| ZDI-23-1763 |
ZDI-CAN-21505 |
Apple |
CVE-2023-42826 |
7.8 |
2023-12-07 |
|
Apple macOS Hydra Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1762 |
ZDI-CAN-21962 |
SolarWinds |
CVE-2023-40056 |
8.8 |
2023-12-05 |
|
SolarWinds Orion Platform VimChartInfo SQL Injection Remote Code Execution Vulnerability |
| ZDI-23-1761 |
ZDI-CAN-22563 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-12-05 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1760 |
ZDI-CAN-22567 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-12-05 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1759 |
ZDI-CAN-22562 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-12-05 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1758 |
ZDI-CAN-22564 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-12-05 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1757 |
ZDI-CAN-22568 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-12-05 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1756 |
ZDI-CAN-22013 |
Delta Electronics |
CVE-2023-47279 |
7.5 |
2023-11-30 |
|
Delta Electronics InfraSuite Device Master PlayWaveFile Directory Traversal Information Disclosure Vulnerability |
| ZDI-23-1755 |
ZDI-CAN-21859 |
Delta Electronics |
CVE-2023-39226 |
9.8 |
2023-11-30 |
|
Delta Electronics InfraSuite Device Master RunScript Exposed Dangerous Method Remote Code Execution Vulnerability |
| ZDI-23-1754 |
ZDI-CAN-21771 |
Delta Electronics |
CVE-2023-47207 |
9.8 |
2023-11-30 |
|
Delta Electronics InfraSuite Device Master Device-DataCollect Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-23-1753 |
ZDI-CAN-21770 |
Delta Electronics |
CVE-2023-47207 |
9.8 |
2023-11-30 |
|
Delta Electronics InfraSuite Device Master Device-Gateway Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-23-1752 |
ZDI-CAN-21707 |
Delta Electronics |
CVE-2023-46690 |
8.8 |
2023-11-30 |
|
Delta Electronics InfraSuite Device Master UploadMedia Directory Traversal Remote Code Execution Vulnerability |
| ZDI-23-1751 |
ZDI-CAN-22600 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-27 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1750 |
ZDI-CAN-22599 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-27 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1749 |
ZDI-CAN-22566 |
Adobe |
CVE-2023-44371 |
3.3 |
2023-11-27 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1748 |
ZDI-CAN-22292 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-27 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1747 |
ZDI-CAN-22612 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-27 |
|
Adobe Acrobat Reader DC Font Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-1746 |
ZDI-CAN-22601 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-27 |
|
Adobe Acrobat Reader DC Font Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-1745 |
ZDI-CAN-22598 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-27 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1744 |
ZDI-CAN-22597 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-27 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1743 |
ZDI-CAN-22602 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-27 |
|
Adobe Acrobat Reader DC Font Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-1742 |
ZDI-CAN-22603 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-27 |
|
Adobe Acrobat Reader DC Font Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-1741 |
ZDI-CAN-22605 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-27 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1740 |
ZDI-CAN-22604 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-27 |
|
Adobe Acrobat Reader DC Font Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-1739 |
ZDI-CAN-22606 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-27 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1738 |
ZDI-CAN-22607 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-27 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1737 |
ZDI-CAN-22608 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-27 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1736 |
ZDI-CAN-22609 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-27 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1735 |
ZDI-CAN-21212 |
Fuji Electric |
CVE-2023-40152 |
7.8 |
2023-11-27 |
|
Fuji Electric Tellus Lite V-Simulator V9 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1734 |
ZDI-CAN-21214 |
Fuji Electric |
CVE-2023-35127 |
7.8 |
2023-11-27 |
|
Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1733 |
ZDI-CAN-21304 |
Fuji Electric |
CVE-2023-35127 |
7.8 |
2023-11-27 |
|
Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1732 |
ZDI-CAN-21303 |
Fuji Electric |
CVE-2023-35127 |
7.8 |
2023-11-27 |
|
Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1731 |
ZDI-CAN-21302 |
Fuji Electric |
CVE-2023-35127 |
7.8 |
2023-11-27 |
|
Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1730 |
ZDI-CAN-21224 |
Fuji Electric |
CVE-2023-5299 |
7.3 |
2023-11-27 |
|
Fuji Electric Tellus Lite Incorrect Default Permissions Local Privilege Escalation Vulnerability |
| ZDI-23-1729 |
ZDI-CAN-21238 |
Fuji Electric |
CVE-2023-40152 |
7.8 |
2023-11-27 |
|
Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1728 |
ZDI-CAN-21236 |
Fuji Electric |
CVE-2023-35127 |
7.8 |
2023-11-27 |
|
Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1727 |
ZDI-CAN-21176 |
Fuji Electric |
CVE-2023-35127 |
7.8 |
2023-11-27 |
|
Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1726 |
ZDI-CAN-21178 |
Fuji Electric |
CVE-2023-35127 |
7.8 |
2023-11-27 |
|
Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1725 |
ZDI-CAN-21211 |
Fuji Electric |
CVE-2023-40152 |
7.8 |
2023-11-27 |
|
Fuji Electric Tellus Lite V-Simulator V9 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1724 |
ZDI-CAN-21210 |
Fuji Electric |
CVE-2023-40152 |
7.8 |
2023-11-27 |
|
Fuji Electric Tellus Lite V-Simulator V9 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1723 |
ZDI-CAN-21175 |
Fuji Electric |
CVE-2023-35127 |
7.8 |
2023-11-27 |
|
Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1722 |
ZDI-CAN-21174 |
Fuji Electric |
CVE-2023-35127 |
7.8 |
2023-11-27 |
|
Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1721 |
ZDI-CAN-21215 |
Fuji Electric |
CVE-2023-35127 |
7.8 |
2023-11-27 |
|
Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1720 |
ZDI-CAN-21121 |
Fuji Electric |
CVE-2023-35127 |
7.8 |
2023-11-27 |
|
Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1719 |
ZDI-CAN-21173 |
ManageEngine |
CVE-2023-48646 |
7.2 |
2023-11-22 |
|
ManageEngine Recovery Manager Plus getEscapedValue Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1718 |
ZDI-CAN-21858 |
NETGEAR |
CVE-2023-44450 |
8.8 |
2023-11-20 |
|
NETGEAR ProSAFE Network Management System getNodesByTopologyMapSearch SQL Injection Remote Code Execution Vulnerability |
| ZDI-23-1717 |
ZDI-CAN-21875 |
NETGEAR |
CVE-2023-44449 |
8.8 |
2023-11-20 |
|
NETGEAR ProSAFE Network Management System clearAlertByIds SQL Injection Privilege Escalation Vulnerability |
| ZDI-23-1716 |
ZDI-CAN-22139 |
Luxion |
CVE-2023-22139 |
7.8 |
2023-11-16 |
|
Luxion KeyShot Viewer KSP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-1715 |
ZDI-CAN-21226 |
ManageEngine |
CVE-2023-38333 |
8.8 |
2023-11-15 |
|
ManageEngine Applications Manager SingleSignOn Cross-Site Scripting Remote Code Execution Vulnerability |
| ZDI-23-1714 |
ZDI-CAN-21666 |
Adobe |
CVE-2023-44325 |
3.3 |
2023-11-15 |
|
Adobe Animate FLA File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1713 |
ZDI-CAN-21509 |
Adobe |
CVE-2023-44337 |
7.8 |
2023-11-15 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1712 |
ZDI-CAN-21493 |
Adobe |
CVE-2023-44338 |
7.8 |
2023-11-15 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1711 |
ZDI-CAN-21424 |
Adobe |
CVE-2023-44340 |
3.3 |
2023-11-15 |
|
Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1710 |
ZDI-CAN-21422 |
Adobe |
CVE-2023-44339 |
3.3 |
2023-11-15 |
|
Adobe Acrobat Reader DC AcroForm value Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1709 |
ZDI-CAN-22041 |
Adobe |
CVE-2023-44361 |
3.3 |
2023-11-15 |
|
Adobe Acrobat Reader DC AcroForm Doc Object Use-After-Free Information Disclosure Vulnerability |
| ZDI-23-1708 |
ZDI-CAN-21999 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-15 |
|
Adobe Acrobat Reader DC Font Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-1707 |
ZDI-CAN-21998 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-15 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1706 |
ZDI-CAN-21989 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-15 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1705 |
ZDI-CAN-21971 |
Adobe |
CVE-2023-44358 |
3.3 |
2023-11-15 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1704 |
ZDI-CAN-21957 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-15 |
|
Adobe Acrobat Reader DC Font Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-1703 |
ZDI-CAN-21956 |
Adobe |
CVE-2023-44356 |
3.3 |
2023-11-15 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1702 |
ZDI-CAN-21955 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-15 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1701 |
ZDI-CAN-21949 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-15 |
|
Adobe Acrobat Reader DC Font Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1700 |
ZDI-CAN-21947 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-15 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1699 |
ZDI-CAN-21946 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-15 |
|
Adobe Acrobat Reader DC Font Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-1698 |
ZDI-CAN-21945 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-15 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1697 |
ZDI-CAN-21936 |
Adobe |
CVE-2023-44359 |
7.8 |
2023-11-15 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1696 |
ZDI-CAN-21935 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-15 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1695 |
ZDI-CAN-21934 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-15 |
|
Adobe Acrobat Reader DC Font Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1694 |
ZDI-CAN-21933 |
Adobe |
CVE-2023-44371 |
7.8 |
2023-11-15 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1693 |
ZDI-CAN-21932 |
Adobe |
CVE-2023-44371 |
3.3 |
2023-11-15 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1692 |
ZDI-CAN-21931 |
Adobe |
CVE-2023-44365 |
7.8 |
2023-11-15 |
|
Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-23-1691 |
ZDI-CAN-21930 |
Adobe |
CVE-2023-44357 |
3.3 |
2023-11-15 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1690 |
ZDI-CAN-21929 |
Adobe |
CVE-2023-44367 |
7.8 |
2023-11-15 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1689 |
ZDI-CAN-21928 |
Adobe |
CVE-2023-44366 |
7.8 |
2023-11-15 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1688 |
ZDI-CAN-21925 |
Adobe |
CVE-2023-44348 |
3.3 |
2023-11-15 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1687 |
ZDI-CAN-21882 |
Adobe |
CVE-2023-44360 |
3.3 |
2023-11-15 |
|
Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1686 |
ZDI-CAN-21866 |
Adobe |
CVE-2023-44326 |
3.3 |
2023-11-15 |
|
Adobe Dimension GLTF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1685 |
ZDI-CAN-21798 |
Adobe |
CVE-2023-44329 |
3.3 |
2023-11-15 |
|
Adobe Bridge MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability |
| ZDI-23-1684 |
ZDI-CAN-21797 |
Adobe |
CVE-2023-44328 |
3.3 |
2023-11-15 |
|
Adobe Bridge MP4 File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-23-1683 |
ZDI-CAN-21793 |
Adobe |
CVE-2023-44327 |
3.3 |
2023-11-15 |
|
Adobe Bridge MP4 File Uninitialized Variable Information Disclosure Vulnerability |
| ZDI-23-1682 |
ZDI-CAN-21792 |
Adobe |
CVE-2023-47060 |
3.3 |
2023-11-15 |
|
Adobe Premiere Pro MP4 File Uninitialized Variable Information Disclosure Vulnerability |
| ZDI-23-1681 |
ZDI-CAN-21767 |
Adobe |
CVE-2023-47059 |
7.8 |
2023-11-15 |
|
Adobe Premiere Pro MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1680 |
ZDI-CAN-21766 |
Adobe |
CVE-2023-47058 |
7.8 |
2023-11-15 |
|
Adobe Premiere Pro MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1679 |
ZDI-CAN-21765 |
Adobe |
CVE-2023-47055 |
7.8 |
2023-11-15 |
|
Adobe Premiere Pro M4A File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1678 |
ZDI-CAN-21764 |
Adobe |
CVE-2023-47057 |
7.8 |
2023-11-15 |
|
Adobe Premiere Pro MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1677 |
ZDI-CAN-21763 |
Adobe |
CVE-2023-47056 |
7.8 |
2023-11-15 |
|
Adobe Premiere Pro MP4 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1676 |
ZDI-CAN-21709 |
Adobe |
CVE-2023-47073 |
7.8 |
2023-11-15 |
|
Adobe After Effects MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1675 |
ZDI-CAN-21708 |
Adobe |
CVE-2023-47070 |
7.8 |
2023-11-15 |
|
Adobe After Effects MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1674 |
ZDI-CAN-21706 |
Adobe |
CVE-2023-47067 |
7.8 |
2023-11-15 |
|
Adobe After Effects MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1673 |
ZDI-CAN-21705 |
Adobe |
CVE-2023-47066 |
7.8 |
2023-11-15 |
|
Adobe After Effects MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1672 |
ZDI-CAN-21704 |
Adobe |
CVE-2023-47071 |
3.3 |
2023-11-15 |
|
Adobe After Effects MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1671 |
ZDI-CAN-21703 |
Adobe |
CVE-2023-47069 |
7.8 |
2023-11-15 |
|
Adobe After Effects M4A File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1670 |
ZDI-CAN-21702 |
Adobe |
CVE-2023-47068 |
7.8 |
2023-11-15 |
|
Adobe After Effects MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1669 |
ZDI-CAN-21790 |
Adobe |
CVE-2023-47072 |
3.3 |
2023-11-15 |
|
Adobe After Effects MP4 File Uninitialized Variable Information Disclosure Vulnerability |
| ZDI-23-1668 |
ZDI-CAN-21789 |
Adobe |
CVE-2023-47044 |
3.3 |
2023-11-15 |
|
Adobe Media Encoder MP4 File Uninitialized Variable Information Disclosure Vulnerability |
| ZDI-23-1667 |
ZDI-CAN-21699 |
Adobe |
CVE-2023-47043 |
7.8 |
2023-11-15 |
|
Adobe Media Encoder MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1666 |
ZDI-CAN-21698 |
Adobe |
CVE-2023-47040 |
7.8 |
2023-11-15 |
|
Adobe Media Encoder MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1665 |
ZDI-CAN-21697 |
Adobe |
CVE-2023-47041 |
7.8 |
2023-11-15 |
|
Adobe Media Encoder MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1664 |
ZDI-CAN-21696 |
Adobe |
CVE-2023-47042 |
7.8 |
2023-11-15 |
|
Adobe Media Encoder MP4 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1663 |
ZDI-CAN-21782 |
Adobe |
CVE-2023-47054 |
3.3 |
2023-11-15 |
|
Adobe Audition MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability |
| ZDI-23-1662 |
ZDI-CAN-21690 |
Adobe |
CVE-2023-47049 |
7.8 |
2023-11-15 |
|
Adobe Audition MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1661 |
ZDI-CAN-21689 |
Adobe |
CVE-2023-47053 |
3.3 |
2023-11-15 |
|
Adobe Audition MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability |
| ZDI-23-1660 |
ZDI-CAN-21688 |
Adobe |
CVE-2023-47048 |
7.8 |
2023-11-15 |
|
Adobe Audition MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1659 |
ZDI-CAN-21687 |
Adobe |
CVE-2023-47052 |
3.3 |
2023-11-15 |
|
Adobe Audition MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1658 |
ZDI-CAN-21686 |
Adobe |
CVE-2023-47050 |
7.8 |
2023-11-15 |
|
Adobe Audition M4A File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1657 |
ZDI-CAN-21685 |
Adobe |
CVE-2023-47047 |
7.8 |
2023-11-15 |
|
Adobe Audition MP4 File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-23-1656 |
ZDI-CAN-21684 |
Adobe |
CVE-2023-47046 |
7.8 |
2023-11-15 |
|
Adobe Audition MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1655 |
ZDI-CAN-21683 |
Adobe |
CVE-2023-47051 |
7.8 |
2023-11-15 |
|
Adobe Audition MP4 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1654 |
ZDI-CAN-21344 |
Adobe |
CVE-2023-44324 |
9.8 |
2023-11-15 |
|
Adobe FrameMaker Publishing Server Authentication Bypass Vulnerability |
| ZDI-23-1653 |
ZDI-CAN-21305 |
Adobe |
CVE-2023-22274 |
8.2 |
2023-11-15 |
|
Adobe RoboHelp Server UpdateCommandStream XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-23-1652 |
ZDI-CAN-21307 |
Adobe |
CVE-2023-22273 |
7.2 |
2023-11-15 |
|
Adobe RoboHelp Server OnPublishFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-23-1651 |
ZDI-CAN-21308 |
Adobe |
CVE-2023-22268 |
6.5 |
2023-11-15 |
|
Adobe RoboHelp Server getRHSGroupsForRoles SQL Injection Information Disclosure Vulnerability |
| ZDI-23-1650 |
ZDI-CAN-21309 |
Adobe |
CVE-2023-22272 |
7.5 |
2023-11-15 |
|
Adobe RoboHelp Server resolveDistinguishedName LDAP Injection Information Disclosure Vulnerability |
| ZDI-23-1649 |
ZDI-CAN-21306 |
Adobe |
CVE-2023-22275 |
7.5 |
2023-11-15 |
|
Adobe RoboHelp Server GetNewUserId SQL Injection Information Disclosure Vulnerability |
| ZDI-23-1648 |
ZDI-CAN-22226 |
GStreamer |
CVE-2023-44429 |
8.8 |
2023-11-15 |
|
GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1647 |
ZDI-CAN-22299 |
GStreamer |
CVE-2023-44446 |
8.8 |
2023-11-15 |
|
GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1646 |
ZDI-CAN-21462 |
Microsoft |
CVE-2023-38181 |
8.8 |
2023-11-15 |
|
Microsoft Exchange GsmWriter Deserialization of Untrusted Data NTLM Relay Vulnerability |
| ZDI-23-1645 |
ZDI-CAN-21861 |
Microsoft |
CVE-2023-36804 |
8.8 |
2023-11-15 |
|
Microsoft Windows win32kfull UMPDDrvBitBlt Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-23-1644 |
ZDI-CAN-21864 |
Microsoft |
CVE-2023-36804 |
8.8 |
2023-11-15 |
|
Microsoft Windows win32kfull UMPDDrvStretchBltROP Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-23-1643 |
ZDI-CAN-21863 |
Microsoft |
CVE-2023-36804 |
8.8 |
2023-11-15 |
|
Microsoft Windows win32kfull UMPDDrvStretchBlt Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-23-1642 |
ZDI-CAN-21681 |
Microsoft |
CVE-2023-36804 |
8.8 |
2023-11-15 |
|
Microsoft Windows win32kfull UMPDDrvPlgBlt Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-23-1641 |
ZDI-CAN-22002 |
Microsoft |
CVE-2023-36039 |
8.8 |
2023-11-15 |
|
Microsoft Exchange FederationTrust Deserialization of Untrusted Data NTLM Relay Vulnerability |
| ZDI-23-1640 |
ZDI-CAN-21958 |
Microsoft |
CVE-2023-36050 |
8.8 |
2023-11-15 |
|
Microsoft Exchange TransportConfigContainer Deserialization of Untrusted Data Information Disclosure Vulnerability |
| ZDI-23-1639 |
ZDI-CAN-21960 |
Microsoft |
CVE-2023-36049 |
7.6 |
2023-11-15 |
|
Microsoft .NET FormatFtpCommand CRLF Injection Arbitrary File Write and Deletion Vulnerability |
| ZDI-23-1638 |
ZDI-CAN-21843 |
Microsoft |
CVE-2023-36045 |
7.8 |
2023-11-15 |
|
Microsoft Office Word FBX File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-1637 |
ZDI-CAN-21983 |
Microsoft |
CVE-2023-36035 |
8.8 |
2023-11-15 |
|
Microsoft Exchange IsUNCPath Improper Input Validation NTLM Relay Vulnerability |
| ZDI-23-1636 |
ZDI-CAN-19058 |
NETGEAR |
CVE-2023-44445 |
8.8 |
2023-11-14 |
|
NETGEAR CAX30 SSO Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1635 |
ZDI-CAN-21400 |
Delta Electronics |
CVE-2023-5068 |
7.8 |
2023-11-14 |
|
Delta Electronics DIAScreen XLS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1634 |
ZDI-CAN-21266 |
Siemens |
CVE-2023-41033 |
7.8 |
2023-11-14 |
|
Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1633 |
ZDI-CAN-21263 |
Siemens |
CVE-2023-41032 |
7.8 |
2023-11-14 |
|
Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1632 |
ZDI-CAN-20818 |
Siemens |
CVE-2023-38070 |
7.8 |
2023-11-14 |
|
Siemens Tecnomatix Plant Simulation WRL File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1631 |
ZDI-CAN-20824 |
Siemens |
CVE-2023-38071 |
7.8 |
2023-11-14 |
|
Siemens Tecnomatix Plant Simulation WRL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1630 |
ZDI-CAN-20825 |
Siemens |
CVE-2023-38072 |
7.8 |
2023-11-14 |
|
Siemens Tecnomatix Plant Simulation WRL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1629 |
ZDI-CAN-20826 |
Siemens |
CVE-2023-38073 |
7.8 |
2023-11-14 |
|
Siemens Tecnomatix Plant Simulation WRL File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-23-1628 |
ZDI-CAN-20840 |
Siemens |
CVE-2023-38074 |
7.8 |
2023-11-14 |
|
Siemens Tecnomatix Plant Simulation WRL File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-23-1627 |
ZDI-CAN-21041 |
Siemens |
CVE-2023-38076 |
7.8 |
2023-11-14 |
|
Siemens Tecnomatix Plant Simulation WRL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1626 |
ZDI-CAN-20842 |
Siemens |
CVE-2023-38075 |
7.8 |
2023-11-14 |
|
Siemens Tecnomatix Plant Simulation WRL File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1625 |
ZDI-CAN-22262 |
TP-Link |
CVE-2023-44448 |
6.8 |
2023-11-14 |
|
TP-Link Archer A54 libcmm.so dm_fillObjByStr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1624 |
ZDI-CAN-21825 |
TP-Link |
CVE-2023-39471 |
7.5 |
2023-11-14 |
2023-12-05 |
TP-Link TL-WR841N ated_tp Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1623 |
ZDI-CAN-21529 |
TP-Link |
CVE-2023-44447 |
6.5 |
2023-11-14 |
|
TP-Link TL-WR902AC loginFs Improper Authentication Information Disclosure Vulnerability |
| ZDI-23-1622 |
ZDI-CAN-21871 |
NI |
CVE-2023-5136 |
5.5 |
2023-11-14 |
|
NI DIAdem GPX File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-23-1621 |
ZDI-CAN-21460 |
Trend Micro |
CVE-2023-47202 |
7.8 |
2023-11-14 |
|
Trend Micro Apex One Local File Inclusion Local Privilege Escalation Vulnerability |
| ZDI-23-1620 |
ZDI-CAN-21665 |
Trend Micro |
CVE-2023-47199 |
7.8 |
2023-11-14 |
|
Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability |
| ZDI-23-1619 |
ZDI-CAN-21382 |
Trend Micro |
CVE-2023-47198 |
7.8 |
2023-11-14 |
|
Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability |
| ZDI-23-1618 |
ZDI-CAN-21383 |
Trend Micro |
CVE-2023-47200 |
7.8 |
2023-11-14 |
|
Trend Micro Apex One CNTAoSMgr Origin Validation Error Local Privilege Escalation Vulnerability |
| ZDI-23-1617 |
ZDI-CAN-21380 |
Trend Micro |
CVE-2023-47196 |
7.8 |
2023-11-14 |
|
Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability |
| ZDI-23-1616 |
ZDI-CAN-21381 |
Trend Micro |
CVE-2023-47197 |
7.8 |
2023-11-14 |
|
Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability |
| ZDI-23-1615 |
ZDI-CAN-21368 |
Trend Micro |
CVE-2023-47195 |
7.8 |
2023-11-14 |
|
Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability |
| ZDI-23-1614 |
ZDI-CAN-21367 |
Trend Micro |
CVE-2023-47194 |
7.8 |
2023-11-14 |
|
Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability |
| ZDI-23-1613 |
ZDI-CAN-21378 |
Trend Micro |
CVE-2023-47201 |
7.8 |
2023-11-14 |
|
Trend Micro Apex One CNTAoSMgr Origin Validation Error Local Privilege Escalation Vulnerability |
| ZDI-23-1612 |
ZDI-CAN-21366 |
Trend Micro |
CVE-2023-47193 |
7.8 |
2023-11-14 |
|
Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability |
| ZDI-23-1611 |
ZDI-CAN-20220 |
Trend Micro |
CVE-2023-47192 |
7.8 |
2023-11-14 |
|
Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability |
| ZDI-23-1610 |
ZDI-CAN-21977 |
Kofax |
CVE-2023-44433 |
3.3 |
2023-11-14 |
|
Kofax Power PDF AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1609 |
ZDI-CAN-21979 |
Kofax |
CVE-2023-44434 |
3.3 |
2023-11-14 |
|
Kofax Power PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1608 |
ZDI-CAN-22045 |
Kofax |
CVE-2023-44436 |
7.8 |
2023-11-14 |
|
Kofax Power PDF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1607 |
ZDI-CAN-22040 |
Kofax |
CVE-2023-44435 |
7.8 |
2023-11-14 |
|
Kofax Power PDF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1606 |
ZDI-CAN-21584 |
Kofax |
CVE-2023-44432 |
7.8 |
2023-11-14 |
|
Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1605 |
ZDI-CAN-21358 |
Apple |
CVE-2023-42856 |
3.3 |
2023-11-14 |
|
Apple macOS Hydra ABC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1604 |
ZDI-CAN-21692 |
Apple |
CVE-2023-42856 |
3.3 |
2023-11-14 |
|
Apple macOS Hydra Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1603 |
ZDI-CAN-21502 |
Apple |
CVE-2023-42856 |
3.3 |
2023-11-14 |
|
Apple macOS Hydra Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1602 |
ZDI-CAN-21504 |
Apple |
CVE-2023-42856 |
3.3 |
2023-11-14 |
|
Apple macOS Hydra ABC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1601 |
ZDI-CAN-21518 |
Apple |
CVE-2023-42856 |
3.3 |
2023-11-14 |
|
Apple macOS Hydra Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1600 |
ZDI-CAN-19823 |
Siemens |
CVE-2023-35796 |
7.5 |
2023-11-14 |
|
Siemens SINEMA Server sysLocation Cross-Site Scripting Remote Code Execution Vulnerability |
| ZDI-23-1599 |
ZDI-CAN-21806 |
Hewlett Packard Enterprise |
CVE-2023-30912 |
7.2 |
2023-11-14 |
|
Hewlett Packard Enterprise OneView Backup Hard-coded Cryptographic Key Remote Code Execution Vulnerability |
| ZDI-23-1598 |
ZDI-CAN-21680 |
Ashlar-Vellum |
CVE-2023-44440 |
7.8 |
2023-11-14 |
|
Ashlar-Vellum Lithium Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-23-1597 |
ZDI-CAN-21679 |
Ashlar-Vellum |
CVE-2023-44439 |
7.8 |
2023-11-14 |
|
Ashlar-Vellum Xenon Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-23-1596 |
ZDI-CAN-21678 |
Ashlar-Vellum |
CVE-2023-44438 |
7.8 |
2023-11-14 |
|
Ashlar-Vellum Argon Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-23-1595 |
ZDI-CAN-21540 |
Ashlar-Vellum |
CVE-2023-44437 |
7.8 |
2023-11-14 |
|
Ashlar-Vellum Cobalt Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-23-1594 |
ZDI-CAN-22094 |
GIMP |
CVE-2023-44442 |
7.8 |
2023-11-14 |
|
GIMP PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1593 |
ZDI-CAN-22096 |
GIMP |
CVE-2023-44443 |
7.8 |
2023-11-14 |
|
GIMP PSP File Parsing Integer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1592 |
ZDI-CAN-22093 |
GIMP |
CVE-2023-44441 |
7.8 |
2023-11-14 |
|
GIMP DDS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1591 |
ZDI-CAN-22097 |
GIMP |
CVE-2023-44444 |
7.8 |
2023-11-14 |
|
GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability |
| ZDI-23-1590 |
ZDI-CAN-21893 |
VMware |
CVE-2023-34048 |
9.8 |
2023-11-06 |
|
VMware vCenter Server Appliance DCE/RPC Protocol Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1589 |
ZDI-CAN-21512 |
VMware |
CVE-2023-34044 |
6.0 |
2023-11-06 |
|
VMware Workstation UHCI Uninitialized Variable Information Disclosure Vulnerability |
| ZDI-23-1588 |
ZDI-CAN-22282 |
Microsoft |
|
8.8 |
2023-11-06 |
|
Microsoft Azure US Accelarators Synapse SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability |
| ZDI-23-1587 |
ZDI-CAN-21862 |
Microsoft |
CVE-2023-36804 |
8.8 |
2023-11-06 |
|
Microsoft Windows win32kfull UMPDDrvCopyBits Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-23-1586 |
ZDI-CAN-21220 |
SolarWinds |
CVE-2023-33227 |
8.8 |
2023-11-06 |
|
SolarWinds Network Configuration Manager SaveResultsToFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-23-1585 |
ZDI-CAN-21223 |
SolarWinds |
CVE-2023-33226 |
8.8 |
2023-11-06 |
|
SolarWinds Network Configuration Manager ExportConfigs Directory Traversal Remote Code Execution Vulnerability |
| ZDI-23-1584 |
ZDI-CAN-21839 |
SolarWinds |
CVE-2023-40062 |
8.8 |
2023-11-06 |
|
SolarWinds Orion Platform BlacklistedFilesChecker Incomplete List of Disallowed Inputs Remote Code Execution Vulnerability |
| ZDI-23-1583 |
ZDI-CAN-22148 |
Google |
|
8.8 |
2023-11-06 |
2023-11-07 |
Google Chromium Vulkan SwiftShader Double Free Remote Code Execution Vulnerability |
| ZDI-23-1582 |
ZDI-CAN-21965 |
Tenable |
CVE-2023-5847 |
6.7 |
2023-11-06 |
|
Tenable Nessus Link Following Local Privilege Escalation Vulnerability |
| ZDI-23-1581 |
ZDI-CAN-22101 |
Microsoft |
|
7.1 |
2023-11-02 |
|
(0Day) Microsoft Exchange CreateAttachmentFromUri Server-Side Request Forgery Information Disclosure Vulnerability |
| ZDI-23-1580 |
ZDI-CAN-22100 |
Microsoft |
|
7.1 |
2023-11-02 |
|
(0Day) Microsoft Exchange DownloadDataFromOfficeMarketPlace Server-Side Request Forgery Information Disclosure Vulnerability |
| ZDI-23-1579 |
ZDI-CAN-22090 |
Microsoft |
|
7.1 |
2023-11-02 |
|
(0Day) Microsoft Exchange DownloadDataFromUri Server-Side Request Forgery Information Disclosure Vulnerability |
| ZDI-23-1578 |
ZDI-CAN-22079 |
Microsoft |
|
7.5 |
2023-11-02 |
|
(0Day) Microsoft Exchange ChainedSerializationBinder Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-23-1577 |
ZDI-CAN-21290 |
Siemens |
CVE-2023-45601 |
7.8 |
2023-10-19 |
|
Siemens Tecnomatix Plant Simulation IGS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1576 |
ZDI-CAN-21268 |
Siemens |
CVE-2023-45204 |
7.8 |
2023-10-19 |
|
Siemens Tecnomatix Plant Simulation IGS File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-23-1575 |
ZDI-CAN-21051 |
Siemens |
CVE-2023-37376 |
7.8 |
2023-10-19 |
|
Siemens Tecnomatix Plant Simulation STP File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-23-1574 |
ZDI-CAN-21054 |
Siemens |
CVE-2023-37374 |
7.8 |
2023-10-19 |
|
Siemens Tecnomatix Plant Simulation STP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1573 |
ZDI-CAN-21060 |
Siemens |
CVE-2023-37375 |
7.8 |
2023-10-19 |
|
Siemens Tecnomatix Plant Simulation SPP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1572 |
ZDI-CAN-21106 |
Siemens |
CVE-2023-38679 |
7.8 |
2023-10-19 |
|
Siemens Tecnomatix Plant Simulation SPP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1571 |
ZDI-CAN-21270 |
Siemens |
CVE-2023-38681 |
7.8 |
2023-10-19 |
|
Siemens Tecnomatix Plant Simulation IGS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1570 |
ZDI-CAN-21132 |
Siemens |
CVE-2023-38680 |
7.8 |
2023-10-19 |
|
Siemens Tecnomatix Plant Simulation SPP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1569 |
ZDI-CAN-18490 |
Siemens |
CVE-2021-27044 |
7.8 |
2023-10-19 |
|
Siemens Solid Edge Viewer FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1568 |
ZDI-CAN-21354 |
NI |
CVE-2023-4601 |
8.1 |
2023-10-19 |
|
NI Measurement & Automation Explorer Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1567 |
ZDI-CAN-21119 |
SolarWinds |
CVE-2023-35187 |
9.8 |
2023-10-19 |
|
SolarWinds Access Rights Manager OpenClientUpdateFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-23-1566 |
ZDI-CAN-21376 |
SolarWinds |
CVE-2023-35186 |
8.8 |
2023-10-19 |
|
SolarWinds Access Rights Manager GetParameterFormTemplateWithSelectionState Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-23-1565 |
ZDI-CAN-21120 |
SolarWinds |
CVE-2023-35185 |
9.8 |
2023-10-19 |
|
SolarWinds Access Rights Manager OpenFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-23-1564 |
ZDI-CAN-21113 |
SolarWinds |
CVE-2023-35182 |
9.8 |
2023-10-19 |
|
SolarWinds Access Rights Manager createGlobalServerChannelInternal Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-23-1563 |
ZDI-CAN-21385 |
SolarWinds |
CVE-2023-35184 |
8.8 |
2023-10-19 |
|
SolarWinds Access Rights Manager ExecuteAction Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-23-1562 |
ZDI-CAN-21374 |
SolarWinds |
CVE-2023-35183 |
7.8 |
2023-10-19 |
|
SolarWinds Access Rights Manager Incorrect Default Permissions Local Privilege Escalation Vulnerability |
| ZDI-23-1561 |
ZDI-CAN-21373 |
SolarWinds |
CVE-2023-35181 |
7.8 |
2023-10-19 |
|
SolarWinds Access Rights Manager Incorrect Default Permissions Local Privilege Escalation Vulnerability |
| ZDI-23-1560 |
ZDI-CAN-21375 |
SolarWinds |
CVE-2023-35180 |
8.8 |
2023-10-19 |
|
SolarWinds Access Rights Manager IFormTemplate Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-23-1559 |
ZDI-CAN-21463 |
F5 |
CVE-2023-41373 |
8.8 |
2023-10-18 |
|
F5 BIG-IP OS unzip Directory Traversal Remote Code Execution Vulnerability |
| ZDI-23-1558 |
ZDI-CAN-21155 |
Siemens |
CVE-2023-37248 |
7.8 |
2023-10-11 |
|
Siemens Tecnomatix Plant Simulation PAR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1557 |
ZDI-CAN-21109 |
Siemens |
CVE-2023-37246 |
7.8 |
2023-10-11 |
|
Siemens Tecnomatix Plant Simulation PRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1556 |
ZDI-CAN-21138 |
Siemens |
CVE-2023-37247 |
7.8 |
2023-10-11 |
|
Siemens Tecnomatix Plant Simulation PAR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1555 |
ZDI-CAN-21605 |
Microsoft |
CVE-2023-38159 |
8.8 |
2023-10-11 |
|
Microsoft Windows DirectX GpuMmu Race Condition Local Privilege Escalation Vulnerability |
| ZDI-23-1554 |
ZDI-CAN-21342 |
Microsoft |
CVE-2023-36731 |
8.8 |
2023-10-11 |
|
Microsoft Windows bStretch Improper Input Validation Local Privilege Escalation Vulnerability |
| ZDI-23-1553 |
ZDI-CAN-21427 |
Microsoft |
CVE-2023-36732 |
8.8 |
2023-10-11 |
|
Microsoft Windows DEVLOCKBLTOBJ Race Condition Local Privilege Escalation Vulnerability |
| ZDI-23-1552 |
ZDI-CAN-21248 |
Microsoft |
CVE-2023-36594 |
7.8 |
2023-10-11 |
|
Microsoft Windows UMPDDrvPlgBlt Type Confusion Local Privilege Escalation Vulnerability |
| ZDI-23-1551 |
ZDI-CAN-21250 |
Microsoft |
CVE-2023-36594 |
7.8 |
2023-10-11 |
|
Microsoft Windows UMPDDrvStretchBlt Type Confusion Local Privilege Escalation Vulnerability |
| ZDI-23-1550 |
ZDI-CAN-21249 |
Microsoft |
CVE-2023-36594 |
7.8 |
2023-10-11 |
|
Microsoft Windows UMPDDrvBitBlt Type Confusion Local Privilege Escalation Vulnerability |
| ZDI-23-1549 |
ZDI-CAN-21251 |
Microsoft |
CVE-2023-36594 |
7.8 |
2023-10-11 |
|
Microsoft Windows UMPDDrvStretchBltROP Type Confusion Local Privilege Escalation Vulnerability |
| ZDI-23-1548 |
ZDI-CAN-21209 |
Microsoft |
CVE-2023-36594 |
7.8 |
2023-10-11 |
|
Microsoft Windows UMPDDrvCopyBits Type Confusion Local Privilege Escalation Vulnerability |
| ZDI-23-1547 |
ZDI-CAN-21207 |
Microsoft |
CVE-2023-36594 |
7.8 |
2023-10-11 |
|
Microsoft Windows UMPDDrvStretchBlt Type Confusion Local Privilege Escalation Vulnerability |
| ZDI-23-1546 |
ZDI-CAN-21208 |
Microsoft |
CVE-2023-36594 |
7.8 |
2023-10-11 |
|
Microsoft Windows UMPDDrvStretchBltROP Type Confusion Local Privilege Escalation Vulnerability |
| ZDI-23-1545 |
ZDI-CAN-21161 |
Microsoft |
CVE-2023-36594 |
7.8 |
2023-10-11 |
|
Microsoft Windows IsSurfaceLockable Type Confusion Local Privilege Escalation Vulnerability |
| ZDI-23-1544 |
ZDI-CAN-21204 |
Microsoft |
CVE-2023-36594 |
7.8 |
2023-10-11 |
|
Microsoft Windows UMPDDrvPlgBlt Type Confusion Local Privilege Escalation Vulnerability |
| ZDI-23-1543 |
ZDI-CAN-21205 |
Microsoft |
CVE-2023-36594 |
7.8 |
2023-10-11 |
|
Microsoft Windows UMPDDrvBitBlt Type Confusion Local Privilege Escalation Vulnerability |
| ZDI-23-1542 |
ZDI-CAN-21206 |
Microsoft |
CVE-2023-36594 |
7.8 |
2023-10-11 |
|
Microsoft Windows UMPDDrvCopyBits Type Confusion Local Privilege Escalation Vulnerability |
| ZDI-23-1541 |
ZDI-CAN-20751 |
Microsoft |
|
7.5 |
2023-10-11 |
|
(Pwn2Own) Microsoft Teams Incorrect Privilege Assignment Local Privilege Escalation Vulnerability |
| ZDI-23-1540 |
ZDI-CAN-20720 |
Microsoft |
|
5.0 |
2023-10-11 |
|
(Pwn2Own) Microsoft Teams Cross-Site Scripting Remote Code Execution Vulnerability |
| ZDI-23-1539 |
ZDI-CAN-21257 |
Adobe |
CVE-2023-26370 |
7.8 |
2023-10-11 |
|
Adobe Photoshop PSD File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-23-1538 |
ZDI-CAN-21403 |
Adobe |
CVE-2023-38217 |
3.3 |
2023-10-11 |
|
Adobe Bridge Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1537 |
ZDI-CAN-21404 |
Adobe |
CVE-2023-38216 |
3.3 |
2023-10-11 |
|
Adobe Bridge Font Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-23-1536 |
ZDI-CAN-21585 |
Kofax |
CVE-2023-42127 |
7.8 |
2023-10-06 |
|
Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1535 |
ZDI-CAN-21007 |
Microsoft |
CVE-2023-36804 |
8.8 |
2023-10-06 |
|
Microsoft Windows UMPDDrvStretchBltROP Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-23-1534 |
ZDI-CAN-21029 |
Microsoft |
CVE-2023-36804 |
8.8 |
2023-10-06 |
|
Microsoft Windows UMPDDrvLineTo Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-23-1533 |
ZDI-CAN-21255 |
Magnet Forensics |
CVE-2023-42128 |
8.0 |
2023-10-06 |
|
Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1532 |
ZDI-CAN-21852 |
Ivanti |
CVE-2023-28323 |
9.8 |
2023-10-05 |
|
Ivanti Endpoint Manager ProcessEPMAuthToken Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-23-1531 |
ZDI-CAN-18855 |
Delta Electronics |
CVE-2022-3214 |
9.8 |
2023-10-05 |
|
Delta Electronics DIAEnergie HandlerUploadCalendar Use Of Hard-Coded Credentials Authentication Bypass Vulnerability |
| ZDI-23-1530 |
ZDI-CAN-18853 |
Delta Electronics |
CVE-2022-3214 |
9.8 |
2023-10-05 |
|
Delta Electronics DIAEnergie HandlerUploadTag Use Of Hard-Coded Credentials Authentication Bypass Vulnerability |
| ZDI-23-1529 |
ZDI-CAN-18857 |
Delta Electronics |
CVE-2022-3214 |
9.8 |
2023-10-05 |
|
Delta Electronics DIAEnergie HandlerUploadCarbon Use Of Hard-Coded Credentials Authentication Bypass Vulnerability |
| ZDI-23-1528 |
ZDI-CAN-22264 |
Microsoft |
|
10.0 |
2023-10-05 |
|
Microsoft PC Manager SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability |
| ZDI-23-1527 |
ZDI-CAN-22263 |
Microsoft |
|
10.0 |
2023-10-05 |
|
Microsoft PC Manager SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability |
| ZDI-23-1526 |
ZDI-CAN-20769 |
MuseScore |
CVE-2023-44428 |
7.8 |
2023-10-04 |
|
(0Day) MuseScore CAP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1525 |
ZDI-CAN-21222 |
D-Link |
CVE-2023-44427 |
8.0 |
2023-10-04 |
|
(0Day) D-Link DIR-X3260 SetSysEmailSettings SMTPServerAddress Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1524 |
ZDI-CAN-21160 |
D-Link |
CVE-2023-44426 |
8.0 |
2023-10-04 |
|
(0Day) D-Link DIR-X3260 SetSysEmailSettings AccountPassword Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1523 |
ZDI-CAN-21159 |
D-Link |
CVE-2023-44425 |
8.0 |
2023-10-04 |
|
(0Day) D-Link DIR-X3260 SetSysEmailSettings AccountName Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1522 |
ZDI-CAN-21158 |
D-Link |
CVE-2023-44424 |
8.0 |
2023-10-04 |
|
(0Day) D-Link DIR-X3260 SetSysEmailSettings EmailTo Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1521 |
ZDI-CAN-21157 |
D-Link |
CVE-2023-44423 |
8.0 |
2023-10-04 |
|
(0Day) D-Link DIR-X3260 SetTriggerPPPoEValidate Password Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1520 |
ZDI-CAN-21102 |
D-Link |
CVE-2023-44422 |
8.0 |
2023-10-04 |
|
(0Day) D-Link DIR-X3260 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1519 |
ZDI-CAN-21101 |
D-Link |
CVE-2023-44421 |
8.0 |
2023-10-04 |
|
(0Day) D-Link DIR-X3260 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1518 |
ZDI-CAN-21100 |
D-Link |
CVE-2023-44420 |
8.8 |
2023-10-04 |
|
(0Day) D-Link DIR-X3260 prog.cgi Incorrect Implementation of Authentication Algorithm Authentication Bypass Vulnerability |
| ZDI-23-1517 |
ZDI-CAN-20774 |
D-Link |
CVE-2023-44419 |
8.8 |
2023-10-04 |
|
(0Day) D-Link DIR-X3260 Prog.cgi Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1516 |
ZDI-CAN-20727 |
D-Link |
CVE-2023-44418 |
8.8 |
2023-10-04 |
|
(0Day) D-Link DIR-X3260 Prog.cgi Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1515 |
ZDI-CAN-20091 |
D-Link |
CVE-2023-44417 |
8.8 |
2023-10-04 |
|
(0Day) D-Link DAP-2622 DDP Set IPv4 Address Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1514 |
ZDI-CAN-20051 |
D-Link |
CVE-2023-44416 |
6.8 |
2023-10-04 |
|
(0Day) D-Link DAP-2622 Telnet CLI Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1513 |
ZDI-CAN-19946 |
D-Link |
CVE-2023-44415 |
6.8 |
2023-10-04 |
|
(0Day) D-Link Multiple Routers cli Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1512 |
ZDI-CAN-19573 |
D-Link |
CVE-2023-44414 |
9.8 |
2023-10-04 |
|
(0Day) D-Link D-View coreservice_action_script Exposed Dangerous Function Remote Code Execution Vulnerability |
| ZDI-23-1511 |
ZDI-CAN-19572 |
D-Link |
CVE-2023-44413 |
5.9 |
2023-10-04 |
|
(0Day) D-Link D-View shutdown_coreserver Missing Authentication Denial-of-Service Vulnerability |
| ZDI-23-1510 |
ZDI-CAN-19571 |
D-Link |
CVE-2023-44412 |
8.2 |
2023-10-04 |
|
(0Day) D-Link D-View addDv7Probe XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-23-1509 |
ZDI-CAN-19553 |
D-Link |
CVE-2023-44411 |
9.8 |
2023-10-04 |
|
(0Day) D-Link D-View InstallApplication Use of Hard-coded Credentials Authentication Bypass Vulnerability |
| ZDI-23-1508 |
ZDI-CAN-19535 |
D-Link |
CVE-2023-44410 |
8.8 |
2023-10-04 |
|
(0Day) D-Link D-View showUsers Improper Authorization Privilege Escalation Vulnerability |
| ZDI-23-1507 |
ZDI-CAN-18838 |
D-Link |
CVE-2023-44409 |
8.8 |
2023-10-04 |
|
(0Day) D-Link DAP-1325 SetSetupWizardStatus Enabled Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1506 |
ZDI-CAN-18827 |
D-Link |
CVE-2023-44408 |
8.8 |
2023-10-04 |
|
(0Day) D-Link DAP-1325 SetAPLanSettings IPAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1505 |
ZDI-CAN-18826 |
D-Link |
CVE-2023-44407 |
8.8 |
2023-10-04 |
|
(0Day) D-Link DAP-1325 SetAPLanSettings Gateway Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1504 |
ZDI-CAN-18825 |
D-Link |
CVE-2023-44406 |
8.8 |
2023-10-04 |
|
(0Day) D-Link DAP-1325 SetAPLanSettings DeviceName Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1503 |
ZDI-CAN-18824 |
D-Link |
CVE-2023-44405 |
8.8 |
2023-10-04 |
|
(0Day) D-Link DAP-1325 get_value_of_key Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1502 |
ZDI-CAN-18823 |
D-Link |
CVE-2023-44404 |
8.8 |
2023-10-04 |
|
(0Day) D-Link DAP-1325 get_value_from_app Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1501 |
ZDI-CAN-18822 |
D-Link |
CVE-2023-44403 |
8.8 |
2023-10-04 |
|
(0Day) D-Link DAP-1325 HNAP SetWLanRadioSettings Channel Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1500 |
ZDI-CAN-20767 |
Cacti |
CVE-2023-39365 |
8.8 |
2023-10-04 |
|
Cacti graph_view SQL Injection Authentication Bypass Vulnerability |
| ZDI-23-1499 |
ZDI-CAN-21001 |
Cacti |
CVE-2023-39365 |
6.6 |
2023-10-04 |
|
Cacti link Local File Inclusion Remote Code Execution Vulnerability |
| ZDI-23-1498 |
ZDI-CAN-17827 |
Ansys |
CVE-2023-42131 |
7.8 |
2023-10-04 |
|
Ansys SpaceClaim X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1497 |
ZDI-CAN-16895 |
Apple |
CVE-2022-26773 |
7.8 |
2023-10-04 |
|
Apple iTunes Incorrect Permission Assignment Privilege Escalation Vulnerability |
| ZDI-23-1496 |
ZDI-CAN-17905 |
A10 |
CVE-2023-42130 |
8.3 |
2023-10-04 |
|
A10 Thunder ADC FileMgmtExport Directory Traversal Arbitrary File Read and Deletion Vulnerability |
| ZDI-23-1495 |
ZDI-CAN-17899 |
A10 |
CVE-2023-42129 |
6.5 |
2023-10-04 |
|
A10 Thunder ADC ShowTechDownloadView Directory Traversal Information Disclosure Vulnerability |
| ZDI-23-1494 |
ZDI-CAN-21167 |
Apple |
CVE-2023-38600 |
8.8 |
2023-09-29 |
|
Apple Safari TypedArray copyWithin Integer Underflow Remote Code Execution Vulnerability |
| ZDI-23-1493 |
ZDI-CAN-20694 |
G DATA |
CVE-2023-42126 |
7.8 |
2023-09-29 |
2023-12-07 |
G DATA Total Security GDBackupSvc Service Link Following Local Privilege Escalation Vulnerability |
| ZDI-23-1492 |
ZDI-CAN-18111 |
Linux |
CVE-2023-39194 |
3.2 |
2023-09-29 |
2023-10-02 |
Linux Kernel XFRM Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1491 |
ZDI-CAN-18866 |
Linux |
CVE-2023-39193 |
5.1 |
2023-09-29 |
|
Linux Kernel Netfilter Xtables Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1490 |
ZDI-CAN-18408 |
Linux |
CVE-2023-39192 |
6.7 |
2023-09-29 |
|
Linux Kernel Netfilter Xtables Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1489 |
ZDI-CAN-19399 |
Linux |
CVE-2023-39191 |
8.2 |
2023-09-29 |
|
Linux Kernel eBPF Improper Input Validation Privilege Escalation Vulnerability |
| ZDI-23-1488 |
ZDI-CAN-21010 |
ManageEngine |
CVE-2023-38743 |
7.2 |
2023-09-29 |
|
ManageEngine ADManager Plus installServiceWithCredentials Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1487 |
ZDI-CAN-22134 |
PDF-XChange |
CVE-2023-42107 |
3.3 |
2023-09-29 |
|
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1486 |
ZDI-CAN-22133 |
PDF-XChange |
CVE-2023-42106 |
3.3 |
2023-09-29 |
|
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1485 |
ZDI-CAN-22146 |
PDF-XChange |
CVE-2023-42112 |
3.3 |
2023-09-29 |
|
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1484 |
ZDI-CAN-22136 |
PDF-XChange |
CVE-2023-42109 |
3.3 |
2023-09-29 |
|
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1483 |
ZDI-CAN-22135 |
PDF-XChange |
CVE-2023-42108 |
7.8 |
2023-09-29 |
|
PDF-XChange Editor EMF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1482 |
ZDI-CAN-22137 |
PDF-XChange |
CVE-2023-42110 |
3.3 |
2023-09-29 |
|
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1481 |
ZDI-CAN-22138 |
PDF-XChange |
CVE-2023-42111 |
7.8 |
2023-09-29 |
|
PDF-XChange Editor JPG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1480 |
ZDI-CAN-22147 |
PDF-XChange |
CVE-2023-42113 |
3.3 |
2023-09-29 |
|
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1479 |
ZDI-CAN-21079 |
Control Web Panel |
CVE-2023-42122 |
7.8 |
2023-09-27 |
|
(0Day) Control Web Panel wloggui Command Injection Local Privilege Escalation Vulnerability |
| ZDI-23-1478 |
ZDI-CAN-20582 |
Control Web Panel |
CVE-2023-42121 |
9.8 |
2023-09-27 |
|
(0Day) Control Web Panel Missing Authentication Remote Code Execution Vulnerability |
| ZDI-23-1477 |
ZDI-CAN-20581 |
Control Web Panel |
CVE-2023-42120 |
8.8 |
2023-09-27 |
|
(0Day) Control Web Panel dns_zone_editor Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1476 |
ZDI-CAN-21080 |
Control Web Panel |
CVE-2023-42123 |
8.8 |
2023-09-27 |
|
(0Day) Control Web Panel mysql_manager Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1475 |
ZDI-CAN-20383 |
Avast |
CVE-2023-42125 |
7.8 |
2023-09-27 |
2023-10-23 |
(0Day) Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability |
| ZDI-23-1474 |
ZDI-CAN-20178 |
Avast |
CVE-2023-42124 |
5.3 |
2023-09-27 |
2023-10-23 |
(0Day) Avast Premium Security Sandbox Protection Incorrect Authorization Privilege Escalation Vulnerability |
| ZDI-23-1473 |
ZDI-CAN-17643 |
Exim |
CVE-2023-42119 |
3.1 |
2023-09-27 |
|
(0Day) Exim dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1472 |
ZDI-CAN-17578 |
Exim |
CVE-2023-42118 |
7.5 |
2023-09-27 |
|
(0Day) Exim libspf2 Integer Underflow Remote Code Execution Vulnerability |
| ZDI-23-1471 |
ZDI-CAN-17554 |
Exim |
CVE-2023-42117 |
8.1 |
2023-09-27 |
|
(0Day) Exim Improper Neutralization of Special Elements Remote Code Execution Vulnerability |
| ZDI-23-1470 |
ZDI-CAN-17515 |
Exim |
CVE-2023-42116 |
8.1 |
2023-09-27 |
|
(0Day) Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1469 |
ZDI-CAN-17434 |
Exim |
CVE-2023-42115 |
9.8 |
2023-09-27 |
|
(0Day) Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1468 |
ZDI-CAN-17433 |
Exim |
CVE-2023-42114 |
3.7 |
2023-09-27 |
|
(0Day) Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1467 |
ZDI-CAN-18594 |
Mozilla |
|
5.4 |
2023-09-27 |
|
Mozilla Firefox JIT Boolean Conversion Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-23-1466 |
ZDI-CAN-18380 |
Microsoft |
CVE-2022-35825 |
3.3 |
2023-09-27 |
|
Microsoft Visual Studio FBX File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1465 |
ZDI-CAN-18378 |
Microsoft |
CVE-2022-35825 |
3.3 |
2023-09-27 |
|
Microsoft Visual Studio FBX File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1464 |
ZDI-CAN-18377 |
Microsoft |
CVE-2022-35825 |
3.3 |
2023-09-27 |
|
Microsoft Visual Studio FBX File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1463 |
ZDI-CAN-18375 |
Microsoft |
CVE-2022-35825 |
7.8 |
2023-09-27 |
|
Microsoft Visual Studio FBX File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1462 |
ZDI-CAN-18363 |
Microsoft |
CVE-2022-35825 |
7.8 |
2023-09-27 |
|
Microsoft Visual Studio FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1461 |
ZDI-CAN-18362 |
Microsoft |
CVE-2022-35825 |
7.8 |
2023-09-27 |
|
Microsoft Visual Studio FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1460 |
ZDI-CAN-18361 |
Microsoft |
CVE-2022-35825 |
7.8 |
2023-09-27 |
|
Microsoft Visual Studio FBX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1459 |
ZDI-CAN-18321 |
Microsoft |
CVE-2022-35825 |
7.8 |
2023-09-27 |
|
Microsoft Visual Studio DAE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1458 |
ZDI-CAN-21768 |
GStreamer |
CVE-2023-40476 |
8.8 |
2023-09-27 |
|
GStreamer H265 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1457 |
ZDI-CAN-21661 |
GStreamer |
CVE-2023-40475 |
8.8 |
2023-09-27 |
|
GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1456 |
ZDI-CAN-21660 |
GStreamer |
CVE-2023-40474 |
8.8 |
2023-09-27 |
|
GStreamer MXF File Parsing Integer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1455 |
ZDI-CAN-21604 |
Kofax |
CVE-2023-42100 |
3.3 |
2023-09-22 |
|
Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1454 |
ZDI-CAN-20562 |
Ashlar-Vellum |
CVE-2023-42105 |
7.0 |
2023-09-21 |
2023-09-21 |
(0Day) Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-23-1453 |
ZDI-CAN-20630 |
Ashlar-Vellum |
CVE-2023-42104 |
7.8 |
2023-09-21 |
2023-09-21 |
(0Day) Ashlar-Vellum Cobalt AR File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1452 |
ZDI-CAN-20660 |
Ashlar-Vellum |
CVE-2023-42103 |
7.8 |
2023-09-21 |
2023-09-21 |
(0Day) Ashlar-Vellum Cobalt AR File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1451 |
ZDI-CAN-20409 |
Ashlar-Vellum |
CVE-2023-42102 |
7.8 |
2023-09-21 |
2023-09-21 |
(0Day) Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-23-1450 |
ZDI-CAN-20418 |
Ashlar-Vellum |
CVE-2023-42101 |
7.8 |
2023-09-21 |
2023-09-21 |
(0Day) Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1449 |
ZDI-CAN-21846 |
Intel |
CVE-2023-42099 |
7.8 |
2023-09-21 |
|
(0Day) Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability |
| ZDI-23-1448 |
ZDI-CAN-21488 |
Microsoft |
CVE-2023-36745 |
7.5 |
2023-09-19 |
|
Microsoft Exchange SharedTypeResolver Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-23-1447 |
ZDI-CAN-21487 |
Microsoft |
CVE-2023-36757 |
6.5 |
2023-09-19 |
|
Microsoft Exchange ExFileLog Deserialization of Untrusted Data Denial-of-Service Vulnerability |
| ZDI-23-1446 |
ZDI-CAN-20618 |
Microsoft |
CVE-2023-36805 |
7.8 |
2023-09-19 |
|
Microsoft Windows Untrusted Script Execution Remote Code Execution Vulnerability |
| ZDI-23-1445 |
ZDI-CAN-21031 |
Microsoft |
CVE-2023-38161 |
8.8 |
2023-09-19 |
|
Microsoft Windows UMPDDrvRealizeBrush Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-23-1444 |
ZDI-CAN-21117 |
SolarWinds |
CVE-2023-23840 |
8.8 |
2023-09-19 |
|
SolarWinds Orion Platform UpdateAction Exposed Dangerous Method Remote Code Execution Vulnerability |
| ZDI-23-1443 |
ZDI-CAN-21097 |
SolarWinds |
CVE-2023-23845 |
8.8 |
2023-09-19 |
|
SolarWinds Orion Platform UpdateActionsProperties Exposed Dangerous Method Remote Code Execution Vulnerability |
| ZDI-23-1442 |
ZDI-CAN-20949 |
Autodesk |
CVE-2023-41140 |
7.8 |
2023-09-19 |
|
Autodesk AutoCAD PRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1441 |
ZDI-CAN-20897 |
Autodesk |
CVE-2023-41140 |
7.8 |
2023-09-19 |
|
Autodesk AutoCAD PRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1440 |
ZDI-CAN-20857 |
Autodesk |
CVE-2023-41139 |
7.8 |
2023-09-19 |
|
Autodesk AutoCAD STP File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-23-1439 |
ZDI-CAN-20869 |
Autodesk |
CVE-2023-29073 |
7.8 |
2023-09-19 |
|
Autodesk AutoCAD MODEL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1438 |
ZDI-CAN-20871 |
Autodesk |
CVE-2023-29074 |
7.8 |
2023-09-19 |
|
Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1437 |
ZDI-CAN-20872 |
Autodesk |
CVE-2023-29074 |
7.8 |
2023-09-19 |
|
Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1436 |
ZDI-CAN-20868 |
Autodesk |
CVE-2023-29075 |
7.8 |
2023-09-19 |
|
Autodesk AutoCAD PRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1435 |
ZDI-CAN-20867 |
Autodesk |
CVE-2023-29076 |
7.8 |
2023-09-19 |
|
Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-1434 |
ZDI-CAN-20866 |
Autodesk |
CVE-2023-29076 |
7.8 |
2023-09-19 |
|
Autodesk AutoCAD SAT File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-1433 |
ZDI-CAN-20865 |
Autodesk |
CVE-2023-29076 |
7.8 |
2023-09-19 |
|
Autodesk AutoCAD CATPART File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-1432 |
ZDI-CAN-20864 |
Autodesk |
CVE-2023-29076 |
7.8 |
2023-09-19 |
|
Autodesk AutoCAD MODEL File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-1431 |
ZDI-CAN-22037 |
Foxit |
CVE-2023-42098 |
3.3 |
2023-09-12 |
|
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability |
| ZDI-23-1430 |
ZDI-CAN-21902 |
Foxit |
CVE-2023-42097 |
7.8 |
2023-09-12 |
|
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1429 |
ZDI-CAN-21880 |
Foxit |
CVE-2023-42096 |
7.8 |
2023-09-12 |
|
Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1428 |
ZDI-CAN-21879 |
Foxit |
CVE-2023-42095 |
3.3 |
2023-09-12 |
|
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1427 |
ZDI-CAN-21873 |
Foxit |
CVE-2023-42094 |
7.8 |
2023-09-12 |
|
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1426 |
ZDI-CAN-21869 |
Foxit |
CVE-2023-42093 |
3.3 |
2023-09-12 |
|
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability |
| ZDI-23-1425 |
ZDI-CAN-21676 |
Foxit |
CVE-2023-42092 |
7.8 |
2023-09-12 |
|
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1424 |
ZDI-CAN-21601 |
Foxit |
CVE-2023-42091 |
7.8 |
2023-09-12 |
|
Foxit PDF Reader XFA Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1423 |
ZDI-CAN-21596 |
Foxit |
CVE-2023-42090 |
3.3 |
2023-09-12 |
|
Foxit PDF Reader XFA Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1422 |
ZDI-CAN-21586 |
Foxit |
CVE-2023-42089 |
3.3 |
2023-09-12 |
|
Foxit PDF Reader templates Use-After-Free Information Disclosure Vulnerability |
| ZDI-23-1421 |
ZDI-CAN-21615 |
Microsoft |
CVE-2023-27909 |
7.8 |
2023-09-12 |
|
Microsoft Office Word FBX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1420 |
ZDI-CAN-21614 |
Microsoft |
CVE-2023-36744 |
6.5 |
2023-09-12 |
|
Microsoft Exchange DumpDataReader Deserialization of Untrusted Data Arbitrary File Write Vulnerability |
| ZDI-23-1419 |
ZDI-CAN-21498 |
Microsoft |
CVE-2023-36756 |
8.8 |
2023-09-12 |
|
Microsoft Exchange ApprovedApplicationCollection Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-23-1418 |
ZDI-CAN-21490 |
Microsoft |
CVE-2023-36777 |
7.1 |
2023-09-12 |
|
Microsoft Exchange ProjectInstance Deserialization of Untrusted Data Information Disclosure Vulnerability |
| ZDI-23-1417 |
ZDI-CAN-21489 |
Microsoft |
CVE-2023-36777 |
7.1 |
2023-09-12 |
|
Microsoft Exchange Project Deserialization of Untrusted Data Information Disclosure Vulnerability |
| ZDI-23-1416 |
ZDI-CAN-21073 |
Microsoft |
CVE-2023-36770 |
5.3 |
2023-09-12 |
|
Microsoft 3D Builder GLB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1415 |
ZDI-CAN-21072 |
Microsoft |
CVE-2023-36773 |
5.3 |
2023-09-12 |
|
Microsoft 3D Builder WRL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1414 |
ZDI-CAN-21071 |
Microsoft |
CVE-2023-36771 |
5.3 |
2023-09-12 |
|
Microsoft 3D Builder PLY File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1413 |
ZDI-CAN-21070 |
Microsoft |
CVE-2023-36772 |
5.3 |
2023-09-12 |
|
Microsoft 3D Builder WRL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1412 |
ZDI-CAN-21069 |
Microsoft |
CVE-2023-36772 |
5.3 |
2023-09-12 |
|
Microsoft 3D Builder WRL File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-1411 |
ZDI-CAN-21068 |
Microsoft |
CVE-2023-36772 |
5.3 |
2023-09-12 |
|
Microsoft 3D Builder PLY File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-1410 |
ZDI-CAN-21028 |
Microsoft |
CVE-2023-36804 |
8.8 |
2023-09-12 |
|
Microsoft Windows UMPDDrvStrokePath Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-23-1409 |
ZDI-CAN-21027 |
Microsoft |
CVE-2023-36804 |
8.8 |
2023-09-12 |
|
Microsoft Windows UMPDDrvStrokeAndFillPath Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-23-1408 |
ZDI-CAN-21009 |
Microsoft |
CVE-2023-36804 |
8.8 |
2023-09-12 |
|
Microsoft Windows UMPDDrvStrokeAndFillPath Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-23-1407 |
ZDI-CAN-21008 |
Microsoft |
CVE-2023-36804 |
8.8 |
2023-09-12 |
|
Microsoft Windows UMPDDrvBitBlt Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-23-1406 |
ZDI-CAN-21003 |
Microsoft |
CVE-2023-36804 |
8.8 |
2023-09-12 |
|
Microsoft Windows UMPDDrvFillPath Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-23-1405 |
ZDI-CAN-20989 |
Microsoft |
CVE-2023-38144 |
6.4 |
2023-09-12 |
|
Microsoft Windows CLFS Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1404 |
ZDI-CAN-20975 |
Microsoft |
CVE-2023-38143 |
2.8 |
2023-09-12 |
|
Microsoft Windows CLFS Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1403 |
ZDI-CAN-20695 |
Microsoft |
CVE-2023-38155 |
7.0 |
2023-09-12 |
|
Microsoft Azure DevOps Server MachinePropertyBag Deserialization of Untrusted Data Local Privilege Escalation Vulnerability |
| ZDI-23-1402 |
ZDI-CAN-21510 |
Hewlett Packard Enterprise |
CVE-2023-30908 |
9.8 |
2023-09-11 |
|
Hewlett Packard Enterprise OneView resetAdminPassword Authentication Bypass Vulnerability |
| ZDI-23-1401 |
ZDI-CAN-21184 |
ManageEngine |
CVE-2023-39912 |
4.9 |
2023-09-11 |
|
ManageEngine ADManager Plus download Directory Traversal Information Disclosure Vulnerability |
| ZDI-23-1400 |
ZDI-CAN-21390 |
Delta Electronics |
CVE-2023-4685 |
7.8 |
2023-09-08 |
|
Delta Electronics CNCSoft-B DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1399 |
ZDI-CAN-21613 |
Visualware |
CVE-2023-42034 |
8.8 |
2023-09-08 |
|
Visualware MyConnection Server doRTAAccessCTConfig Cross-Site Scripting Authentication Bypass Vulnerability |
| ZDI-23-1398 |
ZDI-CAN-21611 |
Visualware |
CVE-2023-42032 |
7.5 |
2023-09-08 |
|
Visualware MyConnection Server doRTAAccessUPass Exposed Dangerous Method Information Disclosure Vulnerability |
| ZDI-23-1397 |
ZDI-CAN-21774 |
Visualware |
CVE-2023-42035 |
6.5 |
2023-09-08 |
|
Visualware MyConnection Server doIForward XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-23-1396 |
ZDI-CAN-21612 |
Visualware |
CVE-2023-42033 |
7.2 |
2023-09-08 |
|
Visualware MyConnection Server doPostUploadfiles Directory Traversal Remote Code Execution Vulnerability |
| ZDI-23-1395 |
ZDI-CAN-21603 |
Kofax |
CVE-2023-42039 |
7.8 |
2023-09-08 |
|
Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1394 |
ZDI-CAN-21602 |
Kofax |
CVE-2023-42038 |
7.8 |
2023-09-08 |
|
Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1393 |
ZDI-CAN-21582 |
Kofax |
CVE-2023-42036 |
7.8 |
2023-09-08 |
|
Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-1392 |
ZDI-CAN-21583 |
Kofax |
CVE-2023-42037 |
7.8 |
2023-09-08 |
|
Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-1391 |
ZDI-CAN-20663 |
PDF-XChange |
CVE-2023-42040 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor mailForm Use-After-Free Code Execution Vulnerability |
| ZDI-23-1390 |
ZDI-CAN-22088 |
PDF-XChange |
CVE-2023-42088 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor JPG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1389 |
ZDI-CAN-22061 |
PDF-XChange |
CVE-2023-42085 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor EMF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1388 |
ZDI-CAN-22062 |
PDF-XChange |
CVE-2023-42086 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor EMF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1387 |
ZDI-CAN-22064 |
PDF-XChange |
CVE-2023-42087 |
3.3 |
2023-09-08 |
|
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1386 |
ZDI-CAN-21967 |
PDF-XChange |
CVE-2023-42083 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor JPG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1385 |
ZDI-CAN-21974 |
PDF-XChange |
CVE-2023-42084 |
3.3 |
2023-09-08 |
|
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1384 |
ZDI-CAN-21944 |
PDF-XChange |
CVE-2023-42082 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor JPG File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1383 |
ZDI-CAN-21878 |
PDF-XChange |
CVE-2023-42081 |
3.3 |
2023-09-08 |
|
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1382 |
ZDI-CAN-21877 |
PDF-XChange |
CVE-2023-42080 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor EMF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1381 |
ZDI-CAN-21850 |
PDF-XChange |
CVE-2023-42078 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor JP2 File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-1380 |
ZDI-CAN-21851 |
PDF-XChange |
CVE-2023-42079 |
3.3 |
2023-09-08 |
|
PDF-XChange Editor J2K File Parsing Uninitialized Variable Information Disclosure Vulnerability |
| ZDI-23-1379 |
ZDI-CAN-21818 |
PDF-XChange |
CVE-2023-42077 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor EMF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1378 |
ZDI-CAN-21691 |
PDF-XChange |
CVE-2023-42075 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor JPG File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1377 |
ZDI-CAN-21762 |
PDF-XChange |
CVE-2023-42076 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1376 |
ZDI-CAN-21338 |
PDF-XChange |
CVE-2023-42074 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor addScript Type Confusion Remote Code Execution Vulnerability |
| ZDI-23-1375 |
ZDI-CAN-21291 |
PDF-XChange |
CVE-2023-42071 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1374 |
ZDI-CAN-21323 |
PDF-XChange |
CVE-2023-42073 |
3.3 |
2023-09-08 |
|
PDF-XChange Editor Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1373 |
ZDI-CAN-21311 |
PDF-XChange |
CVE-2023-42072 |
3.3 |
2023-09-08 |
|
PDF-XChange Editor JPC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1372 |
ZDI-CAN-21179 |
PDF-XChange |
CVE-2023-42070 |
3.3 |
2023-09-08 |
|
PDF-XChange Editor Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1371 |
ZDI-CAN-21166 |
PDF-XChange |
CVE-2023-42069 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor PDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1370 |
ZDI-CAN-20887 |
PDF-XChange |
CVE-2023-42043 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor PDF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-1369 |
ZDI-CAN-20985 |
PDF-XChange |
CVE-2023-42068 |
3.3 |
2023-09-08 |
|
PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1368 |
ZDI-CAN-20925 |
PDF-XChange |
CVE-2023-42052 |
3.3 |
2023-09-08 |
|
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1367 |
ZDI-CAN-20926 |
PDF-XChange |
CVE-2023-42053 |
3.3 |
2023-09-08 |
|
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1366 |
ZDI-CAN-20927 |
PDF-XChange |
CVE-2023-42054 |
3.3 |
2023-09-08 |
|
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1365 |
ZDI-CAN-20928 |
PDF-XChange |
CVE-2023-42055 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1364 |
ZDI-CAN-20929 |
PDF-XChange |
CVE-2023-42056 |
3.3 |
2023-09-08 |
|
PDF-XChange Editor U3D File Parsing Uninitialized Variable Information Disclosure Vulnerability |
| ZDI-23-1363 |
ZDI-CAN-20930 |
PDF-XChange |
CVE-2023-42057 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1362 |
ZDI-CAN-20931 |
PDF-XChange |
CVE-2023-42058 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1361 |
ZDI-CAN-20932 |
PDF-XChange |
CVE-2023-42059 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1360 |
ZDI-CAN-20889 |
PDF-XChange |
CVE-2023-42044 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1359 |
ZDI-CAN-20933 |
PDF-XChange |
CVE-2023-42060 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1358 |
ZDI-CAN-20934 |
PDF-XChange |
CVE-2023-42061 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1357 |
ZDI-CAN-20943 |
PDF-XChange |
CVE-2023-42063 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1356 |
ZDI-CAN-20845 |
PDF-XChange |
CVE-2023-42041 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1355 |
ZDI-CAN-20848 |
PDF-XChange |
CVE-2023-42042 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor App Object Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1354 |
ZDI-CAN-20906 |
PDF-XChange |
CVE-2023-42045 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor J2K File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1353 |
ZDI-CAN-20907 |
PDF-XChange |
CVE-2023-42046 |
3.3 |
2023-09-08 |
|
PDF-XChange Editor J2K File Parsing Uninitialized Variable Information Disclosure Vulnerability |
| ZDI-23-1352 |
ZDI-CAN-20908 |
PDF-XChange |
CVE-2023-42047 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor JP2 File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-1351 |
ZDI-CAN-20909 |
PDF-XChange |
CVE-2023-42048 |
3.3 |
2023-09-08 |
|
PDF-XChange Editor J2K File Parsing Uninitialized Variable Information Disclosure Vulnerability |
| ZDI-23-1350 |
ZDI-CAN-20920 |
PDF-XChange |
CVE-2023-42049 |
3.3 |
2023-09-08 |
|
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1349 |
ZDI-CAN-20921 |
PDF-XChange |
CVE-2023-42050 |
3.3 |
2023-09-08 |
|
PDF-XChange Editor EMF File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-23-1348 |
ZDI-CAN-20924 |
PDF-XChange |
CVE-2023-42051 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1347 |
ZDI-CAN-20935 |
PDF-XChange |
CVE-2023-42062 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor U3D File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-23-1346 |
ZDI-CAN-20944 |
PDF-XChange |
CVE-2023-42064 |
7.8 |
2023-09-08 |
|
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1345 |
ZDI-CAN-20973 |
PDF-XChange |
CVE-2023-42065 |
3.3 |
2023-09-08 |
|
PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1344 |
ZDI-CAN-20974 |
PDF-XChange |
CVE-2023-42066 |
3.3 |
2023-09-08 |
|
PDF-XChange Editor J2K File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1343 |
ZDI-CAN-20984 |
PDF-XChange |
CVE-2023-42067 |
3.3 |
2023-09-08 |
|
PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1342 |
ZDI-CAN-19744 |
Synology |
CVE-2023-41741 |
5.3 |
2023-09-07 |
|
Synology RT6600ax info.cgi Exposure of Sensitive Data Information Disclosure Vulnerability |
| ZDI-23-1341 |
ZDI-CAN-19743 |
Synology |
CVE-2023-41740 |
4.3 |
2023-09-07 |
|
Synology RT6600ax uistrings.cgi Path Traversal Information Disclosure Vulnerability |
| ZDI-23-1340 |
ZDI-CAN-19742 |
Synology |
CVE-2023-41739 |
5.7 |
2023-09-07 |
|
Synology RT6600ax SYNO.Core Uncontrolled Resource Consumption Denial-of-Service Vulnerability |
| ZDI-23-1339 |
ZDI-CAN-19741 |
Synology |
CVE-2023-41738 |
8.0 |
2023-09-07 |
|
Synology RT6600ax WEB API Endpoint Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1338 |
ZDI-CAN-21674 |
D-Link |
CVE-2023-41230 |
7.5 |
2023-09-07 |
|
D-Link DIR-3040 HTTP Request Processing Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1337 |
ZDI-CAN-21671 |
D-Link |
CVE-2023-41229 |
8.8 |
2023-09-07 |
|
D-Link DIR-3040 HTTP Request Processing Referer Heap-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1336 |
ZDI-CAN-21654 |
D-Link |
CVE-2023-41228 |
6.8 |
2023-09-07 |
|
D-Link DIR-3040 prog.cgi SetUsersSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1335 |
ZDI-CAN-21653 |
D-Link |
CVE-2023-41227 |
6.8 |
2023-09-07 |
|
D-Link DIR-3040 prog.cgi SetTriggerPPPoEValidate Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1334 |
ZDI-CAN-21652 |
D-Link |
CVE-2023-41226 |
6.8 |
2023-09-07 |
|
D-Link DIR-3040 prog.cgi SetMyDLinkRegistration Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1333 |
ZDI-CAN-21651 |
D-Link |
CVE-2023-41225 |
6.8 |
2023-09-07 |
|
D-Link DIR-3040 prog.cgi SetIPv6PppoeSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1332 |
ZDI-CAN-21650 |
D-Link |
CVE-2023-41224 |
6.8 |
2023-09-07 |
|
D-Link DIR-3040 prog.cgi SetDeviceSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1331 |
ZDI-CAN-21623 |
D-Link |
CVE-2023-41223 |
6.8 |
2023-09-07 |
|
D-Link DIR-3040 prog.cgi SetQuickVPNSettings PSK Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1330 |
ZDI-CAN-21622 |
D-Link |
CVE-2023-41222 |
6.8 |
2023-09-07 |
|
D-Link DIR-3040 prog.cgi SetWan2Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1329 |
ZDI-CAN-21621 |
D-Link |
CVE-2023-41221 |
6.8 |
2023-09-07 |
|
D-Link DIR-3040 prog.cgi SetWLanRadioSecurity Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1328 |
ZDI-CAN-21620 |
D-Link |
CVE-2023-41220 |
6.8 |
2023-09-07 |
|
D-Link DIR-3040 prog.cgi SetSysEmailSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1327 |
ZDI-CAN-21619 |
D-Link |
CVE-2023-41219 |
6.8 |
2023-09-07 |
|
D-Link DIR-3040 prog.cgi SetWanSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1326 |
ZDI-CAN-21618 |
D-Link |
CVE-2023-41218 |
6.8 |
2023-09-07 |
|
D-Link DIR-3040 prog.cgi SetWan3Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1325 |
ZDI-CAN-21617 |
D-Link |
CVE-2023-41217 |
7.1 |
2023-09-07 |
|
D-Link DIR-3040 prog.cgi SetQuickVPNSettings Password Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1324 |
ZDI-CAN-21616 |
D-Link |
CVE-2023-41216 |
6.8 |
2023-09-07 |
|
D-Link DIR-3040 prog.cgi SetDynamicDNSSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1323 |
ZDI-CAN-18804 |
D-Link |
CVE-2023-41186 |
6.5 |
2023-09-07 |
|
D-Link DAP-1325 CGI Missing Authentication Information Disclosure Vulnerability |
| ZDI-23-1322 |
ZDI-CAN-18807 |
D-Link |
CVE-2023-41187 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 HNAP Missing Authentication Remote Code Execution Vulnerability |
| ZDI-23-1321 |
ZDI-CAN-18840 |
D-Link |
CVE-2023-41213 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 setDhcpAssignRangeUpdate lan_ipaddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1320 |
ZDI-CAN-18839 |
D-Link |
CVE-2023-41212 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 SetTriggerAPValidate Key Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1319 |
ZDI-CAN-18837 |
D-Link |
CVE-2023-41211 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 SetHostIPv6StaticSettings StaticPrefixLength Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1318 |
ZDI-CAN-18836 |
D-Link |
CVE-2023-41210 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 SetHostIPv6StaticSettings StaticDNS2 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1317 |
ZDI-CAN-18835 |
D-Link |
CVE-2023-41209 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 SetHostIPv6StaticSettings StaticDNS1 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1316 |
ZDI-CAN-18834 |
D-Link |
CVE-2023-41208 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 SetHostIPv6StaticSettings StaticDefaultGateway Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1315 |
ZDI-CAN-18833 |
D-Link |
CVE-2023-41207 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 SetHostIPv6StaticSettings StaticAddress Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1314 |
ZDI-CAN-18832 |
D-Link |
CVE-2023-41206 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 SetHostIPv6Settings IPv6Mode Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1313 |
ZDI-CAN-18831 |
D-Link |
CVE-2023-41205 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 SetAPLanSettings SubnetMask Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1312 |
ZDI-CAN-18830 |
D-Link |
CVE-2023-41204 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 SetAPLanSettings SecondaryDNS Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1311 |
ZDI-CAN-18829 |
D-Link |
CVE-2023-41203 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 SetAPLanSettings PrimaryDNS Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1310 |
ZDI-CAN-18828 |
D-Link |
CVE-2023-41202 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 SetAPLanSettings Mode Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1309 |
ZDI-CAN-18821 |
D-Link |
CVE-2023-41201 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 HNAP SetSetupWizardStatus Enabled Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1308 |
ZDI-CAN-18820 |
D-Link |
CVE-2023-41200 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 HNAP SetHostIPv6StaticSettings StaticPrefixLength Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1307 |
ZDI-CAN-18819 |
D-Link |
CVE-2023-41199 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 HNAP SetHostIPv6StaticSettings StaticDNS2 Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1306 |
ZDI-CAN-18818 |
D-Link |
CVE-2023-41198 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 HNAP SetHostIPv6StaticSettings StaticDNS1 Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1305 |
ZDI-CAN-18817 |
D-Link |
CVE-2023-41197 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 HNAP SetHostIPv6StaticSettings StaticDefaultGateway Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1304 |
ZDI-CAN-18816 |
D-Link |
CVE-2023-41196 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 HNAP SetHostIPv6StaticSettings StaticAddress Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1303 |
ZDI-CAN-18815 |
D-Link |
CVE-2023-41195 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 HNAP SetHostIPv6Settings IPv6Mode Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1302 |
ZDI-CAN-18814 |
D-Link |
CVE-2023-41194 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 HNAP SetAPLanSettings SubnetMask Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1301 |
ZDI-CAN-18813 |
D-Link |
CVE-2023-41193 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 HNAP SetAPLanSettings SecondaryDNS Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1300 |
ZDI-CAN-18812 |
D-Link |
CVE-2023-41192 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 HNAP SetAPLanSettings PrimaryDNS Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1299 |
ZDI-CAN-18811 |
D-Link |
CVE-2023-41191 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 HNAP SetAPLanSettings Mode Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1298 |
ZDI-CAN-18810 |
D-Link |
CVE-2023-41190 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 HNAP SetAPLanSettings IPAddr Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1297 |
ZDI-CAN-18809 |
D-Link |
CVE-2023-41189 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 HNAP SetAPLanSettings Gateway Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1296 |
ZDI-CAN-18808 |
D-Link |
CVE-2023-41188 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 HNAP SetAPLanSettings DeviceName Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1295 |
ZDI-CAN-18841 |
D-Link |
CVE-2023-41214 |
8.8 |
2023-09-07 |
|
D-Link DAP-1325 setDhcpAssignRangeUpdate lan_ipaddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1294 |
ZDI-CAN-19435 |
Delta Electronics |
CVE-2023-0251 |
7.8 |
2023-08-31 |
|
Delta Electronics DIAScreen DPA File Parsing Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1293 |
ZDI-CAN-19203 |
Delta Electronics |
CVE-2023-0123 |
7.8 |
2023-08-31 |
|
Delta Electronics DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1292 |
ZDI-CAN-19200 |
Delta Electronics |
CVE-2023-0123 |
7.8 |
2023-08-31 |
|
Delta Electronics DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1291 |
ZDI-CAN-19196 |
Delta Electronics |
CVE-2023-0124 |
7.8 |
2023-08-31 |
|
Delta Electronics DOPSoft DPA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1290 |
ZDI-CAN-19195 |
Delta Electronics |
CVE-2023-0123 |
7.8 |
2023-08-31 |
|
Delta Electronics DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1289 |
ZDI-CAN-19194 |
Delta Electronics |
CVE-2023-0123 |
7.8 |
2023-08-31 |
|
Delta Electronics DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1288 |
ZDI-CAN-19193 |
Delta Electronics |
CVE-2023-0123 |
7.8 |
2023-08-31 |
|
Delta Electronics DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1287 |
ZDI-CAN-20589 |
TP-Link |
CVE-2023-41184 |
6.8 |
2023-08-31 |
|
TP-Link Tapo C210 ActiveCells Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1286 |
ZDI-CAN-20353 |
Unified Automation |
CVE-2023-41185 |
8.6 |
2023-08-30 |
|
Unified Automation UaGateway Certificate Parsing Integer Overflow Denial-of-Service Vulnerability |
| ZDI-23-1285 |
ZDI-CAN-21013 |
PaperCut |
CVE-2023-39469 |
7.2 |
2023-08-30 |
2023-09-07 |
PaperCut NG External User Lookup Code Injection Remote Code Execution Vulnerability |
| ZDI-23-1284 |
ZDI-CAN-19716 |
NETGEAR |
CVE-2023-41182 |
7.2 |
2023-08-30 |
|
NETGEAR ProSAFE Network Management System ZipUtils Directory Traversal Remote Code Execution Vulnerability |
| ZDI-23-1283 |
ZDI-CAN-20524 |
NETGEAR |
CVE-2023-41183 |
8.8 |
2023-08-30 |
|
NETGEAR Orbi 760 SOAP API Authentication Bypass Vulnerability |
| ZDI-23-1282 |
ZDI-CAN-21201 |
Microsoft |
|
7.5 |
2023-08-30 |
|
Microsoft Teams Pluginhost Prototype Pollution Privilege Escalation Vulnerability |
| ZDI-23-1281 |
ZDI-CAN-19459 |
Apache |
|
8.1 |
2023-08-29 |
2023-11-21 |
Apache ActiveMQ NMS Body Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-23-1280 |
ZDI-CAN-20104 |
D-Link |
|
5.4 |
2023-08-25 |
|
D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability |
| ZDI-23-1279 |
ZDI-CAN-20103 |
D-Link |
CVE-2023-37326 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Set Wireless Info Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1278 |
ZDI-CAN-20102 |
D-Link |
CVE-2023-37324 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Set Wireless Info Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1277 |
ZDI-CAN-20101 |
D-Link |
CVE-2023-37323 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Set SSID List PSK Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1276 |
ZDI-CAN-20100 |
D-Link |
CVE-2023-37322 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Set SSID List RADIUS Server Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1275 |
ZDI-CAN-20099 |
D-Link |
CVE-2023-37321 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Set SSID List RADIUS Secret Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1274 |
ZDI-CAN-20098 |
D-Link |
CVE-2023-37320 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Set SSID List SSID Name Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1273 |
ZDI-CAN-20097 |
D-Link |
CVE-2023-37319 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Set IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1272 |
ZDI-CAN-20096 |
D-Link |
CVE-2023-37318 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Set IPv6 Address Secondary DNS Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1271 |
ZDI-CAN-20095 |
D-Link |
CVE-2023-37317 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Set IPv6 Address Primary DNS Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1270 |
ZDI-CAN-20094 |
D-Link |
CVE-2023-37316 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Set IPv6 Address Default Gateway Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1269 |
ZDI-CAN-20093 |
D-Link |
CVE-2023-37315 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Set IPv6 Address Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1268 |
ZDI-CAN-20092 |
D-Link |
CVE-2023-37314 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Set IPv6 Address Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1267 |
ZDI-CAN-20090 |
D-Link |
CVE-2023-37313 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Set IPv4 Address Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1266 |
ZDI-CAN-20089 |
D-Link |
CVE-2023-37312 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Set Device Info Device Name Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1265 |
ZDI-CAN-20088 |
D-Link |
CVE-2023-37311 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Set Device Info Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1264 |
ZDI-CAN-20087 |
D-Link |
CVE-2023-37310 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Set Device Info Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1263 |
ZDI-CAN-20086 |
D-Link |
CVE-2023-41215 |
8.8 |
2023-08-25 |
2023-09-05 |
D-Link DAP-2622 DDP Set Date-Time Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1262 |
ZDI-CAN-20085 |
D-Link |
|
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Set Date-Time NTP Server Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1261 |
ZDI-CAN-20084 |
D-Link |
CVE-2023-35756 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Set Date-Time Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1260 |
ZDI-CAN-20083 |
D-Link |
CVE-2023-35755 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Set Date-Time Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1259 |
ZDI-CAN-20082 |
D-Link |
CVE-2023-35754 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Set AG Profile NMS URL Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1258 |
ZDI-CAN-20081 |
D-Link |
CVE-2023-35753 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Set AG Profile UUID Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1257 |
ZDI-CAN-20080 |
D-Link |
CVE-2023-35752 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Set AG Profile Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1256 |
ZDI-CAN-20079 |
D-Link |
CVE-2023-35751 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Set AG Profile Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1255 |
ZDI-CAN-20078 |
D-Link |
CVE-2023-35750 |
7.4 |
2023-08-25 |
|
D-Link DAP-2622 DDP Get SSID List WPA PSK Information Disclosure Vulnerability |
| ZDI-23-1254 |
ZDI-CAN-20077 |
D-Link |
CVE-2023-35748 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Firmware Upgrade Filename Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1253 |
ZDI-CAN-20076 |
D-Link |
CVE-2023-35748 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Firmware Upgrade Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1252 |
ZDI-CAN-20075 |
D-Link |
CVE-2023-35747 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Firmware Upgrade Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1251 |
ZDI-CAN-20074 |
D-Link |
CVE-2023-35746 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Firmware Upgrade Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1250 |
ZDI-CAN-20073 |
D-Link |
CVE-2023-35745 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Configuration Restore Filename Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1249 |
ZDI-CAN-20071 |
D-Link |
CVE-2023-35744 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Configuration Restore Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1248 |
ZDI-CAN-20070 |
D-Link |
CVE-2023-35743 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Configuration Restore Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1247 |
ZDI-CAN-20069 |
D-Link |
CVE-2023-35742 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Configuration Restore Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1246 |
ZDI-CAN-20068 |
D-Link |
CVE-2023-35741 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Configuration Backup Filename Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1245 |
ZDI-CAN-20067 |
D-Link |
CVE-2023-35740 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Configuration Backup Server Address Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1244 |
ZDI-CAN-20066 |
D-Link |
CVE-2023-35739 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Configuration Backup Server IPv6 Address Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1243 |
ZDI-CAN-20065 |
D-Link |
CVE-2023-35738 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Configuration Backup Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1242 |
ZDI-CAN-20064 |
D-Link |
CVE-2023-35737 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Configuration Backup Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1241 |
ZDI-CAN-20063 |
D-Link |
CVE-2023-35736 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Change ID Password New Password Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1240 |
ZDI-CAN-20062 |
D-Link |
CVE-2023-35735 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Change ID Password New Username Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1239 |
ZDI-CAN-20060 |
D-Link |
CVE-2023-35733 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Change ID Password Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1238 |
ZDI-CAN-20059 |
D-Link |
CVE-2023-35732 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Reset Factory Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1237 |
ZDI-CAN-20058 |
D-Link |
CVE-2023-35731 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Reset Factory Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1236 |
ZDI-CAN-20057 |
D-Link |
CVE-2023-35730 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Reset Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1235 |
ZDI-CAN-20056 |
D-Link |
CVE-2023-35729 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Reset Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1234 |
ZDI-CAN-20055 |
D-Link |
CVE-2023-35728 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Reboot Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1233 |
ZDI-CAN-20054 |
D-Link |
CVE-2023-35727 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP Reboot Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1232 |
ZDI-CAN-20053 |
D-Link |
CVE-2023-35726 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP User Verification Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1231 |
ZDI-CAN-20052 |
D-Link |
CVE-2023-35725 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 DDP User Verification Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1230 |
ZDI-CAN-20050 |
D-Link |
CVE-2023-35724 |
8.8 |
2023-08-25 |
|
D-Link DAP-2622 Telnet CLI Use of Hardcoded Credentials Authentication Bypass Vulnerability |
| ZDI-23-1229 |
ZDI-CAN-20661 |
Adobe |
CVE-2023-26371 |
3.3 |
2023-08-25 |
|
Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1228 |
ZDI-CAN-20228 |
Samba |
CVE-2023-34966 |
6.5 |
2023-08-25 |
|
Samba Spotlight mdssvc RPC Request Type Confusion Information Disclosure Vulnerability |
| ZDI-23-1227 |
ZDI-CAN-20229 |
Samba |
CVE-2023-34967 |
5.9 |
2023-08-25 |
|
Samba Spotlight mdssvc RPC Request Infinite Loop Denial-of-Service Vulnerability |
| ZDI-23-1226 |
ZDI-CAN-20043 |
Apple |
CVE-2023-32384 |
7.8 |
2023-08-25 |
|
Apple macOS ImageIO EXR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1225 |
ZDI-CAN-20027 |
Apple |
CVE-2023-32372 |
3.3 |
2023-08-25 |
|
Apple macOS EXR Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1224 |
ZDI-CAN-20270 |
LG |
|
7.5 |
2023-08-25 |
|
LG LED Assistant updateFile Directory Traversal Information Disclosure Vulnerability |
| ZDI-23-1223 |
ZDI-CAN-20269 |
LG |
|
7.5 |
2023-08-25 |
|
LG LED Assistant thumbnail Directory Traversal Information Disclosure Vulnerability |
| ZDI-23-1222 |
ZDI-CAN-20210 |
LG |
|
9.8 |
2023-08-25 |
|
LG LED Assistant setThumbnailRc Directory Traversal Remote Code Execution Vulnerability |
| ZDI-23-1221 |
ZDI-CAN-20271 |
LG |
|
9.8 |
2023-08-25 |
|
LG LED Assistant upload Directory Traversal Remote Code Execution Vulnerability |
| ZDI-23-1220 |
ZDI-CAN-20330 |
LG |
CVE-2023-41181 |
5.3 |
2023-08-24 |
|
(0Day) LG SuperSign Media Editor getSubFolderList Directory Traversal Information Disclosure Vulnerability |
| ZDI-23-1219 |
ZDI-CAN-20328 |
LG |
CVE-2023-40517 |
7.5 |
2023-08-24 |
|
(0Day) LG SuperSign Media Editor ContentRestController getObject Directory Traversal Information Disclosure Vulnerability |
| ZDI-23-1218 |
ZDI-CAN-20327 |
LG |
CVE-2023-40516 |
7.8 |
2023-08-24 |
|
(0Day) LG Simple Editor Incorrect Permission Assignment Local Privilege Escalation Vulnerability |
| ZDI-23-1217 |
ZDI-CAN-19945 |
LG |
CVE-2023-40501 |
9.8 |
2023-08-24 |
|
(0Day) LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerability |
| ZDI-23-1216 |
ZDI-CAN-20014 |
LG |
CVE-2023-40512 |
6.5 |
2023-08-24 |
|
(0Day) LG Simple Editor PlayerController getImageByFilename Directory Traversal Information Disclosure Vulnerability |
| ZDI-23-1215 |
ZDI-CAN-20013 |
LG |
CVE-2023-40511 |
7.5 |
2023-08-24 |
|
(0Day) LG Simple Editor checkServer Authentication Bypass Vulnerability |
| ZDI-23-1214 |
ZDI-CAN-20012 |
LG |
CVE-2023-40510 |
7.5 |
2023-08-24 |
|
(0Day) LG Simple Editor getServerSetting Authentication Bypass Vulnerability |
| ZDI-23-1213 |
ZDI-CAN-20011 |
LG |
CVE-2023-40509 |
8.2 |
2023-08-24 |
|
(0Day) LG Simple Editor deleteCanvas Directory Traversal Arbitrary File Deletion Vulnerability |
| ZDI-23-1212 |
ZDI-CAN-20010 |
LG |
CVE-2023-40508 |
8.2 |
2023-08-24 |
|
(0Day) LG Simple Editor putCanvasDB Directory Traversal Arbitrary File Deletion Vulnerability |
| ZDI-23-1211 |
ZDI-CAN-20006 |
LG |
CVE-2023-40507 |
7.5 |
2023-08-24 |
|
(0Day) LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-23-1210 |
ZDI-CAN-20005 |
LG |
CVE-2023-40506 |
7.5 |
2023-08-24 |
|
(0Day) LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-23-1209 |
ZDI-CAN-19978 |
LG |
CVE-2023-40505 |
9.8 |
2023-08-24 |
|
(0Day) LG Simple Editor createThumbnailByMovie Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1208 |
ZDI-CAN-19953 |
LG |
CVE-2023-40504 |
9.8 |
2023-08-24 |
|
(0Day) LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1207 |
ZDI-CAN-19952 |
LG |
CVE-2023-40503 |
7.5 |
2023-08-24 |
|
(0Day) LG Simple Editor saveXmlFile XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-23-1206 |
ZDI-CAN-19944 |
LG |
CVE-2023-40500 |
9.8 |
2023-08-24 |
|
(0Day) LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerability |
| ZDI-23-1205 |
ZDI-CAN-19926 |
LG |
CVE-2023-40499 |
8.2 |
2023-08-24 |
|
(0Day) LG Simple Editor mkdir Directory Traversal Arbitrary File Deletion Vulnerability |
| ZDI-23-1204 |
ZDI-CAN-19925 |
LG |
CVE-2023-40498 |
9.8 |
2023-08-24 |
|
(0Day) LG Simple Editor cp Command Directory Traversal Remote Code Execution Vulnerability |
| ZDI-23-1203 |
ZDI-CAN-19924 |
LG |
CVE-2023-40497 |
9.8 |
2023-08-24 |
|
(0Day) LG Simple Editor saveXml Directory Traversal Remote Code Execution Vulnerability |
| ZDI-23-1202 |
ZDI-CAN-19923 |
LG |
CVE-2023-40496 |
7.5 |
2023-08-24 |
|
(0Day) LG Simple Editor copyStickerContent Directory Traversal Information Disclosure Vulnerability |
| ZDI-23-1201 |
ZDI-CAN-19922 |
LG |
CVE-2023-40495 |
7.5 |
2023-08-24 |
|
(0Day) LG Simple Editor copyTemplateAll Directory Traversal Information Disclosure Vulnerability |
| ZDI-23-1200 |
ZDI-CAN-19921 |
LG |
CVE-2023-40494 |
8.2 |
2023-08-24 |
|
(0Day) LG Simple Editor deleteFolder Directory Traversal Arbitrary File Deletion Vulnerability |
| ZDI-23-1199 |
ZDI-CAN-19920 |
LG |
CVE-2023-40493 |
9.8 |
2023-08-24 |
|
(0Day) LG Simple Editor copySessionFolder Directory Traversal Remote Code Execution Vulnerability |
| ZDI-23-1198 |
ZDI-CAN-19919 |
LG |
CVE-2023-40492 |
8.2 |
2023-08-24 |
|
(0Day) LG Simple Editor deleteCheckSession Directory Traversal Arbitrary File Deletion Vulnerability |
| ZDI-23-1197 |
ZDI-CAN-20048 |
LG |
CVE-2023-40515 |
7.5 |
2023-08-24 |
|
(0Day) LG Simple Editor joinAddUser Improper Input Validation Denial-of-Service Vulnerability |
| ZDI-23-1196 |
ZDI-CAN-20016 |
LG |
CVE-2023-40514 |
6.5 |
2023-08-24 |
|
(0Day) LG Simple Editor FileManagerController getImageByFilename Directory Traversal Information Disclosure Vulnerability |
| ZDI-23-1195 |
ZDI-CAN-20015 |
LG |
CVE-2023-40513 |
6.5 |
2023-08-24 |
|
(0Day) LG Simple Editor UserManageController getImageByFilename Directory Traversal Information Disclosure Vulnerability |
| ZDI-23-1194 |
ZDI-CAN-19951 |
LG |
CVE-2023-40502 |
8.2 |
2023-08-24 |
|
(0Day) LG Simple Editor cropImage Directory Traversal Arbitrary File Deletion Vulnerability |
| ZDI-23-1193 |
ZDI-CAN-21437 |
Maxon |
CVE-2023-40489 |
7.8 |
2023-08-24 |
|
(0Day) Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1192 |
ZDI-CAN-21435 |
Maxon |
CVE-2023-40487 |
7.8 |
2023-08-24 |
|
(0Day) Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1191 |
ZDI-CAN-21439 |
Maxon |
CVE-2023-40491 |
7.8 |
2023-08-24 |
|
(0Day) Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1190 |
ZDI-CAN-21438 |
Maxon |
CVE-2023-4049 |
7.8 |
2023-08-24 |
|
(0Day) Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1189 |
ZDI-CAN-21436 |
Maxon |
CVE-2023-40488 |
7.8 |
2023-08-24 |
|
(0Day) Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1188 |
ZDI-CAN-21432 |
Maxon |
CVE-2023-40484 |
7.8 |
2023-08-24 |
|
(0Day) Maxon Cinema 4D SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1187 |
ZDI-CAN-21433 |
Maxon |
CVE-2023-40485 |
7.8 |
2023-08-24 |
|
(0Day) Maxon Cinema 4D SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1186 |
ZDI-CAN-21434 |
Maxon |
CVE-2023-40486 |
7.8 |
2023-08-24 |
|
(0Day) Maxon Cinema 4D SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1185 |
ZDI-CAN-21431 |
Maxon |
CVE-2023-40483 |
7.8 |
2023-08-24 |
|
(0Day) Maxon Cinema 4D SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1184 |
ZDI-CAN-21430 |
Maxon |
CVE-2023-40482 |
7.8 |
2023-08-24 |
|
(0Day) Maxon Cinema 4D SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1183 |
ZDI-CAN-18971 |
Microsoft |
CVE-2023-33146 |
7.8 |
2023-08-24 |
|
Microsoft Excel SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1182 |
ZDI-CAN-18970 |
Microsoft |
CVE-2023-33146 |
7.8 |
2023-08-24 |
|
Microsoft Excel SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1181 |
ZDI-CAN-18969 |
Microsoft |
CVE-2023-33146 |
7.8 |
2023-08-24 |
|
Microsoft Excel SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1180 |
ZDI-CAN-18966 |
Microsoft |
CVE-2023-33146 |
7.8 |
2023-08-24 |
|
Microsoft Excel SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1179 |
ZDI-CAN-18967 |
Microsoft |
CVE-2023-33146 |
7.8 |
2023-08-24 |
|
Microsoft Excel SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1178 |
ZDI-CAN-19586 |
HP |
CVE-2023-27971 |
8.8 |
2023-08-24 |
|
(Pwn2Own) HP Color LaserJet Pro M479fdw msws Probe Message Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1177 |
ZDI-CAN-19765 |
HP |
CVE-2023-35178 |
8.8 |
2023-08-24 |
|
(Pwn2Own) HP Color LaserJet Pro M479fdw slangapp PATH_INFO Stack-based Buffer Overflow Remote Code Execution |
| ZDI-23-1176 |
ZDI-CAN-19844 |
HP |
CVE-2023-35176 |
8.8 |
2023-08-24 |
|
(Pwn2Own) HP Color LaserJet Pro M479fdw Serial_Number Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1175 |
ZDI-CAN-19707 |
HP |
CVE-2023-35177 |
8.8 |
2023-08-24 |
|
(Pwn2Own) HP Color LaserJet Pro M479fdw CFF Font Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1174 |
ZDI-CAN-19683 |
HP |
CVE-2023-35175 |
8.8 |
2023-08-24 |
|
(Pwn2Own) HP Color LaserJet Pro M479fdw msws Server-Side Request Forgery Remote Code Execution Vulnerability |
| ZDI-23-1173 |
ZDI-CAN-19901 |
HP |
CVE-2023-27973 |
8.8 |
2023-08-24 |
|
HP Color LaserJet Pro M479fdw ledm_advanced Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1172 |
ZDI-CAN-19900 |
HP |
CVE-2023-27972 |
8.8 |
2023-08-24 |
|
HP Color LaserJet Pro M479fdw cacheddata_http_handler Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1171 |
ZDI-CAN-19835 |
HP |
CVE-2023-35175 |
8.8 |
2023-08-24 |
|
(Pwn2Own) HP Color LaserJet Pro M479fdw NotifyTo Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1170 |
ZDI-CAN-19693 |
HP |
CVE-2023-35176 |
8.8 |
2023-08-24 |
|
(Pwn2Own) HP LaserJet Pro M479fdw bksettings Hardcoded Cryptographic Key Authentication Bypass Vulnerability |
| ZDI-23-1169 |
ZDI-CAN-19836 |
Avira |
CVE-2023-1900 |
7.8 |
2023-08-24 |
|
Avira Free Antivirus Integer Overflow Local Privilege Escalation Vulnerability |
| ZDI-23-1168 |
ZDI-CAN-18532 |
Zabbix |
CVE-2022-46768 |
5.9 |
2023-08-23 |
|
Zabbix Web Service Report Generation External Control of File Name Information Disclosure Vulnerability |
| ZDI-23-1167 |
ZDI-CAN-21030 |
Ivanti |
CVE-2023-32567 |
6.5 |
2023-08-23 |
|
Ivanti Avalanche decodeToMap XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-23-1166 |
ZDI-CAN-16078 |
ASUS |
CVE-2023-35720 |
6.5 |
2023-08-23 |
|
ASUS RT-AX92U lighttpd mod_webdav.so SQL Injection Information Disclosure Vulnerability |
| ZDI-23-1165 |
ZDI-CAN-18588 |
7-Zip |
CVE-2023-31102 |
7.8 |
2023-08-23 |
|
7-Zip 7Z File Parsing Integer Underflow Remote Code Execution Vulnerability |
| ZDI-23-1164 |
ZDI-CAN-18589 |
7-Zip |
CVE-2023-40481 |
7.8 |
2023-08-23 |
|
7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1163 |
ZDI-CAN-20009 |
NETGEAR |
CVE-2023-40478 |
8.0 |
2023-08-22 |
|
NETGEAR RAX30 Telnet CLI passwd Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1162 |
ZDI-CAN-19705 |
NETGEAR |
CVE-2023-40480 |
8.8 |
2023-08-22 |
|
NETGEAR RAX30 DHCP Server Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1161 |
ZDI-CAN-19704 |
NETGEAR |
CVE-2023-40479 |
8.8 |
2023-08-22 |
|
NETGEAR RAX30 UPnP Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1160 |
ZDI-CAN-19904 |
Parse |
CVE-2023-36475 |
7.2 |
2023-08-22 |
|
Parse Server transformUpdate Prototype Pollution Remote Code Execution Vulnerability |
| ZDI-23-1159 |
ZDI-CAN-19367 |
Apple |
CVE-2023-27939 |
3.3 |
2023-08-22 |
|
Apple macOS KTX Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1158 |
ZDI-CAN-20770 |
McAfee |
CVE-2023-40352 |
7.8 |
2023-08-21 |
|
McAfee Safe Connect VPN Uncontrolled Search Path Element Local Privilege Escalation Vulnerability |
| ZDI-23-1157 |
ZDI-CAN-19579 |
Advantech |
CVE-2023-3256 |
8.8 |
2023-08-21 |
|
Advantech R-SeeNet device_status Local File Inclusion Privilege Escalation Vulnerability |
| ZDI-23-1156 |
ZDI-CAN-19580 |
Advantech |
CVE-2023-2611 |
9.8 |
2023-08-21 |
|
Advantech R-SeeNet Use Of Hard-Coded Credentials Authentication Bypass Vulnerability |
| ZDI-23-1155 |
ZDI-CAN-21221 |
SonicWALL |
CVE-2023-34124 |
6.5 |
2023-08-21 |
|
SonicWALL GMS Virtual Appliance HttpDigestAuthenticator Authentication Bypass Vulnerability |
| ZDI-23-1154 |
ZDI-CAN-20914 |
SonicWALL |
CVE-2023-34129 |
8.8 |
2023-08-21 |
|
SonicWALL GMS Virtual Appliance Syslog Directory Traversal Remote Code Execution Vulnerability |
| ZDI-23-1153 |
ZDI-CAN-20026 |
3CX |
CVE-2023-27362 |
7.0 |
2023-08-21 |
|
3CX Uncontrolled Search Path Local Privilege Escalation Vulnerability |
| ZDI-23-1152 |
ZDI-CAN-21233 |
RARLAB |
CVE-2023-40477 |
7.8 |
2023-08-17 |
|
RARLAB WinRAR Recovery Volume Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-23-1151 |
ZDI-CAN-20891 |
PDF-XChange |
CVE-2023-40473 |
3.3 |
2023-08-17 |
|
PDF-XChange Editor Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1150 |
ZDI-CAN-20729 |
PDF-XChange |
CVE-2023-40471 |
7.8 |
2023-08-17 |
|
PDF-XChange Editor App Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-23-1149 |
ZDI-CAN-20730 |
PDF-XChange |
CVE-2023-40472 |
7.8 |
2023-08-17 |
|
PDF-XChange Editor JavaScript String Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-23-1148 |
ZDI-CAN-20621 |
PDF-XChange |
CVE-2023-40469 |
3.3 |
2023-08-17 |
|
PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1147 |
ZDI-CAN-20594 |
PDF-XChange |
CVE-2023-39506 |
7.8 |
2023-08-17 |
|
PDF-XChange Editor createDataObject Directory Traversal Remote Code Execution Vulnerability |
| ZDI-23-1146 |
ZDI-CAN-20622 |
PDF-XChange |
CVE-2023-40470 |
3.3 |
2023-08-17 |
|
PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1145 |
ZDI-CAN-20620 |
PDF-XChange |
CVE-2023-40468 |
3.3 |
2023-08-17 |
|
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1144 |
ZDI-CAN-19947 |
PDF-XChange |
CVE-2023-39497 |
7.8 |
2023-08-17 |
|
PDF-XChange Editor JPG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1143 |
ZDI-CAN-20211 |
PDF-XChange |
CVE-2023-39505 |
5.5 |
2023-08-17 |
|
PDF-XChange Editor Net.HTTP.requests Exposed Dangerous Function Information Disclosure Vulnerability |
| ZDI-23-1142 |
ZDI-CAN-19948 |
PDF-XChange |
CVE-2023-39498 |
7.8 |
2023-08-17 |
|
PDF-XChange Editor JPG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1141 |
ZDI-CAN-19657 |
PDF-XChange |
CVE-2023-39495 |
5.5 |
2023-08-17 |
|
PDF-XChange Editor readFileIntoStream Exposed Dangerous Function Information Disclosure Vulnerability |
| ZDI-23-1140 |
ZDI-CAN-19950 |
PDF-XChange |
CVE-2023-39500 |
7.8 |
2023-08-17 |
|
PDF-XChange Editor JPG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1139 |
ZDI-CAN-19949 |
PDF-XChange |
CVE-2023-39499 |
7.8 |
2023-08-17 |
|
PDF-XChange Editor JPG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1138 |
ZDI-CAN-20035 |
PDF-XChange |
CVE-2023-39502 |
7.8 |
2023-08-17 |
|
PDF-XChange Editor OXPS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1137 |
ZDI-CAN-20036 |
PDF-XChange |
CVE-2023-39503 |
3.3 |
2023-08-17 |
|
PDF-XChange Editor OXPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1136 |
ZDI-CAN-20037 |
PDF-XChange |
CVE-2023-39504 |
3.3 |
2023-08-17 |
|
PDF-XChange Editor OXPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1135 |
ZDI-CAN-20034 |
PDF-XChange |
CVE-2023-39501 |
7.8 |
2023-08-17 |
|
PDF-XChange Editor OXPS File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-23-1134 |
ZDI-CAN-19636 |
PDF-XChange |
CVE-2023-39490 |
7.8 |
2023-08-17 |
|
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1133 |
ZDI-CAN-19640 |
PDF-XChange |
CVE-2023-39492 |
7.8 |
2023-08-17 |
|
PDF-XChange Editor PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1132 |
ZDI-CAN-19638 |
PDF-XChange |
CVE-2023-39491 |
7.8 |
2023-08-17 |
|
PDF-XChange Editor TIF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1131 |
ZDI-CAN-19655 |
PDF-XChange |
CVE-2023-39494 |
7.8 |
2023-08-17 |
|
PDF-XChange Editor OXPS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1130 |
ZDI-CAN-19649 |
PDF-XChange |
CVE-2023-39493 |
7.8 |
2023-08-17 |
|
PDF-XChange Editor exportAsText Exposed Dangerous Method Remote Code Execution Vulnerability |
| ZDI-23-1129 |
ZDI-CAN-19658 |
PDF-XChange |
CVE-2023-39496 |
7.8 |
2023-08-17 |
|
PDF-XChange Editor TIF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1128 |
ZDI-CAN-19488 |
PDF-XChange |
CVE-2023-39489 |
7.8 |
2023-08-17 |
|
PDF-XChange Editor TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1127 |
ZDI-CAN-19487 |
PDF-XChange |
CVE-2023-39488 |
7.8 |
2023-08-17 |
|
PDF-XChange Editor TIF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1126 |
ZDI-CAN-19483 |
PDF-XChange |
CVE-2023-39487 |
3.3 |
2023-08-17 |
|
PDF-XChange Editor util Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1125 |
ZDI-CAN-19264 |
PDF-XChange |
CVE-2023-39486 |
7.8 |
2023-08-17 |
|
PDF-XChange Editor JP2 File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-1124 |
ZDI-CAN-19189 |
PDF-XChange |
CVE-2023-39485 |
7.8 |
2023-08-17 |
|
PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1123 |
ZDI-CAN-18493 |
PDF-XChange |
CVE-2023-39484 |
3.3 |
2023-08-17 |
|
PDF-XChange Editor PDF File Parsing Uninitialized Variable Information Disclosure Vulnerability |
| ZDI-23-1122 |
ZDI-CAN-18308 |
PDF-XChange |
CVE-2023-39483 |
3.3 |
2023-08-17 |
|
PDF-XChange Editor J2K File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1121 |
ZDI-CAN-21005 |
Ivanti |
CVE-2023-32566 |
7.3 |
2023-08-15 |
|
Ivanti Avalanche SecureFilter allowPassThrough Authentication Bypass Vulnerability |
| ZDI-23-1120 |
ZDI-CAN-21004 |
Ivanti |
CVE-2023-32565 |
7.3 |
2023-08-15 |
|
Ivanti Avalanche SecureFilter Content-Type Authentication Bypass Vulnerability |
| ZDI-23-1119 |
ZDI-CAN-21002 |
Ivanti |
CVE-2023-32564 |
7.2 |
2023-08-15 |
|
Ivanti Avalanche FileStoreConfig Arbitrary File Upload Remote Code Execution Vulnerability |
| ZDI-23-1118 |
ZDI-CAN-21081 |
Ivanti |
CVE-2023-32563 |
9.8 |
2023-08-15 |
|
Ivanti Avalanche updateSkin Directory Traversal Remote Code Execution Vulnerability |
| ZDI-23-1117 |
ZDI-CAN-20991 |
Ivanti |
CVE-2023-32562 |
7.2 |
2023-08-15 |
|
Ivanti Avalanche FileStoreConfig Arbitrary File Upload Remote Code Execution Vulnerability |
| ZDI-23-1116 |
ZDI-CAN-20904 |
Ivanti |
CVE-2023-32561 |
8.1 |
2023-08-15 |
|
Ivanti Avalanche dumpHeap Incorrect Permission Assignment Authentication Bypass Vulnerability |
| ZDI-23-1115 |
ZDI-CAN-19562 |
Siemens |
CVE-2023-39549 |
3.3 |
2023-08-15 |
|
Siemens Solid Edge Viewer DWG File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-23-1114 |
ZDI-CAN-20587 |
ESET |
CVE-2023-3160 |
7.8 |
2023-08-15 |
|
ESET Smart Security Link Following Local Privilege Escalation Vulnerability |
| ZDI-23-1113 |
ZDI-CAN-17204 |
Schneider Electric |
CVE-2023-1049 |
7.8 |
2023-08-15 |
2023-09-20 |
Schneider Electric EcoStruxure Operator Terminal Expert VXDZ File Parsing Code Injection Remote Code Execution Vulnerability |
| ZDI-23-1112 |
ZDI-CAN-21597 |
Microsoft |
CVE-2023-35359 |
7.0 |
2023-08-15 |
|
Microsoft Windows Error Reporting Local Privilege Escalation Vulnerability |
| ZDI-23-1111 |
ZDI-CAN-20746 |
Adobe |
CVE-2023-29320 |
7.8 |
2023-08-15 |
|
(Pwn2Own) Adobe Acrobat Reader DC Protected API Restrictions Bypass Vulnerability |
| ZDI-23-1110 |
ZDI-CAN-20744 |
Adobe |
CVE-2023-26406 |
7.8 |
2023-08-15 |
|
(Pwn2Own) Adobe Acrobat Reader DC Net.HTTP.request URL Restriction Bypass Vulnerability |
| ZDI-23-1109 |
ZDI-CAN-20747 |
Adobe |
CVE-2023-26408 |
7.8 |
2023-08-15 |
|
(Pwn2Own) Adobe Acrobat Reader DC AnnotsString Prototype Pollution API Restrictions Bypass Vulnerability |
| ZDI-23-1108 |
ZDI-CAN-20743 |
Adobe |
CVE-2023-26405 |
7.8 |
2023-08-15 |
|
(Pwn2Own) Adobe Acrobat Reader DC Net.HTTP.request Exposed Dangerous Method Sandbox Escape |
| ZDI-23-1107 |
ZDI-CAN-20712 |
Adobe |
CVE-2023-26405 |
5.3 |
2023-08-15 |
|
(Pwn2Own) Adobe Acrobat Reader DC Object Prototype Pollution API Restrictions Bypass |
| ZDI-23-1106 |
ZDI-CAN-20745 |
Adobe |
CVE-2023-26407 |
7.0 |
2023-08-15 |
|
(Pwn2Own) Adobe Acrobat Reader DC Net.HTTP.request Remote Code Execution Vulnerability |
| ZDI-23-1105 |
ZDI-CAN-20816 |
CODESYS |
CVE-2023-3663 |
7.1 |
2023-08-14 |
|
CODESYS Development System Improper Enforcement of Message Integrity Remote Code Execution Vulnerability |
| ZDI-23-1104 |
ZDI-CAN-18590 |
Fortinet |
CVE-2022-43946 |
8.8 |
2023-08-14 |
|
Fortinet FortiClient VPN Improper Access Control Remote Code Execution Vulnerability |
| ZDI-23-1103 |
ZDI-CAN-20851 |
Schneider Electric |
CVE-2023-3001 |
7.8 |
2023-08-14 |
|
Schneider Electric IGSS UpdateService Exposed Dangerous Method Local Privilege Escalation Vulnerability |
| ZDI-23-1102 |
ZDI-CAN-20474 |
Adobe |
CVE-2023-26361 |
4.9 |
2023-08-14 |
|
Adobe ColdFusion copydirectory Directory Traversal Information Disclosure Vulnerability |
| ZDI-23-1101 |
ZDI-CAN-20240 |
Adobe |
|
7.8 |
2023-08-14 |
|
Adobe Substance 3D Stager SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1100 |
ZDI-CAN-20244 |
Adobe |
|
7.8 |
2023-08-14 |
|
Adobe Substance 3D Stager SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1099 |
ZDI-CAN-20247 |
Adobe |
|
7.8 |
2023-08-14 |
|
Adobe Substance 3D Stager SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1098 |
ZDI-CAN-20238 |
Adobe |
|
7.8 |
2023-08-14 |
|
Adobe Substance 3D Stager SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1097 |
ZDI-CAN-20277 |
Adobe |
|
3.3 |
2023-08-14 |
|
Adobe Substance 3D Stager SKP File Parsing Uninitialized Variable Information Disclosure Vulnerability |
| ZDI-23-1096 |
ZDI-CAN-21078 |
Adobe |
CVE-2023-38211 |
7.8 |
2023-08-14 |
|
Adobe Dimension GLB File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1095 |
ZDI-CAN-21093 |
Adobe |
CVE-2023-38212 |
7.8 |
2023-08-14 |
|
Adobe Dimension GLB File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1094 |
ZDI-CAN-21094 |
Adobe |
CVE-2023-38213 |
3.3 |
2023-08-14 |
|
Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1093 |
ZDI-CAN-21337 |
Adobe |
CVE-2023-38233 |
7.8 |
2023-08-14 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1092 |
ZDI-CAN-21317 |
Adobe |
CVE-2023-38228 |
7.8 |
2023-08-14 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1091 |
ZDI-CAN-21334 |
Adobe |
CVE-2023-38231 |
7.8 |
2023-08-14 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-1090 |
ZDI-CAN-21449 |
Adobe |
CVE-2023-38247 |
3.3 |
2023-08-14 |
|
Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1089 |
ZDI-CAN-21359 |
Adobe |
CVE-2023-38234 |
7.8 |
2023-08-14 |
|
Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-23-1088 |
ZDI-CAN-21318 |
Adobe |
CVE-2023-38230 |
3.3 |
2023-08-14 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-23-1087 |
ZDI-CAN-21356 |
Adobe |
CVE-2023-38235 |
3.3 |
2023-08-14 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1086 |
ZDI-CAN-21310 |
Adobe |
CVE-2023-38229 |
3.3 |
2023-08-14 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1085 |
ZDI-CAN-21357 |
Adobe |
CVE-2023-38232 |
3.3 |
2023-08-14 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1084 |
ZDI-CAN-21494 |
Adobe |
CVE-2023-38248 |
3.3 |
2023-08-14 |
|
Adobe Acrobat Reader DC PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1083 |
ZDI-CAN-20970 |
Adobe |
CVE-2023-29303 |
3.3 |
2023-08-14 |
|
Adobe Acrobat Reader DC AcroForm Annotation Use-After-Free Information Disclosure Vulnerability |
| ZDI-23-1082 |
ZDI-CAN-21103 |
Adobe |
CVE-2023-38222 |
7.8 |
2023-08-14 |
|
Adobe Acrobat Reader DC AcroForm spawnPageFromTemplate Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1081 |
ZDI-CAN-21252 |
Adobe |
CVE-2023-38243 |
3.3 |
2023-08-14 |
|
Adobe Acrobat Reader DC JBIG2 File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-23-1080 |
ZDI-CAN-21241 |
Adobe |
CVE-2023-38227 |
7.8 |
2023-08-14 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1079 |
ZDI-CAN-21240 |
Adobe |
CVE-2023-38226 |
7.8 |
2023-08-14 |
|
Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-23-1078 |
ZDI-CAN-21242 |
Adobe |
CVE-2023-38239 |
3.3 |
2023-08-14 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1077 |
ZDI-CAN-21118 |
Adobe |
CVE-2023-38225 |
7.8 |
2023-08-14 |
|
Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1076 |
ZDI-CAN-21122 |
Adobe |
CVE-2023-38224 |
7.8 |
2023-08-14 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-1075 |
ZDI-CAN-21063 |
Adobe |
CVE-2023-38223 |
7.8 |
2023-08-14 |
|
Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-23-1074 |
ZDI-CAN-21387 |
Adobe |
CVE-2023-38242 |
3.3 |
2023-08-14 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1073 |
ZDI-CAN-21246 |
Adobe |
CVE-2023-38241 |
3.3 |
2023-08-14 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1072 |
ZDI-CAN-21245 |
Adobe |
CVE-2023-38240 |
3.3 |
2023-08-14 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1071 |
ZDI-CAN-21244 |
Adobe |
CVE-2023-38237 |
3.3 |
2023-08-14 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1070 |
ZDI-CAN-21243 |
Adobe |
CVE-2023-38238 |
3.3 |
2023-08-14 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-23-1069 |
ZDI-CAN-21247 |
Adobe |
CVE-2023-38236 |
3.3 |
2023-08-14 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1068 |
ZDI-CAN-21371 |
Adobe |
CVE-2023-38244 |
3.3 |
2023-08-14 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1067 |
ZDI-CAN-20977 |
Microsoft |
CVE-2023-36900 |
8.8 |
2023-08-14 |
|
Microsoft Windows CLFS Incorrect Integer Conversion Local Privilege Escalation Vulnerability |
| ZDI-23-1066 |
ZDI-CAN-20988 |
Microsoft |
CVE-2023-35387 |
6.2 |
2023-08-14 |
|
Microsoft Windows Bluetooth AVDTP Protocol Integer Underflow Information Disclosure Vulnerability |
| ZDI-23-1065 |
ZDI-CAN-20508 |
Softing |
CVE-2023-27336 |
7.5 |
2023-08-09 |
|
(0Day) (Pwn2Own) Softing edgeConnector Siemens OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability |
| ZDI-23-1064 |
ZDI-CAN-20610 |
Softing |
CVE-2023-39482 |
4.9 |
2023-08-09 |
|
(0Day) Softing Secure Integration Server Hardcoded Cryptographic Key Information Disclosure Vulnerability |
| ZDI-23-1063 |
ZDI-CAN-20551 |
Softing |
CVE-2023-39481 |
6.6 |
2023-08-09 |
|
(0Day) (Pwn2Own) Softing Secure Integration Server Interpretation Conflict Remote Code Execution Vulnerability |
| ZDI-23-1062 |
ZDI-CAN-20549 |
Softing |
CVE-2023-39480 |
4.4 |
2023-08-09 |
|
(0Day) (Pwn2Own) Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability |
| ZDI-23-1061 |
ZDI-CAN-20548 |
Softing |
CVE-2023-39479 |
6.6 |
2023-08-09 |
|
(0Day) (Pwn2Own) Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability |
| ZDI-23-1060 |
ZDI-CAN-20547 |
Softing |
CVE-2023-39478 |
6.6 |
2023-08-09 |
|
(0Day) (Pwn2Own) Softing Secure Integration Server Exposure of Resource to Wrong Sphere Remote Code Execution Vulnerability |
| ZDI-23-1059 |
ZDI-CAN-20542 |
Softing |
CVE-2023-38125 |
7.5 |
2023-08-09 |
|
(0Day) (Pwn2Own) Softing edgeAggregator Permissive Cross-domain Policy with Untrusted Domains Remote Code Execution Vulnerability |
| ZDI-23-1058 |
ZDI-CAN-20543 |
Softing |
CVE-2023-38126 |
7.2 |
2023-08-09 |
|
(0Day) (Pwn2Own) Softing edgeAggregator Restore Configuration Directory Traversal Remote Code Execution Vulnerability |
| ZDI-23-1057 |
ZDI-CAN-20504 |
Softing |
CVE-2023-27335 |
8.8 |
2023-08-09 |
|
(0Day) (Pwn2Own) Softing edgeAggregator Client Cross-Site Scripting Remote Code Execution Vulnerability |
| ZDI-23-1056 |
ZDI-CAN-20771 |
Microsoft |
|
4.4 |
2023-08-09 |
2023-08-09 |
(0Day) Microsoft Azure Machine Learning Compute Instance certificate Exposure of Resource to Wrong Sphere Information Disclosure Vulnerability |
| ZDI-23-1055 |
ZDI-CAN-20550 |
Softing |
CVE-2023-29377 |
6.6 |
2023-08-09 |
|
(Pwn2Own) Softing Secure Integration Server Directory Traversal Remote Code Execution Vulnerability |
| ZDI-23-1054 |
ZDI-CAN-20498 |
Softing |
CVE-2023-27334 |
7.5 |
2023-08-09 |
|
(Pwn2Own) Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability |
| ZDI-23-1053 |
ZDI-CAN-19746 |
Western Digital |
|
8.0 |
2023-08-09 |
|
Western Digital MyCloud PR4100 REST SDK Use of Potentially Dangerous Function Remote Code Execution Vulnerability |
| ZDI-23-1052 |
ZDI-CAN-19745 |
Western Digital |
|
8.0 |
2023-08-09 |
|
Western Digital MyCloud PR4100 Logger Class Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1051 |
ZDI-CAN-19678 |
Western Digital |
|
8.0 |
2023-08-09 |
|
Western Digital MyCloud PR4100 CGI API Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1050 |
ZDI-CAN-20499 |
Inductive Automation |
CVE-2023-39477 |
7.5 |
2023-08-08 |
2023-08-08 |
(0Day) (Pwn2Own) Inductive Automation Ignition ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability |
| ZDI-23-1049 |
ZDI-CAN-19915 |
Inductive Automation |
CVE-2023-39474 |
8.0 |
2023-08-08 |
2023-08-08 |
(0Day) Inductive Automation Ignition downloadLaunchClientJar Remote Code Execution Vulnerability |
| ZDI-23-1048 |
ZDI-CAN-17571 |
Inductive Automation |
CVE-2023-39472 |
6.5 |
2023-08-08 |
2023-08-08 |
(0Day) Inductive Automation Ignition SimpleXMLReader XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-23-1047 |
ZDI-CAN-20290 |
Inductive Automation |
CVE-2023-39475 |
9.8 |
2023-08-08 |
2023-08-08 |
(0Day) Inductive Automation Ignition ParameterVersionJavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-23-1046 |
ZDI-CAN-20291 |
Inductive Automation |
CVE-2023-39476 |
9.8 |
2023-08-08 |
2023-08-08 |
(0Day) Inductive Automation Ignition JavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-23-1045 |
ZDI-CAN-17587 |
Inductive Automation |
CVE-2023-39473 |
8.8 |
2023-08-08 |
2023-08-08 |
(0Day) Inductive Automation Ignition AbstractGatewayFunction Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-23-1044 |
ZDI-CAN-20784 |
Microsoft |
|
9.9 |
2023-08-08 |
2023-08-08 |
(0Day) Microsoft GitHub Dev-Containers Improper Privilege Management Privilege Escalation Vulnerability |
| ZDI-23-1043 |
ZDI-CAN-18903 |
VBASE |
CVE-2022-46300 |
5.5 |
2023-08-08 |
|
VBASE VISAM Automation Base VBASE-Editor GestureConfigurations File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-23-1042 |
ZDI-CAN-19107 |
VBASE |
CVE-2022-41696 |
5.5 |
2023-08-08 |
|
VBASE VISAM Automation Base FB.XML File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-23-1041 |
ZDI-CAN-18906 |
VBASE |
CVE-2022-43512 |
5.5 |
2023-08-08 |
|
VBASE VISAM Automation Base DBConnections File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-23-1040 |
ZDI-CAN-18907 |
VBASE |
CVE-2022-45121 |
5.5 |
2023-08-08 |
|
VBASE VISAM Automation Base FB File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-23-1039 |
ZDI-CAN-18904 |
VBASE |
CVE-2022-45468 |
5.5 |
2023-08-08 |
|
VBASE VISAM Automation Base VBASE-Editor LayerSettings File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-23-1038 |
ZDI-CAN-18877 |
VBASE |
CVE-2022-45876 |
5.5 |
2023-08-08 |
|
VBASE VISAM Automation Base VBASE-Editor ProjektInfo File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-23-1037 |
ZDI-CAN-18905 |
VBASE |
CVE-2022-46286 |
5.5 |
2023-08-08 |
|
VBASE VISAM Automation Base VBASE-Editor WebRemote File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-23-1036 |
ZDI-CAN-20799 |
Triangle MicroWorks |
CVE-2023-39468 |
7.2 |
2023-08-04 |
|
Triangle MicroWorks SCADA Data Gateway DbasSectorFileToExecuteOnReset Exposed Dangerous Function Remote Code Execution Vulnerability |
| ZDI-23-1035 |
ZDI-CAN-20798 |
Triangle MicroWorks |
CVE-2023-39467 |
5.3 |
2023-08-04 |
|
Triangle MicroWorks SCADA Data Gateway certificate Information Disclosure Vulnerability |
| ZDI-23-1034 |
ZDI-CAN-20797 |
Triangle MicroWorks |
CVE-2023-39466 |
5.3 |
2023-08-04 |
|
Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure Vulnerability |
| ZDI-23-1033 |
ZDI-CAN-20615 |
Triangle MicroWorks |
CVE-2023-39465 |
7.5 |
2023-08-04 |
|
Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Cryptograhic Key Information Disclosure Vulnerability |
| ZDI-23-1032 |
ZDI-CAN-20538 |
Triangle MicroWorks |
CVE-2023-39464 |
7.2 |
2023-08-04 |
|
(Pwn2Own) Triangle MicroWorks SCADA Data Gateway GTWWebMonitorService Unquoted Search Path Remote Code Execution Vulnerability |
| ZDI-23-1031 |
ZDI-CAN-20537 |
Triangle MicroWorks |
CVE-2023-39463 |
7.2 |
2023-08-04 |
|
(Pwn2Own) Triangle MicroWorks SCADA Data Gateway Trusted Certification Unrestricted Upload of File Remote Code Execution Vulnerability |
| ZDI-23-1030 |
ZDI-CAN-20536 |
Triangle MicroWorks |
CVE-2023-39462 |
6.5 |
2023-08-04 |
|
(Pwn2Own) Triangle MicroWorks SCADA Data Gateway Workspace Unrestricted Upload Vulnerability |
| ZDI-23-1029 |
ZDI-CAN-20535 |
Triangle MicroWorks |
CVE-2023-39461 |
4.4 |
2023-08-04 |
|
(Pwn2Own) Triangle MicroWorks SCADA Data Gateway Event Log Improper Output Neutralization For Logs Arbitrary File Write Vulnerability |
| ZDI-23-1028 |
ZDI-CAN-20534 |
Triangle MicroWorks |
CVE-2023-39460 |
7.2 |
2023-08-04 |
|
(Pwn2Own) Triangle MicroWorks SCADA Data Gateway Event Log Directory Traversal Arbitrary File Creation Vulnerability |
| ZDI-23-1027 |
ZDI-CAN-20531 |
Triangle MicroWorks |
CVE-2023-39459 |
7.8 |
2023-08-04 |
|
Triangle MicroWorks SCADA Data Gateway Directory Traversal Arbitrary File Creation Vulnerability |
| ZDI-23-1026 |
ZDI-CAN-20509 |
Triangle MicroWorks |
CVE-2023-39458 |
5.3 |
2023-08-04 |
|
(Pwn2Own) Triangle MicroWorks SCADA Data Gateway Use of Hard-coded Credentials Authentication Bypass Vulnerability |
| ZDI-23-1025 |
ZDI-CAN-20501 |
Triangle MicroWorks |
CVE-2023-39457 |
9.8 |
2023-08-04 |
|
(Pwn2Own) Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability |
| ZDI-23-1024 |
ZDI-CAN-19426 |
Siemens |
CVE-2023-30985 |
3.3 |
2023-08-04 |
|
Siemens Solid Edge Viewer OBJ File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1023 |
ZDI-CAN-19561 |
Siemens |
CVE-2023-30986 |
7.8 |
2023-08-04 |
|
Siemens Solid Edge Viewer STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-1022 |
ZDI-CAN-19429 |
Siemens |
CVE-2023-0973 |
7.8 |
2023-08-04 |
|
Siemens Solid Edge Viewer IFC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-1021 |
ZDI-CAN-18014 |
Delta Electronics |
CVE-2022-4634 |
7.8 |
2023-08-04 |
|
Delta Industrial Automation CNCSoft DPB File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1020 |
ZDI-CAN-19331 |
Apple |
CVE-2023-32358 |
8.8 |
2023-08-04 |
|
Apple Safari PDF Plugin Type Confusion Remote Code Execution Vulnerability |
| ZDI-23-1019 |
ZDI-CAN-21503 |
Apple |
CVE-2023-38421 |
3.3 |
2023-08-04 |
|
Apple macOS Hydra Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-1018 |
ZDI-CAN-19555 |
Apple |
CVE-2023-28198 |
4.3 |
2023-08-04 |
|
Apple Safari DFG Fixup Phase Use-After-Free Information Disclosure Vulnerability |
| ZDI-23-1017 |
ZDI-CAN-19695 |
Extreme Networks |
CVE-2023-35803 |
8.8 |
2023-08-04 |
|
Extreme Networks AP410C Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1016 |
ZDI-CAN-20295 |
CODESYS |
CVE-2023-3670 |
7.3 |
2023-08-03 |
|
CODESYS Development System Exposure of Resource to Wrong Sphere Local Privilege Escalation Vulnerability |
| ZDI-23-1015 |
ZDI-CAN-20541 |
Inductive Automation |
CVE-2023-38124 |
7.2 |
2023-08-01 |
|
(Pwn2Own) Inductive Automation Ignition OPC UA Quick Client Task Scheduling Exposed Dangerous Function Remote Code Execution Vulnerability |
| ZDI-23-1014 |
ZDI-CAN-20540 |
Inductive Automation |
CVE-2023-38123 |
7.5 |
2023-08-01 |
|
(Pwn2Own) Inductive Automation Ignition OPC UA Quick Client Missing Authentication for Critical Function Authentication Bypass Vulnerability |
| ZDI-23-1013 |
ZDI-CAN-20539 |
Inductive Automation |
CVE-2023-38122 |
7.2 |
2023-08-01 |
|
(Pwn2Own) Inductive Automation Ignition OPC UA Quick Client Permissive Cross-domain Policy Remote Code Execution Vulnerability |
| ZDI-23-1012 |
ZDI-CAN-20355 |
Inductive Automation |
CVE-2023-38121 |
8.3 |
2023-08-01 |
|
(Pwn2Own) Inductive Automation Ignition OPC UA Quick Client Cross-Site Scripting Remote Code Execution Vulnerability |
| ZDI-23-1011 |
ZDI-CAN-20500 |
PTC |
CVE-2023-3825 |
7.5 |
2023-07-31 |
|
(Pwn2Own) PTC KEPServerEX Variant Resource Exhaustion Denial-of-Service Vulnerability |
| ZDI-23-1010 |
ZDI-CAN-20525 |
Adtran |
CVE-2023-38120 |
8.8 |
2023-07-28 |
|
Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability |
| ZDI-23-1009 |
ZDI-CAN-20913 |
Canonical |
CVE-2023-2640 |
7.8 |
2023-07-28 |
|
Canonical Ubuntu OverlayFS File System Missing Authorization Local Privilege Escalation Vulnerability |
| ZDI-23-1008 |
ZDI-CAN-21444 |
GStreamer |
CVE-2023-38104 |
8.8 |
2023-07-27 |
|
GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1007 |
ZDI-CAN-21443 |
GStreamer |
CVE-2023-38103 |
8.8 |
2023-07-27 |
|
GStreamer RealMedia File Parsing Integer Overflow Remote Code Execution Vulnerability |
| ZDI-23-1006 |
ZDI-CAN-21090 |
SolarWinds |
CVE-2023-33225 |
8.8 |
2023-07-27 |
|
SolarWinds Orion Platform SendHttpRequest Missing Authorization Remote Code Execution Vulnerability |
| ZDI-23-1005 |
ZDI-CAN-21105 |
SolarWinds |
CVE-2023-33224 |
8.8 |
2023-07-27 |
|
SolarWinds Orion Platform UpdateActionsProperties Incorrect Behavior Order Remote Code Execution Vulnerability |
| ZDI-23-1004 |
ZDI-CAN-21095 |
SolarWinds |
CVE-2023-23844 |
8.8 |
2023-07-27 |
2023-07-28 |
SolarWinds Orion Platform BlacklistedFilesChecker Incomplete List of Disallowed Inputs Remote Code Execution Vulnerability |
| ZDI-23-1003 |
ZDI-CAN-21096 |
SolarWinds |
CVE-2023-23843 |
8.8 |
2023-07-27 |
|
SolarWinds Orion Platform UpdateActionsProperties Incorrect Comparison Remote Code Execution Vulnerability |
| ZDI-23-1002 |
ZDI-CAN-20995 |
SolarWinds |
CVE-2023-23842 |
7.2 |
2023-07-27 |
|
SolarWinds Network Configuration Manager VulnDownloader Directory Traversal Remote Code Execution Vulnerability |
| ZDI-23-1001 |
ZDI-CAN-20329 |
Trend Micro |
CVE-2023-38627 |
9.1 |
2023-07-26 |
|
Trend Micro Apex Central modTXSO Server-Side Request Forgery Information Disclosure Vulnerability |
| ZDI-23-1000 |
ZDI-CAN-19872 |
Trend Micro |
CVE-2023-38626 |
9.1 |
2023-07-26 |
|
Trend Micro Apex Central modVulnerabilityProtect Server-Side Request Forgery Information Disclosure Vulnerability |
| ZDI-23-999 |
ZDI-CAN-19871 |
Trend Micro |
CVE-2023-38625 |
9.1 |
2023-07-26 |
|
Trend Micro Apex Central modDeepSecurity Server-Side Request Forgery Information Disclosure Vulnerability |
| ZDI-23-998 |
ZDI-CAN-19870 |
Trend Micro |
CVE-2023-38624 |
9.1 |
2023-07-26 |
|
Trend Micro Apex Central modTMSL Server-Side Request Forgery Vulnerability |
| ZDI-23-997 |
ZDI-CAN-21326 |
Foxit |
CVE-2023-38119 |
7.8 |
2023-07-26 |
|
Foxit PDF Reader AcroForm signature Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-996 |
ZDI-CAN-21325 |
Foxit |
CVE-2023-38118 |
7.8 |
2023-07-26 |
|
Foxit PDF Reader AcroForm Doc Object Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-995 |
ZDI-CAN-21293 |
Foxit |
CVE-2023-38117 |
7.8 |
2023-07-26 |
|
Foxit PDF Reader AcroForm Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-994 |
ZDI-CAN-21292 |
Foxit |
CVE-2023-38116 |
3.3 |
2023-07-26 |
|
Foxit PDF Reader Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-993 |
ZDI-CAN-21256 |
Foxit |
CVE-2023-38115 |
3.3 |
2023-07-26 |
|
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-992 |
ZDI-CAN-21085 |
Foxit |
CVE-2023-38114 |
7.8 |
2023-07-26 |
|
Foxit PDF Reader AcroForm Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-991 |
ZDI-CAN-21083 |
Foxit |
CVE-2023-38113 |
3.3 |
2023-07-26 |
|
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability |
| ZDI-23-990 |
ZDI-CAN-21062 |
Foxit |
CVE-2023-38112 |
7.8 |
2023-07-26 |
|
Foxit PDF Reader XFA Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-989 |
ZDI-CAN-21025 |
Foxit |
CVE-2023-38111 |
7.8 |
2023-07-26 |
|
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-988 |
ZDI-CAN-21023 |
Foxit |
CVE-2023-38110 |
3.3 |
2023-07-26 |
|
Foxit PDF Reader AcroForm Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-987 |
ZDI-CAN-21022 |
Foxit |
CVE-2023-38109 |
3.3 |
2023-07-26 |
|
Foxit PDF Reader Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-986 |
ZDI-CAN-21020 |
Foxit |
CVE-2023-38108 |
3.3 |
2023-07-26 |
|
Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-985 |
ZDI-CAN-21019 |
Foxit |
CVE-2023-38107 |
7.8 |
2023-07-26 |
|
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-984 |
ZDI-CAN-21018 |
Foxit |
CVE-2023-38106 |
3.3 |
2023-07-26 |
|
Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-983 |
ZDI-CAN-21017 |
Foxit |
CVE-2023-38105 |
3.3 |
2023-07-26 |
|
Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-982 |
ZDI-CAN-21259 |
Oracle |
CVE-2023-22018 |
8.1 |
2023-07-26 |
|
Oracle VirtualBox VRDP Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-981 |
ZDI-CAN-21355 |
Linux |
CVE-2023-3867 |
7.2 |
2023-07-20 |
2023-07-28 |
Linux Kernel ksmbd Session Setup Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-980 |
ZDI-CAN-21164 |
Linux |
CVE-2023-3865 |
7.1 |
2023-07-20 |
2023-07-28 |
Linux Kernel ksmbd Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-979 |
ZDI-CAN-21165 |
Linux |
CVE-2023-3866 |
5.9 |
2023-07-20 |
2023-07-28 |
Linux Kernel ksmbd Chained Request NULL Pointer Dereference Denial-of-Service Vulnerability |
| ZDI-23-978 |
ZDI-CAN-19118 |
KeySight |
CVE-2023-34394 |
7.8 |
2023-07-19 |
|
KeySight N6841A RF Sensor deleteEmbeddedApp Directory Traversal Local Privilege Escalation Vulnerability |
| ZDI-23-977 |
ZDI-CAN-19097 |
KeySight |
CVE-2023-34394 |
7.8 |
2023-07-19 |
|
KeySight N6841A RF Sensor deleteFirmwarePackage Directory Traversal Local Privilege Escalation Vulnerability |
| ZDI-23-976 |
ZDI-CAN-19096 |
KeySight |
CVE-2023-34394 |
7.8 |
2023-07-19 |
|
KeySight N6841A RF Sensor addFirmwarePackage Directory Traversal Local Privilege Escalation Vulnerability |
| ZDI-23-975 |
ZDI-CAN-19095 |
KeySight |
CVE-2023-36853 |
7.8 |
2023-07-19 |
|
KeySight N6841A RF Sensor smsRestoreDatabaseZip Exposed Dangerous Function Local Privilege Escalation Vulnerability |
| ZDI-23-974 |
ZDI-CAN-18753 |
KeySight |
CVE-2023-34394 |
7.8 |
2023-07-19 |
|
KeySight N6841A RF Sensor removeLicenseFile Directory Traversal Local Privilege Escalation Vulnerability |
| ZDI-23-973 |
ZDI-CAN-20737 |
Tesla |
CVE-2023-32157 |
4.6 |
2023-07-18 |
|
(Pwn2Own) Tesla Model 3 bsa_server BIP Heap-based Buffer Overflow Arbitrary Code Execution Vulnerability |
| ZDI-23-972 |
ZDI-CAN-20734 |
Tesla |
CVE-2023-32156 |
9.0 |
2023-07-18 |
|
(Pwn2Own) Tesla Model 3 Gateway Firmware Signature Validation Bypass Vulnerability |
| ZDI-23-971 |
ZDI-CAN-20733 |
Tesla |
CVE-2023-32155 |
7.8 |
2023-07-18 |
|
(Pwn2Own) Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege Escalation Vulnerability |
| ZDI-23-970 |
ZDI-CAN-21405 |
Sante |
CVE-2023-35734 |
3.3 |
2023-07-13 |
2023-08-01 |
(0Day) Sante DICOM Viewer Pro DCM File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-23-969 |
ZDI-CAN-20601 |
Kofax |
CVE-2023-38091 |
7.8 |
2023-07-13 |
|
Kofax Power PDF response Type Confusion Remote Code Execution Vulnerability |
| ZDI-23-968 |
ZDI-CAN-20605 |
Kofax |
CVE-2023-38094 |
7.8 |
2023-07-13 |
|
Kofax Power PDF replacePages Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-967 |
ZDI-CAN-20604 |
Kofax |
CVE-2023-38093 |
7.8 |
2023-07-13 |
|
Kofax Power PDF saveAs Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-966 |
ZDI-CAN-20603 |
Kofax |
CVE-2023-38092 |
7.8 |
2023-07-13 |
|
Kofax Power PDF importDataObject Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-965 |
ZDI-CAN-20588 |
Kofax |
CVE-2023-38090 |
7.8 |
2023-07-13 |
|
Kofax Power PDF popUpMenu Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-964 |
ZDI-CAN-20566 |
Kofax |
CVE-2023-38088 |
7.8 |
2023-07-13 |
|
Kofax Power PDF printf Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-23-963 |
ZDI-CAN-20560 |
Kofax |
CVE-2023-38087 |
7.8 |
2023-07-13 |
|
Kofax Power PDF clearTimeOut Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-962 |
ZDI-CAN-20567 |
Kofax |
CVE-2023-38089 |
7.8 |
2023-07-13 |
|
Kofax Power PDF clearInterval Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-961 |
ZDI-CAN-20489 |
Kofax |
CVE-2023-38083 |
7.8 |
2023-07-13 |
|
Kofax Power PDF JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-960 |
ZDI-CAN-20488 |
Kofax |
CVE-2023-38082 |
7.8 |
2023-07-13 |
|
Kofax Power PDF GIF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-959 |
ZDI-CAN-20487 |
Kofax |
CVE-2023-38081 |
7.8 |
2023-07-13 |
|
Kofax Power PDF JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-958 |
ZDI-CAN-20486 |
Kofax |
CVE-2023-38080 |
7.8 |
2023-07-13 |
|
Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-957 |
ZDI-CAN-20485 |
Kofax |
CVE-2023-38079 |
7.8 |
2023-07-13 |
|
Kofax Power PDF JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-956 |
ZDI-CAN-20472 |
Kofax |
CVE-2023-38078 |
3.3 |
2023-07-13 |
|
Kofax Power PDF U3D File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-23-955 |
ZDI-CAN-20471 |
Kofax |
CVE-2023-38077 |
3.3 |
2023-07-13 |
|
Kofax Power PDF U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-954 |
ZDI-CAN-20470 |
Kofax |
CVE-2023-37359 |
3.3 |
2023-07-13 |
|
Kofax Power PDF U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-953 |
ZDI-CAN-20469 |
Kofax |
CVE-2023-37358 |
3.3 |
2023-07-13 |
|
Kofax Power PDF U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-952 |
ZDI-CAN-20468 |
Kofax |
CVE-2023-37357 |
3.3 |
2023-07-13 |
|
Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-951 |
ZDI-CAN-20461 |
Kofax |
CVE-2023-37356 |
3.3 |
2023-07-13 |
|
Kofax Power PDF GIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-950 |
ZDI-CAN-20460 |
Kofax |
CVE-2023-37355 |
3.3 |
2023-07-13 |
|
Kofax Power PDF JPG File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-23-949 |
ZDI-CAN-20458 |
Kofax |
CVE-2023-37354 |
7.8 |
2023-07-13 |
|
Kofax Power PDF PNG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-948 |
ZDI-CAN-20455 |
Kofax |
CVE-2023-37353 |
3.3 |
2023-07-13 |
|
Kofax Power PDF JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-947 |
ZDI-CAN-20454 |
Kofax |
CVE-2023-37352 |
3.3 |
2023-07-13 |
|
Kofax Power PDF JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-946 |
ZDI-CAN-20453 |
Kofax |
CVE-2023-37351 |
3.3 |
2023-07-13 |
|
Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-945 |
ZDI-CAN-20452 |
Kofax |
CVE-2023-37350 |
7.8 |
2023-07-13 |
|
Kofax Power PDF TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-944 |
ZDI-CAN-20451 |
Kofax |
CVE-2023-37349 |
7.8 |
2023-07-13 |
|
Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-943 |
ZDI-CAN-20445 |
Kofax |
CVE-2023-37348 |
7.8 |
2023-07-13 |
|
Kofax Power PDF U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-942 |
ZDI-CAN-20444 |
Kofax |
CVE-2023-37347 |
7.8 |
2023-07-13 |
|
Kofax Power PDF U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-941 |
ZDI-CAN-20443 |
Kofax |
CVE-2023-37346 |
7.8 |
2023-07-13 |
|
Kofax Power PDF TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-940 |
ZDI-CAN-20442 |
Kofax |
CVE-2023-37345 |
7.8 |
2023-07-13 |
|
Kofax Power PDF J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-939 |
ZDI-CAN-20441 |
Kofax |
CVE-2023-37344 |
7.8 |
2023-07-13 |
|
Kofax Power PDF BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-938 |
ZDI-CAN-20440 |
Kofax |
CVE-2023-37343 |
7.8 |
2023-07-13 |
|
Kofax Power PDF JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-937 |
ZDI-CAN-20439 |
Kofax |
CVE-2023-37342 |
7.8 |
2023-07-13 |
|
Kofax Power PDF PNG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-936 |
ZDI-CAN-20397 |
Kofax |
CVE-2023-37341 |
7.8 |
2023-07-13 |
|
Kofax Power PDF PNG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-935 |
ZDI-CAN-20396 |
Kofax |
CVE-2023-37340 |
7.8 |
2023-07-13 |
|
Kofax Power PDF PNG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-934 |
ZDI-CAN-20395 |
Kofax |
CVE-2023-37339 |
7.8 |
2023-07-13 |
|
Kofax Power PDF PCX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-933 |
ZDI-CAN-20394 |
Kofax |
CVE-2023-37338 |
7.8 |
2023-07-13 |
|
Kofax Power PDF GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-932 |
ZDI-CAN-20393 |
Kofax |
CVE-2023-37337 |
7.8 |
2023-07-13 |
|
Kofax Power PDF JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-931 |
ZDI-CAN-20392 |
Kofax |
CVE-2023-37336 |
7.8 |
2023-07-13 |
|
Kofax Power PDF TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-930 |
ZDI-CAN-20391 |
Kofax |
CVE-2023-37335 |
7.8 |
2023-07-13 |
|
Kofax Power PDF BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-929 |
ZDI-CAN-20390 |
Kofax |
CVE-2023-37334 |
7.8 |
2023-07-13 |
|
Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-928 |
ZDI-CAN-20389 |
Kofax |
CVE-2023-37333 |
7.8 |
2023-07-13 |
|
Kofax Power PDF PCX File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-927 |
ZDI-CAN-20388 |
Kofax |
CVE-2023-37332 |
7.8 |
2023-07-13 |
|
Kofax Power PDF PNG File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-926 |
ZDI-CAN-20373 |
Kofax |
CVE-2023-37331 |
7.8 |
2023-07-13 |
|
Kofax Power PDF GIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-925 |
ZDI-CAN-20230 |
Kofax |
CVE-2023-37330 |
7.8 |
2023-07-13 |
|
Kofax Power PDF exportAsText Exposed Dangerous Method Remote Code Execution Vulnerability |
| ZDI-23-924 |
ZDI-CAN-20491 |
Kofax |
CVE-2023-38085 |
3.3 |
2023-07-13 |
|
Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-923 |
ZDI-CAN-20490 |
Kofax |
CVE-2023-38084 |
7.8 |
2023-07-13 |
|
Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-922 |
ZDI-CAN-20529 |
Kofax |
CVE-2023-38086 |
3.3 |
2023-07-13 |
|
Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-921 |
ZDI-CAN-19717 |
NETGEAR |
CVE-2023-38095 |
8.8 |
2023-07-13 |
|
NETGEAR ProSAFE Network Management System MFileUploadController Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-23-920 |
ZDI-CAN-19718 |
NETGEAR |
CVE-2023-38096 |
9.8 |
2023-07-13 |
|
NETGEAR ProSAFE Network Management System MyHandlerInterceptor Authentication Bypass Vulnerability |
| ZDI-23-919 |
ZDI-CAN-19719 |
NETGEAR |
CVE-2023-38097 |
7.2 |
2023-07-13 |
|
NETGEAR ProSAFE Network Management System BkreProcessThread Exposed Dangerous Function Remote Code Execution Vulnerability |
| ZDI-23-918 |
ZDI-CAN-19720 |
NETGEAR |
CVE-2023-38098 |
8.8 |
2023-07-13 |
|
NETGEAR ProSAFE Network Management System UpLoadServlet Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-23-917 |
ZDI-CAN-19723 |
NETGEAR |
CVE-2023-38099 |
8.8 |
2023-07-13 |
|
NETGEAR ProSAFE Network Management System getNodesByTopologyMapSearch SQL Injection Remote Code Execution Vulnerability |
| ZDI-23-916 |
ZDI-CAN-19724 |
NETGEAR |
CVE-2023-38100 |
8.8 |
2023-07-13 |
|
NETGEAR ProSAFE Network Management System clearAlertByIds SQL Injection Privilege Escalation Vulnerability |
| ZDI-23-915 |
ZDI-CAN-19725 |
NETGEAR |
CVE-2023-38101 |
7.2 |
2023-07-13 |
|
NETGEAR ProSAFE Network Management System SettingConfigController Exposed Dangerous Function Remote Code Execution Vulnerability |
| ZDI-23-914 |
ZDI-CAN-19726 |
NETGEAR |
CVE-2023-38102 |
8.8 |
2023-07-13 |
|
NETGEAR ProSAFE Network Management System createUser Missing Authorization Privilege Escalation Vulnerability |
| ZDI-23-913 |
ZDI-CAN-17704 |
Microsoft |
CVE-2023-32050 |
7.0 |
2023-07-12 |
|
Microsoft Windows Installer Service Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability |
| ZDI-23-912 |
ZDI-CAN-20886 |
Dassault Systèmes |
CVE-2023-2763 |
7.8 |
2023-07-12 |
2023-09-20 |
Dassault Systèmes SolidWorks DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-911 |
ZDI-CAN-20884 |
Dassault Systèmes |
CVE-2023-2763 |
7.8 |
2023-07-12 |
2023-09-20 |
Dassault Systèmes SolidWorks DWG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-910 |
ZDI-CAN-20883 |
Dassault Systèmes |
CVE-2023-2763 |
7.8 |
2023-07-12 |
2023-09-20 |
Dassault Systèmes SolidWorks DWG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-909 |
ZDI-CAN-20881 |
Dassault Systèmes |
CVE-2023-2762 |
7.8 |
2023-07-12 |
2023-09-20 |
Dassault Systèmes SolidWorks SLDPRT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-908 |
ZDI-CAN-20882 |
Dassault Systèmes |
CVE-2023-2763 |
7.8 |
2023-07-12 |
2023-09-20 |
Dassault Systèmes SolidWorks DXF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-907 |
ZDI-CAN-19432 |
Siemens |
CVE-2023-26495 |
3.3 |
2023-07-10 |
|
Siemens Solid Edge Viewer DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-906 |
ZDI-CAN-20785 |
Delta Electronics |
CVE-2023-34347 |
9.8 |
2023-07-10 |
|
Delta Electronics InfraSuite Device Master Device-Gateway Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-23-905 |
ZDI-CAN-20911 |
Delta Electronics |
CVE-2023-30765 |
8.8 |
2023-07-10 |
|
Delta Electronics InfraSuite Device Master modifyusergroup Improper Access Control Privilege Escalation Vulnerability |
| ZDI-23-904 |
ZDI-CAN-20606 |
Delta Electronics |
CVE-2023-34316 |
6.5 |
2023-07-10 |
|
Delta Electronics InfraSuite Device Master APRunning Improper Access Control Information Disclosure Vulnerability |
| ZDI-23-903 |
ZDI-CAN-20775 |
GStreamer |
CVE-2023-37327 |
7.6 |
2023-07-06 |
|
GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability |
| ZDI-23-902 |
ZDI-CAN-20968 |
GStreamer |
CVE-2023-37329 |
8.8 |
2023-07-06 |
|
GStreamer SRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-901 |
ZDI-CAN-20994 |
GStreamer |
CVE-2023-37328 |
8.8 |
2023-07-06 |
|
GStreamer PGS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-900 |
ZDI-CAN-20721 |
Linux |
CVE-2023-35001 |
7.8 |
2023-07-06 |
|
(Pwn2Own) Linux Kernel nftables Incorrect Pointer Scaling Local Privilege Escalation Vulnerability |
| ZDI-23-899 |
ZDI-CAN-20717 |
Linux |
CVE-2023-31248 |
7.8 |
2023-07-06 |
|
(Pwn2Own) Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-23-898 |
ZDI-CAN-20667 |
Canonical |
CVE-2023-1829 |
7.8 |
2023-07-06 |
|
(Pwn2Own) Canonical Ubuntu tcindex Double-Free Local Privilege Escalation Vulnerability |
| ZDI-23-897 |
ZDI-CAN-21496 |
Progress Software |
CVE-2023-36934 |
9.8 |
2023-07-05 |
2023-07-06 |
Progress Software MOVEit Transfer UserProcessPassChangeRequest SQL Injection Remote Code Execution Vulnerability |
| ZDI-23-896 |
ZDI-CAN-20061 |
D-Link |
CVE-2023-35718 |
8.8 |
2023-07-05 |
|
D-Link DAP-2622 DDP Change ID Password Auth Password Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-895 |
ZDI-CAN-20484 |
TP-Link |
CVE-2023-35717 |
8.8 |
2023-07-05 |
|
TP-Link Tapo C210 Password Recovery Authentication Bypass Vulnerability |
| ZDI-23-894 |
ZDI-CAN-20429 |
NETGEAR |
CVE-2023-35722 |
8.8 |
2023-06-30 |
|
NETGEAR RAX30 UPnP Command Injection Remote Code Execution Vulnerability |
| ZDI-23-893 |
ZDI-CAN-19981 |
NETGEAR |
CVE-2023-35721 |
8.1 |
2023-06-30 |
|
NETGEAR Multiple Routers curl_post Improper Certificate Validation Remote Code Execution Vulnerability |
| ZDI-23-892 |
ZDI-CAN-20983 |
D-Link |
CVE-2023-35723 |
8.8 |
2023-06-30 |
|
D-Link DIR-X3260 prog.cgi SOAPAction Command Injection Remote Code Execution Vulnerability |
| ZDI-23-891 |
ZDI-CAN-17009 |
ManageEngine |
CVE-2023-35719 |
6.8 |
2023-06-21 |
|
(0Day) ManageEngine ADSelfService Plus GINA Client Insufficient Verification of Data Authenticity Authentication Bypass Vulnerability |
| ZDI-23-890 |
ZDI-CAN-20722 |
Microsoft |
CVE-2023-29539 |
8.8 |
2023-06-16 |
|
(Pwn2Own) Microsoft Windows UMPDDrvEnablePDEV Improper Input Validation Local Privilege Escalation Vulnerability |
| ZDI-23-889 |
ZDI-CAN-20793 |
Schneider Electric |
CVE-2023-3001 |
7.8 |
2023-06-16 |
|
Schneider Electric IGSS DashFiles Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-23-888 |
ZDI-CAN-20963 |
Adobe |
CVE-2023-21618 |
7.8 |
2023-06-16 |
|
Adobe Substance 3D Designer SBS File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-23-887 |
ZDI-CAN-21089 |
Microsoft |
CVE-2023-29363 |
5.3 |
2023-06-16 |
|
Microsoft Windows PGM Invalid Transmission Group Size Denial-of-Service Vulnerability |
| ZDI-23-886 |
ZDI-CAN-20736 |
Microsoft |
CVE-2023-29361 |
8.8 |
2023-06-16 |
|
(Pwn2Own) Microsoft Windows cldflt Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-23-885 |
ZDI-CAN-20735 |
Microsoft |
CVE-2023-29360 |
8.8 |
2023-06-16 |
|
(Pwn2Own) Microsoft Windows mskssrv Driver Untrusted Pointer Dereference Local Privilege Escalation Vulnerability |
| ZDI-23-884 |
ZDI-CAN-20748 |
Microsoft |
CVE-2023-24954 |
4.3 |
2023-06-16 |
2023-06-20 |
(Pwn2Own) Microsoft SharePoint userphoto Information Disclosure Vulnerability |
| ZDI-23-883 |
ZDI-CAN-20749 |
Microsoft |
CVE-2023-24955 |
8.8 |
2023-06-16 |
2023-06-20 |
(Pwn2Own) Microsoft SharePoint GenerateProxyAssembly Code Injection Remote Code Execution Vulnerability |
| ZDI-23-882 |
ZDI-CAN-20716 |
Microsoft |
CVE-2023-29357 |
9.8 |
2023-06-16 |
|
(Pwn2Own) Microsoft SharePoint ValidateTokenIssuer Improper Verification of Cryptographic Signature Authentication Bypass Vulnerability |
| ZDI-23-881 |
ZDI-CAN-20807 |
Microsoft |
CVE-2023-32031 |
8.8 |
2023-06-16 |
|
Microsoft Exchange Command Class Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-23-880 |
ZDI-CAN-19402 |
Microsoft |
CVE-2023-28312 |
5.5 |
2023-06-16 |
|
Microsoft Azure Machine Learning Service DSIMountAgent Missing Authentication Information Disclosure Vulnerability |
| ZDI-23-879 |
ZDI-CAN-20417 |
Ashlar-Vellum |
CVE-2023-35716 |
7.8 |
2023-06-15 |
|
(0Day) Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-878 |
ZDI-CAN-20408 |
Ashlar-Vellum |
CVE-2023-35715 |
7.8 |
2023-06-15 |
|
(0Day) Ashlar-Vellum Cobalt AR File Parsing Uninitialized Memory Remote Code Execution Vulnerability |
| ZDI-23-877 |
ZDI-CAN-18005 |
Ashlar-Vellum |
CVE-2023-35714 |
7.8 |
2023-06-15 |
|
(0Day) Ashlar-Vellum Cobalt IGS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-876 |
ZDI-CAN-20201 |
Ashlar-Vellum |
CVE-2023-35713 |
7.8 |
2023-06-15 |
|
(0Day) Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability |
| ZDI-23-875 |
ZDI-CAN-20200 |
Ashlar-Vellum |
CVE-2023-35712 |
7.8 |
2023-06-15 |
|
(0Day) Ashlar-Vellum Cobalt XE File Parsing Uninitialized Memory Remote Code Execution Vulnerability |
| ZDI-23-874 |
ZDI-CAN-20189 |
Ashlar-Vellum |
CVE-2023-35711 |
7.0 |
2023-06-15 |
|
(0Day) Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-23-873 |
ZDI-CAN-19956 |
Ashlar-Vellum |
CVE-2023-35710 |
7.8 |
2023-06-15 |
|
(0Day) Ashlar-Vellum Cobalt Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-872 |
ZDI-CAN-19928 |
Ashlar-Vellum |
CVE-2023-35709 |
7.8 |
2023-06-15 |
|
(0Day) Ashlar-Vellum Cobalt Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-871 |
ZDI-CAN-19879 |
Ashlar-Vellum |
CVE-2023-34311 |
7.8 |
2023-06-15 |
|
(0Day) Ashlar-Vellum Cobalt Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-23-870 |
ZDI-CAN-19878 |
Ashlar-Vellum |
CVE-2023-34310 |
7.8 |
2023-06-15 |
|
(0Day) Ashlar-Vellum Cobalt Uninitialized Memory Remote Code Execution Vulnerability |
| ZDI-23-869 |
ZDI-CAN-19876 |
Ashlar-Vellum |
CVE-2023-34309 |
7.8 |
2023-06-15 |
|
(0Day) Ashlar-Vellum Cobalt Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-23-868 |
ZDI-CAN-18913 |
Ashlar-Vellum |
CVE-2023-34308 |
7.8 |
2023-06-15 |
|
(0Day) Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-867 |
ZDI-CAN-18910 |
Ashlar-Vellum |
CVE-2023-34307 |
7.8 |
2023-06-15 |
|
(0Day) Ashlar-Vellum Graphite VC6 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-866 |
ZDI-CAN-18908 |
Ashlar-Vellum |
CVE-2023-34306 |
7.8 |
2023-06-15 |
|
(0Day) Ashlar-Vellum Graphite VC6 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-865 |
ZDI-CAN-18637 |
Ashlar-Vellum |
CVE-2023-34305 |
7.0 |
2023-06-15 |
|
(0Day) Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-864 |
ZDI-CAN-18006 |
Ashlar-Vellum |
CVE-2023-34304 |
7.8 |
2023-06-15 |
|
(0Day) Ashlar-Vellum Cobalt Out-Of-Bounds Access Remote Code Execution Vulnerability |
| ZDI-23-863 |
ZDI-CAN-17987 |
Ashlar-Vellum |
CVE-2023-34303 |
7.8 |
2023-06-15 |
|
(0Day) Ashlar-Vellum Cobalt Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-862 |
ZDI-CAN-17865 |
Ashlar-Vellum |
CVE-2023-34302 |
7.8 |
2023-06-15 |
|
(0Day) Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-861 |
ZDI-CAN-17909 |
Ashlar-Vellum |
CVE-2023-34301 |
7.8 |
2023-06-15 |
|
(0Day) Ashlar-Vellum Cobalt CO File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-23-860 |
ZDI-CAN-17948 |
Ashlar-Vellum |
CVE-2023-34300 |
7.8 |
2023-06-15 |
|
(0Day) Ashlar-Vellum Cobalt XE File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-23-859 |
ZDI-CAN-17910 |
Ashlar-Vellum |
CVE-2023-34299 |
7.8 |
2023-06-15 |
|
(0Day) Ashlar-Vellum Cobalt CO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-858 |
ZDI-CAN-17687 |
Pulse Secure |
CVE-2023-34298 |
7.8 |
2023-06-14 |
|
(0Day) Pulse Secure Client SetupService Directory Traversal Local Privilege Escalation Vulnerability |
| ZDI-23-857 |
ZDI-CAN-18867 |
Trend Micro |
CVE-2023-32535 |
6.1 |
2023-05-24 |
2023-06-14 |
Trend Micro Apex Central Cross-Site Scripting Remote Code Execution Vulnerability |
| ZDI-23-856 |
ZDI-CAN-21127 |
Sante |
CVE-2023-34297 |
7.8 |
2023-06-08 |
|
Sante DICOM Viewer Pro JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-855 |
ZDI-CAN-21126 |
Sante |
CVE-2023-34296 |
7.8 |
2023-06-08 |
|
Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-854 |
ZDI-CAN-21125 |
Sante |
CVE-2023-34295 |
7.8 |
2023-06-08 |
|
Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-853 |
ZDI-CAN-21086 |
Sante |
CVE-2023-34294 |
3.3 |
2023-06-08 |
|
Sante DICOM Viewer Pro DCM File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-23-852 |
ZDI-CAN-20003 |
Western Digital |
CVE-2022-29842 |
7.5 |
2023-06-08 |
|
(Pwn2Own) Western Digital MyCloud PR4100 account_mgr Command Injection Remote Code Execution Vulnerability |
| ZDI-23-851 |
ZDI-CAN-19856 |
Western Digital |
CVE-2022-36326 |
6.5 |
2023-06-08 |
|
(Pwn2Own) Western Digital MyCloud PR4100 RESTSDK Uncontrolled Resource Consumption Denial-of-Service Vulnerability |
| ZDI-23-850 |
ZDI-CAN-19767 |
Western Digital |
CVE-2022-29840 |
7.3 |
2023-06-08 |
|
(Pwn2Own) Western Digital MyCloud PR4100 RESTSDK Server-Side Request Forgery Vulnerability |
| ZDI-23-849 |
ZDI-CAN-19607 |
Western Digital |
CVE-2022-29841 |
8.8 |
2023-06-08 |
|
(Pwn2Own) Western Digital MyCloud PR4100 do_reboot Command Injection Remote Code Execution Vulnerability |
| ZDI-23-848 |
ZDI-CAN-19862 |
Western Digital |
CVE-2022-36328 |
8.8 |
2023-06-08 |
|
(Pwn2Own) Western Digital MyCloud PR4100 restsdk Directory Traversal Arbitrary File Read and Write Vulnerability |
| ZDI-23-847 |
ZDI-CAN-19861 |
Western Digital |
CVE-2022-36331 |
8.8 |
2023-06-08 |
|
(Pwn2Own) Western Digital MyCloud PR4100 Authentication Bypass Vulnerability |
| ZDI-23-846 |
ZDI-CAN-19860 |
Western Digital |
CVE-2022-36331 |
7.5 |
2023-06-08 |
|
(Pwn2Own) Western Digital MyCloud PR4100 Information Disclosure Vulnerability |
| ZDI-23-845 |
ZDI-CAN-20714 |
Apple |
CVE-2023-32413 |
7.8 |
2023-06-08 |
|
(Pwn2Own) Apple macOS /dev/fd Race Condition Local Privilege Escalation Vulnerability |
| ZDI-23-844 |
ZDI-CAN-20222 |
Apple |
CVE-2023-32375 |
3.3 |
2023-06-08 |
|
Apple macOS Hydra USD Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-843 |
ZDI-CAN-19699 |
Samsung |
|
8.8 |
2023-06-08 |
|
(Pwn2Own) Samsung Galaxy S22 McsWebViewActivity Permissive List of Allowed Inputs Remote Code Execution Vulnerability |
| ZDI-23-842 |
ZDI-CAN-20778 |
VMware |
CVE-2023-20889 |
6.5 |
2023-06-08 |
|
VMware Aria Operations for Networks exportPDF Code Injection Information Disclosure Vulnerability |
| ZDI-23-841 |
ZDI-CAN-20612 |
VMware |
CVE-2023-20888 |
8.8 |
2023-06-08 |
|
VMware Aria Operations for Networks getNotifiedEvents Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-23-840 |
ZDI-CAN-19980 |
VMware |
CVE-2023-20887 |
9.8 |
2023-06-08 |
|
VMware Aria Operations for Networks createSupportBundle Command Injection Remote Code Execution Vulnerability |
| ZDI-23-839 |
ZDI-CAN-19918 |
NETGEAR |
CVE-2023-34285 |
8.8 |
2023-06-08 |
|
NETGEAR RAX30 cmsCli_authenticate Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-838 |
ZDI-CAN-19660 |
NETGEAR |
CVE-2023-34284 |
6.3 |
2023-06-08 |
|
NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability |
| ZDI-23-837 |
ZDI-CAN-19498 |
NETGEAR |
CVE-2023-34283 |
4.6 |
2023-06-08 |
|
NETGEAR RAX30 USB Share Link Following Information Disclosure Vulnerability |
| ZDI-23-836 |
ZDI-CAN-19681 |
Trend Micro |
CVE-2023-34145 |
7.8 |
2023-06-08 |
|
Trend Micro Apex One Security Agent Untrusted Search Path Local Privilege Escalation Vulnerability |
| ZDI-23-835 |
ZDI-CAN-19680 |
Trend Micro |
CVE-2023-34144 |
7.8 |
2023-06-08 |
|
Trend Micro Apex One Security Agent Untrusted Search Path Local Privilege Escalation Vulnerability |
| ZDI-23-834 |
ZDI-CAN-19192 |
Trend Micro |
CVE-2023-34148 |
7.8 |
2023-06-08 |
|
Trend Micro Apex One Security Agent Exposed Dangerous Function Local Privilege Escalation Vulnerability |
| ZDI-23-833 |
ZDI-CAN-19191 |
Trend Micro |
CVE-2023-34147 |
7.8 |
2023-06-08 |
|
Trend Micro Apex One Security Agent Exposed Dangerous Function Local Privilege Escalation Vulnerability |
| ZDI-23-832 |
ZDI-CAN-19188 |
Trend Micro |
CVE-2023-34146 |
7.8 |
2023-06-08 |
|
Trend Micro Apex One Security Agent Exposed Dangerous Function Local Privilege Escalation Vulnerability |
| ZDI-23-831 |
ZDI-CAN-18636 |
Ashlar-Vellum |
CVE-2023-34293 |
7.0 |
2023-06-08 |
|
Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-830 |
ZDI-CAN-18552 |
Ashlar-Vellum |
CVE-2023-34292 |
7.8 |
2023-06-08 |
|
Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-829 |
ZDI-CAN-18401 |
Ashlar-Vellum |
CVE-2023-34291 |
7.8 |
2023-06-08 |
|
Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-828 |
ZDI-CAN-18007 |
Ashlar-Vellum |
CVE-2023-34290 |
7.8 |
2023-06-08 |
|
Ashlar-Vellum Cobalt Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-827 |
ZDI-CAN-17985 |
Ashlar-Vellum |
CVE-2023-34289 |
7.8 |
2023-06-08 |
|
Ashlar-Vellum Cobalt Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-826 |
ZDI-CAN-17966 |
Ashlar-Vellum |
CVE-2023-34288 |
7.0 |
2023-06-08 |
|
Ashlar-Vellum Cobalt XE File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-23-825 |
ZDI-CAN-17892 |
Ashlar-Vellum |
CVE-2023-34287 |
7.8 |
2023-06-08 |
|
Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-824 |
ZDI-CAN-17891 |
Ashlar-Vellum |
CVE-2023-34286 |
7.8 |
2023-06-08 |
|
Ashlar-Vellum Cobalt CO File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-823 |
ZDI-CAN-16781 |
Fuji Electric |
CVE-2022-3087 |
7.8 |
2023-06-08 |
|
Fuji Electric Tellus Lite V-Simulator 6 X1 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-822 |
ZDI-CAN-16779 |
Fuji Electric |
CVE-2022-3087 |
7.8 |
2023-06-08 |
|
Fuji Electric Tellus Lite V-Simulator 6 X1 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-821 |
ZDI-CAN-16717 |
Fuji Electric |
CVE-2022-3085 |
7.8 |
2023-06-08 |
|
Fuji Electric Tellus Lite V-Simulator 6 X1 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-820 |
ZDI-CAN-16602 |
Fuji Electric |
CVE-2022-3087 |
7.8 |
2023-06-08 |
|
Fuji Electric Tellus Lite V-Simulator 6 X1 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-819 |
ZDI-CAN-16600 |
Fuji Electric |
CVE-2022-3087 |
7.8 |
2023-06-08 |
|
Fuji Electric Tellus Lite V-Simulator 6 X1 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-818 |
ZDI-CAN-19059 |
ZTE |
CVE-2023-25649 |
6.8 |
2023-06-07 |
2023-08-31 |
(0Day) ZTE MF286R goahead Command Injection Remote Code Execution Vulnerability |
| ZDI-23-817 |
ZDI-CAN-19374 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-816 |
ZDI-CAN-19373 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-815 |
ZDI-CAN-19372 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-814 |
ZDI-CAN-19371 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-813 |
ZDI-CAN-19370 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-812 |
ZDI-CAN-19346 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-811 |
ZDI-CAN-19345 |
Delta Electronics |
CVE-2023-24014 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-810 |
ZDI-CAN-19344 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-809 |
ZDI-CAN-19343 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-808 |
ZDI-CAN-19342 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-807 |
ZDI-CAN-19341 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-806 |
ZDI-CAN-19340 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-805 |
ZDI-CAN-19336 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-804 |
ZDI-CAN-19335 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-803 |
ZDI-CAN-19334 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-802 |
ZDI-CAN-19332 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-801 |
ZDI-CAN-19330 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-800 |
ZDI-CAN-19329 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-799 |
ZDI-CAN-19328 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-798 |
ZDI-CAN-19327 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-797 |
ZDI-CAN-19326 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-796 |
ZDI-CAN-19325 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-795 |
ZDI-CAN-19220 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-794 |
ZDI-CAN-19219 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-793 |
ZDI-CAN-19218 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-792 |
ZDI-CAN-19217 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-791 |
ZDI-CAN-19216 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-790 |
ZDI-CAN-19215 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-789 |
ZDI-CAN-19214 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-788 |
ZDI-CAN-19213 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-787 |
ZDI-CAN-19211 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-786 |
ZDI-CAN-19210 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-785 |
ZDI-CAN-19209 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-784 |
ZDI-CAN-19208 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-783 |
ZDI-CAN-19207 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-782 |
ZDI-CAN-19206 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-781 |
ZDI-CAN-19205 |
Delta Electronics |
CVE-2023-25177 |
7.8 |
2023-06-01 |
2023-06-06 |
Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-780 |
ZDI-CAN-20577 |
Unified Automation |
CVE-2023-32174 |
9.1 |
2023-05-31 |
|
Unified Automation UaGateway NodeManagerOpcUa Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-779 |
ZDI-CAN-20576 |
Unified Automation |
CVE-2023-32173 |
5.8 |
2023-05-31 |
|
Unified Automation UaGateway AddServer XML Injection Denial-of-Service Vulnerability |
| ZDI-23-778 |
ZDI-CAN-20544 |
Prosys OPC |
CVE-2023-32787 |
7.5 |
2023-05-31 |
|
(Pwn2Own) Prosys OPC UA Simulation Server OpenSecureChannel Resource Exhaustion Denial-of-Service Vulnerability |
| ZDI-23-777 |
ZDI-CAN-20497 |
Unified Automation |
CVE-2023-32172 |
6.5 |
2023-05-31 |
|
(Pwn2Own) Unified Automation UaGateway OPC UA Server Use-After-Free Denial-of-Service Vulnerability |
| ZDI-23-776 |
ZDI-CAN-20495 |
Unified Automation |
CVE-2023-32171 |
6.5 |
2023-05-31 |
|
(Pwn2Own) Unified Automation UaGateway OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability |
| ZDI-23-775 |
ZDI-CAN-20494 |
Unified Automation |
CVE-2023-32170 |
6.5 |
2023-05-31 |
|
(Pwn2Own) Unified Automation UaGateway OPC UA Server Improper Input Validation Denial-of-Service Vulnerability |
| ZDI-23-774 |
ZDI-CAN-19768 |
Samsung |
CVE-2023-21516 |
8.8 |
2023-05-31 |
|
(Pwn2Own) Samsung Galaxy S22 McsWebViewActivity Permissive List of Allowed Inputs Remote Code Execution Vulnerability |
| ZDI-23-773 |
ZDI-CAN-19751 |
Samsung |
CVE-2023-21514 |
8.8 |
2023-05-31 |
|
(Pwn2Own) Samsung Galaxy S22 InstantPlaysDeepLink Permissive List of Allowed Inputs Remote Code Execution Vulnerability |
| ZDI-23-772 |
ZDI-CAN-19585 |
Samsung |
CVE-2023-21515 |
8.8 |
2023-05-31 |
|
(Pwn2Own) Samsung Galaxy S22 McsWebViewActivity Permissive List of Allowed Inputs Remote Code Execution Vulnerability |
| ZDI-23-771 |
ZDI-CAN-18183 |
Fatek Automation |
CVE-2023-34273 |
7.8 |
2023-05-31 |
|
(0Day) Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-770 |
ZDI-CAN-18182 |
Fatek Automation |
CVE-2023-34272 |
7.8 |
2023-05-31 |
|
(0Day) Fatek Automation FvDesigner FPJ File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-23-769 |
ZDI-CAN-18178 |
Fatek Automation |
CVE-2023-34271 |
7.8 |
2023-05-31 |
|
(0Day) Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-768 |
ZDI-CAN-18176 |
Fatek Automation |
CVE-2023-34270 |
7.8 |
2023-05-31 |
|
(0Day) Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-767 |
ZDI-CAN-18173 |
Fatek Automation |
CVE-2023-34269 |
7.8 |
2023-05-31 |
|
(0Day) Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-766 |
ZDI-CAN-18172 |
Fatek Automation |
CVE-2023-34268 |
7.8 |
2023-05-31 |
|
(0Day) Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-765 |
ZDI-CAN-18170 |
Fatek Automation |
CVE-2023-34267 |
7.8 |
2023-05-31 |
|
(0Day) Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-764 |
ZDI-CAN-18168 |
Fatek Automation |
CVE-2023-34266 |
7.8 |
2023-05-31 |
|
(0Day) Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-763 |
ZDI-CAN-18166 |
Fatek Automation |
CVE-2023-34265 |
7.8 |
2023-05-31 |
|
(0Day) Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-762 |
ZDI-CAN-18164 |
Fatek Automation |
CVE-2023-34264 |
7.8 |
2023-05-31 |
|
(0Day) Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-761 |
ZDI-CAN-18162 |
Fatek Automation |
CVE-2023-34263 |
7.8 |
2023-05-31 |
|
(0Day) Fatek Automation FvDesigner FPJ File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-23-760 |
ZDI-CAN-18161 |
Fatek Automation |
CVE-2023-34262 |
7.8 |
2023-05-31 |
|
(0Day) Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-759 |
ZDI-CAN-19397 |
VIPRE |
CVE-2023-32179 |
7.8 |
2023-05-31 |
2023-06-14 |
(0Day) VIPRE Antivirus Plus FPQuarTransfer Link Following Local Privilege Escalation Vulnerability |
| ZDI-23-758 |
ZDI-CAN-19396 |
VIPRE |
CVE-2023-32178 |
7.8 |
2023-05-31 |
2023-06-14 |
(0Day) VIPRE Antivirus Plus TelFileTransfer Link Following Local Privilege Escalation Vulnerability |
| ZDI-23-757 |
ZDI-CAN-19395 |
VIPRE |
CVE-2023-32177 |
7.8 |
2023-05-31 |
2023-06-14 |
(0Day) VIPRE Antivirus Plus DeleteHistoryFile Directory Traversal Local Privilege Escalation Vulnerability |
| ZDI-23-756 |
ZDI-CAN-19394 |
VIPRE |
CVE-2023-32176 |
7.8 |
2023-05-31 |
2023-06-14 |
(0Day) VIPRE Antivirus Plus SetPrivateConfig Directory Traversal Local Privilege Escalation Vulnerability |
| ZDI-23-755 |
ZDI-CAN-18899 |
VIPRE |
CVE-2023-32175 |
7.8 |
2023-05-31 |
2023-06-14 |
(0Day) VIPRE Antivirus Plus Link Following Local Privilege Escalation Vulnerability |
| ZDI-23-754 |
ZDI-CAN-18521 |
Microsoft |
CVE-2023-27911 |
7.8 |
2023-05-31 |
2023-09-12 |
(0Day) Microsoft 3D Viewer FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-753 |
ZDI-CAN-19052 |
Microsoft |
|
3.3 |
2023-05-31 |
2023-05-31 |
(0Day) Microsoft 3D Viewer PLY File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-752 |
ZDI-CAN-18158 |
SAP |
CVE-2022-41211 |
7.8 |
2023-05-31 |
|
SAP 3D Visual Enterprise Viewer DST File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-751 |
ZDI-CAN-18157 |
SAP |
CVE-2022-41211 |
7.8 |
2023-05-31 |
|
SAP 3D Visual Enterprise Viewer DST File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-750 |
ZDI-CAN-18156 |
SAP |
CVE-2022-41211 |
7.8 |
2023-05-31 |
|
SAP 3D Visual Enterprise Author DST File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-749 |
ZDI-CAN-18155 |
SAP |
CVE-2022-41211 |
7.8 |
2023-05-31 |
|
SAP 3D Visual Enterprise Author DST File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-748 |
ZDI-CAN-18118 |
SAP |
CVE-2022-41211 |
7.8 |
2023-05-31 |
|
SAP 3D Visual Enterprise Author DST File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-747 |
ZDI-CAN-16667 |
SAP |
CVE-2022-32240 |
7.8 |
2023-05-31 |
|
SAP 3D Visual Enterprise Viewer JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-746 |
ZDI-CAN-16666 |
SAP |
CVE-2022-26107 |
7.8 |
2023-05-31 |
|
SAP 3D Visual Enterprise Viewer JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-745 |
ZDI-CAN-16662 |
SAP |
CVE-2022-32235 |
7.8 |
2023-05-31 |
|
SAP 3D Visual Enterprise Viewer DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-744 |
ZDI-CAN-17336 |
SAP |
CVE-2022-35299 |
8.1 |
2023-05-31 |
|
SAP SQL Anywhere Database Server Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-743 |
ZDI-CAN-17196 |
Unified Automation |
|
7.5 |
2023-05-31 |
|
(Pwn2Own) Unified Automation OPC UA C++ Demo Server DemoDynamicNodesDeleteDynamicNode Use-After Free Denial-of-Service Vulnerability |
| ZDI-23-742 |
ZDI-CAN-16857 |
Wacom |
CVE-2023-32163 |
7.8 |
2023-05-26 |
|
(0Day) Wacom Drivers for Windows Link Following Local Privilege Escalation Vulnerability |
| ZDI-23-741 |
ZDI-CAN-16318 |
Wacom |
CVE-2023-32162 |
7.8 |
2023-05-26 |
|
(0Day) Wacom Drivers for Windows Incorrect Permission Assignment Local Privilege Escalation Vulnerability |
| ZDI-23-740 |
ZDI-CAN-17070 |
Adobe |
CVE-2022-44515 |
3.3 |
2023-05-25 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-739 |
ZDI-CAN-17064 |
Adobe |
CVE-2022-44514 |
7.8 |
2023-05-25 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-738 |
ZDI-CAN-16957 |
Adobe |
CVE-2022-44513 |
7.8 |
2023-05-25 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-737 |
ZDI-CAN-16951 |
Adobe |
CVE-2022-44512 |
7.8 |
2023-05-25 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-736 |
ZDI-CAN-16875 |
Adobe |
CVE-2022-44520 |
7.8 |
2023-05-25 |
|
Adobe Acrobat Reader DC Highlight Annotation noView Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-735 |
ZDI-CAN-16874 |
Adobe |
CVE-2022-44519 |
3.3 |
2023-05-25 |
|
Adobe Acrobat Reader DC Annotation Highlight popupOpen Use-After-Free Information Disclosure Vulnerability |
| ZDI-23-734 |
ZDI-CAN-16873 |
Adobe |
CVE-2022-44518 |
7.8 |
2023-05-25 |
|
Adobe Acrobat Reader DC Annotation Highlight delay Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-733 |
ZDI-CAN-16872 |
Adobe |
CVE-2022-44517 |
3.3 |
2023-05-25 |
|
Adobe Acrobat Reader DC Annotation fillColor Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-732 |
ZDI-CAN-16871 |
Adobe |
CVE-2022-44516 |
3.3 |
2023-05-25 |
|
Adobe Acrobat Reader DC Annotation lineWidth Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-731 |
ZDI-CAN-19606 |
Adobe |
|
7.8 |
2023-05-25 |
|
Adobe Dimension SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-730 |
ZDI-CAN-19617 |
Adobe |
|
7.8 |
2023-05-25 |
|
Adobe Dimension SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-729 |
ZDI-CAN-19620 |
Adobe |
|
7.8 |
2023-05-25 |
|
Adobe Dimension SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-728 |
ZDI-CAN-19621 |
Adobe |
|
3.3 |
2023-05-25 |
|
Adobe Dimension SKP File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-23-727 |
ZDI-CAN-19605 |
Adobe |
|
7.8 |
2023-05-25 |
|
Adobe Dimension SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-726 |
ZDI-CAN-18876 |
Trend Micro |
CVE-2023-32533 |
6.1 |
2023-05-24 |
|
Trend Micro Apex Central Cross-Site Scripting Remote Code Execution Vulnerability |
| ZDI-23-725 |
ZDI-CAN-18874 |
Trend Micro |
CVE-2023-32534 |
6.1 |
2023-05-24 |
|
Trend Micro Apex Central Cross-Site Scripting Remote Code Execution Vulnerability |
| ZDI-23-724 |
ZDI-CAN-18872 |
Trend Micro |
CVE-2023-32531 |
6.1 |
2023-05-24 |
|
Trend Micro Apex Central Cross-Site Scripting Remote Code Execution Vulnerability |
| ZDI-23-723 |
ZDI-CAN-18871 |
Trend Micro |
CVE-2023-32532 |
6.1 |
2023-05-24 |
|
Trend Micro Apex Central Cross-Site Scripting Remote Code Execution Vulnerability |
| ZDI-23-722 |
ZDI-CAN-16184 |
Microsoft |
CVE-2022-34691 |
8.4 |
2023-05-24 |
|
Microsoft Windows Active Directory Certificate Services Improper Authorization Privilege Escalation Vulnerability |
| ZDI-23-721 |
ZDI-CAN-19895 |
Moxa |
CVE-2023-33235 |
7.2 |
2023-05-24 |
|
Moxa MXsecurity Series Restricted Shell Command Injection Remote Code Execution Vulnerability |
| ZDI-23-720 |
ZDI-CAN-19896 |
Moxa |
CVE-2023-33236 |
9.8 |
2023-05-24 |
|
Moxa MXsecurity Series Hardcoded JWT Key Authentication Bypass Vulnerability |
| ZDI-23-719 |
ZDI-CAN-19534 |
D-Link |
CVE-2023-32168 |
8.8 |
2023-05-24 |
|
D-Link D-View showUser Improper Authorization Privilege Escalation Vulnerability |
| ZDI-23-718 |
ZDI-CAN-19529 |
D-Link |
CVE-2023-32167 |
6.5 |
2023-05-24 |
|
D-Link D-View uploadMib Directory Traversal Arbitrary File Creation or Deletion Vulnerability |
| ZDI-23-717 |
ZDI-CAN-19527 |
D-Link |
CVE-2023-32166 |
8.1 |
2023-05-24 |
|
D-Link D-View uploadFile Directory Traversal Arbitrary File Creation Vulnerability |
| ZDI-23-716 |
ZDI-CAN-19497 |
D-Link |
CVE-2023-32165 |
9.8 |
2023-05-24 |
|
D-Link D-View TftpReceiveFileHandler Directory Traversal Remote Code Execution Vulnerability |
| ZDI-23-715 |
ZDI-CAN-19496 |
D-Link |
CVE-2023-32164 |
7.5 |
2023-05-24 |
|
D-Link D-View TftpSendFileThread Directory Traversal Information Disclosure Vulnerability |
| ZDI-23-714 |
ZDI-CAN-19659 |
D-Link |
CVE-2023-32169 |
9.8 |
2023-05-24 |
|
D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability |
| ZDI-23-713 |
ZDI-CAN-17388 |
Samba |
CVE-2022-32742 |
5.9 |
2023-05-24 |
|
Samba SMB1 Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-712 |
ZDI-CAN-19227 |
Autodesk |
CVE-2023-27908 |
7.8 |
2023-05-24 |
|
Autodesk On-Demand Install Services Link Following Local Privilege Escalation Vulnerability |
| ZDI-23-711 |
ZDI-CAN-19760 |
Canon |
CVE-2023-0852 |
8.8 |
2023-05-19 |
|
(Pwn2Own) Canon imageCLASS MF743Cdw rls-login Authorization Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-710 |
ZDI-CAN-19797 |
Mikrotik |
CVE-2023-32154 |
7.5 |
2023-05-17 |
|
(0Day) (Pwn2Own) Mikrotik RouterOS RADVD Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-709 |
ZDI-CAN-20503 |
Prosys OPC |
CVE-2023-32787 |
7.5 |
2023-05-17 |
2023-05-30 |
(Pwn2Own) Prosys OPC UA Simulation Server Resource Exhaustion Denial-of-Service Vulnerability |
| ZDI-23-708 |
ZDI-CAN-20292 |
Linux |
CVE-2023-33952 |
8.2 |
2023-05-17 |
2023-05-26 |
Linux Kernel vmwgfx Driver Double Free Local Privilege Escalation Vulnerability |
| ZDI-23-707 |
ZDI-CAN-20110 |
Linux |
CVE-2023-33951 |
6.7 |
2023-05-17 |
2023-05-26 |
Linux Kernel vmwgfx Driver Race Condition Information Disclosure Vulnerability |
| ZDI-23-706 |
ZDI-CAN-20796 |
Linux |
CVE-2023-32258 |
8.1 |
2023-05-17 |
|
Linux Kernel ksmbd Session Race Condition Remote Code Execution Vulnerability |
| ZDI-23-705 |
ZDI-CAN-20596 |
Linux |
CVE-2023-32257 |
8.1 |
2023-05-17 |
|
Linux Kernel ksmbd Session Race Condition Remote Code Execution Vulnerability |
| ZDI-23-704 |
ZDI-CAN-20595 |
Linux |
CVE-2023-32256 |
7.5 |
2023-05-17 |
|
Linux Kernel ksmbd Session User Object Race Condition Information Disclosure Vulnerability |
| ZDI-23-703 |
ZDI-CAN-20593 |
Linux |
CVE-2023-32255 |
5.3 |
2023-05-17 |
|
Linux Kernel ksmbd Session Setup Memory Leak Denial-of-Service Vulnerability |
| ZDI-23-702 |
ZDI-CAN-20592 |
Linux |
CVE-2023-32254 |
9.8 |
2023-05-17 |
|
Linux Kernel ksmbd Tree Connection Race Condition Remote Code Execution Vulnerability |
| ZDI-23-701 |
ZDI-CAN-20591 |
Linux |
CVE-2023-32253 |
5.9 |
2023-05-17 |
|
Linux Kernel ksmbd Session Deadlock Denial-of-Service Vulnerability |
| ZDI-23-700 |
ZDI-CAN-20590 |
Linux |
CVE-2023-32252 |
7.5 |
2023-05-17 |
|
Linux Kernel ksmbd Session NULL Pointer Dereference Denial-of-Service Vulnerability |
| ZDI-23-699 |
ZDI-CAN-20482 |
Linux |
CVE-2023-32251 |
3.7 |
2023-05-17 |
|
Linux Kernel ksmbd Improper Restriction of Excessive Authentication Attempts Protection Bypass Vulnerability |
| ZDI-23-698 |
ZDI-CAN-20481 |
Linux |
CVE-2023-32250 |
9.0 |
2023-05-17 |
|
Linux Kernel ksmbd Session Race Condition Remote Code Execution Vulnerability |
| ZDI-23-697 |
ZDI-CAN-20480 |
Linux |
CVE-2023-32249 |
6.5 |
2023-05-17 |
|
Linux Kernel ksmbd Multichannel Improper Authentication Session Hijack Vulnerability |
| ZDI-23-696 |
ZDI-CAN-20479 |
Linux |
CVE-2023-32248 |
7.5 |
2023-05-17 |
|
Linux Kernel ksmbd Tree Connection NULL Pointer Dereference Denial-of-Service Vulnerability |
| ZDI-23-695 |
ZDI-CAN-20478 |
Linux |
CVE-2023-32247 |
7.5 |
2023-05-17 |
|
Linux Kernel ksmbd Session Setup Memory Exhaustion Denial-of-Service Vulnerability |
| ZDI-23-694 |
ZDI-CAN-20477 |
Linux |
CVE-2023-32246 |
5.0 |
2023-05-17 |
|
Linux Kernel ksmbd RCU Callback Race Condition Local Privilege Escalation Vulnerability |
| ZDI-23-693 |
ZDI-CAN-18259 |
Linux |
CVE-2023-2593 |
5.9 |
2023-05-17 |
|
Linux Kernel ksmbd Memory Exhaustion Denial-of-Service Vulnerability |
| ZDI-23-692 |
ZDI-CAN-18511 |
Linux |
CVE-2023-2860 |
4.4 |
2023-05-17 |
2023-05-26 |
Linux Kernel IPv6 Segment Routing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-691 |
ZDI-CAN-17823 |
Canonical |
|
7.5 |
2023-05-17 |
|
Canonical ksmbd-tools SRVSVC Null Pointer Dereference Denial-of-Service Vulnerability |
| ZDI-23-690 |
ZDI-CAN-17822 |
Canonical |
|
9.8 |
2023-05-17 |
|
Canonical ksmbd-tools WKSSVC Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-689 |
ZDI-CAN-17821 |
Canonical |
|
7.5 |
2023-05-17 |
|
Canonical ksmbd-tools SAMR Null Pointer Dereference Denial-of-Service Vulnerability |
| ZDI-23-688 |
ZDI-CAN-17820 |
Canonical |
|
8.1 |
2023-05-17 |
|
Canonical ksmbd-tools SAMR Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-687 |
ZDI-CAN-17770 |
Canonical |
|
9.8 |
2023-05-17 |
|
Canonical ksmbd-tools LSARPC Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-686 |
ZDI-CAN-19590 |
Delta Electronics |
CVE-2023-1135 |
7.8 |
2023-05-17 |
|
Delta Electronics InfraSuite Device Master Incorrect Permission Assignment Local Privilege Escalation Vulnerability |
| ZDI-23-685 |
ZDI-CAN-19574 |
Delta Electronics |
CVE-2023-1137 |
6.5 |
2023-05-17 |
|
Delta Electronics InfraSuite Device Master APRunning Improper Access Control Information Disclosure Vulnerability |
| ZDI-23-684 |
ZDI-CAN-19446 |
Delta Electronics |
CVE-2023-1141 |
8.8 |
2023-05-17 |
|
Delta Electronics InfraSuite Device Master ExeCommandInCommandLineMode Command Injection Remote Code Execution Vulnerability |
| ZDI-23-683 |
ZDI-CAN-19407 |
Delta Electronics |
CVE-2023-1133 |
9.8 |
2023-05-17 |
|
Delta Electronics InfraSuite Device Master Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-23-682 |
ZDI-CAN-19406 |
Delta Electronics |
CVE-2023-1142 |
7.5 |
2023-05-17 |
|
Delta Electronics InfraSuite Device Master Directory Traversal Information Disclosure Vulnerability |
| ZDI-23-681 |
ZDI-CAN-19365 |
Delta Electronics |
CVE-2023-1145 |
9.8 |
2023-05-17 |
|
Delta Electronics InfraSuite Device Master Device-DataCollect Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-23-680 |
ZDI-CAN-19308 |
Delta Electronics |
CVE-2023-1139 |
9.8 |
2023-05-17 |
|
Delta Electronics InfraSuite Device Master Device-Gateway Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-23-679 |
ZDI-CAN-19281 |
Delta Electronics |
CVE-2023-1136 |
9.8 |
2023-05-17 |
|
Delta Electronics InfraSuite Device Master CheckgRPCAuthentication Authentication Bypass Vulnerability |
| ZDI-23-678 |
ZDI-CAN-19280 |
Delta Electronics |
CVE-2023-1134 |
7.1 |
2023-05-17 |
|
Delta Electronics InfraSuite Device Master CtrlLayerNWCmd_ReportFileOperation Directory Traversal Denial-of-Service Vulnerability |
| ZDI-23-677 |
ZDI-CAN-19279 |
Delta Electronics |
CVE-2023-1134 |
6.5 |
2023-05-17 |
|
Delta Electronics InfraSuite Device Master CtrlLayerNWCmd_ReportFileOperation Directory Traversal Information Disclosure Vulnerability |
| ZDI-23-676 |
ZDI-CAN-19277 |
Delta Electronics |
CVE-2023-1143 |
8.8 |
2023-05-17 |
|
Delta Electronics InfraSuite Device Master ActionExeScriptString Exposed Dangerous Function Remote Code Execution Vulnerability |
| ZDI-23-675 |
ZDI-CAN-19276 |
Delta Electronics |
CVE-2023-1144 |
8.8 |
2023-05-17 |
|
Delta Electronics InfraSuite Device Master Improper Access Control Privilege Escalation Vulnerability |
| ZDI-23-674 |
ZDI-CAN-19223 |
Delta Electronics |
CVE-2023-1140 |
9.8 |
2023-05-17 |
|
Delta Electronics InfraSuite Device Master Missing Authentication Remote Code Execution Vulnerability |
| ZDI-23-673 |
ZDI-CAN-19054 |
Delta Electronics |
CVE-2023-1138 |
7.5 |
2023-05-17 |
|
Delta Electronics InfraSuite Device Master Improper Access Control Information Disclosure Vulnerability |
| ZDI-23-672 |
ZDI-CAN-19053 |
Delta Electronics |
CVE-2023-1133 |
9.8 |
2023-05-17 |
|
Delta Electronics InfraSuite Device Master ParseUDPPacket Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-23-671 |
ZDI-CAN-16888 |
Delta Electronics |
CVE-2022-2969 |
8.1 |
2023-05-17 |
|
Delta Industrial Automation DIALink Directory Traversal Arbitrary File Creation Vulnerability |
| ZDI-23-670 |
ZDI-CAN-19858 |
Lexmark |
CVE-2023-26067 |
7.8 |
2023-05-17 |
|
(Pwn2Own) Lexmark MC3224i lbtraceapp Uncontrolled Search Path Element Local Privilege Escalation Vulnerability |
| ZDI-23-669 |
ZDI-CAN-19731 |
Lexmark |
CVE-2023-26069 |
8.8 |
2023-05-17 |
|
(Pwn2Own) Lexmark MC3224i snmpUTIL Improper Input Validation Remote Code Execution Vulnerability |
| ZDI-23-668 |
ZDI-CAN-19470 |
Lexmark |
CVE-2023-26067 |
8.8 |
2023-05-17 |
|
(Pwn2Own) Lexmark MC3224i fax_change_faxtrace_setting Command Injection Remote Code Execution Vulnerability |
| ZDI-23-667 |
ZDI-CAN-19766 |
Lexmark |
CVE-2023-26067 |
7.8 |
2023-05-17 |
|
(Pwn2Own) Lexmark MC3224i lbtraceapp _WriteTarFile Command Injection Privilege Escalation Vulnerability |
| ZDI-23-666 |
ZDI-CAN-19685 |
Lexmark |
CVE-2023-26066 |
8.8 |
2023-05-17 |
|
(Pwn2Own) Lexmark MC3224i pagemark Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-665 |
ZDI-CAN-19822 |
Lexmark |
CVE-2023-26065 |
8.8 |
2023-05-17 |
|
(Pwn2Own) Lexmark MC3224i putinterval Integer Overflow Remote Code Execution Vulnerability |
| ZDI-23-664 |
ZDI-CAN-19755 |
Lexmark |
CVE-2023-26064 |
8.8 |
2023-05-17 |
|
(Pwn2Own) Lexmark MC3224i putinterval Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-663 |
ZDI-CAN-19859 |
Lexmark |
CVE-2023-26063 |
8.8 |
2023-05-17 |
|
(Pwn2Own) Lexmark MC3224i pagemaker NAME Type Confusion Remote Code Execution Vulnerability |
| ZDI-23-662 |
ZDI-CAN-19753 |
Synology |
CVE-2023-32955 |
7.5 |
2023-05-17 |
|
(Pwn2Own) Synology RT6600ax dhcpd Command Injection Remote Code Execution Vulnerability |
| ZDI-23-661 |
ZDI-CAN-19752 |
Synology |
CVE-2022-43932 |
8.8 |
2023-05-17 |
|
(Pwn2Own) Synology RT6600ax Command Injection Remote Code Execution Vulnerability |
| ZDI-23-660 |
ZDI-CAN-19829 |
Synology |
CVE-2022-45188 |
8.8 |
2023-05-17 |
2023-07-27 |
(Pwn2Own) Synology DiskStation Manager Serv.php Authentication Bypass Vulnerability |
| ZDI-23-659 |
ZDI-CAN-19828 |
Synology |
CVE-2022-45188 |
6.5 |
2023-05-17 |
2023-07-27 |
(Pwn2Own) Synology DiskStation Manager dnsauth.php Missing Authentication Information Disclosure Vulnerability |
| ZDI-23-658 |
ZDI-CAN-19609 |
Synology |
CVE-2022-45188 |
8.8 |
2023-05-17 |
2023-07-27 |
(Pwn2Own) Synology DiskStation Manager api.php Authentication Bypass Vulnerability |
| ZDI-23-657 |
ZDI-CAN-19831 |
Trend Micro |
CVE-2023-32554 |
7.8 |
2023-05-17 |
|
Trend Micro Apex One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability |
| ZDI-23-656 |
ZDI-CAN-19102 |
Trend Micro |
CVE-2023-32555 |
7.8 |
2023-05-17 |
|
Trend Micro Apex One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability |
| ZDI-23-655 |
ZDI-CAN-18290 |
Trend Micro |
CVE-2023-32552 |
6.5 |
2023-05-17 |
|
Trend Micro Apex One Improper Access Control Information Disclosure Vulnerability |
| ZDI-23-654 |
ZDI-CAN-17690 |
Trend Micro |
CVE-2023-32530 |
7.2 |
2023-05-17 |
|
Trend Micro Apex Central modTMMS SQL Injection Remote Code Execution Vulnerability |
| ZDI-23-653 |
ZDI-CAN-17965 |
Trend Micro |
CVE-2023-32553 |
6.5 |
2023-05-17 |
|
Trend Micro Apex One Improper Access Control Information Disclosure Vulnerability |
| ZDI-23-652 |
ZDI-CAN-17688 |
Trend Micro |
CVE-2023-32529 |
7.2 |
2023-05-17 |
|
Trend Micro Apex Central modTMMS SQL Injection Remote Code Execution Vulnerability |
| ZDI-23-651 |
ZDI-CAN-16525 |
Trend Micro |
CVE-2023-32556 |
5.5 |
2023-05-17 |
|
Trend Micro Apex One Security Agent Link Following Information Disclosure Vulnerability |
| ZDI-23-650 |
ZDI-CAN-19349 |
Apple |
CVE-2023-23519 |
3.3 |
2023-05-17 |
|
Apple macOS KTX Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-649 |
ZDI-CAN-19348 |
Apple |
CVE-2023-27929 |
3.3 |
2023-05-17 |
|
Apple macOS KTX Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-648 |
ZDI-CAN-17662 |
Apple |
CVE-2022-42798 |
3.3 |
2023-05-17 |
|
Apple macOS AudioToolbox CAF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-647 |
ZDI-CAN-17338 |
Apple |
CVE-2022-32922 |
8.8 |
2023-05-17 |
|
Apple Safari PDFPluginAnnotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-646 |
ZDI-CAN-17329 |
Apple |
CVE-2022-32912 |
4.3 |
2023-05-17 |
|
Apple WebKit WebGL2 drawRangeElements Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-645 |
ZDI-CAN-17359 |
Apple |
CVE-2022-32797 |
3.3 |
2023-05-17 |
|
Apple macOS AppleScript UASIsConstant SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-644 |
ZDI-CAN-17199 |
Apple |
CVE-2023-27938 |
3.3 |
2023-05-17 |
|
Apple GarageBand MIDI File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-643 |
ZDI-CAN-17778 |
PDF-XChange |
CVE-2023-32161 |
7.8 |
2023-05-17 |
|
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-642 |
ZDI-CAN-17767 |
PDF-XChange |
CVE-2023-32160 |
7.8 |
2023-05-17 |
|
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-641 |
ZDI-CAN-17765 |
PDF-XChange |
CVE-2023-32159 |
7.8 |
2023-05-17 |
|
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-640 |
ZDI-CAN-17764 |
PDF-XChange |
CVE-2023-32158 |
7.8 |
2023-05-17 |
|
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-639 |
ZDI-CAN-17649 |
Schneider Electric |
CVE-2022-42972 |
7.8 |
2023-05-17 |
|
Schneider Electric APC Easy UPS Online Incorrect Permission Assignment Local Privilege Escalation Vulnerability |
| ZDI-23-638 |
ZDI-CAN-17585 |
Schneider Electric |
CVE-2022-42973 |
7.8 |
2023-05-17 |
|
Schneider Electric APC Easy UPS Online SNMPDBManager Use of Hard-Coded Credentials Local Privilege Escalation Vulnerability |
| ZDI-23-637 |
ZDI-CAN-17584 |
Schneider Electric |
CVE-2022-42971 |
9.8 |
2023-05-17 |
|
Schneider Electric APC Easy UPS Online UpLoadAction Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-23-636 |
ZDI-CAN-17583 |
Schneider Electric |
CVE-2022-42970 |
9.8 |
2023-05-17 |
|
Schneider Electric APC Easy UPS Online updatePassword Authentication Bypass Vulnerability |
| ZDI-23-635 |
ZDI-CAN-17949 |
Microsoft |
CVE-2022-44697 |
6.5 |
2023-05-17 |
|
Microsoft Windows win32kfull Null Pointer Dereference Denial-of-Service Vulnerability |
| ZDI-23-634 |
ZDI-CAN-15484 |
Omron |
CVE-2022-43509 |
7.8 |
2023-05-17 |
|
Omron CX-One CX-Programmer CXP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-633 |
ZDI-CAN-20561 |
D-Link |
CVE-2023-34281 |
6.8 |
2023-05-15 |
2023-06-02 |
D-Link DIR-2150 GetFirmwareStatus Target Command Injection Remote Code Execution Vulnerability |
| ZDI-23-632 |
ZDI-CAN-20554 |
D-Link |
CVE-2023-34276 |
6.8 |
2023-05-15 |
2023-06-02 |
D-Link DIR-2150 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution Vulnerability |
| ZDI-23-631 |
ZDI-CAN-20553 |
D-Link |
CVE-2023-34275 |
6.8 |
2023-05-15 |
2023-06-02 |
D-Link DIR-2150 SetNTPServerSettings Command Injection Remote Code Execution Vulnerability |
| ZDI-23-630 |
ZDI-CAN-20558 |
D-Link |
CVE-2023-34279 |
6.8 |
2023-05-15 |
2023-06-02 |
D-Link DIR-2150 GetDeviceSettings Target Command Injection Remote Code Execution Vulnerability |
| ZDI-23-629 |
ZDI-CAN-20559 |
D-Link |
CVE-2023-34280 |
6.8 |
2023-05-15 |
2023-06-02 |
D-Link DIR-2150 SetSysEmailSettings EmailTo Command Injection Remote Code Execution Vulnerability |
| ZDI-23-628 |
ZDI-CAN-20910 |
D-Link |
CVE-2023-34282 |
8.8 |
2023-05-15 |
2023-06-02 |
D-Link DIR-2150 HNAP Incorrect Implementation of Authentication Algorithm Authentication Bypass Vulnerability |
| ZDI-23-627 |
ZDI-CAN-20552 |
D-Link |
CVE-2023-34274 |
8.8 |
2023-05-15 |
2023-06-02 |
D-Link DIR-2150 LoginPassword Incorrect Implementation of Authentication Algorithm Authentication Bypass Vulnerability |
| ZDI-23-626 |
ZDI-CAN-20556 |
D-Link |
CVE-2023-34278 |
6.8 |
2023-05-15 |
2023-06-02 |
D-Link DIR-2150 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution Vulnerability |
| ZDI-23-625 |
ZDI-CAN-20555 |
D-Link |
CVE-2023-34277 |
6.8 |
2023-05-15 |
2023-06-02 |
D-Link DIR-2150 SetSysEmailSettings AccountName Command Injection Remote Code Execution Vulnerability |
| ZDI-23-624 |
ZDI-CAN-20261 |
Adobe |
|
3.3 |
2023-05-12 |
|
Adobe Substance 3D Stager SKP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-623 |
ZDI-CAN-20260 |
Adobe |
|
3.3 |
2023-05-12 |
|
Adobe Substance 3D Stager SKP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-622 |
ZDI-CAN-20251 |
Adobe |
|
7.8 |
2023-05-12 |
|
Adobe Substance 3D Stager SKP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-621 |
ZDI-CAN-20250 |
Adobe |
|
7.8 |
2023-05-12 |
|
Adobe Substance 3D Stager SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-620 |
ZDI-CAN-20249 |
Adobe |
|
7.8 |
2023-05-12 |
|
Adobe Substance 3D Stager SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-619 |
ZDI-CAN-20248 |
Adobe |
|
7.8 |
2023-05-12 |
|
Adobe Substance 3D Stager SKP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-23-618 |
ZDI-CAN-20246 |
Adobe |
|
7.8 |
2023-05-12 |
|
Adobe Substance 3D Stager SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-617 |
ZDI-CAN-20245 |
Adobe |
|
7.8 |
2023-05-12 |
|
Adobe Substance 3D Stager SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-616 |
ZDI-CAN-20243 |
Adobe |
|
7.8 |
2023-05-12 |
|
Adobe Substance 3D Stager SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-615 |
ZDI-CAN-20242 |
Adobe |
|
7.8 |
2023-05-12 |
|
Adobe Substance 3D Stager SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-614 |
ZDI-CAN-20241 |
Adobe |
|
7.8 |
2023-05-12 |
|
Adobe Substance 3D Stager SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-613 |
ZDI-CAN-20239 |
Adobe |
|
7.8 |
2023-05-12 |
|
Adobe Substance 3D Stager SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-612 |
ZDI-CAN-20109 |
Rockwell Automation |
CVE-2023-29461 |
7.8 |
2023-05-12 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-611 |
ZDI-CAN-19749 |
Rockwell Automation |
CVE-2023-29462 |
7.8 |
2023-05-12 |
|
Rockwell Automation Arena Simulation DOE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-610 |
ZDI-CAN-19747 |
Rockwell Automation |
CVE-2023-29460 |
7.8 |
2023-05-12 |
|
Rockwell Automation Arena Simulation DOE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-609 |
ZDI-CAN-19393 |
Adobe |
|
3.3 |
2023-05-12 |
|
Adobe Dimension SKP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-608 |
ZDI-CAN-19256 |
Adobe |
|
7.8 |
2023-05-12 |
|
Adobe Dimension SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-607 |
ZDI-CAN-19289 |
Adobe |
|
7.8 |
2023-05-12 |
|
Adobe Dimension SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-606 |
ZDI-CAN-19288 |
Adobe |
|
7.8 |
2023-05-12 |
|
Adobe Dimension SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-605 |
ZDI-CAN-19245 |
Adobe |
|
7.8 |
2023-05-12 |
|
Adobe Dimension SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-23-604 |
ZDI-CAN-19246 |
Adobe |
|
7.8 |
2023-05-12 |
|
Adobe Dimension SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-603 |
ZDI-CAN-19247 |
Adobe |
|
7.8 |
2023-05-12 |
|
Adobe Dimension SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-602 |
ZDI-CAN-19248 |
Adobe |
|
7.8 |
2023-05-12 |
|
Adobe Dimension SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-601 |
ZDI-CAN-19249 |
Adobe |
|
7.8 |
2023-05-12 |
|
Adobe Dimension SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-600 |
ZDI-CAN-19250 |
Adobe |
|
3.3 |
2023-05-12 |
|
Adobe Dimension SKP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-599 |
ZDI-CAN-19251 |
Adobe |
|
7.8 |
2023-05-12 |
|
Adobe Dimension SKP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-23-598 |
ZDI-CAN-19244 |
Adobe |
|
3.3 |
2023-05-12 |
|
Adobe Dimension SKP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-597 |
ZDI-CAN-19110 |
Adobe |
|
7.8 |
2023-05-12 |
|
Adobe Dimension SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-596 |
ZDI-CAN-19121 |
Adobe |
|
7.8 |
2023-05-12 |
|
Adobe Dimension SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-595 |
ZDI-CAN-18962 |
Adobe |
|
7.8 |
2023-05-12 |
|
Adobe Dimension SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-594 |
ZDI-CAN-18619 |
Adobe |
|
7.8 |
2023-05-12 |
|
Adobe Dimension SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-593 |
ZDI-CAN-18618 |
Adobe |
|
7.8 |
2023-05-12 |
|
Adobe Dimension SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-592 |
ZDI-CAN-20276 |
Adobe |
|
3.3 |
2023-05-12 |
|
Adobe Dimension SKP File Parsing Uninitialized Variable Information Disclosure Vulnerability |
| ZDI-23-591 |
ZDI-CAN-20181 |
Trend Micro |
CVE-2023-32528 |
7.5 |
2023-05-12 |
|
Trend Micro Mobile Security for Enterprises widgetforsecurity getWidgetPoolManager Local File Inclusion Remote Code Execution Vulnerability |
| ZDI-23-590 |
ZDI-CAN-20180 |
Trend Micro |
CVE-2023-32527 |
7.5 |
2023-05-12 |
|
Trend Micro Mobile Security for Enterprises widget getWidgetPoolManager Local File Inclusion Remote Code Execution Vulnerability |
| ZDI-23-589 |
ZDI-CAN-20179 |
Trend Micro |
CVE-2023-32525 |
6.5 |
2023-05-12 |
|
Trend Micro Mobile Security for Enterprises widget set_certificates_config Unrestricted File Upload Vulnerability |
| ZDI-23-588 |
ZDI-CAN-19722 |
Trend Micro |
CVE-2023-32524 |
9.8 |
2023-05-12 |
|
Trend Micro Mobile Security for Enterprises widgetforsecurity WFUser Authentication Bypass Vulnerability |
| ZDI-23-587 |
ZDI-CAN-19721 |
Trend Micro |
CVE-2023-32523 |
9.8 |
2023-05-12 |
|
Trend Micro Mobile Security for Enterprises widget WFUser Authentication Bypass Vulnerability |
| ZDI-23-586 |
ZDI-CAN-20182 |
Trend Micro |
CVE-2023-32526 |
6.5 |
2023-05-12 |
|
Trend Micro Mobile Security for Enterprises widgetforsecurity set_certificates_config Unrestricted File Upload Vulnerability |
| ZDI-23-585 |
ZDI-CAN-19083 |
Autodesk |
CVE-2023-25001 |
7.8 |
2022-12-19 |
2023-05-12 |
Autodesk 3DS Max SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-584 |
ZDI-CAN-20169 |
Autodesk |
CVE-2023-25009 |
7.8 |
2023-05-12 |
|
Autodesk 3DS Max USD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-23-583 |
ZDI-CAN-20170 |
Autodesk |
CVE-2023-25008 |
3.3 |
2023-05-12 |
|
Autodesk 3DS Max USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-582 |
ZDI-CAN-20173 |
Autodesk |
CVE-2023-25007 |
3.3 |
2023-05-12 |
|
Autodesk 3DS Max USD File Parsing Uninitialized Pointer Information Disclosure Vulnerability |
| ZDI-23-581 |
ZDI-CAN-20174 |
Autodesk |
CVE-2023-25008 |
3.3 |
2023-05-12 |
|
Autodesk 3DS Max USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-580 |
ZDI-CAN-20175 |
Autodesk |
CVE-2023-25006 |
7.8 |
2023-05-12 |
|
Autodesk 3DS Max USD File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-579 |
ZDI-CAN-20171 |
Autodesk |
CVE-2023-25006 |
7.8 |
2023-05-12 |
|
Autodesk 3DS Max USD File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-578 |
ZDI-CAN-20221 |
Autodesk |
CVE-2023-25008 |
3.3 |
2023-05-12 |
|
Autodesk 3DS Max USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-577 |
ZDI-CAN-20168 |
Autodesk |
CVE-2023-25008 |
3.3 |
2023-05-12 |
|
Autodesk 3DS Max USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-576 |
ZDI-CAN-19085 |
Autodesk |
CVE-2023-25001 |
7.8 |
2023-05-12 |
|
Autodesk 3DS Max SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-575 |
ZDI-CAN-18963 |
Autodesk |
CVE-2023-25001 |
7.8 |
2023-05-12 |
|
Autodesk 3DS Max SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-23-574 |
ZDI-CAN-18974 |
Autodesk |
CVE-2023-25001 |
3.3 |
2023-05-12 |
|
Autodesk 3DS Max SKP File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-23-573 |
ZDI-CAN-20044 |
Microsoft |
CVE-2023-24949 |
6.5 |
2023-05-10 |
|
Microsoft Windows PE Parsing Integer Overflow Denial-of-Service Vulnerability |
| ZDI-23-572 |
ZDI-CAN-20167 |
Microsoft |
|
3.3 |
2023-05-10 |
|
Microsoft Office Visio DXF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-571 |
ZDI-CAN-20375 |
Microsoft |
CVE-2023-24950 |
8.0 |
2023-05-10 |
|
Microsoft SharePoint AdRotator Improper Input Validation NTLM Relay Vulnerability |
| ZDI-23-570 |
ZDI-CAN-20370 |
Adobe |
CVE-2023-29277 |
3.3 |
2023-05-10 |
|
Adobe Substance 3D Painter USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-23-569 |
ZDI-CAN-20371 |
