Published Advisories

PUBLISHED ADVISORIES

The following is a list of all publicly disclosed vulnerabilities discovered by Zero Day Initiative researchers. While the affected vendor is working on a patch for these vulnerabilities, Trend Micro customers are protected from exploitation by security filters delivered ahead of public disclosure.

All security vulnerabilities that are acquired by the Zero Day Initiative are handled according to the ZDI Disclosure Policy. Once the affected vendor patches the vulnerability, we publish an accompanying security advisory which describes the issue, including links to the vendor's fixes.

Available in RSS Format
ZDI ID ZDI CAN AFFECTED VENDOR(S) CVE CVSS v3.0 PUBLISHED UPDATED TITLE
ZDI-24-192 ZDI-CAN-22161 Schneider Electric CVE-2024-0865 7.8 2024-02-21 Schneider Electric EcoStruxure IT Gateway Hard-Coded Credentials Local Privilege Escalation Vulnerability
ZDI-24-191 ZDI-CAN-22087 Schneider Electric CVE-2024-0865 7.0 2024-02-21 Schneider Electric EcoStruxure IT Gateway Hard-Coded Credentials Local Privilege Escalation Vulnerability
ZDI-24-190 ZDI-CAN-18983 Trimble   7.8 2024-02-21 Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-24-189 ZDI-CAN-18984 Trimble   3.3 2024-02-21 Trimble SketchUp SKP File Parsing Use-After-Free Information Disclosure Vulnerability
ZDI-24-188 ZDI-CAN-19114 Trimble   7.8 2024-02-21 Trimble SketchUp SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-24-187 ZDI-CAN-19112 Trimble   7.8 2024-02-21 Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-24-186 ZDI-CAN-19115 Trimble   7.8 2024-02-21 Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-24-185 ZDI-CAN-22029 Inductive Automation CVE-2023-50233 8.8 2024-02-21 Inductive Automation Ignition getJavaExecutable Directory Traversal Remote Code Execution Vulnerability
ZDI-24-184 ZDI-CAN-22028 Inductive Automation CVE-2023-50232 8.8 2024-02-21 Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability
ZDI-24-183 ZDI-CAN-23030 Apache CVE-2024-23946 5.3 2024-02-21 Apache OFBiz createRegister Error Message Information Disclosure Vulnerability
ZDI-24-182 ZDI-CAN-22323 ESET CVE-2024-0353 7.8 2024-02-15 ESET Smart Security Premium ekrn Link Following Local Privilege Escalation Vulnerability
ZDI-24-181 ZDI-CAN-22060 Siemens CVE-2024-24925 7.8 2024-02-15 2024-02-15 Siemens Simcenter Femap MODEL File Parsing Uninitialized Pointer Remote Code Execution Vulnerability
ZDI-24-180 ZDI-CAN-22059 Siemens CVE-2024-24924 7.8 2024-02-15 Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-24-179 ZDI-CAN-22055 Siemens CVE-2024-24923 7.8 2024-02-15 2024-02-15 Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-24-178 ZDI-CAN-21715 Siemens CVE-2024-24922 7.8 2024-02-15 Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-24-177 ZDI-CAN-21712 Siemens CVE-2024-24921 7.8 2024-02-15 Siemens Simcenter Femap MODEL File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-24-176 ZDI-CAN-21710 Siemens CVE-2024-24920 7.8 2024-02-15 2024-02-15 Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-24-175 ZDI-CAN-22783 Siemens CVE-2024-23798 7.8 2024-02-15 Siemens Tecnomatix Plant Simulation WRL File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-174 ZDI-CAN-22763 Siemens CVE-2024-23797 7.8 2024-02-15 Siemens Tecnomatix Plant Simulation WRL File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-173 ZDI-CAN-22759 Siemens CVE-2024-23796 7.8 2024-02-15 Siemens Tecnomatix Plant Simulation WRL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-172 ZDI-CAN-22758 Siemens CVE-2024-23795 7.0 2024-02-15 Siemens Tecnomatix Plant Simulation WRL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-24-171 ZDI-CAN-21894 SolarWinds CVE-2023-50395 8.8 2024-02-15 2024-02-15 SolarWinds Orion Platform AppendUpdate SQL Injection Remote Code Execution Vulnerability
ZDI-24-170 ZDI-CAN-21895 SolarWinds CVE-2023-35188 8.8 2024-02-15 2024-02-15 SolarWinds Orion Platform AppendCreatePrimary SQL Injection Remote Code Execution Vulnerability
ZDI-24-169 ZDI-CAN-22647 Adobe CVE-2024-20739 7.8 2024-02-13 Adobe Audition AVI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-168 ZDI-CAN-22727 Adobe CVE-2024-20728 7.8 2024-02-13 Adobe Acrobat Pro DC Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-24-167 ZDI-CAN-22516 Adobe CVE-2024-20734 3.3 2024-02-13 Adobe Acrobat Pro DC AcroForm Use-After-Free Information Disclosure Vulnerability
ZDI-24-166 ZDI-CAN-22822 Adobe CVE-2024-20736 3.3 2024-02-13 Adobe Acrobat Pro DC AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-24-165 ZDI-CAN-23100 Microsoft CVE-2024-21412 8.8 2024-02-13 Microsoft Windows Internet Shortcut SmartScreen Bypass Vulnerability
ZDI-24-164 ZDI-CAN-21970 Microsoft CVE-2024-21379 7.8 2024-02-13 Microsoft Office Word PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-24-163 ZDI-CAN-20875 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-24-162 ZDI-CAN-20874 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD X_T File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability
ZDI-24-161 ZDI-CAN-20873 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-24-160 ZDI-CAN-20879 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD STP File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability
ZDI-24-159 ZDI-CAN-20880 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD SLDPRT File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-24-158 ZDI-CAN-20962 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD IGES File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-24-157 ZDI-CAN-20961 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-24-156 ZDI-CAN-20960 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-24-155 ZDI-CAN-20959 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD IGS File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-24-154 ZDI-CAN-20958 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-24-153 ZDI-CAN-20957 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-24-152 ZDI-CAN-20956 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-24-151 ZDI-CAN-20955 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-24-150 ZDI-CAN-20954 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD SLDPRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-149 ZDI-CAN-20953 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD SLDASM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-148 ZDI-CAN-20952 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD 3DM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-147 ZDI-CAN-20951 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD CATPART File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-146 ZDI-CAN-20950 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-24-145 ZDI-CAN-20948 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD SLDASM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-144 ZDI-CAN-20947 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-24-143 ZDI-CAN-20946 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-24-142 ZDI-CAN-20945 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD SLDPRT File Parsing Uninitialized Variable Remote Code Execution Vulnerability
ZDI-24-141 ZDI-CAN-20905 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-24-140 ZDI-CAN-20885 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD MODEL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-139 ZDI-CAN-20863 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-24-138 ZDI-CAN-20862 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-24-137 ZDI-CAN-20861 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-24-136 ZDI-CAN-20860 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD MODEL File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-24-135 ZDI-CAN-20900 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-24-134 ZDI-CAN-20899 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-24-133 ZDI-CAN-20898 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD SLDPRT File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-24-132 ZDI-CAN-20896 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-24-131 ZDI-CAN-20895 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-24-130 ZDI-CAN-20894 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD STEP File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-24-129 ZDI-CAN-20893 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD MODEL File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-24-128 ZDI-CAN-20859 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD MODEL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-127 ZDI-CAN-20858 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD SLDPRT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-126 ZDI-CAN-20878 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-24-125 ZDI-CAN-20876 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-24-124 ZDI-CAN-20877 Autodesk   7.8 2024-02-12 2024-02-21 Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-24-123 ZDI-CAN-22664 X.Org CVE-2023-6816 7.8 2024-02-09 X.Org Server DeviceFocusEvent Improper Validation of Array Index Local Privilege Escalation Vulnerability
ZDI-24-122 ZDI-CAN-22665 X.Org CVE-2023-6816 7.8 2024-02-09 X.Org Server XIQueryPointer Improper Validation of Array Index Local Privilege Escalation Vulnerability
ZDI-24-121 ZDI-CAN-22678 X.Org CVE-2024-0229 7.8 2024-02-09 X.Org Server DeliverStateNotifyEvent Heap-based Buffer Overflow Local Privilege Escalation Vulnerability
ZDI-24-120 ZDI-CAN-22744 X.Org CVE-2024-21885 7.8 2024-02-09 X.Org Server XISendDeviceHierarchyEvent Heap-based Buffer Overflow Local Privilege Escalation Vulnerability
ZDI-24-119 ZDI-CAN-22840 X.Org CVE-2024-21886 7.8 2024-02-09 X.Org Server DisableDevice Heap-based Buffer Overflow Local Privilege Escalation Vulnerability
ZDI-24-118 ZDI-CAN-22294 Centreon CVE-2024-0637 8.8 2024-02-09 Centreon updateDirectory SQL Injection Remote Code Execution Vulnerability
ZDI-24-117 ZDI-CAN-22295 Centreon CVE-2024-23115 7.2 2024-02-09 Centreon updateGroups SQL Injection Remote Code Execution Vulnerability
ZDI-24-116 ZDI-CAN-22296 Centreon CVE-2024-23116 7.2 2024-02-09 Centreon updateLCARelation SQL Injection Remote Code Execution Vulnerability
ZDI-24-115 ZDI-CAN-22297 Centreon CVE-2024-23117 7.2 2024-02-09 Centreon updateContactServiceCommands SQL Injection Remote Code Execution Vulnerability
ZDI-24-114 ZDI-CAN-22298 Centreon CVE-2024-23118 7.2 2024-02-09 Centreon updateContactHostCommands SQL Injection Remote Code Execution Vulnerability
ZDI-24-113 ZDI-CAN-22339 Centreon CVE-2024-23119 8.8 2024-02-09 Centreon insertGraphTemplate SQL Injection Remote Code Execution Vulnerability
ZDI-24-112 ZDI-CAN-22507 Allegra CVE-2024-22507 7.5 2024-02-09 Allegra downloadAttachmentGlobal Directory Traversal Information Disclosure Vulnerability
ZDI-24-111 ZDI-CAN-22360 Allegra CVE-2023-22360 9.8 2024-02-09 Allegra Hard-coded Credentials Authentication Bypass Vulnerability
ZDI-24-110 ZDI-CAN-22361 Allegra CVE-2023-22361 9.8 2024-02-09 Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability
ZDI-24-109 ZDI-CAN-22527 Allegra CVE-2023-22527 7.2 2024-02-09 Allegra uploadSimpleFile Directory Traversal Remote Code Execution Vulnerability
ZDI-24-108 ZDI-CAN-22528 Allegra CVE-2023-22528 7.2 2024-02-09 Allegra saveInlineEdit Directory Traversal Remote Code Execution Vulnerability
ZDI-24-107 ZDI-CAN-22504 Allegra CVE-2024-22504 7.2 2024-02-09 Allegra extarctZippedFile Directory Traversal Remote Code Execution Vulnerability
ZDI-24-106 ZDI-CAN-22505 Allegra CVE-2024-22505 9.8 2024-02-09 Allegra renderFieldMatch Deserialization of Unstrusted Data Remote Code Execution Vulnerability
ZDI-24-105 ZDI-CAN-22506 Allegra CVE-2024-22506 9.8 2024-02-09 Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-24-104 ZDI-CAN-22548 Allegra CVE-2024-22548 9.8 2024-02-09 Allegra saveFile Directory Traversal Remote Code Execution Vulnerability
ZDI-24-103 ZDI-CAN-22510 Allegra CVE-2024-22510 7.2 2024-02-09 Allegra uploadFile Directory Traversal Remote Code Execution Vulnerability
ZDI-24-102 ZDI-CAN-22512 Allegra CVE-2024-22512 9.8 2024-02-09 Allegra SiteConfigAction Improper Access Control Remote Code Execution Vulnerability
ZDI-24-101 ZDI-CAN-22513 Allegra CVE-2024-22513 7.2 2024-02-09 Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability
ZDI-24-100 ZDI-CAN-22532 Allegra CVE-2024-22532 7.5 2024-02-09 Allegra serveMathJaxLibraries Directory Traversal Information Disclosure Vulnerability
ZDI-24-099 ZDI-CAN-22530 Allegra CVE-2024-22530 7.5 2024-02-09 Allegra getFileContentAsString Directory Traversal Information Disclosure Vulnerability
ZDI-24-098 ZDI-CAN-21065 Schneider Electric CVE-2023-7032 7.8 2024-02-08 Schneider Electric Easergy Studio InitializeChannel Deserialization of Untrusted Data Local Privilege Escalation Vulnerability
ZDI-24-097 ZDI-CAN-22015 Wazuh CVE-2023-42463 7.4 2024-02-08 Wazuh Log Collector Integer Underflow Local Privilege Escalation Vulnerability
ZDI-24-096 ZDI-CAN-21848 Oracle CVE-2024-20953 8.8 2024-02-06 Oracle Product Lifecycle Management ExportServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-24-095 ZDI-CAN-22658 Canon CVE-2024-0244 8.8 2024-02-06 Canon imageCLASS MF753Cdw Fax Job Heap-Based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-094 ZDI-CAN-22533 Canon CVE-2023-6234 8.8 2024-02-06 (Pwn2Own) Canon imageCLASS MF753Cdw CADM setResource Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-093 ZDI-CAN-22389 Canon CVE-2023-6233 8.8 2024-02-06 (Pwn2Own) Canon imageCLASS MF753Cdw SLP service-url Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-092 ZDI-CAN-22386 Canon CVE-2023-6232 8.8 2024-02-06 (Pwn2Own) Canon imageCLASS MF753Cdw rls-login Authorization Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-091 ZDI-CAN-22381 Canon CVE-2023-6231 8.8 2024-02-06 (Pwn2Own) Canon imageCLASS MF753Cdw Probe message Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-090 ZDI-CAN-22391 Canon CVE-2023-6230 8.8 2024-02-06 (Pwn2Own) Canon imageCLASS MF753Cdw rls-login Authorization Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-089 ZDI-CAN-22403 Canon CVE-2023-6229 8.8 2024-02-06 (Pwn2Own) Canon imageCLASS MF753Cdw CADM rmSetFileName Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-088 ZDI-CAN-22440 Western Digital CVE-2023-22819 5.3 2024-02-06 (Pwn2Own) Western Digital MyCloud PR4100 RESTSDK Uncontrolled Resource Consumption Denial-of-Service Vulnerability
ZDI-24-087 ZDI-CAN-22456 Western Digital CVE-2023-22817 6.3 2024-02-06 (Pwn2Own) Western Digital MyCloud PR4100 RESTSDK Server-Side Request Forgery Vulnerability
ZDI-24-086 ZDI-CAN-22227 TP-Link CVE-2024-1180 6.8 2024-02-05 TP-Link Omada ER605 Access Control Command Injection Remote Code Execution Vulnerability
ZDI-24-085 ZDI-CAN-22420 TP-Link CVE-2024-1179 7.5 2024-02-05 (Pwn2Own) TP-Link Omada ER605 DHCPv6 Client Options Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-084 ZDI-CAN-22520 Lexmark CVE-2023-50737 8.8 2024-01-31 (Pwn2Own) Lexmark CX331adwe Missing Authentication Remote Code Execution Vulnerability
ZDI-24-083 ZDI-CAN-22445 Lexmark CVE-2023-50736 8.8 2024-01-31 (Pwn2Own) Lexmark CX331adwe PostScript File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-24-082 ZDI-CAN-22443 Lexmark CVE-2023-50735 7.5 2024-01-31 (Pwn2Own) Lexmark CX331adwe PDF File Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-24-081 ZDI-CAN-22380 Lexmark CVE-2023-50734 8.8 2024-01-31 (Pwn2Own) Lexmark CX331adwe make42charstring Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-080 ZDI-CAN-20806 Trend Micro CVE-2023-41178 6.3 2024-01-19 Trend Micro Mobile Security for Enterprises vpplist_assign_list Cross-Site Scripting Vulnerability
ZDI-24-079 ZDI-CAN-20805 Trend Micro CVE-2023-41177 6.3 2024-01-19 Trend Micro Mobile Security for Enterprises ServerUpdate_UpdateSuccessful Cross-Site Scripting Vulnerability
ZDI-24-078 ZDI-CAN-20804 Trend Micro CVE-2023-41176 6.3 2024-01-19 Trend Micro Mobile Security for Enterprises DevicesManagementEditNotePopupTip Cross-Site Scripting Vulnerability
ZDI-24-077 ZDI-CAN-20803 Trend Micro CVE-2023-52324 6.5 2024-01-19 Trend Micro Apex Central Unrestricted File Upload Vulnerability
ZDI-24-076 ZDI-CAN-21780 Trend Micro CVE-2023-52338 7.8 2024-01-19 Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability
ZDI-24-075 ZDI-CAN-16568 Trend Micro CVE-2023-52337 7.8 2024-01-19 Trend Micro Deep Security Improper Access Control Local Privilege Escalation Vulnerability
ZDI-24-074 ZDI-CAN-18868 Trend Micro CVE-2023-52329 6.1 2024-01-11 2024-01-18 Trend Micro Apex Central Cross-Site Scripting Remote Code Execution Vulnerability
ZDI-24-073 ZDI-CAN-21182 Paessler CVE-2023-51630 8.8 2024-01-15 Paessler PRTG Network Monitor Cross-Site Scripting Authentication Bypass Vulnerability
ZDI-24-072 ZDI-CAN-19708 Synology CVE-2024-21473 7.5 2024-01-15 2024-01-16 Synology RT6600ax Qualcomm LDB Service Improper Input Validation Remote Code Execution Vulnerability
ZDI-24-071 ZDI-CAN-22643 Ivanti CVE-2023-46804 7.5 2024-01-11 Ivanti Avalanche WLAvalancheService Integer Underflow Denial-of-Service Vulnerability
ZDI-24-070 ZDI-CAN-22582 Ivanti CVE-2023-46223 9.8 2024-01-11 Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-069 ZDI-CAN-22581 Ivanti CVE-2023-46222 9.8 2024-01-11 Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-068 ZDI-CAN-22580 Ivanti CVE-2023-46221 9.8 2024-01-11 Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-067 ZDI-CAN-22544 Ivanti CVE-2023-46803 7.5 2024-01-11 Ivanti Avalanche WLAvalancheService Divide By Zero Denial-of-Service Vulnerability
ZDI-24-066 ZDI-CAN-22553 Ivanti CVE-2023-46220 9.8 2024-01-11 Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-065 ZDI-CAN-22586 Ivanti CVE-2023-46258 9.8 2024-01-11 Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-064 ZDI-CAN-22585 Ivanti CVE-2023-46257 9.8 2024-01-11 Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-063 ZDI-CAN-22584 Ivanti CVE-2023-46225 9.8 2024-01-11 Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-062 ZDI-CAN-22583 Ivanti CVE-2023-46224 9.8 2024-01-11 Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-061 ZDI-CAN-21972 Ivanti CVE-2023-46259 9.8 2024-01-11 Ivanti Avalanche WLAvalancheService TV_FC Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-060 ZDI-CAN-21992 Ivanti CVE-2023-46260 7.5 2024-01-11 Ivanti Avalanche WLAvalancheService TV_NL Null Pointer Dereference Denial-of-Service Vulnerability
ZDI-24-059 ZDI-CAN-22000 Ivanti CVE-2023-46261 9.8 2024-01-11 Ivanti Avalanche WLInfoRailService Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-058 ZDI-CAN-21953 Ivanti CVE-2021-22962 7.3 2024-01-11 Ivanti Avalanche SecureFilter allowPassThrough Authentication Bypass Vulnerability
ZDI-24-057 ZDI-CAN-21943 Ivanti CVE-2023-46266 7.3 2024-01-11 Ivanti Avalanche SecureFilter Content-Type Authentication Bypass Vulnerability
ZDI-24-056 ZDI-CAN-21952 Ivanti CVE-2023-46263 7.2 2024-01-11 Ivanti Avalanche FileStoreConfig Arbitrary File Upload Remote Code Execution Vulnerability
ZDI-24-055 ZDI-CAN-22001 Ivanti CVE-2023-46264 7.2 2024-01-11 Ivanti Avalanche FileStoreConfig Arbitrary File Upload Remote Code Execution Vulnerability
ZDI-24-054 ZDI-CAN-21458 Ivanti CVE-2023-46265 6.5 2024-01-11 Ivanti Avalanche decode XML External Entity Processing Information Disclosure Vulnerability
ZDI-24-053 ZDI-CAN-21406 Ivanti CVE-2023-46262 7.5 2024-01-11 Ivanti Avalanche validateAMCWSConnection Server-Side Request Forgery Information Disclosure Vulnerability
ZDI-24-052 ZDI-CAN-21888 Trend Micro CVE-2023-52331 9.1 2024-01-11 Trend Micro Apex Central modVulnerabilityProtect Server-Side Request Forgery Information Disclosure Vulnerability
ZDI-24-051 ZDI-CAN-21447 Trend Micro CVE-2023-52330 5.4 2024-01-11 Trend Micro Apex Central Cross-Site Scripting Privilege Escalation Vulnerability
ZDI-24-050 ZDI-CAN-21675 D-Link CVE-2023-51631 6.8 2024-01-11 D-Link DIR-X3260 prog.cgi SetUsersSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-049 ZDI-CAN-21492 D-Link CVE-2023-51629 6.3 2024-01-11 D-Link DCS-8300LHV2 ONVIF Hardcoded PIN Authentication Bypass Vulnerability
ZDI-24-048 ZDI-CAN-21322 D-Link CVE-2023-51628 8.0 2024-01-11 D-Link DCS-8300LHV2 ONVIF SetHostName Stack-Based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-047 ZDI-CAN-21321 D-Link CVE-2023-51627 8.0 2024-01-11 D-Link DCS-8300LHV2 ONVIF Duration Stack-Based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-046 ZDI-CAN-21320 D-Link CVE-2023-51626 8.8 2024-01-11 D-Link DCS-8300LHV2 RTSP ValidateAuthorizationHeader Username Stack-Based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-045 ZDI-CAN-21319 D-Link CVE-2023-51625 8.0 2024-01-11 D-Link DCS-8300LHV2 ONVIF SetSystemDateAndTime Command Injection Remote Code Execution Vulnerability
ZDI-24-044 ZDI-CAN-20072 D-Link CVE-2023-51624 8.8 2024-01-11 D-Link DCS-8300LHV2 RTSP ValidateAuthorizationHeader Nonce Stack-Based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-043 ZDI-CAN-21673 D-Link CVE-2023-51623 6.8 2024-01-11 D-Link DIR-X3260 prog.cgi SetAPClientSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-042 ZDI-CAN-21672 D-Link CVE-2023-51622 6.8 2024-01-11 D-Link DIR-X3260 prog.cgi SetTriggerPPPoEValidate Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-041 ZDI-CAN-21670 D-Link CVE-2023-51621 6.8 2024-01-11 D-Link DIR-X3260 prog.cgi SetDeviceSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-040 ZDI-CAN-21669 D-Link CVE-2023-51620 6.8 2024-01-11 D-Link DIR-X3260 prog.cgi SetIPv6PppoeSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-039 ZDI-CAN-21667 D-Link CVE-2023-51619 6.8 2024-01-11 D-Link DIR-X3260 prog.cgi SetMyDLinkRegistration Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-038 ZDI-CAN-21595 D-Link CVE-2023-51618 6.8 2024-01-11 D-Link DIR-X3260 prog.cgi SetWLanRadioSecurity Stack-Based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-037 ZDI-CAN-21594 D-Link CVE-2023-51617 6.8 2024-01-11 D-Link DIR-X3260 prog.cgi SetWanSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-036 ZDI-CAN-21593 D-Link CVE-2023-51616 6.8 2024-01-11 D-Link DIR-X3260 prog.cgi SetSysEmailSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-035 ZDI-CAN-21592 D-Link CVE-2023-51615 6.8 2024-01-11 D-Link DIR-X3260 prog.cgi SetQuickVPNSettings PSK Stack-Based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-034 ZDI-CAN-21591 D-Link CVE-2023-51614 6.8 2024-01-11 D-Link DIR-X3260 prog.cgi SetQuickVPNSettings Password Stack-Based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-033 ZDI-CAN-21590 D-Link CVE-2023-51613 6.8 2024-01-11 D-Link DIR-X3260 prog.cgi SetDynamicDNSSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-032 ZDI-CAN-22109 Foxit   7.8 2024-01-10 Foxit PDF Reader Doc Use-After-Free Remote Code Execution Vulnerability
ZDI-24-031 ZDI-CAN-22126 Microsoft CVE-2024-21310 7.8 2024-01-10 Microsoft Windows cldflt Integer Overflow Local Privilege Escalation Vulnerability
ZDI-24-030 ZDI-CAN-21445 Microsoft CVE-2024-20677 7.8 2024-01-10 Microsoft Office Word FBX File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-24-029 ZDI-CAN-21860 Trend Micro CVE-2023-52093 7.8 2024-01-10 Trend Micro Apex One Exposed Dangerous Function Local Privilege Escalation Vulnerability
ZDI-24-028 ZDI-CAN-21896 Trend Micro CVE-2023-52094 7.0 2024-01-10 Trend Micro Apex One Security Agent Updater Link Following Local Privilege Escalation Vulnerability
ZDI-24-027 ZDI-CAN-21522 Trend Micro CVE-2023-52091 7.8 2024-01-10 Trend Micro Apex One Anti-Spyware Engine Link Following Local Privilege Escalation Vulnerability
ZDI-24-026 ZDI-CAN-21425 Trend Micro CVE-2023-52090 7.8 2024-01-10 Trend Micro Apex One Virus Scan Engine Link Following Local Privilege Escalation Vulnerability
ZDI-24-025 ZDI-CAN-21346 Trend Micro CVE-2023-52092 7.8 2024-01-10 Trend Micro Apex One Link Following Local Privilege Escalation Vulnerability
ZDI-24-024 ZDI-CAN-21327 Trend Micro CVE-2023-52325 7.5 2024-01-10 Trend Micro Apex Central widget WFProxy Local File Inclusion Remote Code Execution Vulnerability
ZDI-24-023 ZDI-CAN-18873 Trend Micro CVE-2023-52326 6.1 2024-01-10 2024-01-16 Trend Micro Apex Central Cross-Site Scripting Remote Code Execution Vulnerability
ZDI-24-022 ZDI-CAN-18869 Trend Micro CVE-2023-52327 6.1 2024-01-10 2024-01-16 Trend Micro Apex Central Cross-Site Scripting Remote Code Execution Vulnerability
ZDI-24-021 ZDI-CAN-18870 Trend Micro CVE-2023-52328 6.1 2024-01-10 2024-01-16 Trend Micro Apex Central Cross-Site Scripting Remote Code Execution Vulnerability
ZDI-24-020 ZDI-CAN-20527 Linux CVE-2023-6546 8.8 2024-01-09 Linux Kernel GSM Multiplexing Race Condition Local Privilege Escalation Vulnerability
ZDI-24-019 ZDI-CAN-19067 Bentley CVE-2023-44430 7.8 2023-12-21 2024-01-08 Bentley View SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-24-018 ZDI-CAN-22127 Inductive Automation CVE-2023-50223 8.8 2024-01-05 Inductive Automation Ignition ExtendedDocumentCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-24-017 ZDI-CAN-22067 Inductive Automation CVE-2023-50222 8.8 2024-01-05 Inductive Automation Ignition ResponseParser Notification Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-24-016 ZDI-CAN-21926 Inductive Automation CVE-2023-50221 8.8 2024-01-05 Inductive Automation Ignition ResponseParser SerializedResponse Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-24-015 ZDI-CAN-21801 Inductive Automation CVE-2023-50220 7.2 2024-01-05 Inductive Automation Ignition Base64Element Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-24-014 ZDI-CAN-21625 Inductive Automation CVE-2023-50219 8.8 2024-01-05 Inductive Automation Ignition RunQuery Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-24-013 ZDI-CAN-21016 oFono CVE-2023-4235 8.1 2024-01-04 oFono SMS Decoder Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-012 ZDI-CAN-22153 X.Org CVE-2023-5367 7.8 2024-01-04 X.Org Server ProcXIChangeProperty Heap-based Buffer Overflow Local Privilege Escalation Vulnerability
ZDI-24-011 ZDI-CAN-22412 X.Org CVE-2023-6377 7.8 2024-01-04 X.Org Server RecalculateMasterButtons Out-Of-Bounds Access Local Privilege Escalation Vulnerability
ZDI-24-010 ZDI-CAN-22413 X.Org CVE-2023-6377 7.8 2024-01-04 X.Org Server DeepCopyPointerClasses Out-Of-Bounds Access Local Privilege Escalation Vulnerability
ZDI-24-009 ZDI-CAN-22561 X.Org CVE-2023-6478 5.5 2024-01-04 X.Org Server RRChangeOutputProperty Integer Overflow Information Disclosure Vulnerability
ZDI-24-008 ZDI-CAN-22753 SolarWinds CVE-2023-40058 8.6 2024-01-04 SolarWinds Access Rights Manager Hardcoded Credentials Authentication Bypass Vulnerability
ZDI-24-007 ZDI-CAN-22016 Kofax CVE-2023-51569 7.8 2024-01-04 Kofax Power PDF BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-24-006 ZDI-CAN-21988 Kofax CVE-2023-51567 3.3 2024-01-04 Kofax Power PDF OXPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-24-005 ZDI-CAN-21990 Kofax CVE-2023-51568 3.3 2024-01-04 Kofax Power PDF OXPS File Parsing Use-After-Free Information Disclosure Vulnerability
ZDI-24-004 ZDI-CAN-21980 Kofax CVE-2023-51566 7.8 2024-01-04 Kofax Power PDF OXPS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-24-003 ZDI-CAN-21975 Kofax CVE-2023-51565 7.8 2024-01-04 Kofax Power PDF XPS File Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-24-002 ZDI-CAN-21606 Kofax CVE-2023-51564 3.3 2024-01-04 Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-24-001 ZDI-CAN-20573 Kofax CVE-2023-51563 7.8 2024-01-04 Kofax Power PDF XPS File Parsing Use-After-Free Remote Code Execution Vulnerability