexmark |
CVE-2023-50739 |
8.8 |
2024-04-26 |
2024-07-01 |
Lexmark CX331adwe IPP Server Authorization HTTP Header Heap-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-404 |
ZDI-CAN-22327 |
Apple |
CVE-2024-23264 |
3.3 |
2024-04-25 |
2024-07-01 |
Apple macOS Metal Framework PVR File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-403 |
ZDI-CAN-23903 |
Progress Software |
CVE-2024-1800 |
8.8 |
2024-04-25 |
2024-07-01 |
Progress Software Telerik Report Server ObjectReader Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-402 |
ZDI-CAN-23902 |
Progress Software |
CVE-2024-1856 |
7.2 |
2024-04-25 |
2024-07-01 |
Progress Software Telerik Reporting ObjectReader Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-401 |
ZDI-CAN-23001 |
Progress Software |
CVE-2024-1801 |
7.8 |
2024-04-25 |
2024-07-01 |
Progress Software Telerik Reporting ObjectReader Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-400 |
ZDI-CAN-23558 |
Microsoft |
|
9.8 |
2024-04-25 |
2024-07-01 |
Microsoft uAMQP for Python azure-iot-sdks-ci Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-399 |
ZDI-CAN-22547 |
Microsoft |
CVE-2024-29991 |
7.5 |
2024-04-25 |
2024-07-01 |
Microsoft Windows MHT File Mark-Of-The-Web Bypass Remote Code Execution Vulnerability |
| ZDI-24-398 |
ZDI-CAN-22560 |
Wazuh |
CVE-2023-50260 |
8.8 |
2024-04-25 |
2024-07-01 |
Wazuh Active Response Module Improper Input Validation Remote Code Execution Vulnerability |
| ZDI-24-397 |
ZDI-CAN-22475 |
Wazuh |
CVE-2024-32038 |
9.8 |
2024-04-25 |
2024-07-01 |
Wazuh Analysis Engine Event Decoder Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-396 |
ZDI-CAN-23024 |
Microsoft |
|
9.8 |
2024-04-23 |
2024-07-01 |
Microsoft Azure ODSP nikisos Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-395 |
ZDI-CAN-22810 |
Ivanti |
CVE-2024-27984 |
7.1 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLInfoRailService DELKEY Directory Traversal Arbitrary File Deletion Vulnerability |
| ZDI-24-394 |
ZDI-CAN-22990 |
Ivanti |
CVE-2024-27978 |
6.5 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Null Pointer Dereference Denial-of-Service Vulnerability |
| ZDI-24-393 |
ZDI-CAN-22989 |
Ivanti |
CVE-2024-27977 |
7.1 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Directory Traversal Arbitrary File Deletion Vulnerability |
| ZDI-24-392 |
ZDI-CAN-22988 |
Ivanti |
CVE-2024-27976 |
8.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-391 |
ZDI-CAN-22987 |
Ivanti |
CVE-2024-27975 |
8.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-390 |
ZDI-CAN-22986 |
Ivanti |
CVE-2024-25000 |
8.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-389 |
ZDI-CAN-22985 |
Ivanti |
CVE-2024-24999 |
8.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-388 |
ZDI-CAN-22984 |
Ivanti |
CVE-2024-24998 |
8.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-387 |
ZDI-CAN-22950 |
Ivanti |
CVE-2024-24997 |
8.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-386 |
ZDI-CAN-22940 |
Ivanti |
CVE-2024-24996 |
9.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLInfoRailService Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-385 |
ZDI-CAN-22885 |
Ivanti |
CVE-2024-24995 |
8.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche doInTransaction Time-Of-Check Time-Of-Use Remote Code Execution Vulnerability |
| ZDI-24-384 |
ZDI-CAN-22866 |
Ivanti |
CVE-2024-24994 |
8.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche extractZipEntry Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-383 |
ZDI-CAN-22865 |
Ivanti |
CVE-2024-24993 |
8.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche InstallPackageThread Time-Of-Check Time-Of-Use Remote Code Execution Vulnerability |
| ZDI-24-382 |
ZDI-CAN-22854 |
Ivanti |
CVE-2024-24992 |
8.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche getAdhocFilePath Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-381 |
ZDI-CAN-22839 |
Ivanti |
CVE-2024-24991 |
6.5 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Null Pointer Dereference Denial-of-Service Vulnerability |
| ZDI-24-380 |
ZDI-CAN-22836 |
Ivanti |
CVE-2024-23535 |
8.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche copyFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-379 |
ZDI-CAN-22835 |
Ivanti |
CVE-2024-23534 |
8.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche getMasterAdhocCollectionsPath Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-24-378 |
ZDI-CAN-22827 |
Ivanti |
CVE-2024-23532 |
7.5 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-377 |
ZDI-CAN-22826 |
Ivanti |
CVE-2024-23533 |
4.3 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-376 |
ZDI-CAN-22756 |
Ivanti |
CVE-2024-23531 |
7.5 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLInfoRailService Integer Overflow Information Disclosure Vulnerability |
| ZDI-24-375 |
ZDI-CAN-22703 |
Ivanti |
CVE-2024-23530 |
5.3 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-374 |
ZDI-CAN-22702 |
Ivanti |
CVE-2024-23529 |
5.3 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-373 |
ZDI-CAN-22701 |
Ivanti |
CVE-2024-23528 |
5.3 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-372 |
ZDI-CAN-22700 |
Ivanti |
CVE-2024-23527 |
5.3 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-371 |
ZDI-CAN-22699 |
Ivanti |
CVE-2024-23526 |
5.3 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-370 |
ZDI-CAN-22682 |
Ivanti |
CVE-2024-22061 |
8.1 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLInfoRailService Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-369 |
ZDI-CAN-22648 |
Google |
|
5.3 |
2024-04-22 |
2024-07-01 |
Google cAdvisor REST API Improper Access Control Information Disclosure Vulnerability |
| ZDI-24-368 |
ZDI-CAN-22300 |
GStreamer |
CVE-2023-50186 |
7.5 |
2024-04-19 |
2024-07-01 |
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-367 |
ZDI-CAN-23785 |
Google |
CVE-2024-3159 |
5.4 |
2024-04-15 |
2024-07-01 |
(Pwn2Own) Google Chrome V8 Enum Cache Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-366 |
ZDI-CAN-23792 |
Google |
CVE-2024-2887 |
5.4 |
2024-04-15 |
2024-07-01 |
(Pwn2Own) Google Chrome WASM Improper Input Validation Remote Code Execution Vulnerability |
| ZDI-24-365 |
ZDI-CAN-23799 |
Microsoft |
CVE-2024-3914 |
5.4 |
2024-04-15 |
2024-07-01 |
(Pwn2Own) Microsoft Edge DOMArrayBuffer Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-364 |
ZDI-CAN-21954 |
Arista |
CVE-2024-27889 |
8.8 |
2024-04-09 |
2024-07-01 |
Arista NG Firewall ReportEntry SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-363 |
ZDI-CAN-22924 |
Microsoft |
CVE-2024-26158 |
7.8 |
2024-04-09 |
2024-07-01 |
Microsoft Windows Installer Service Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-362 |
ZDI-CAN-23397 |
Microsoft |
CVE-2024-20685 |
5.9 |
2024-04-09 |
2024-07-01 |
Microsoft Azure Private 5G Core InitialUEMessage Improper Input Validation Denial-of-Service Vulnerability |
| ZDI-24-361 |
ZDI-CAN-23943 |
Microsoft |
CVE-2024-29988 |
8.8 |
2024-04-09 |
2024-07-01 |
Microsoft Windows Internet Shortcut SmartScreen Bypass Vulnerability |
| ZDI-24-360 |
ZDI-CAN-23446 |
JetBrains |
CVE-2024-31138 |
4.6 |
2024-04-01 |
2024-07-01 |
JetBrains TeamCity AgentDistributionSettingsController Cross-Site Scripting Vulnerability |
| ZDI-24-359 |
ZDI-CAN-22591 |
Flexera Software |
CVE-2024-2658 |
7.8 |
2024-04-01 |
2024-07-01 |
Flexera Software FlexNet Publisher Uncontrolled Search Path Element Local Privilege Escalation Vulnerability |
| ZDI-24-358 |
ZDI-CAN-21883 |
GitLab |
CVE-2024-2818 |
4.3 |
2024-04-01 |
2024-07-01 |
GitLab Label Description Uncontrolled Resource Consumption Denial-of-Service Vulnerability |
| ZDI-24-357 |
ZDI-CAN-23156 |
RARLAB |
CVE-2024-30370 |
4.3 |
2024-04-01 |
2024-07-01 |
RARLAB WinRAR Mark-Of-The-Web Bypass Vulnerability |
| ZDI-24-356 |
ZDI-CAN-22051 |
Siemens |
CVE-2024-27907 |
7.8 |
2024-03-28 |
2024-07-01 |
Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-355 |
ZDI-CAN-22164 |
Wireshark |
CVE-2023-6175 |
7.8 |
2024-03-28 |
2024-07-01 |
Wireshark NetScreen File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-354 |
ZDI-CAN-21032 |
Schneider Electric |
CVE-2024-2229 |
7.8 |
2024-03-28 |
2024-07-01 |
Schneider Electric EcoStruxure Power Design - Ecodial BinSerializer Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-353 |
ZDI-CAN-20492 |
Softing |
CVE-2024-0860 |
8.0 |
2024-03-28 |
2024-07-01 |
Softing edgeConnector Siemens Cleartext Transmission of Credentials Authentication Bypass Vulnerability |
| ZDI-24-352 |
ZDI-CAN-21225 |
Softing |
CVE-2023-38126 |
7.2 |
2024-03-28 |
2024-07-01 |
Softing edgeConnector Siemens Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-351 |
ZDI-CAN-22695 |
SolarWinds |
CVE-2024-23479 |
10.0 |
2024-03-28 |
2024-07-01 |
SolarWinds Access Rights Manager OpenFileStreamLocal Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-350 |
ZDI-CAN-22531 |
SolarWinds |
CVE-2023-40057 |
9.9 |
2024-03-28 |
2024-07-01 |
SolarWinds Access Rights Manager JsonSerializationHelper Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-349 |
ZDI-CAN-22713 |
SolarWinds |
CVE-2024-23476 |
10.0 |
2024-03-28 |
2024-07-01 |
SolarWinds Access Rights Manager OpenFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-348 |
ZDI-CAN-22739 |
SolarWinds |
CVE-2024-23477 |
9.0 |
2024-03-28 |
2024-07-01 |
SolarWinds Access Rights Manager openServerFileStream Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-347 |
ZDI-CAN-22416 |
SolarWinds |
CVE-2024-23478 |
9.9 |
2024-03-28 |
2024-07-01 |
SolarWinds Access Rights Manager JsonSerializationBinder Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-346 |
ZDI-CAN-23355 |
Foxit |
CVE-2024-30371 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-345 |
ZDI-CAN-23013 |
Foxit |
CVE-2024-30367 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-344 |
ZDI-CAN-23002 |
Foxit |
CVE-2024-30366 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-343 |
ZDI-CAN-22947 |
Foxit |
CVE-2024-30365 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-342 |
ZDI-CAN-23008 |
Foxit |
CVE-2024-30363 |
3.3 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-341 |
ZDI-CAN-23009 |
Foxit |
CVE-2024-30364 |
3.3 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-340 |
ZDI-CAN-22797 |
Foxit |
CVE-2024-30360 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-339 |
ZDI-CAN-22798 |
Foxit |
CVE-2024-30362 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-338 |
ZDI-CAN-22877 |
Foxit |
CVE-2024-30361 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-337 |
ZDI-CAN-22809 |
Foxit |
CVE-2024-30355 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-336 |
ZDI-CAN-22811 |
Foxit |
CVE-2024-30356 |
3.3 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-335 |
ZDI-CAN-22800 |
Foxit |
CVE-2024-30352 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-334 |
ZDI-CAN-22807 |
Foxit |
CVE-2024-30353 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-333 |
ZDI-CAN-22708 |
Foxit |
CVE-2024-30350 |
3.3 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-332 |
ZDI-CAN-22808 |
Foxit |
CVE-2024-30354 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-331 |
ZDI-CAN-22818 |
Foxit |
CVE-2024-30357 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Annotation Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-330 |
ZDI-CAN-22821 |
Foxit |
CVE-2024-30358 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm User-After-Free Remote Code Execution Vulnerability |
| ZDI-24-329 |
ZDI-CAN-22888 |
Foxit |
CVE-2024-30359 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm 3D Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-328 |
ZDI-CAN-22799 |
Foxit |
CVE-2024-30351 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-327 |
ZDI-CAN-22910 |
Foxit |
CVE-2024-30347 |
3.3 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-326 |
ZDI-CAN-22911 |
Foxit |
CVE-2024-30348 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-325 |
ZDI-CAN-22912 |
Foxit |
CVE-2024-30349 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-324 |
ZDI-CAN-22745 |
Foxit |
CVE-2024-30346 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-323 |
ZDI-CAN-22742 |
Foxit |
CVE-2024-30345 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-322 |
ZDI-CAN-22720 |
Foxit |
CVE-2024-30342 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-321 |
ZDI-CAN-22707 |
Foxit |
CVE-2024-30340 |
3.3 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-320 |
ZDI-CAN-22733 |
Foxit |
CVE-2024-30344 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-319 |
ZDI-CAN-22705 |
Foxit |
CVE-2024-30338 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-318 |
ZDI-CAN-22704 |
Foxit |
CVE-2024-30337 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-317 |
ZDI-CAN-22706 |
Foxit |
CVE-2024-30339 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-316 |
ZDI-CAN-22721 |
Foxit |
CVE-2024-30343 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-315 |
ZDI-CAN-22709 |
Foxit |
CVE-2024-30341 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-314 |
ZDI-CAN-22592 |
Foxit |
CVE-2024-30325 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-313 |
ZDI-CAN-22593 |
Foxit |
CVE-2024-30326 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-312 |
ZDI-CAN-22633 |
Foxit |
CVE-2024-30328 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-311 |
ZDI-CAN-22632 |
Foxit |
CVE-2024-30327 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader template Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-310 |
ZDI-CAN-22634 |
Foxit |
CVE-2024-30329 |
3.3 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability |
| ZDI-24-309 |
ZDI-CAN-22636 |
Foxit |
CVE-2024-30330 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-308 |
ZDI-CAN-22637 |
Foxit |
CVE-2024-30331 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-307 |
ZDI-CAN-22639 |
Foxit |
CVE-2024-30333 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-306 |
ZDI-CAN-22640 |
Foxit |
CVE-2024-30334 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-305 |
ZDI-CAN-22638 |
Foxit |
CVE-2024-30332 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-304 |
ZDI-CAN-22641 |
Foxit |
CVE-2024-30335 |
3.3 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-303 |
ZDI-CAN-22642 |
Foxit |
CVE-2024-30336 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-302 |
ZDI-CAN-22576 |
Foxit |
CVE-2024-30324 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-301 |
ZDI-CAN-22501 |
Foxit |
CVE-2024-30323 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader template Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-300 |
ZDI-CAN-22499 |
Foxit |
CVE-2024-30322 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-299 |
ZDI-CAN-21951 |
Linux |
CVE-2023-52628 |
7.3 |
2024-03-28 |
2024-07-01 |
Linux Kernel nft_exthdr_ipv6_eval Stack-based Buffer Overflow Information Disclosure Vulnerability |
| ZDI-24-298 |
ZDI-CAN-21950 |
Linux |
CVE-2023-52628 |
7.3 |
2024-03-28 |
2024-07-01 |
Linux Kernel nft_exthdr_tcp_eval Stack-based Buffer Overflow Information Disclosure Vulnerability |
| ZDI-24-297 |
ZDI-CAN-21961 |
Linux |
CVE-2023-52628 |
7.3 |
2024-03-28 |
2024-07-01 |
Linux Kernel nft_exthdr_sctp_eval Stack-based Buffer Overflow Information Disclosure Vulnerability |
| ZDI-24-296 |
ZDI-CAN-22587 |
Autodesk |
CVE-2024-23138 |
7.8 |
2024-03-27 |
2024-07-01 |
Autodesk DWG TrueView DWG File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-295 |
ZDI-CAN-21341 |
Autodesk |
CVE-2024-23139 |
7.8 |
2024-03-27 |
2024-07-01 |
Autodesk FBX Review ABC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-294 |
ZDI-CAN-23146 |
Microsoft |
CVE-2024-26199 |
7.8 |
2024-03-13 |
2024-07-01 |
Microsoft Office Performance Monitor Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-293 |
ZDI-CAN-22552 |
Microsoft |
CVE-2024-21411 |
8.8 |
2024-03-13 |
2024-07-01 |
Microsoft Skype Protection Mechanism Failure Remote Code Execution Vulnerability |
| ZDI-24-292 |
ZDI-CAN-22671 |
Adobe |
CVE-2024-20745 |
7.8 |
2024-03-13 |
2024-07-01 |
Adobe Premiere Pro AVI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-291 |
ZDI-CAN-22653 |
Adobe |
CVE-2024-20752 |
7.8 |
2024-03-13 |
2024-07-01 |
Adobe Bridge PS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-290 |
ZDI-CAN-22159 |
NI |
CVE-2024-23609 |
7.8 |
2024-03-12 |
2024-07-01 |
NI LabVIEW VI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-289 |
ZDI-CAN-21996 |
NI |
CVE-2024-23612 |
7.8 |
2024-03-12 |
2024-07-01 |
NI LabVIEW VI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-288 |
ZDI-CAN-21987 |
NI |
CVE-2024-23611 |
7.8 |
2024-03-12 |
2024-07-01 |
NI LabVIEW VI File Parsing Out-of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-287 |
ZDI-CAN-21985 |
NI |
CVE-2024-23610 |
7.8 |
2024-03-12 |
2024-07-01 |
NI LabVIEW VI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-286 |
ZDI-CAN-21984 |
NI |
CVE-2024-23608 |
7.8 |
2024-03-12 |
2024-07-01 |
NI LabVIEW VI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-285 |
ZDI-CAN-22141 |
NI |
CVE-2024-23609 |
7.8 |
2024-03-12 |
2024-07-01 |
NI LabVIEW VI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-284 |
ZDI-CAN-22674 |
Adobe |
CVE-2024-20765 |
7.8 |
2024-03-11 |
2024-07-01 |
Adobe Acrobat Reader DC PDF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-283 |
ZDI-CAN-22250 |
Apple |
CVE-2024-23257 |
3.3 |
2024-03-11 |
2024-07-01 |
Apple macOS JP2 Image Parsing Uninitialized Pointer Information Disclosure Vulnerability |
| ZDI-24-282 |
ZDI-CAN-22371 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer SAT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-281 |
ZDI-CAN-22367 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer SAT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-280 |
ZDI-CAN-22370 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer SAT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-279 |
ZDI-CAN-22372 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer SAT File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-278 |
ZDI-CAN-22490 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer JT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-277 |
ZDI-CAN-22373 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer SAT File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-276 |
ZDI-CAN-22491 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer JT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-275 |
ZDI-CAN-22489 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-274 |
ZDI-CAN-22590 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer STL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-273 |
ZDI-CAN-22723 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings IPT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-272 |
ZDI-CAN-22857 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings SAT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-271 |
ZDI-CAN-22846 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings SAT File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-270 |
ZDI-CAN-22847 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings STP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-269 |
ZDI-CAN-22848 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings JT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-268 |
ZDI-CAN-22849 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings IPT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-267 |
ZDI-CAN-22850 |
Dassault Systèmes |
CVE-2024-3299 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings SLDDRW File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-24-266 |
ZDI-CAN-22851 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings IPT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-265 |
ZDI-CAN-22852 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings SAT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-264 |
ZDI-CAN-22853 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings IPT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-263 |
ZDI-CAN-22855 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings SAT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-262 |
ZDI-CAN-22856 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-261 |
ZDI-CAN-22858 |
Dassault Systèmes |
CVE-2024-3299 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings SLDPRT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-260 |
ZDI-CAN-22859 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings IPT File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-24-259 |
ZDI-CAN-22860 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings IPT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-258 |
ZDI-CAN-22862 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings CATPART File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-257 |
ZDI-CAN-22863 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings X_B File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-256 |
ZDI-CAN-22861 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-08 |
2024-07-01 |
Dassault Systèmes eDrawings CATPART File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-255 |
ZDI-CAN-22864 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-08 |
2024-07-01 |
Dassault Systèmes eDrawings X_T File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-254 |
ZDI-CAN-22841 |
Dassault Systèmes |
CVE-2024-3298 |
7.8 |
2024-03-08 |
2024-07-01 |
Dassault Systèmes eDrawings DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-253 |
ZDI-CAN-22843 |
Dassault Systèmes |
CVE-2024-3299 |
7.8 |
2024-03-08 |
2024-07-01 |
Dassault Systèmes eDrawings SLDDRW File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-252 |
ZDI-CAN-22844 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-08 |
2024-07-01 |
Dassault Systèmes eDrawings JT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-251 |
ZDI-CAN-22842 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-08 |
2024-07-01 |
Dassault Systèmes eDrawings SAT File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-250 |
ZDI-CAN-22845 |
Dassault Systèmes |
CVE-2024-3298 |
7.8 |
2024-03-08 |
2024-07-01 |
Dassault Systèmes eDrawings DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-249 |
ZDI-CAN-21918 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt IGS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-248 |
ZDI-CAN-21917 |
Ashlar-Vellum |
|
7.0 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt IGS File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-247 |
ZDI-CAN-21740 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-24-246 |
ZDI-CAN-21741 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-245 |
ZDI-CAN-21732 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-24-244 |
ZDI-CAN-21746 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-243 |
ZDI-CAN-21523 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-242 |
ZDI-CAN-21729 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-241 |
ZDI-CAN-21730 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-240 |
ZDI-CAN-21728 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-239 |
ZDI-CAN-21535 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-238 |
ZDI-CAN-21745 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-237 |
ZDI-CAN-21738 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-236 |
ZDI-CAN-21735 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-235 |
ZDI-CAN-21744 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-234 |
ZDI-CAN-21553 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-233 |
ZDI-CAN-22789 |
Delta Electronics |
CVE-2024-1941 |
7.8 |
2024-03-04 |
2024-07-01 |
Delta Electronics CNCSoft-B DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-232 |
ZDI-CAN-21978 |
Kofax |
CVE-2024-27334 |
3.3 |
2024-03-04 |
2024-07-01 |
Kofax Power PDF JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-231 |
ZDI-CAN-22925 |
Kofax |
CVE-2024-27339 |
7.8 |
2024-03-04 |
2024-07-01 |
Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-230 |
ZDI-CAN-22033 |
Kofax |
CVE-2024-27337 |
7.8 |
2024-03-04 |
2024-07-01 |
Kofax Power PDF TIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-229 |
ZDI-CAN-21940 |
Linux |
CVE-2023-52440 |
9.0 |
2024-03-01 |
2024-07-01 |
Linux Kernel ksmbd Session Key Exchange Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-228 |
ZDI-CAN-21541 |
Linux |
CVE-2023-52441 |
8.6 |
2024-03-01 |
2024-07-01 |
Linux Kernel ksmbd Negotiate Request Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-227 |
ZDI-CAN-21506 |
Linux |
CVE-2023-52442 |
9.3 |
2024-03-01 |
2024-07-01 |
Linux Kernel ksmbd Chained Request Improper Input Validation Information Disclosure Vulnerability |
| ZDI-24-226 |
ZDI-CAN-22934 |
Kofax |
CVE-2024-27346 |
3.3 |
2024-03-01 |
2024-07-01 |
Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-225 |
ZDI-CAN-22932 |
Kofax |
CVE-2024-27345 |
3.3 |
2024-03-01 |
2024-07-01 |
Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-224 |
ZDI-CAN-22931 |
Kofax |
CVE-2024-27344 |
7.8 |
2024-03-01 |
2024-07-01 |
Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-223 |
ZDI-CAN-22929 |
Kofax |
CVE-2024-27343 |
3.3 |
2024-03-01 |
2024-07-01 |
Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-222 |
ZDI-CAN-22928 |
Kofax |
CVE-2024-27342 |
7.8 |
2024-03-01 |
2024-07-01 |
Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-221 |
ZDI-CAN-22927 |
Kofax |
CVE-2024-27341 |
7.8 |
2024-03-01 |
2024-07-01 |
Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-220 |
ZDI-CAN-22926 |
Kofax |
CVE-2024-27340 |
7.8 |
2024-03-01 |
2024-07-01 |
Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-219 |
ZDI-CAN-22588 |
Kofax |
CVE-2024-27338 |
7.8 |
2024-03-01 |
2024-07-01 |
Kofax Power PDF app response Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-218 |
ZDI-CAN-22022 |
Kofax |
CVE-2024-27336 |
3.3 |
2024-03-01 |
2024-07-01 |
Kofax Power PDF PNG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-217 |
ZDI-CAN-22018 |
Kofax |
CVE-2024-27335 |
7.8 |
2024-03-01 |
2024-07-01 |
Kofax Power PDF PNG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-216 |
ZDI-CAN-21976 |
Kofax |
CVE-2024-27333 |
3.3 |
2024-03-01 |
2024-07-01 |
Kofax Power PDF GIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-215 |
ZDI-CAN-22955 |
SolarWinds |
CVE-2024-0692 |
9.8 |
2024-03-01 |
2024-07-01 |
SolarWinds Security Event Manager AMF Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-214 |
ZDI-CAN-21775 |
NI |
CVE-2024-1156 |
7.8 |
2024-02-28 |
2024-07-01 |
NI FlexLogger RabbitMQ Incorrect Permission Assignment Local Privilege Escalation Vulnerability |
| ZDI-24-213 |
ZDI-CAN-21773 |
NI |
CVE-2024-1155 |
7.8 |
2024-02-28 |
2024-07-01 |
NI FlexLogger userservices Missing Authorization Local Privilege Escalation Vulnerability |
| ZDI-24-212 |
ZDI-CAN-21939 |
NI |
CVE-2024-1155 |
7.8 |
2024-02-28 |
2024-07-01 |
NI FlexLogger TagHistorian Missing Authorization Local Privilege Escalation Vulnerability |
| ZDI-24-211 |
ZDI-CAN-21938 |
NI |
CVE-2024-1155 |
7.8 |
2024-02-28 |
2024-07-01 |
NI FlexLogger DocumentManager Missing Authorization Local Privilege Escalation Vulnerability |
| ZDI-24-210 |
ZDI-CAN-21941 |
NI |
CVE-2024-1155 |
7.8 |
2024-02-28 |
2024-07-01 |
NI FlexLogger SkylineService Missing Authorization Local Privilege Escalation Vulnerability |
| ZDI-24-209 |
ZDI-CAN-21772 |
NI |
CVE-2024-1155 |
7.8 |
2024-02-28 |
2024-07-01 |
NI FlexLogger ServiceRegistry Missing Authorization Local Privilege Escalation Vulnerability |
| ZDI-24-208 |
ZDI-CAN-23012 |
Microsoft |
|
9.8 |
2024-02-26 |
2024-07-01 |
Microsoft Azure MCR VSTS CLI vstscli Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-207 |
ZDI-CAN-22261 |
Apple |
CVE-2023-42902 |
8.8 |
2024-02-26 |
2024-07-01 |
Apple macOS VideoToolbox Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-206 |
ZDI-CAN-21769 |
Apple |
CVE-2023-42888 |
3.3 |
2024-02-26 |
2024-07-01 |
Apple macOS ImageIO MPO Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-205 |
ZDI-CAN-22277 |
PDF-XChange |
CVE-2024-27327 |
7.8 |
2024-02-23 |
2024-07-01 |
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-204 |
ZDI-CAN-22276 |
PDF-XChange |
CVE-2024-27326 |
3.3 |
2024-02-23 |
2024-07-01 |
PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-203 |
ZDI-CAN-22275 |
PDF-XChange |
CVE-2024-27325 |
3.3 |
2024-02-23 |
2024-07-01 |
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-202 |
ZDI-CAN-22280 |
PDF-XChange |
CVE-2024-27328 |
3.3 |
2024-02-23 |
2024-07-01 |
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-201 |
ZDI-CAN-22287 |
PDF-XChange |
CVE-2024-27331 |
3.3 |
2024-02-23 |
2024-07-01 |
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-200 |
ZDI-CAN-22285 |
PDF-XChange |
CVE-2024-27329 |
3.3 |
2024-02-23 |
2024-07-01 |
PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-199 |
ZDI-CAN-22286 |
PDF-XChange |
CVE-2024-27330 |
3.3 |
2024-02-23 |
2024-07-01 |
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-198 |
ZDI-CAN-22224 |
PDF-XChange |
CVE-2024-27323 |
7.5 |
2024-02-23 |
2024-07-01 |
PDF-XChange Editor Updater Improper Certificate Validation Remote Code Execution Vulnerability |
| ZDI-24-197 |
ZDI-CAN-22288 |
PDF-XChange |
CVE-2024-27332 |
3.3 |
2024-02-23 |
2024-07-01 |
PDF-XChange Editor JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-196 |
ZDI-CAN-22270 |
PDF-XChange |
CVE-2024-27324 |
3.3 |
2024-02-23 |
2024-07-01 |
PDF-XChange Editor TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-195 |
ZDI-CAN-22991 |
Linux |
CVE-2024-26592 |
9.0 |
2024-02-23 |
2024-07-01 |
Linux Kernel ksmbd TCP Connection Race Condition Remote Code Execution Vulnerability |
| ZDI-24-194 |
ZDI-CAN-22890 |
Linux |
CVE-2024-26594 |
9.3 |
2024-02-23 |
2024-07-01 |
Linux Kernel ksmbd Mech Token Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-193 |
ZDI-CAN-21539 |
Sante |
CVE-2024-1863 |
9.8 |
2024-02-23 |
2024-07-01 |
Sante PACS Server Token Endpoint SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-192 |
ZDI-CAN-22161 |
Schneider Electric |
CVE-2024-0865 |
7.8 |
2024-02-21 |
2024-07-01 |
Schneider Electric EcoStruxure IT Gateway Hard-Coded Credentials Local Privilege Escalation Vulnerability |
| ZDI-24-191 |
ZDI-CAN-22087 |
Schneider Electric |
CVE-2024-0865 |
7.0 |
2024-02-21 |
2024-07-01 |
Schneider Electric EcoStruxure IT Gateway Hard-Coded Credentials Local Privilege Escalation Vulnerability |
| ZDI-24-190 |
ZDI-CAN-18983 |
Trimble |
|
7.8 |
2024-02-21 |
2024-07-01 |
Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-189 |
ZDI-CAN-18984 |
Trimble |
|
3.3 |
2024-02-21 |
2024-07-01 |
Trimble SketchUp SKP File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-24-188 |
ZDI-CAN-19114 |
Trimble |
|
7.8 |
2024-02-21 |
2024-07-01 |
Trimble SketchUp SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-187 |
ZDI-CAN-19112 |
Trimble |
|
7.8 |
2024-02-21 |
2024-07-01 |
Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-186 |
ZDI-CAN-19115 |
Trimble |
|
7.8 |
2024-02-21 |
2024-07-01 |
Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-185 |
ZDI-CAN-22029 |
Inductive Automation |
CVE-2023-50233 |
8.8 |
2024-02-21 |
2024-07-01 |
Inductive Automation Ignition getJavaExecutable Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-184 |
ZDI-CAN-22028 |
Inductive Automation |
CVE-2023-50232 |
8.8 |
2024-02-21 |
2024-07-01 |
Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability |
| ZDI-24-183 |
ZDI-CAN-23030 |
Apache |
CVE-2024-23946 |
5.3 |
2024-02-21 |
2024-07-01 |
Apache OFBiz createRegister Error Message Information Disclosure Vulnerability |
| ZDI-24-182 |
ZDI-CAN-22323 |
ESET |
CVE-2024-0353 |
7.8 |
2024-02-15 |
2024-07-01 |
ESET Smart Security Premium ekrn Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-181 |
ZDI-CAN-22060 |
Siemens |
CVE-2024-24925 |
7.8 |
2024-02-15 |
2024-07-01 |
Siemens Simcenter Femap MODEL File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-24-180 |
ZDI-CAN-22059 |
Siemens |
CVE-2024-24924 |
7.8 |
2024-02-15 |
2024-07-01 |
Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-179 |
ZDI-CAN-22055 |
Siemens |
CVE-2024-24923 |
7.8 |
2024-02-15 |
2024-07-01 |
Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-178 |
ZDI-CAN-21715 |
Siemens |
CVE-2024-24922 |
7.8 |
2024-02-15 |
2024-07-01 |
Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-177 |
ZDI-CAN-21712 |
Siemens |
CVE-2024-24921 |
7.8 |
2024-02-15 |
2024-07-01 |
Siemens Simcenter Femap MODEL File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-176 |
ZDI-CAN-21710 |
Siemens |
CVE-2024-24920 |
7.8 |
2024-02-15 |
2024-07-01 |
Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-175 |
ZDI-CAN-22783 |
Siemens |
CVE-2024-23798 |
7.8 |
2024-02-15 |
2024-07-01 |
Siemens Tecnomatix Plant Simulation WRL File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-174 |
ZDI-CAN-22763 |
Siemens |
CVE-2024-23797 |
7.8 |
2024-02-15 |
2024-07-01 |
Siemens Tecnomatix Plant Simulation WRL File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-173 |
ZDI-CAN-22759 |
Siemens |
CVE-2024-23796 |
7.8 |
2024-02-15 |
2024-07-01 |
Siemens Tecnomatix Plant Simulation WRL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-172 |
ZDI-CAN-22758 |
Siemens |
CVE-2024-23795 |
7.0 |
2024-02-15 |
2024-07-01 |
Siemens Tecnomatix Plant Simulation WRL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-171 |
ZDI-CAN-21894 |
SolarWinds |
CVE-2023-50395 |
8.8 |
2024-02-15 |
2024-07-01 |
SolarWinds Orion Platform AppendUpdate SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-170 |
ZDI-CAN-21895 |
SolarWinds |
CVE-2023-35188 |
8.8 |
2024-02-15 |
2024-07-01 |
SolarWinds Orion Platform AppendCreatePrimary SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-169 |
ZDI-CAN-22647 |
Adobe |
CVE-2024-20739 |
7.8 |
2024-02-13 |
2024-07-01 |
Adobe Audition AVI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-168 |
ZDI-CAN-22727 |
Adobe |
CVE-2024-20728 |
7.8 |
2024-02-13 |
2024-07-01 |
Adobe Acrobat Pro DC Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-167 |
ZDI-CAN-22516 |
Adobe |
CVE-2024-20734 |
3.3 |
2024-02-13 |
2024-07-01 |
Adobe Acrobat Pro DC AcroForm Use-After-Free Information Disclosure Vulnerability |
| ZDI-24-166 |
ZDI-CAN-22822 |
Adobe |
CVE-2024-20736 |
3.3 |
2024-02-13 |
2024-07-01 |
Adobe Acrobat Pro DC AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-165 |
ZDI-CAN-23100 |
Microsoft |
CVE-2024-21412 |
8.8 |
2024-02-13 |
2024-07-01 |
Microsoft Windows Internet Shortcut SmartScreen Bypass Vulnerability |
| ZDI-24-164 |
ZDI-CAN-21970 |
Microsoft |
CVE-2024-21379 |
7.8 |
2024-02-13 |
2024-07-01 |
Microsoft Office Word PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-163 |
ZDI-CAN-20875 |
Autodesk |
CVE-2024-0446 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-162 |
ZDI-CAN-20874 |
Autodesk |
|
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD X_T File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-24-161 |
ZDI-CAN-20873 |
Autodesk |
CVE-2024-23123 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-160 |
ZDI-CAN-20879 |
Autodesk |
CVE-2024-23136 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-24-159 |
ZDI-CAN-20880 |
Autodesk |
CVE-2024-23135 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD SLDPRT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-158 |
ZDI-CAN-20962 |
Autodesk |
CVE-2024-23134 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD IGES File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-157 |
ZDI-CAN-20961 |
Autodesk |
CVE-2024-23129 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-156 |
ZDI-CAN-20960 |
Autodesk |
CVE-2024-23129 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-155 |
ZDI-CAN-20959 |
Autodesk |
CVE-2024-23134 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD IGS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-154 |
ZDI-CAN-20958 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-153 |
ZDI-CAN-20957 |
Autodesk |
CVE-2024-23129 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-152 |
ZDI-CAN-20956 |
Autodesk |
CVE-2024-23132 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-151 |
ZDI-CAN-20955 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-150 |
ZDI-CAN-20954 |
Autodesk |
CVE-2024-23127 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD SLDPRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-149 |
ZDI-CAN-20953 |
Autodesk |
CVE-2024-23127 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD SLDASM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-148 |
ZDI-CAN-20952 |
Autodesk |
CVE-2024-23127 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD 3DM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-147 |
ZDI-CAN-20951 |
Autodesk |
CVE-2024-23126 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD CATPART File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-146 |
ZDI-CAN-20950 |
Autodesk |
CVE-2024-0446 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-145 |
ZDI-CAN-20948 |
Autodesk |
CVE-2024-23127 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD SLDASM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-144 |
ZDI-CAN-20947 |
Autodesk |
CVE-2024-23122 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-143 |
ZDI-CAN-20946 |
Autodesk |
CVE-2024-23121 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-142 |
ZDI-CAN-20945 |
Autodesk |
CVE-2024-23137 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD SLDPRT File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-24-141 |
ZDI-CAN-20905 |
Autodesk |
CVE-2024-23124 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-140 |
ZDI-CAN-20885 |
Autodesk |
CVE-2024-23127 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-139 |
ZDI-CAN-20863 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-138 |
ZDI-CAN-20862 |
Autodesk |
CVE-2024-23130 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-137 |
ZDI-CAN-20861 |
Autodesk |
CVE-2024-23129 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-136 |
ZDI-CAN-20860 |
Autodesk |
CVE-2024-23128 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-135 |
ZDI-CAN-20900 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-134 |
ZDI-CAN-20899 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-133 |
ZDI-CAN-20898 |
Autodesk |
CVE-2024-23130 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD SLDPRT File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-132 |
ZDI-CAN-20896 |
Autodesk |
CVE-2024-23129 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-131 |
ZDI-CAN-20895 |
Autodesk |
CVE-2024-23123 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-130 |
ZDI-CAN-20894 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD STEP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-129 |
ZDI-CAN-20893 |
Autodesk |
CVE-2024-23128 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-128 |
ZDI-CAN-20859 |
Autodesk |
CVE-2024-23127 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-127 |
ZDI-CAN-20858 |
Autodesk |
CVE-2024-23125 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD SLDPRT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-126 |
ZDI-CAN-20878 |
Autodesk |
CVE-2024-23120 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-125 |
ZDI-CAN-20876 |
Autodesk |
CVE-2024-0446 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-124 |
ZDI-CAN-20877 |
Autodesk |
CVE-2024-0446 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-123 |
ZDI-CAN-22664 |
X.Org |
CVE-2023-6816 |
7.8 |
2024-02-09 |
2024-07-01 |
X.Org Server DeviceFocusEvent Improper Validation of Array Index Local Privilege Escalation Vulnerability |
| ZDI-24-122 |
ZDI-CAN-22665 |
X.Org |
CVE-2023-6816 |
7.8 |
2024-02-09 |
2024-07-01 |
X.Org Server XIQueryPointer Improper Validation of Array Index Local Privilege Escalation Vulnerability |
| ZDI-24-121 |
ZDI-CAN-22678 |
X.Org |
CVE-2024-0229 |
7.8 |
2024-02-09 |
2024-07-01 |
X.Org Server DeliverStateNotifyEvent Heap-based Buffer Overflow Local Privilege Escalation Vulnerability |
| ZDI-24-120 |
ZDI-CAN-22744 |
X.Org |
CVE-2024-21885 |
7.8 |
2024-02-09 |
2024-07-01 |
X.Org Server XISendDeviceHierarchyEvent Heap-based Buffer Overflow Local Privilege Escalation Vulnerability |
| ZDI-24-119 |
ZDI-CAN-22840 |
X.Org |
CVE-2024-21886 |
7.8 |
2024-02-09 |
2024-07-01 |
X.Org Server DisableDevice Heap-based Buffer Overflow Local Privilege Escalation Vulnerability |
| ZDI-24-118 |
ZDI-CAN-22294 |
Centreon |
CVE-2024-0637 |
8.8 |
2024-02-09 |
2024-07-01 |
Centreon updateDirectory SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-117 |
ZDI-CAN-22295 |
Centreon |
CVE-2024-23115 |
7.2 |
2024-02-09 |
2024-07-01 |
Centreon updateGroups SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-116 |
ZDI-CAN-22296 |
Centreon |
CVE-2024-23116 |
7.2 |
2024-02-09 |
2024-07-01 |
Centreon updateLCARelation SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-115 |
ZDI-CAN-22297 |
Centreon |
CVE-2024-23117 |
7.2 |
2024-02-09 |
2024-07-01 |
Centreon updateContactServiceCommands SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-114 |
ZDI-CAN-22298 |
Centreon |
CVE-2024-23118 |
7.2 |
2024-02-09 |
2024-07-01 |
Centreon updateContactHostCommands SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-113 |
ZDI-CAN-22339 |
Centreon |
CVE-2024-23119 |
8.8 |
2024-02-09 |
2024-07-01 |
Centreon insertGraphTemplate SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-112 |
ZDI-CAN-22507 |
Allegra |
CVE-2023-52334 |
7.5 |
2024-02-09 |
2024-07-01 |
Allegra downloadAttachmentGlobal Directory Traversal Information Disclosure Vulnerability |
| ZDI-24-111 |
ZDI-CAN-22360 |
Allegra |
CVE-2023-51638 |
9.8 |
2024-02-09 |
2024-07-01 |
Allegra Hard-coded Credentials Authentication Bypass Vulnerability |
| ZDI-24-110 |
ZDI-CAN-22361 |
Allegra |
CVE-2023-51639 |
9.8 |
2024-02-09 |
2024-07-01 |
Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability |
| ZDI-24-109 |
ZDI-CAN-22527 |
Allegra |
CVE-2023-51646 |
7.2 |
2024-02-09 |
2024-07-01 |
Allegra uploadSimpleFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-108 |
ZDI-CAN-22528 |
Allegra |
CVE-2023-51647 |
7.2 |
2024-02-09 |
2024-07-01 |
Allegra saveInlineEdit Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-107 |
ZDI-CAN-22504 |
Allegra |
CVE-2023-51640 |
7.2 |
2024-02-09 |
2024-07-01 |
Allegra extarctZippedFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-106 |
ZDI-CAN-22505 |
Allegra |
CVE-2023-51641 |
9.8 |
2024-02-09 |
2024-07-01 |
Allegra renderFieldMatch Deserialization of Unstrusted Data Remote Code Execution Vulnerability |
| ZDI-24-105 |
ZDI-CAN-22506 |
Allegra |
CVE-2023-51642 |
9.8 |
2024-02-09 |
2024-07-01 |
Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-104 |
ZDI-CAN-22548 |
Allegra |
CVE-2023-52333 |
9.8 |
2024-02-09 |
2024-07-01 |
Allegra saveFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-103 |
ZDI-CAN-22510 |
Allegra |
CVE-2023-51643 |
7.2 |
2024-02-09 |
2024-07-01 |
Allegra uploadFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-102 |
ZDI-CAN-22512 |
Allegra |
CVE-2023-51644 |
9.8 |
2024-02-09 |
2024-07-01 |
Allegra SiteConfigAction Improper Access Control Remote Code Execution Vulnerability |
| ZDI-24-101 |
ZDI-CAN-22513 |
Allegra |
CVE-2023-51645 |
7.2 |
2024-02-09 |
2024-07-01 |
Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-100 |
ZDI-CAN-22532 |
Allegra |
CVE-2023-52332 |
7.5 |
2024-02-09 |
2024-07-01 |
Allegra serveMathJaxLibraries Directory Traversal Information Disclosure Vulnerability |
| ZDI-24-099 |
ZDI-CAN-22530 |
Allegra |
CVE-2023-51648 |
7.5 |
2024-02-09 |
2024-07-01 |
Allegra getFileContentAsString Directory Traversal Information Disclosure Vulnerability |
| ZDI-24-098 |
ZDI-CAN-21065 |
Schneider Electric |
CVE-2023-7032 |
7.8 |
2024-02-08 |
2024-07-01 |
Schneider Electric Easergy Studio InitializeChannel Deserialization of Untrusted Data Local Privilege Escalation Vulnerability |
| ZDI-24-097 |
ZDI-CAN-22015 |
Wazuh |
CVE-2023-42463 |
7.4 |
2024-02-08 |
2024-07-01 |
Wazuh Log Collector Integer Underflow Local Privilege Escalation Vulnerability |
| ZDI-24-096 |
ZDI-CAN-21848 |
Oracle |
CVE-2024-20953 |
8.8 |
2024-02-06 |
2024-07-01 |
Oracle Product Lifecycle Management ExportServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-095 |
ZDI-CAN-22658 |
Canon |
CVE-2024-0244 |
8.8 |
2024-02-06 |
2024-07-01 |
Canon imageCLASS MF753Cdw Fax Job Heap-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-094 |
ZDI-CAN-22533 |
Canon |
CVE-2023-6234 |
8.8 |
2024-02-06 |
2024-07-01 |
(Pwn2Own) Canon imageCLASS MF753Cdw CADM setResource Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-093 |
ZDI-CAN-22389 |
Canon |
CVE-2023-6233 |
8.8 |
2024-02-06 |
2024-07-01 |
(Pwn2Own) Canon imageCLASS MF753Cdw SLP service-url Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-092 |
ZDI-CAN-22386 |
Canon |
CVE-2023-6232 |
8.8 |
2024-02-06 |
2024-07-01 |
(Pwn2Own) Canon imageCLASS MF753Cdw rls-login Authorization Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-091 |
ZDI-CAN-22381 |
Canon |
CVE-2023-6231 |
8.8 |
2024-02-06 |
2024-07-01 |
(Pwn2Own) Canon imageCLASS MF753Cdw Probe message Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-090 |
ZDI-CAN-22391 |
Canon |
CVE-2023-6230 |
8.8 |
2024-02-06 |
2024-07-01 |
(Pwn2Own) Canon imageCLASS MF753Cdw rls-login Authorization Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-089 |
ZDI-CAN-22403 |
Canon |
CVE-2023-6229 |
8.8 |
2024-02-06 |
2024-07-01 |
(Pwn2Own) Canon imageCLASS MF753Cdw CADM rmSetFileName Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-088 |
ZDI-CAN-22440 |
Western Digital |
CVE-2023-22819 |
5.3 |
2024-02-06 |
2024-07-01 |
(Pwn2Own) Western Digital MyCloud PR4100 RESTSDK Uncontrolled Resource Consumption Denial-of-Service Vulnerability |
| ZDI-24-087 |
ZDI-CAN-22456 |
Western Digital |
CVE-2023-22817 |
6.3 |
2024-02-06 |
2024-07-01 |
(Pwn2Own) Western Digital MyCloud PR4100 RESTSDK Server-Side Request Forgery Vulnerability |
| ZDI-24-086 |
ZDI-CAN-22227 |
TP-Link |
CVE-2024-1180 |
6.8 |
2024-02-05 |
2024-07-01 |
TP-Link Omada ER605 Access Control Command Injection Remote Code Execution Vulnerability |
| ZDI-24-085 |
ZDI-CAN-22420 |
TP-Link |
CVE-2024-1179 |
7.5 |
2024-02-05 |
2024-07-01 |
(Pwn2Own) TP-Link Omada ER605 DHCPv6 Client Options Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-084 |
ZDI-CAN-22520 |
Lexmark |
CVE-2023-50737 |
8.8 |
2024-01-31 |
2024-07-01 |
(Pwn2Own) Lexmark CX331adwe Missing Authentication Remote Code Execution Vulnerability |
| ZDI-24-083 |
ZDI-CAN-22445 |
Lexmark |
CVE-2023-50736 |
8.8 |
2024-01-31 |
2024-07-01 |
(Pwn2Own) Lexmark CX331adwe PostScript File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-082 |
ZDI-CAN-22443 |
Lexmark |
CVE-2023-50735 |
7.5 |
2024-01-31 |
2024-07-01 |
(Pwn2Own) Lexmark CX331adwe PDF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-081 |
ZDI-CAN-22380 |
Lexmark |
CVE-2023-50734 |
8.8 |
2024-01-31 |
2024-07-01 |
(Pwn2Own) Lexmark CX331adwe make42charstring Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-080 |
ZDI-CAN-20806 |
Trend Micro |
CVE-2023-41178 |
6.3 |
2024-01-19 |
2024-07-01 |
Trend Micro Mobile Security for Enterprises vpplist_assign_list Cross-Site Scripting Vulnerability |
| ZDI-24-079 |
ZDI-CAN-20805 |
Trend Micro |
CVE-2023-41177 |
6.3 |
2024-01-19 |
2024-07-01 |
Trend Micro Mobile Security for Enterprises ServerUpdate_UpdateSuccessful Cross-Site Scripting Vulnerability |
| ZDI-24-078 |
ZDI-CAN-20804 |
Trend Micro |
CVE-2023-41176 |
6.3 |
2024-01-19 |
2024-07-01 |
Trend Micro Mobile Security for Enterprises DevicesManagementEditNotePopupTip Cross-Site Scripting Vulnerability |
| ZDI-24-077 |
ZDI-CAN-20803 |
Trend Micro |
CVE-2023-52324 |
6.5 |
2024-01-19 |
2024-07-01 |
Trend Micro Apex Central Unrestricted File Upload Vulnerability |
| ZDI-24-076 |
ZDI-CAN-21780 |
Trend Micro |
CVE-2023-52338 |
7.8 |
2024-01-19 |
2024-07-01 |
Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-075 |
ZDI-CAN-16568 |
Trend Micro |
CVE-2023-52337 |
7.8 |
2024-01-19 |
2024-07-01 |
Trend Micro Deep Security Improper Access Control Local Privilege Escalation Vulnerability |
| ZDI-24-074 |
ZDI-CAN-18868 |
Trend Micro |
CVE-2023-52329 |
6.1 |
2024-01-18 |
2024-07-01 |
Trend Micro Apex Central Cross-Site Scripting Remote Code Execution Vulnerability |
| ZDI-24-073 |
ZDI-CAN-21182 |
Paessler |
CVE-2023-51630 |
8.8 |
2024-01-15 |
2024-07-01 |
Paessler PRTG Network Monitor Cross-Site Scripting Authentication Bypass Vulnerability |
| ZDI-24-072 |
ZDI-CAN-19708 |
Synology |
CVE-2024-21473 |
7.5 |
2024-01-15 |
2024-07-01 |
Synology RT6600ax Qualcomm LDB Service Improper Input Validation Remote Code Execution Vulnerability |
| ZDI-24-071 |
ZDI-CAN-22643 |
Ivanti |
CVE-2023-46804 |
7.5 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Integer Underflow Denial-of-Service Vulnerability |
| ZDI-24-070 |
ZDI-CAN-22582 |
Ivanti |
CVE-2023-46223 |
9.8 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-069 |
ZDI-CAN-22581 |
Ivanti |
CVE-2023-46222 |
9.8 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-068 |
ZDI-CAN-22580 |
Ivanti |
CVE-2023-46221 |
9.8 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-067 |
ZDI-CAN-22544 |
Ivanti |
CVE-2023-46803 |
7.5 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Divide By Zero Denial-of-Service Vulnerability |
| ZDI-24-066 |
ZDI-CAN-22553 |
Ivanti |
CVE-2023-46220 |
9.8 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-065 |
ZDI-CAN-22586 |
Ivanti |
CVE-2023-46258 |
9.8 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-064 |
ZDI-CAN-22585 |
Ivanti |
CVE-2023-46257 |
9.8 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-063 |
ZDI-CAN-22584 |
Ivanti |
CVE-2023-46225 |
9.8 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-062 |
ZDI-CAN-22583 |
Ivanti |
CVE-2023-46224 |
9.8 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-061 |
ZDI-CAN-21972 |
Ivanti |
CVE-2023-46259 |
9.8 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService TV_FC Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-060 |
ZDI-CAN-21992 |
Ivanti |
CVE-2023-46260 |
7.5 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService TV_NL Null Pointer Dereference Denial-of-Service Vulnerability |
| ZDI-24-059 |
ZDI-CAN-22000 |
Ivanti |
CVE-2023-46261 |
9.8 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLInfoRailService Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-058 |
ZDI-CAN-21953 |
Ivanti |
CVE-2021-22962 |
7.3 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche SecureFilter allowPassThrough Authentication Bypass Vulnerability |
| ZDI-24-057 |
ZDI-CAN-21943 |
Ivanti |
CVE-2023-46266 |
7.3 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche SecureFilter Content-Type Authentication Bypass Vulnerability |
| ZDI-24-056 |
ZDI-CAN-21952 |
Ivanti |
CVE-2023-46263 |
7.2 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche FileStoreConfig Arbitrary File Upload Remote Code Execution Vulnerability |
| ZDI-24-055 |
ZDI-CAN-22001 |
Ivanti |
CVE-2023-46264 |
7.2 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche FileStoreConfig Arbitrary File Upload Remote Code Execution Vulnerability |
| ZDI-24-054 |
ZDI-CAN-21458 |
Ivanti |
CVE-2023-46265 |
6.5 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche decode XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-24-053 |
ZDI-CAN-21406 |
Ivanti |
CVE-2023-46262 |
7.5 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche validateAMCWSConnection Server-Side Request Forgery Information Disclosure Vulnerability |
| ZDI-24-052 |
ZDI-CAN-21888 |
Trend Micro |
CVE-2023-52331 |
9.1 |
2024-01-11 |
2024-07-01 |
Trend Micro Apex Central modVulnerabilityProtect Server-Side Request Forgery Information Disclosure Vulnerability |
| ZDI-24-051 |
ZDI-CAN-21447 |
Trend Micro |
CVE-2023-52330 |
5.4 |
2024-01-11 |
2024-07-01 |
Trend Micro Apex Central Cross-Site Scripting Privilege Escalation Vulnerability |
| ZDI-24-050 |
ZDI-CAN-21675 |
D-Link |
CVE-2023-51631 |
6.8 |
2024-01-11 |
2024-07-01 |
D-Link DIR-X3260 prog.cgi SetUsersSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-049 |
ZDI-CAN-21492 |
D-Link |
CVE-2023-51629 |
6.3 |
2024-01-11 |
2024-07-01 |
D-Link DCS-8300LHV2 ONVIF Hardcoded PIN Authentication Bypass Vulnerability |
| ZDI-24-048 |
ZDI-CAN-21322 |
D-Link |
CVE-2023-51628 |
8.0 |
2024-01-11 |
2024-07-01 |
D-Link DCS-8300LHV2 ONVIF SetHostName Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-047 |
ZDI-CAN-21321 |
D-Link |
CVE-2023-51627 |
8.0 |
2024-01-11 |
2024-07-01 |
D-Link DCS-8300LHV2 ONVIF Duration Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-046 |
ZDI-CAN-21320 |
D-Link |
CVE-2023-51626 |
8.8 |
2024-01-11 |
2024-07-01 |
D-Link DCS-8300LHV2 RTSP ValidateAuthorizationHeader Username Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-045 |
ZDI-CAN-21319 |
D-Link |
CVE-2023-51625 |
8.0 |
2024-01-11 |
2024-07-01 |
D-Link DCS-8300LHV2 ONVIF SetSystemDateAndTime Command Injection Remote Code Execution Vulnerability |
| ZDI-24-044 |
ZDI-CAN-20072 |
D-Link |
CVE-2023-51624 |
8.8 |
2024-01-11 |
2024-07-01 |
D-Link DCS-8300LHV2 RTSP ValidateAuthorizationHeader Nonce Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-043 |
ZDI-CAN-21673 |
D-Link |
CVE-2023-51623 |
6.8 |
2024-01-11 |
2024-07-01 |
D-Link DIR-X3260 prog.cgi SetAPClientSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-042 |
ZDI-CAN-21672 |
D-Link |
CVE-2023-51622 |
6.8 |
2024-01-11 |
2024-07-01 |
D-Link DIR-X3260 prog.cgi SetTriggerPPPoEValidate Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-041 |
ZDI-CAN-21670 |
D-Link |
CVE-2023-51621 |
6.8 |
2024-01-11 |
2024-07-01 |
D-Link DIR-X3260 prog.cgi SetDeviceSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-040 |
ZDI-CAN-21669 |
D-Link |
CVE-2023-51620 |
6.8 |
2024-01-11 |
2024-07-01 |
D-Link DIR-X3260 prog.cgi SetIPv6PppoeSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-039 |
ZDI-CAN-21667 |
D-Link |
CVE-2023-51619 |
6.8 |
2024-01-11 |
2024-07-01 |
D-Link DIR-X3260 prog.cgi SetMyDLinkRegistration Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-038 |
ZDI-CAN-21595 |
D-Link |
CVE-2023-51618 |
6.8 |
2024-01-11 |
2024-07-01 |
D-Link DIR-X3260 prog.cgi SetWLanRadioSecurity Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-037 |
ZDI-CAN-21594 |
D-Link |
CVE-2023-51617 |
6.8 |
2024-01-11 |
2024-07-01 |
D-Link DIR-X3260 prog.cgi SetWanSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-036 |
ZDI-CAN-21593 |
D-Link |
CVE-2023-51616 |
6.8 |
2024-01-11 |
2024-07-01 |
D-Link DIR-X3260 prog.cgi SetSysEmailSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-035 |
ZDI-CAN-21592 |
D-Link |
CVE-2023-51615 |
6.8 |
2024-01-11 |
2024-07-01 |
D-Link DIR-X3260 prog.cgi SetQuickVPNSettings PSK Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-034 |
ZDI-CAN-21591 |
D-Link |
CVE-2023-51614 |
6.8 |
2024-01-11 |
2024-07-01 |
D-Link DIR-X3260 prog.cgi SetQuickVPNSettings Password Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-033 |
ZDI-CAN-21590 |
D-Link |
CVE-2023-51613 |
6.8 |
2024-01-11 |
2024-07-01 |
D-Link DIR-X3260 prog.cgi SetDynamicDNSSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-032 |
ZDI-CAN-22109 |
Foxit |
|
7.8 |
2024-01-10 |
2024-07-01 |
Foxit PDF Reader Doc Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-031 |
ZDI-CAN-22126 |
Microsoft |
CVE-2024-21310 |
7.8 |
2024-01-10 |
2024-07-01 |
Microsoft Windows cldflt Integer Overflow Local Privilege Escalation Vulnerability |
| ZDI-24-030 |
ZDI-CAN-21445 |
Microsoft |
CVE-2024-20677 |
7.8 |
2024-01-10 |
2024-07-01 |
Microsoft Office Word FBX File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-029 |
ZDI-CAN-21860 |
Trend Micro |
CVE-2023-52093 |
7.8 |
2024-01-10 |
2024-07-01 |
Trend Micro Apex One Exposed Dangerous Function Local Privilege Escalation Vulnerability |
| ZDI-24-028 |
ZDI-CAN-21896 |
Trend Micro |
CVE-2023-52094 |
7.0 |
2024-01-10 |
2024-07-01 |
Trend Micro Apex One Security Agent Updater Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-027 |
ZDI-CAN-21522 |
Trend Micro |
CVE-2023-52091 |
7.8 |
2024-01-10 |
2024-07-01 |
Trend Micro Apex One Anti-Spyware Engine Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-026 |
ZDI-CAN-21425 |
Trend Micro |
CVE-2023-52090 |
7.8 |
2024-01-10 |
2024-07-01 |
Trend Micro Apex One Virus Scan Engine Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-025 |
ZDI-CAN-21346 |
Trend Micro |
CVE-2023-52092 |
7.8 |
2024-01-10 |
2024-07-01 |
Trend Micro Apex One Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-024 |
ZDI-CAN-21327 |
Trend Micro |
CVE-2023-52325 |
7.5 |
2024-01-10 |
2024-07-01 |
Trend Micro Apex Central widget WFProxy Local File Inclusion Remote Code Execution Vulnerability |
| ZDI-24-023 |
ZDI-CAN-18873 |
Trend Micro |
CVE-2023-52326 |
6.1 |
2024-01-16 |
2024-07-01 |
Trend Micro Apex Central Cross-Site Scripting Remote Code Execution Vulnerability |
| ZDI-24-022 |
ZDI-CAN-18869 |
Trend Micro |
CVE-2023-52327 |
6.1 |
2024-01-16 |
2024-07-01 |
Trend Micro Apex Central Cross-Site Scripting Remote Code Execution Vulnerability |
| ZDI-24-021 |
ZDI-CAN-18870 |
Trend Micro |
CVE-2023-52328 |
6.1 |
2024-01-16 |
2024-07-01 |
Trend Micro Apex Central Cross-Site Scripting Remote Code Execution Vulnerability |
| ZDI-24-020 |
ZDI-CAN-20527 |
Linux |
CVE-2023-6546 |
8.8 |
2024-01-09 |
2024-07-01 |
Linux Kernel GSM Multiplexing Race Condition Local Privilege Escalation Vulnerability |
| ZDI-24-019 |
ZDI-CAN-19067 |
Bentley |
CVE-2023-44430 |
7.8 |
2024-01-08 |
2024-07-01 |
Bentley View SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-018 |
ZDI-CAN-22127 |
Inductive Automation |
CVE-2023-50223 |
8.8 |
2024-01-05 |
2024-07-01 |
Inductive Automation Ignition ExtendedDocumentCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-017 |
ZDI-CAN-22067 |
Inductive Automation |
CVE-2023-50222 |
8.8 |
2024-01-05 |
2024-07-01 |
Inductive Automation Ignition ResponseParser Notification Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-016 |
ZDI-CAN-21926 |
Inductive Automation |
CVE-2023-50221 |
8.8 |
2024-01-05 |
2024-07-01 |
Inductive Automation Ignition ResponseParser SerializedResponse Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-015 |
ZDI-CAN-21801 |
Inductive Automation |
CVE-2023-50220 |
7.2 |
2024-01-05 |
2024-07-01 |
Inductive Automation Ignition Base64Element Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-014 |
ZDI-CAN-21625 |
Inductive Automation |
CVE-2023-50219 |
8.8 |
2024-01-05 |
2024-07-01 |
Inductive Automation Ignition RunQuery Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-013 |
ZDI-CAN-21016 |
oFono |
CVE-2023-4235 |
8.1 |
2024-01-04 |
2024-07-01 |
oFono SMS Decoder Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-012 |
ZDI-CAN-22153 |
X.Org |
CVE-2023-5367 |
7.8 |
2024-01-04 |
2024-07-01 |
X.Org Server ProcXIChangeProperty Heap-based Buffer Overflow Local Privilege Escalation Vulnerability |
| ZDI-24-011 |
ZDI-CAN-22412 |
X.Org |
CVE-2023-6377 |
7.8 |
2024-01-04 |
2024-07-01 |
X.Org Server RecalculateMasterButtons Out-Of-Bounds Access Local Privilege Escalation Vulnerability |
| ZDI-24-010 |
ZDI-CAN-22413 |
X.Org |
CVE-2023-6377 |
7.8 |
2024-01-04 |
2024-07-01 |
X.Org Server DeepCopyPointerClasses Out-Of-Bounds Access Local Privilege Escalation Vulnerability |
| ZDI-24-009 |
ZDI-CAN-22561 |
X.Org |
CVE-2023-6478 |
5.5 |
2024-01-04 |
2024-07-01 |
X.Org Server RRChangeOutputProperty Integer Overflow Information Disclosure Vulnerability |
| ZDI-24-008 |
ZDI-CAN-22753 |
SolarWinds |
CVE-2023-40058 |
8.6 |
2024-01-04 |
2024-07-01 |
SolarWinds Access Rights Manager Hardcoded Credentials Authentication Bypass Vulnerability |
| ZDI-24-007 |
ZDI-CAN-22016 |
Kofax |
CVE-2023-51569 |
7.8 |
2024-01-04 |
2024-07-01 |
Kofax Power PDF BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-006 |
ZDI-CAN-21988 |
Kofax |
CVE-2023-51567 |
3.3 |
2024-01-04 |
2024-07-01 |
Kofax Power PDF OXPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-005 |
ZDI-CAN-21990 |
Kofax |
CVE-2023-51568 |
3.3 |
2024-01-04 |
2024-07-01 |
Kofax Power PDF OXPS File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-24-004 |
ZDI-CAN-21980 |
Kofax |
CVE-2023-51566 |
7.8 |
2024-01-04 |
2024-07-01 |
Kofax Power PDF OXPS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-003 |
ZDI-CAN-21975 |
Kofax |
CVE-2023-51565 |
7.8 |
2024-01-04 |
2024-07-01 |
Kofax Power PDF XPS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-002 |
ZDI-CAN-21606 |
Kofax |
CVE-2023-51564 |
3.3 |
2024-01-04 |
2024-07-01 |
Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-001 |
ZDI-CAN-20573 |
Kofax |
CVE-2023-51563 |
7.8 |
2024-01-04 |
2024-07-01 |
Kofax Power PDF XPS File Parsing Use-After-Free Remote Code Execution Vulnerability |
