| ZDI-22-948 |
ZDI-CAN-16137 |
Parallels |
CVE-2022-34901 |
7.8 |
July 1, 2022 |
|
Parallels Access Agent Uncontrolled Search Path Element Local Privilege Escalation Vulnerability |
| ZDI-22-947 |
ZDI-CAN-16134 |
Parallels |
CVE-2022-34899 |
7.0 |
July 1, 2022 |
|
Parallels Access Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability |
| ZDI-22-946 |
ZDI-CAN-15787 |
Parallels |
CVE-2022-34902 |
7.8 |
July 1, 2022 |
|
Parallels Access Agent Uncontrolled Search Path Element Local Privilege Escalation Vulnerability |
| ZDI-22-945 |
ZDI-CAN-15213 |
Parallels |
CVE-2022-34900 |
7.8 |
July 1, 2022 |
|
Parallels Access Agent Uncontrolled Search Path Element Privilege Escalation Vulnerability |
| ZDI-22-944 |
ZDI-CAN-15934 |
Autodesk |
CVE-2022-27868 |
7.8 |
June 30, 2022 |
|
Autodesk AutoCAD CATPart File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-943 |
ZDI-CAN-16396 |
Parallels |
CVE-2022-34892 |
7.8 |
June 30, 2022 |
|
Parallels Desktop Updater Race Condition Local Privilege Escalation Vulnerability |
| ZDI-22-942 |
ZDI-CAN-16395 |
Parallels |
CVE-2022-34891 |
7.8 |
June 30, 2022 |
|
Parallels Desktop Updater Incorrect Permission Assignment Local Privilege Escalation Vulnerability |
| ZDI-22-941 |
ZDI-CAN-16653 |
Parallels |
CVE-2022-34890 |
7.3 |
June 30, 2022 |
|
Parallels Desktop Tools Untrusted Pointer Dereference Information Disclosure Vulnerability |
| ZDI-22-940 |
ZDI-CAN-16554 |
Parallels |
CVE-2022-34889 |
8.2 |
June 30, 2022 |
|
Parallels Desktop ACPI Out-Of-Bounds Read Local Privilege Escalation Vulnerability |
| ZDI-22-939 |
ZDI-CAN-16210 |
Tencent |
|
4.3 |
June 30, 2022 |
|
Tencent WeChat WXAM Decoder Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-938 |
ZDI-CAN-16211 |
Tencent |
|
8.8 |
June 30, 2022 |
|
Tencent WeChat WXAM Decoder Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-937 |
ZDI-CAN-16773 |
Advantech |
CVE-2022-2156 |
8.8 |
June 30, 2022 |
|
Advantech iView set_useraccount UserName SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-936 |
ZDI-CAN-16685 |
Advantech |
CVE-2022-2143 |
9.8 |
June 30, 2022 |
|
Advantech iView runProViewUpgrade fwfilename Command Injection Remote Code Execution Vulnerability |
| ZDI-22-935 |
ZDI-CAN-16528 |
Advantech |
CVE-2022-2143 |
9.8 |
June 30, 2022 |
|
Advantech iView NetworkServlet backupDatabase backup_filename Command Injection Remote Code Execution Vulnerability |
| ZDI-22-934 |
ZDI-CAN-16607 |
Advantech |
CVE-2022-2142 |
8.1 |
June 30, 2022 |
|
Advantech iView getModulePageContent SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-933 |
ZDI-CAN-16783 |
Advantech |
CVE-2022-2139 |
6.5 |
June 30, 2022 |
|
Advantech iView MenuServlet getUserPrefMenuFragment page Directory Traversal Information Disclosure Vulnerability |
| ZDI-22-932 |
ZDI-CAN-16702 |
Advantech |
CVE-2022-2139 |
9.8 |
June 30, 2022 |
|
Advantech iView findCfgDeviceListDetailsExport filename Directory Traversal Remote Code Execution Vulnerability |
| ZDI-22-931 |
ZDI-CAN-16701 |
Advantech |
CVE-2022-2139 |
9.8 |
June 30, 2022 |
|
Advantech iView exportDeviceList filename Directory Traversal Remote Code Execution Vulnerability |
| ZDI-22-930 |
ZDI-CAN-16774 |
Advantech |
CVE-2022-2138 |
8.2 |
June 30, 2022 |
|
Advantech iView removeDevices Missing Authentication Denial-of-Service Vulnerability |
| ZDI-22-929 |
ZDI-CAN-16776 |
Advantech |
CVE-2022-2138 |
8.2 |
June 30, 2022 |
|
Advantech iView removeSegment Missing Authentication Denial-of-Service Vulnerability |
| ZDI-22-928 |
ZDI-CAN-16688 |
Advantech |
CVE-2022-2138 |
8.2 |
June 30, 2022 |
|
Advantech iView NetworkServlet clearDatabase Missing Authentication Denial-of-Service Vulnerability |
| ZDI-22-927 |
ZDI-CAN-16746 |
Advantech |
CVE-2022-2137 |
4.9 |
June 30, 2022 |
|
Advantech iView addDeviceTreeItem SQL Injection Information Disclosure Vulnerability |
| ZDI-22-926 |
ZDI-CAN-16745 |
Advantech |
CVE-2022-2137 |
4.9 |
June 30, 2022 |
|
Advantech iView addDeviceTreeItem SQL Injection Information Disclosure Vulnerability |
| ZDI-22-925 |
ZDI-CAN-16772 |
Advantech |
CVE-2022-2136 |
6.5 |
June 30, 2022 |
|
Advantech iView updateSystemSettings SQL Injection Information Disclosure Vulnerability |
| ZDI-22-924 |
ZDI-CAN-16771 |
Advantech |
CVE-2022-2136 |
6.5 |
June 30, 2022 |
|
Advantech iView updateLDAPSettings SQL Injection Information Disclosure Vulnerability |
| ZDI-22-923 |
ZDI-CAN-16775 |
Advantech |
CVE-2022-2136 |
6.5 |
June 30, 2022 |
|
Advantech iView exportInventoryTable SQL Injection Information Disclosure Vulnerability |
| ZDI-22-922 |
ZDI-CAN-16752 |
Advantech |
CVE-2022-2136 |
8.8 |
June 30, 2022 |
|
Advantech iView exportTaskMgrReport col_list2 SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-921 |
ZDI-CAN-16744 |
Advantech |
CVE-2022-2136 |
8.8 |
June 30, 2022 |
|
Advantech iView exportPSInventoryTable SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-920 |
ZDI-CAN-16748 |
Advantech |
CVE-2022-2136 |
8.8 |
June 30, 2022 |
|
Advantech iView updatePROMFile ipaddress SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-919 |
ZDI-CAN-16750 |
Advantech |
CVE-2022-2135 |
9.8 |
June 30, 2022 |
|
Advantech iView setTaskEditorItem DESCRIPTION SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-918 |
ZDI-CAN-16529 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView performListSortUpdate SORT_ORDER SQL Injection Information Disclosure Vulnerability |
| ZDI-22-917 |
ZDI-CAN-16535 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView updateSegmentInfo ID SQL Injection Information Disclosure Vulnerability |
| ZDI-22-916 |
ZDI-CAN-16561 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView updatePROMSelect SQL Injection Information Disclosure Vulnerability |
| ZDI-22-915 |
ZDI-CAN-16585 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView updatePROMFilesWithLogin SQL Injection Information Disclosure Vulnerability |
| ZDI-22-914 |
ZDI-CAN-16562 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView updateCfgFileSelect CREATE_DATE SQL Injection Information Disclosure Vulnerability |
| ZDI-22-913 |
ZDI-CAN-16591 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView setTaskMgrItem SQL Injection Information Disclosure Vulnerability |
| ZDI-22-912 |
ZDI-CAN-16751 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView setTaskEditorItem TASKTYPEDESC SQL Injection Information Disclosure Vulnerability |
| ZDI-22-911 |
ZDI-CAN-16531 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView setConfiguration column_value SQL Injection Information Disclosure Vulnerability |
| ZDI-22-910 |
ZDI-CAN-16659 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView saveSearchDevicesToTask CREATE_DATE SQL Injection Information Disclosure Vulnerability |
| ZDI-22-909 |
ZDI-CAN-16660 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView savePSInfo dtInstallDate SQL Injection Information Disclosure Vulnerability |
| ZDI-22-908 |
ZDI-CAN-16747 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView saveEditDeviceValues SQL Injection Information Disclosure Vulnerability |
| ZDI-22-907 |
ZDI-CAN-16549 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView runTaskEditorSearch sortname/sortorder SQL Injection Information Disclosure Vulnerability |
| ZDI-22-906 |
ZDI-CAN-16546 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView retrieveAllTaskMgrUpdateItems sort_field/sort_type SQL Injection Information Disclosure Vulnerability |
| ZDI-22-905 |
ZDI-CAN-16583 |
Advantech |
CVE-2022-2135 |
9.8 |
June 30, 2022 |
|
Advantech iView restoreDatabase restore_filename SQL Injection Authentication Bypass Vulnerability |
| ZDI-22-904 |
ZDI-CAN-16592 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView removeSearchDevicesFromTask CREATE_DATE SQL Injection Information Disclosure Vulnerability |
| ZDI-22-903 |
ZDI-CAN-16724 |
Advantech |
CVE-2022-2135 |
9.8 |
June 30, 2022 |
|
Advantech iView performZTPConfig SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-902 |
ZDI-CAN-16731 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView performSearchDevice SQL Injection Information Disclosure Vulnerability |
| ZDI-22-901 |
ZDI-CAN-16530 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView performListSortUpdate DB_COLUMN SQL Injection Information Disclosure Vulnerability |
| ZDI-22-900 |
ZDI-CAN-16548 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView getPSInventoryInfo sortname/sortorder SQL Injection Information Disclosure Vulnerability |
| ZDI-22-899 |
ZDI-CAN-16545 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView getInventoryReportData sortname/sortorder SQL Injection Information Disclosure Vulnerability |
| ZDI-22-898 |
ZDI-CAN-16693 |
Advantech |
CVE-2022-2135 |
9.8 |
June 30, 2022 |
|
Advantech iView getChassisList strIPAddress SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-897 |
ZDI-CAN-16695 |
Advantech |
CVE-2022-2135 |
9.8 |
June 30, 2022 |
|
Advantech iView getChassisList SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-896 |
ZDI-CAN-16694 |
Advantech |
CVE-2022-2135 |
9.8 |
June 30, 2022 |
|
Advantech iView getChassisList SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-895 |
ZDI-CAN-16544 |
Advantech |
CVE-2022-2135 |
9.8 |
June 30, 2022 |
|
Advantech iView getAllActiveTraps search_date_from/search_date_to SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-894 |
ZDI-CAN-16649 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView findUpdateDeviceListExport sort_type/search_json SQL Injection Information Disclosure Vulnerability |
| ZDI-22-893 |
ZDI-CAN-16648 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView findUpdateDeviceList sort_field/sort_type SQL Injection Information Disclosure Vulnerability |
| ZDI-22-892 |
ZDI-CAN-16547 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView findTaskMgrItems sort_field/sort_type SQL Injection Information Disclosure Vulnerability |
| ZDI-22-891 |
ZDI-CAN-16564 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView findSummaryUpdateDeviceListExport VALUE SQL Injection Information Disclosure Vulnerability |
| ZDI-22-890 |
ZDI-CAN-16656 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView findSummaryUpdateDeviceList VALUE SQL Injection Information Disclosure Vulnerability |
| ZDI-22-889 |
ZDI-CAN-16550 |
Advantech |
CVE-2022-2135 |
9.8 |
June 30, 2022 |
|
Advantech iView findSummaryUpdateDeviceList COLUMN/VALUE SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-888 |
ZDI-CAN-16563 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView findSummaryCfgDeviceListExport VALUE SQL Injection Information Disclosure Vulnerability |
| ZDI-22-887 |
ZDI-CAN-16645 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView findSummaryCfgDeviceList VALUE SQL Injection Information Disclosure Vulnerability |
| ZDI-22-886 |
ZDI-CAN-16560 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView findCfgDeviceListExport segment SQL Injection Information Disclosure Vulnerability |
| ZDI-22-885 |
ZDI-CAN-16584 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView findCfgDeviceListDetailsExport segment SQL Injection Information Disclosure Vulnerability |
| ZDI-22-884 |
ZDI-CAN-16658 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView findCfgDeviceListDetails segment/sort_field/sort_type SQL Injection Information Disclosure Vulnerability |
| ZDI-22-883 |
ZDI-CAN-16646 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView findCfgDeviceList VALUE SQL Injection Information Disclosure Vulnerability |
| ZDI-22-882 |
ZDI-CAN-16647 |
Advantech |
CVE-2022-2135 |
9.8 |
June 30, 2022 |
|
Advantech iView findCfgDeviceList segment SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-881 |
ZDI-CAN-16552 |
Advantech |
CVE-2022-2135 |
9.8 |
June 30, 2022 |
|
Advantech iView findCfgDeviceList COLUMN/VALUE SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-880 |
ZDI-CAN-16782 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView DeviceTreeTable addDeviceTreeItem SQL Injection Information Disclosure Vulnerability |
| ZDI-22-879 |
ZDI-CAN-14791 |
ZyXel |
CVE-2022-0556 |
7.3 |
June 29, 2022 |
|
ZyXel AP Configurator Incorrect Permission Assignment Local Privilege Escalation Vulnerability |
| ZDI-22-878 |
ZDI-CAN-16111 |
Apple |
CVE-2022-22676 |
5.5 |
June 29, 2022 |
|
Apple macOS PackageKit PKInstallService Directory Traversal System Integrity Protection Bypass Vulnerability |
| ZDI-22-877 |
ZDI-CAN-16052 |
Apple |
CVE-2022-26688 |
5.5 |
June 29, 2022 |
|
Apple macOS PackageKit PKCoreShove Link Following System Integrity Protection Bypass Vulnerability |
| ZDI-22-876 |
ZDI-CAN-16119 |
Apache |
CVE-2022-22721 |
8.1 |
June 29, 2022 |
|
Apache HTTPD Server ap_escape_html2 Integer Overflow Remote Code Execution Vulnerability |
| ZDI-22-875 |
ZDI-CAN-16322 |
ABB |
CVE-2022-28702 |
6.1 |
June 29, 2022 |
|
ABB e-Design Link Following Denial-of-Service Vulnerability |
| ZDI-22-874 |
ZDI-CAN-16278 |
ABB |
CVE-2022-29483 |
7.8 |
June 29, 2022 |
|
ABB e-Design Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-873 |
ZDI-CAN-16441 |
Prosys OPC |
CVE-2022-30551 |
7.5 |
June 27, 2022 |
|
(Pwn2Own) Prosys OPC UA SDK for Java OPC UA Messages Resource Exhaustion Denial-of-Service Vulnerability |
| ZDI-22-872 |
ZDI-CAN-16710 |
DevExpress |
CVE-2022-28684 |
8.8 |
June 24, 2022 |
|
DevExpress SafeBinaryFormatter Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-871 |
ZDI-CAN-17014 |
Microsoft |
CVE-2022-30157 |
8.8 |
June 23, 2022 |
|
Microsoft SharePoint Chart Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-870 |
ZDI-CAN-16006 |
SAP |
CVE-2022-26106 |
7.8 |
June 17, 2022 |
|
SAP 3D Visual Enterprise Viewer CGM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-869 |
ZDI-CAN-15996 |
SAP |
CVE-2022-27655 |
7.8 |
June 17, 2022 |
|
SAP 3D Visual Enterprise Viewer U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-868 |
ZDI-CAN-15995 |
SAP |
CVE-2022-27655 |
7.8 |
June 17, 2022 |
|
SAP 3D Visual Enterprise Viewer U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-867 |
ZDI-CAN-15994 |
SAP |
CVE-2022-27655 |
7.8 |
June 17, 2022 |
|
SAP 3D Visual Enterprise Viewer U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-866 |
ZDI-CAN-16007 |
SAP |
CVE-2022-27655 |
7.8 |
June 17, 2022 |
|
SAP 3D Visual Enterprise Viewer U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-865 |
ZDI-CAN-16279 |
SAP |
CVE-2022-26106 |
7.8 |
June 16, 2022 |
|
SAP 3D Visual Enterprise Viewer CGM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-864 |
ZDI-CAN-16274 |
SAP |
CVE-2022-26108 |
7.8 |
June 16, 2022 |
|
SAP 3D Visual Enterprise Viewer PCX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-863 |
ZDI-CAN-16273 |
SAP |
CVE-2022-27654 |
7.8 |
June 16, 2022 |
|
SAP 3D Visual Enterprise Viewer PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-862 |
ZDI-CAN-16272 |
SAP |
CVE-2022-26108 |
7.8 |
June 16, 2022 |
|
SAP 3D Visual Enterprise Viewer PCX File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-861 |
ZDI-CAN-16002 |
SAP |
CVE-2022-26107 |
7.8 |
June 16, 2022 |
June 17, 2022 |
SAP 3D Visual Enterprise Viewer JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-860 |
ZDI-CAN-15999 |
SAP |
CVE-2022-22538 |
7.8 |
June 16, 2022 |
|
SAP 3D Visual Enterprise Viewer AI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-859 |
ZDI-CAN-15997 |
SAP |
CVE-2022-22739 |
7.8 |
June 16, 2022 |
|
SAP 3D Visual Enterprise Viewer JPG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-858 |
ZDI-CAN-14735 |
SAP |
CVE-2022-26109 |
7.8 |
June 16, 2022 |
|
SAP 3D Visual Enterprise Viewer PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-857 |
ZDI-CAN-14733 |
SAP |
CVE-2022-26109 |
7.8 |
June 16, 2022 |
|
SAP 3D Visual Enterprise Viewer PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-856 |
ZDI-CAN-17205 |
OPC Foundation |
CVE-2022-29865 |
9.1 |
June 16, 2022 |
June 16, 2022 |
(Pwn2Own) OPC Foundation UA .NET Standard Improper Input Validation Authentication Bypass Vulnerability |
| ZDI-22-855 |
ZDI-CAN-17197 |
OPC Foundation |
CVE-2022-29866 |
7.5 |
June 16, 2022 |
June 16, 2022 |
(Pwn2Own) OPC Foundation UA .NET Standard TranslateBrowsePathsToNodeId Resource Exhaustion Denial-of-Service Vulnerability |
| ZDI-22-854 |
ZDI-CAN-16440 |
OPC Foundation |
CVE-2022-29864 |
7.5 |
June 16, 2022 |
June 22, 2022 |
(Pwn2Own) OPC Foundation UA .NET Standard Resource Exhaustion Denial-of-Service Vulnerability |
| ZDI-22-853 |
ZDI-CAN-16303 |
Trend Micro |
CVE-2022-33158 |
7.8 |
June 16, 2022 |
|
Trend Micro Proxy One Pro Incorrect Permission Assignment Local Privilege Escalation Vulnerability |
| ZDI-22-852 |
ZDI-CAN-16485 |
Adobe |
CVE-2022-30664 |
7.8 |
June 15, 2022 |
|
Adobe Animate SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-851 |
ZDI-CAN-16467 |
Adobe |
CVE-2022-30665 |
7.8 |
June 15, 2022 |
|
Adobe InDesign Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-850 |
ZDI-CAN-16465 |
Adobe |
CVE-2022-30663 |
7.8 |
June 15, 2022 |
|
Adobe InDesign SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-849 |
ZDI-CAN-16466 |
Adobe |
CVE-2022-30662 |
7.8 |
June 15, 2022 |
|
Adobe InDesign Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-848 |
ZDI-CAN-16462 |
Adobe |
CVE-2022-30661 |
7.8 |
June 15, 2022 |
|
Adobe InDesign Font Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-847 |
ZDI-CAN-16464 |
Adobe |
CVE-2022-30660 |
7.8 |
June 15, 2022 |
|
Adobe InDesign PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-846 |
ZDI-CAN-16461 |
Adobe |
CVE-2022-30659 |
7.8 |
June 15, 2022 |
|
Adobe InDesign Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-845 |
ZDI-CAN-16463 |
Adobe |
CVE-2022-30658 |
7.8 |
June 15, 2022 |
|
Adobe InDesign Font Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-844 |
ZDI-CAN-17072 |
Adobe |
CVE-2022-28850 |
3.3 |
June 15, 2022 |
|
Adobe Bridge Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-843 |
ZDI-CAN-17081 |
Adobe |
CVE-2022-28849 |
7.8 |
June 15, 2022 |
|
Adobe Bridge Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-842 |
ZDI-CAN-16567 |
Adobe |
CVE-2022-28848 |
7.8 |
June 15, 2022 |
|
Adobe Bridge PCX File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-841 |
ZDI-CAN-16476 |
Adobe |
CVE-2022-28847 |
7.8 |
June 15, 2022 |
|
Adobe Bridge Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-840 |
ZDI-CAN-16481 |
Adobe |
CVE-2022-28846 |
7.8 |
June 15, 2022 |
|
Adobe Bridge SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-839 |
ZDI-CAN-16494 |
Adobe |
CVE-2022-28845 |
7.8 |
June 15, 2022 |
|
Adobe Bridge Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-838 |
ZDI-CAN-16484 |
Adobe |
CVE-2022-28844 |
7.8 |
June 15, 2022 |
|
Adobe Bridge Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-837 |
ZDI-CAN-16482 |
Adobe |
CVE-2022-28843 |
7.8 |
June 15, 2022 |
|
Adobe Bridge Font Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-836 |
ZDI-CAN-16493 |
Adobe |
CVE-2022-28842 |
7.8 |
June 15, 2022 |
|
Adobe Bridge Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-835 |
ZDI-CAN-16491 |
Adobe |
CVE-2022-28841 |
7.8 |
June 15, 2022 |
|
Adobe Bridge Font Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-834 |
ZDI-CAN-16483 |
Adobe |
CVE-2022-28840 |
7.8 |
June 15, 2022 |
|
Adobe Bridge Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-833 |
ZDI-CAN-16492 |
Adobe |
CVE-2022-28839 |
7.8 |
June 15, 2022 |
|
Adobe Bridge Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-832 |
ZDI-CAN-16459 |
Adobe |
CVE-2022-30657 |
7.8 |
June 15, 2022 |
|
Adobe InCopy Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-831 |
ZDI-CAN-16456 |
Adobe |
CVE-2022-30656 |
7.8 |
June 15, 2022 |
|
Adobe InCopy PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-830 |
ZDI-CAN-16460 |
Adobe |
CVE-2022-30655 |
7.8 |
June 15, 2022 |
|
Adobe InCopy Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-829 |
ZDI-CAN-16455 |
Adobe |
CVE-2022-30654 |
7.8 |
June 15, 2022 |
|
Adobe InCopy Font Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-828 |
ZDI-CAN-16453 |
Adobe |
CVE-2022-30653 |
7.8 |
June 15, 2022 |
|
Adobe InCopy Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-827 |
ZDI-CAN-16457 |
Adobe |
CVE-2022-30652 |
7.8 |
June 15, 2022 |
|
Adobe InCopy SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-826 |
ZDI-CAN-16458 |
Adobe |
CVE-2022-30651 |
7.8 |
June 15, 2022 |
|
Adobe InCopy Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-825 |
ZDI-CAN-16454 |
Adobe |
CVE-2022-30650 |
7.8 |
June 15, 2022 |
|
Adobe InCopy Font Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-824 |
ZDI-CAN-16452 |
Adobe |
CVE-2022-30648 |
7.8 |
June 15, 2022 |
|
Adobe Illustrator Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-823 |
ZDI-CAN-16450 |
Adobe |
CVE-2022-30647 |
7.8 |
June 15, 2022 |
|
Adobe Illustrator Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-822 |
ZDI-CAN-16451 |
Adobe |
CVE-2022-30646 |
7.8 |
June 15, 2022 |
|
Adobe Illustrator Font Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-821 |
ZDI-CAN-16448 |
Adobe |
CVE-2022-30644 |
7.8 |
June 15, 2022 |
|
Adobe Illustrator Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-820 |
ZDI-CAN-16449 |
Adobe |
CVE-2022-30643 |
7.8 |
June 15, 2022 |
|
Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-819 |
ZDI-CAN-16436 |
Adobe |
CVE-2022-30642 |
7.8 |
June 15, 2022 |
|
Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-818 |
ZDI-CAN-16444 |
Adobe |
CVE-2022-30641, CVE-2022-30645 |
7.8 |
June 15, 2022 |
|
Adobe Illustrator SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-817 |
ZDI-CAN-16489 |
Adobe |
CVE-2022-30640 |
7.8 |
June 15, 2022 |
|
Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-816 |
ZDI-CAN-16488 |
Adobe |
CVE-2022-30639 |
7.8 |
June 15, 2022 |
|
Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-815 |
ZDI-CAN-16487 |
Adobe |
CVE-2022-30638 |
7.8 |
June 15, 2022 |
|
Adobe Illustrator Font Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-814 |
ZDI-CAN-16490 |
Adobe |
CVE-2022-30637 |
7.8 |
June 15, 2022 |
|
Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-813 |
ZDI-CAN-15443 |
Microsoft |
CVE-2021-43875 |
7.0 |
June 2, 2022 |
|
Microsoft Word glTF-SDK Integer Overflow Remote Code Execution Vulnerability |
| ZDI-22-812 |
ZDI-CAN-16125 |
Apple |
CVE-2022-26698 |
3.3 |
May 26, 2022 |
June 2, 2022 |
Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-811 |
ZDI-CAN-16024 |
Apple |
CVE-2022-22583 |
5.5 |
June 2, 2022 |
June 2, 2022 |
Apple macOS PackageKit PKInstallSandbox SIP Bypass vulnerability |
| ZDI-22-810 |
ZDI-CAN-16065 |
Microsoft |
CVE-2022-24499 |
7.8 |
June 1, 2022 |
|
Microsoft Windows Installer Service Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-809 |
ZDI-CAN-16249 |
Microsoft |
CVE-2022-26901 |
7.8 |
June 1, 2022 |
|
Microsoft Excel XLS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-808 |
ZDI-CAN-15973 |
Microsoft |
CVE-2022-24479 |
7.8 |
June 1, 2022 |
|
Microsoft Windows DiagTrack Service Link Following Privilege Escalation Vulnerability |
| ZDI-22-807 |
ZDI-CAN-15294 |
Microsoft |
CVE-2022-24513 |
8.4 |
June 1, 2022 |
|
Microsoft Visual Studio VSIX Auto Update Deserialization of Untrusted Data Privilege Escalation Vulnerability |
| ZDI-22-806 |
ZDI-CAN-15980 |
FreeBSD |
CVE-2022-23088 |
8.3 |
May 31, 2022 |
|
FreeBSD 802.11 Network Subsystem Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-805 |
ZDI-CAN-15525 |
KeySight |
CVE-2022-1661 |
7.5 |
May 27, 2022 |
|
KeySight N6841A RF Sensor UserFirmwareRequestHandler Directory Traversal Information Disclosure Vulnerability |
| ZDI-22-804 |
ZDI-CAN-15470 |
KeySight |
CVE-2022-1660 |
9.8 |
May 27, 2022 |
|
KeySight N6841A RF Sensor Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-803 |
ZDI-CAN-15636 |
Cisco |
CVE-2022-20753 |
4.3 |
May 27, 2022 |
|
Cisco RV340 JSON RPC set-snmp Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-802 |
ZDI-CAN-15634 |
Cisco |
CVE-2022-20753 |
4.3 |
May 27, 2022 |
|
Cisco RV340 JSON RPC set-snmp Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-801 |
ZDI-CAN-15757 |
Trend Micro |
CVE-2022-30703 |
6.5 |
May 27, 2022 |
|
Trend Micro Internet Security Exposed Dangerous Method Information Disclosure Vulnerability |
| ZDI-22-800 |
ZDI-CAN-15756 |
Trend Micro |
CVE-2022-30702 |
7.3 |
May 27, 2022 |
|
Trend Micro Internet Security Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-799 |
ZDI-CAN-17469 |
Mozilla |
CVE-2022-1802 |
8.8 |
May 27, 2022 |
|
(Pwn2Own) Mozilla Firefox Top-Level Await Prototype Pollution Remote Code Execution Vulnerability |
| ZDI-22-798 |
ZDI-CAN-17418 |
Mozilla |
CVE-2022-1529 |
7.8 |
May 27, 2022 |
|
(Pwn2Own) Mozilla Firefox Improper Input Validation Sandbox Escape Vulnerability |
| ZDI-22-797 |
ZDI-CAN-16098 |
Trend Micro |
CVE-2022-30701 |
7.8 |
May 26, 2022 |
|
Trend Micro Apex One Uncontrolled Search Path Element Local Privilege Escalation Vulnerability |
| ZDI-22-796 |
ZDI-CAN-14481 |
Delta Industrial Automation |
CVE-2022-1403 |
7.8 |
May 26, 2022 |
|
Delta Industrial Automation ASDA-Soft PAR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-795 |
ZDI-CAN-14471 |
Delta Industrial Automation |
CVE-2022-1402 |
7.8 |
May 26, 2022 |
|
Delta Industrial Automation ASDA-Soft SCP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-794 |
ZDI-CAN-16806 |
Apple |
CVE-2022-26751 |
7.8 |
May 26, 2022 |
|
Apple macOS HEIC File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-793 |
ZDI-CAN-16206 |
Apple |
CVE-2022-26748 |
8.8 |
May 26, 2022 |
|
Apple Safari WebGL generateMipmap Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-792 |
ZDI-CAN-16158 |
Apple |
CVE-2022-26711 |
7.8 |
May 26, 2022 |
|
Apple macOS ImageIO WebP File Parsing Integer Overflow Remote Code Execution Vulnerability |
| ZDI-22-791 |
ZDI-CAN-16073 |
Apple |
CVE-2022-26697 |
3.3 |
May 26, 2022 |
|
Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-790 |
ZDI-CAN-15738 |
Trend Micro |
CVE-2022-30700 |
7.8 |
May 26, 2022 |
|
Trend Micro Apex One Incorrect Permission Assignment Local Privilege Escalation Vulnerability |
| ZDI-22-789 |
ZDI-CAN-15739 |
Trend Micro |
CVE-2022-30687 |
6.1 |
May 26, 2022 |
|
Trend Micro Maximum Security Link Following Arbitrary File Deletion Vulnerability |
| ZDI-22-788 |
ZDI-CAN-15919 |
Ivanti |
|
7.5 |
May 26, 2022 |
May 26, 2022 |
Ivanti Avalanche SetSettings Exposed Dangerous Function Authentication Bypass Vulnerability |
| ZDI-22-787 |
ZDI-CAN-15967 |
Ivanti |
|
6.5 |
May 26, 2022 |
May 26, 2022 |
Ivanti Avalanche AgentTaskHandler Directory Traversal Information Disclosure Vulnerability |
| ZDI-22-786 |
ZDI-CAN-15966 |
Ivanti |
|
8.8 |
May 26, 2022 |
May 26, 2022 |
Ivanti Avalanche DeviceLogResource Directory Traversal Remote Code Execution Vulnerability |
| ZDI-22-785 |
ZDI-CAN-15528 |
Ivanti |
|
9.4 |
May 26, 2022 |
May 26, 2022 |
Ivanti Avalanche EnterpriseServer Service Race Condition Authentication Bypass Vulnerability |
| ZDI-22-784 |
ZDI-CAN-15493 |
Ivanti |
|
7.5 |
May 26, 2022 |
May 26, 2022 |
Ivanti Avalanche EnterpriseServer Service SQL Injection Authentication Bypass Vulnerability |
| ZDI-22-783 |
ZDI-CAN-15448 |
Ivanti |
|
9.8 |
May 26, 2022 |
May 26, 2022 |
Ivanti Avalanche Notification Server Service Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-782 |
ZDI-CAN-15449 |
Ivanti |
|
9.8 |
May 26, 2022 |
May 26, 2022 |
Ivanti Avalanche Certificate Management Server Service Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-781 |
ZDI-CAN-15333 |
Ivanti |
|
9.1 |
May 26, 2022 |
May 26, 2022 |
Ivanti Avalanche EnterpriseServer Service SQL Injection Authentication Bypass Vulnerability |
| ZDI-22-780 |
ZDI-CAN-15332 |
Ivanti |
|
9.1 |
May 26, 2022 |
May 26, 2022 |
Ivanti Avalanche EnterpriseServer Service SQL Injection Authentication Bypass Vulnerability |
| ZDI-22-779 |
ZDI-CAN-15330 |
Ivanti |
|
9.8 |
May 26, 2022 |
May 26, 2022 |
Ivanti Avalanche Web File Server Service Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-778 |
ZDI-CAN-15329 |
Ivanti |
|
9.1 |
May 26, 2022 |
May 26, 2022 |
Ivanti Avalanche EnterpriseServer Service SQL Injection Authentication Bypass Vulnerability |
| ZDI-22-777 |
ZDI-CAN-15328 |
Ivanti |
|
9.1 |
May 26, 2022 |
May 26, 2022 |
Ivanti Avalanche EnterpriseServer Service SQL Injection Authentication Bypass Vulnerability |
| ZDI-22-776 |
ZDI-CAN-15301 |
Ivanti |
|
9.8 |
May 26, 2022 |
May 26, 2022 |
Ivanti Avalanche JwtTokenUtility Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-775 |
ZDI-CAN-15690 |
Autodesk |
CVE-2022-25793 |
7.8 |
May 26, 2022 |
|
Autodesk 3DS Max ABC File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-774 |
ZDI-CAN-16828 |
Foxit |
CVE-2022-28683 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader deletePages Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-773 |
ZDI-CAN-16778 |
Foxit |
CVE-2022-28682 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-772 |
ZDI-CAN-16825 |
Foxit |
CVE-2022-28681 |
2.5 |
May 12, 2022 |
|
Foxit PDF Reader deletePages Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-771 |
ZDI-CAN-16821 |
Foxit |
CVE-2022-28680 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-770 |
ZDI-CAN-16861 |
Foxit |
CVE-2022-28679 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-769 |
ZDI-CAN-16805 |
Foxit |
CVE-2022-28678 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-768 |
ZDI-CAN-16663 |
Foxit |
CVE-2022-28677 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-767 |
ZDI-CAN-16643 |
Foxit |
CVE-2022-28676 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-766 |
ZDI-CAN-16642 |
Foxit |
CVE-2022-28675 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-765 |
ZDI-CAN-16644 |
Foxit |
CVE-2022-28674 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-764 |
ZDI-CAN-16641 |
Foxit |
CVE-2022-28673 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-763 |
ZDI-CAN-16640 |
Foxit |
CVE-2022-28672 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-762 |
ZDI-CAN-16639 |
Foxit |
CVE-2022-28671 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-761 |
ZDI-CAN-16523 |
Foxit |
CVE-2022-28670 |
3.3 |
May 12, 2022 |
|
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-760 |
ZDI-CAN-16420 |
Foxit |
CVE-2022-28669 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-759 |
ZDI-CAN-16159 |
Trend Micro |
CVE-2022-30523 |
7.8 |
May 11, 2022 |
|
Trend Micro Password Manager Link Following Privilege Escalation Vulnerability |
| ZDI-22-758 |
ZDI-CAN-15803 |
NETGEAR |
|
8.8 |
May 10, 2022 |
May 11, 2022 |
(Pwn2Own) NETGEAR R6700v3 Vulnerable Third-Party Component Remote Code Execution Vulnerability |
| ZDI-22-757 |
ZDI-CAN-16083 |
Apple |
CVE-2022-22597 |
3.3 |
April 28, 2022 |
May 11, 2022 |
Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-756 |
ZDI-CAN-15635 |
Cisco |
CVE-2022-20753 |
4.3 |
May 10, 2022 |
|
Cisco RV340 JSON RPC set-snmp Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-755 |
ZDI-CAN-17065 |
Adobe |
CVE-2022-28829 |
7.8 |
May 10, 2022 |
|
Adobe FrameMaker Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-754 |
ZDI-CAN-17012 |
Adobe |
CVE-2022-28837 |
3.3 |
May 10, 2022 |
|
Adobe Acrobat Pro DC Doc buttonSetIcon Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-753 |
ZDI-CAN-17000 |
Adobe |
CVE-2022-28838 |
7.8 |
May 10, 2022 |
|
Adobe Acrobat Pro DC Doc flattenPages Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-752 |
ZDI-CAN-16515 |
Adobe |
CVE-2022-28819 |
7.8 |
May 10, 2022 |
|
Adobe Character Animator SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-751 |
ZDI-CAN-16503 |
Adobe |
CVE-2022-28831 |
7.8 |
May 10, 2022 |
|
Adobe InDesign Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-750 |
ZDI-CAN-16502 |
Adobe |
CVE-2022-28833 |
7.8 |
May 10, 2022 |
|
Adobe InDesign Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-749 |
ZDI-CAN-16501 |
Adobe |
CVE-2022-28832 |
7.8 |
May 10, 2022 |
|
Adobe InDesign Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-748 |
ZDI-CAN-16500 |
Adobe |
CVE-2022-28834 |
7.8 |
May 10, 2022 |
|
Adobe InCopy Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-747 |
ZDI-CAN-16499 |
Adobe |
CVE-2022-28836 |
7.8 |
May 10, 2022 |
|
Adobe InCopy Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-746 |
ZDI-CAN-16498 |
Adobe |
CVE-2022-28835 |
7.8 |
May 10, 2022 |
|
Adobe InCopy Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-745 |
ZDI-CAN-16497 |
Adobe |
CVE-2022-28823 |
7.8 |
May 10, 2022 |
|
Adobe FrameMaker Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-744 |
ZDI-CAN-16496 |
Adobe |
CVE-2022-28822 |
7.8 |
May 10, 2022 |
|
Adobe FrameMaker Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-743 |
ZDI-CAN-16495 |
Adobe |
CVE-2022-28824 |
7.8 |
May 10, 2022 |
|
Adobe FrameMaker Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-742 |
ZDI-CAN-16432 |
Adobe |
CVE-2022-28828 |
7.8 |
May 10, 2022 |
|
Adobe FrameMaker PDF File Parsing Out-Of-Bounds Write Code Execution Vulnerability |
| ZDI-22-741 |
ZDI-CAN-16431 |
Adobe |
CVE-2022-28827 |
7.8 |
May 10, 2022 |
|
Adobe FrameMaker SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-740 |
ZDI-CAN-16430 |
Adobe |
CVE-2022-28830 |
3.3 |
May 10, 2022 |
|
Adobe FrameMaker Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-739 |
ZDI-CAN-16429 |
Adobe |
CVE-2022-28821 |
7.8 |
May 10, 2022 |
|
Adobe FrameMaker Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-738 |
ZDI-CAN-16428 |
Adobe |
CVE-2022-28825 |
7.8 |
May 10, 2022 |
|
Adobe FrameMaker Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-737 |
ZDI-CAN-16427 |
Adobe |
CVE-2022-28826 |
7.8 |
May 10, 2022 |
|
Adobe FrameMaker Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-736 |
ZDI-CAN-16218 |
Microsoft |
CVE-2022-29114 |
5.5 |
May 10, 2022 |
|
Microsoft Windows Print Spooler Service Directory Traversal Information Disclosure Vulnerability |
| ZDI-22-735 |
ZDI-CAN-16215 |
Microsoft |
CVE-2022-29140 |
5.5 |
May 10, 2022 |
|
Microsoft Windows Print Spooler Service Directory Traversal Information Disclosure Vulnerability |
| ZDI-22-734 |
ZDI-CAN-16251 |
Microsoft |
CVE-2022-29104 |
7.0 |
May 10, 2022 |
|
Microsoft Windows Print Spooler Service Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-733 |
ZDI-CAN-16189 |
Microsoft |
CVE-2022-29148 |
7.8 |
May 10, 2022 |
|
Microsoft Visual Studio DDS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-732 |
ZDI-CAN-16228 |
Microsoft |
CVE-2022-30138 |
7.0 |
May 10, 2022 |
June 10, 2022 |
Microsoft Windows Print Spooler Service Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-731 |
ZDI-CAN-16507 |
Microsoft |
CVE-2022-29105 |
8.8 |
May 10, 2022 |
|
Microsoft Windows Media Foundation AVI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-730 |
ZDI-CAN-16229 |
Microsoft |
CVE-2022-29104 |
7.0 |
May 10, 2022 |
|
Microsoft Windows Print Spooler Service Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-729 |
ZDI-CAN-16168 |
Microsoft |
CVE-2022-26923 |
9.0 |
May 10, 2022 |
|
Microsoft Windows Active Directory Certificate Services Improper Authorization Privilege Escalation Vulnerability |
| ZDI-22-728 |
ZDI-CAN-15915 |
Microsoft |
CVE-2022-26927 |
9.6 |
May 10, 2022 |
|
Microsoft Windows OpenType Font File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-727 |
ZDI-CAN-15914 |
Microsoft |
CVE-2022-24542 |
8.8 |
May 10, 2022 |
|
Microsoft Windows Kernel Bitmap Surface Untrusted Pointer Dereference Privilege Escalation Vulnerability |
| ZDI-22-726 |
ZDI-CAN-15974 |
Microsoft |
CVE-2022-24550 |
7.8 |
May 10, 2022 |
|
Microsoft Windows CreateObjectHandler Deserialization of Untrusted Data Local Privilege Escalation Vulnerability |
| ZDI-22-725 |
ZDI-CAN-17077 |
Adobe |
CVE-2022-24099 |
3.3 |
May 9, 2022 |
|
Adobe Photoshop Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-724 |
ZDI-CAN-15637 |
Cisco |
CVE-2022-20801 |
4.3 |
May 9, 2022 |
|
Cisco RV340 JSON RPC set-snmp Command Injection Remote Code Execution Vulnerability |
| ZDI-22-723 |
ZDI-CAN-15633 |
Cisco |
CVE-2022-20801 |
4.3 |
May 9, 2022 |
|
Cisco RV340 JSON RPC set-snmp Command Injection Remote Code Execution Vulnerability |
| ZDI-22-722 |
ZDI-CAN-16042 |
Autodesk |
|
7.8 |
May 10, 2022 |
May 10, 2022 |
(0Day) Autodesk Navisworks Manage SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-721 |
ZDI-CAN-15689 |
Autodesk |
CVE-2022-27532 |
7.8 |
May 10, 2022 |
May 16, 2022 |
(0Day) Autodesk 3DS Max TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-720 |
ZDI-CAN-15687 |
Autodesk |
CVE-2022-27532 |
7.8 |
May 10, 2022 |
May 16, 2022 |
(0Day) Autodesk 3DS Max TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-719 |
ZDI-CAN-15677 |
Autodesk |
CVE-2022-27532 |
7.8 |
May 10, 2022 |
May 16, 2022 |
(0Day) Autodesk 3DS Max TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-718 |
ZDI-CAN-15178 |
Rockwell Automation |
|
5.5 |
May 9, 2022 |
May 10, 2022 |
(0Day) Rockwell Automation ISaGRAF isasln File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-717 |
ZDI-CAN-16164 |
Zoom |
CVE-2022-22782 |
7.8 |
May 9, 2022 |
|
Zoom Client Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-716 |
ZDI-CAN-16162 |
Zoom |
CVE-2022-22782 |
7.8 |
May 9, 2022 |
|
Zoom Client Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-715 |
ZDI-CAN-16076 |
Apple |
CVE-2022-22648 |
3.3 |
April 28, 2022 |
|
Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-714 |
ZDI-CAN-16074 |
Apple |
CVE-2022-22627 |
3.3 |
April 28, 2022 |
|
Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-713 |
ZDI-CAN-16072 |
Apple |
CVE-2022-22648 |
3.3 |
April 28, 2022 |
|
Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-712 |
ZDI-CAN-16084 |
Apple |
CVE-2022-22625 |
3.3 |
April 28, 2022 |
|
Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-711 |
ZDI-CAN-16075 |
Apple |
CVE-2022-22626 |
3.3 |
April 28, 2022 |
|
Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-710 |
ZDI-CAN-15543 |
Autodesk |
CVE-2022-25794 |
7.8 |
April 28, 2022 |
|
Autodesk FBX Review ABC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-709 |
ZDI-CAN-16407 |
Oracle |
CVE-2022-21490 |
9.8 |
April 28, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-22-708 |
ZDI-CAN-16408 |
Oracle |
CVE-2022-21489 |
9.8 |
April 28, 2022 |
|
Oracle MySQL Cluster Data Node Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-707 |
ZDI-CAN-16406 |
Oracle |
CVE-2022-21482 |
9.8 |
April 28, 2022 |
|
Oracle MySQL Cluster Data Node Integer Overflow Remote Code Execution Vulnerability |
| ZDI-22-706 |
ZDI-CAN-16704 |
Oracle |
CVE-2022-21486 |
6.5 |
April 28, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability |
| ZDI-22-705 |
ZDI-CAN-16703 |
Oracle |
CVE-2022-21485 |
6.5 |
April 28, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability |
| ZDI-22-704 |
ZDI-CAN-16409 |
Oracle |
CVE-2022-21484 |
6.5 |
April 28, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability |
| ZDI-22-703 |
ZDI-CAN-16445 |
Oracle |
CVE-2022-21483 |
9.8 |
April 28, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-22-702 |
ZDI-CAN-14479 |
Delta Industrial Automation |
|
5.5 |
April 28, 2022 |
|
(0Day) Delta Industrial Automation DRAS Project File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-701 |
ZDI-CAN-14654 |
Delta Industrial Automation |
|
5.5 |
April 28, 2022 |
|
(0Day) Delta Industrial Automation DRAS DSCP Scope File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-700 |
ZDI-CAN-14653 |
Delta Industrial Automation |
|
5.5 |
April 28, 2022 |
|
(0Day) Delta Industrial Automation DRAS XML Point File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-699 |
ZDI-CAN-14480 |
Delta Industrial Automation |
CVE-2022-1331 |
5.5 |
April 28, 2022 |
|
Delta Industrial Automation DMARS Project File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-698 |
ZDI-CAN-14651 |
Delta Industrial Automation |
CVE-2022-1331 |
5.5 |
April 28, 2022 |
|
Delta Industrial Automation DMARS Scope File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-697 |
ZDI-CAN-14650 |
Delta Industrial Automation |
CVE-2022-1331 |
5.5 |
April 28, 2022 |
|
Delta Industrial Automation DMARS ScopeConfig File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-696 |
ZDI-CAN-14647 |
Delta Industrial Automation |
CVE-2022-1331 |
5.5 |
April 28, 2022 |
|
Delta Industrial Automation DMARS DSCP Scope File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-695 |
ZDI-CAN-16132 |
Adobe |
CVE-2022-28271 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop PDF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-694 |
ZDI-CAN-17069 |
Adobe |
CVE-2022-23205 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-693 |
ZDI-CAN-16725 |
Adobe |
CVE-2022-28240 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-692 |
ZDI-CAN-16708 |
Adobe |
CVE-2022-28268 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-691 |
ZDI-CAN-16707 |
Adobe |
CVE-2022-28239 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-690 |
ZDI-CAN-16579 |
Adobe |
CVE-2022-28269 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-689 |
ZDI-CAN-16553 |
Adobe |
CVE-2022-28236 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-688 |
ZDI-CAN-16537 |
Adobe |
CVE-2022-28235 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Pro DC AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-687 |
ZDI-CAN-16536 |
Adobe |
CVE-2022-28237 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-686 |
ZDI-CAN-16534 |
Adobe |
CVE-2022-27800 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-685 |
ZDI-CAN-16533 |
Adobe |
CVE-2022-27802 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-684 |
ZDI-CAN-16404 |
Adobe |
CVE-2022-28230 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Pro DC AcroForm calculateNow Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-683 |
ZDI-CAN-16385 |
Adobe |
CVE-2022-28232 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Collab Object Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-682 |
ZDI-CAN-16375 |
Adobe |
CVE-2022-27801 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-681 |
ZDI-CAN-16374 |
Adobe |
CVE-2022-27797 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-680 |
ZDI-CAN-16373 |
Adobe |
CVE-2022-28233 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-679 |
ZDI-CAN-16353 |
Adobe |
CVE-2022-27796 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Pro DC AcroForm isBoxChecked Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-678 |
ZDI-CAN-16352 |
Adobe |
CVE-2022-27795 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Pro DC AcroForm isDefaultChecked Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-677 |
ZDI-CAN-16349 |
Adobe |
CVE-2022-27799 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Pro DC AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-676 |
ZDI-CAN-16348 |
Adobe |
CVE-2022-27798 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC zoomType Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-675 |
ZDI-CAN-16298 |
Adobe |
CVE-2022-27786 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-674 |
ZDI-CAN-16293 |
Adobe |
CVE-2022-27785 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-673 |
ZDI-CAN-16292 |
Adobe |
CVE-2022-27788 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-672 |
ZDI-CAN-16291 |
Adobe |
CVE-2022-27787 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-671 |
ZDI-CAN-16095 |
Adobe |
CVE-2022-27790 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-670 |
ZDI-CAN-16053 |
Adobe |
CVE-2022-28231 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-669 |
ZDI-CAN-16705 |
Adobe |
CVE-2022-28245 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-668 |
ZDI-CAN-16865 |
Adobe |
CVE-2022-28256 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-667 |
ZDI-CAN-16864 |
Adobe |
CVE-2022-28250 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-666 |
ZDI-CAN-16863 |
Adobe |
CVE-2022-28251 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-665 |
ZDI-CAN-16817 |
Adobe |
CVE-2022-28241 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-664 |
ZDI-CAN-16809 |
Adobe |
CVE-2022-28242 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-663 |
ZDI-CAN-16803 |
Adobe |
CVE-2022-28243 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-662 |
ZDI-CAN-16794 |
Adobe |
CVE-2022-28252 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-661 |
ZDI-CAN-16793 |
Adobe |
CVE-2022-28253 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-660 |
ZDI-CAN-16792 |
Adobe |
CVE-2022-28254 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-659 |
ZDI-CAN-16791 |
Adobe |
CVE-2022-28255 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-658 |
ZDI-CAN-16790 |
Adobe |
CVE-2022-28257 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-657 |
ZDI-CAN-16789 |
Adobe |
CVE-2022-28265 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-656 |
ZDI-CAN-16788 |
Adobe |
CVE-2022-28258 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-655 |
ZDI-CAN-16787 |
Adobe |
CVE-2022-28263 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-654 |
ZDI-CAN-16786 |
Adobe |
CVE-2022-28259 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-653 |
ZDI-CAN-16785 |
Adobe |
CVE-2022-28267 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-652 |
ZDI-CAN-16784 |
Adobe |
CVE-2022-28264 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-651 |
ZDI-CAN-16757 |
Adobe |
CVE-2022-28262 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-650 |
ZDI-CAN-16756 |
Adobe |
CVE-2022-28260 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-649 |
ZDI-CAN-16755 |
Adobe |
CVE-2022-28261 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-648 |
ZDI-CAN-16754 |
Adobe |
CVE-2022-28266 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-647 |
ZDI-CAN-16734 |
Adobe |
CVE-2022-28248 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-646 |
ZDI-CAN-16730 |
Adobe |
CVE-2022-28246 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-645 |
ZDI-CAN-16711 |
Adobe |
CVE-2022-28249 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-644 |
ZDI-CAN-16538 |
Adobe |
CVE-2022-28238 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-643 |
ZDI-CAN-16506 |
Adobe |
CVE-2022-28272 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-642 |
ZDI-CAN-16505 |
Adobe |
CVE-2022-28273 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-641 |
ZDI-CAN-16504 |
Adobe |
CVE-2022-28274 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-640 |
ZDI-CAN-16475 |
Adobe |
CVE-2022-28279 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-639 |
ZDI-CAN-16474 |
Adobe |
CVE-2022-28275 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-638 |
ZDI-CAN-16473 |
Adobe |
CVE-2022-28278 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-637 |
ZDI-CAN-16472 |
Adobe |
CVE-2022-28277 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-636 |
ZDI-CAN-16471 |
Adobe |
CVE-2022-28276 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-635 |
ZDI-CAN-16414 |
Adobe |
CVE-2022-24098 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop PCX File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-634 |
ZDI-CAN-16410 |
Adobe |
CVE-2022-24105 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-633 |
ZDI-CAN-16183 |
Adobe |
CVE-2022-27789 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-632 |
ZDI-CAN-16131 |
Adobe |
CVE-2022-28270 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-631 |
ZDI-CAN-16096 |
Adobe |
CVE-2022-27794 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-22-630 |
ZDI-CAN-16091 |
Adobe |
CVE-2022-27792 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-629 |
ZDI-CAN-16090 |
Adobe |
CVE-2022-27793 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-628 |
ZDI-CAN-16089 |
Adobe |
CVE-2022-27791 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-627 |
ZDI-CAN-16025 |
Adobe |
CVE-2022-24101 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-626 |
ZDI-CAN-15838 |
Adobe |
CVE-2022-24102 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-625 |
ZDI-CAN-15763 |
Adobe |
CVE-2022-24104 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-624 |
ZDI-CAN-15809 |
Adobe |
CVE-2022-24103 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-623 |
ZDI-CAN-15592 |
Siemens |
CVE-2022-28663 |
7.8 |
April 28, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-622 |
ZDI-CAN-16679 |
Sante |
CVE-2022-28668 |
7.8 |
April 28, 2022 |
|
Sante DICOM Viewer Pro J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-621 |
ZDI-CAN-15918 |
Samsung |
CVE-2022-1230 |
3.9 |
April 12, 2022 |
|
(Pwn2Own) Samsung Galaxy S21 loadUrl Open Redirect Privilege Escalation Vulnerability |
| ZDI-22-620 |
ZDI-CAN-16316 |
Trend Micro |
CVE-2022-28339 |
7.3 |
April 12, 2022 |
|
Trend Micro HouseCall for Home Networks Uncontrolled Search Path Element Privilege Escalation Vulnerability |
| ZDI-22-619 |
ZDI-CAN-16587 |
Tukaani |
CVE-2022-1271 |
7.0 |
April 12, 2022 |
|
Tukaani XZ Utils xzgrep Argument Injection Remote Code Execution Vulnerability |
| ZDI-22-618 |
ZDI-CAN-16379 |
Bentley |
CVE-2022-28318 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT IFC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-617 |
ZDI-CAN-16573 |
Bentley |
CVE-2022-28647 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT IFC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-616 |
ZDI-CAN-16570 |
Bentley |
CVE-2022-28646 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT IFC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-615 |
ZDI-CAN-16581 |
Bentley |
CVE-2022-1229 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT IFC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-614 |
ZDI-CAN-16446 |
Bentley |
CVE-2022-28302 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT IFC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-613 |
ZDI-CAN-16390 |
Bentley |
CVE-2022-28641 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT IFC File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-612 |
ZDI-CAN-16392 |
Bentley |
CVE-2022-28301 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT IFC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-611 |
ZDI-CAN-16469 |
Bentley |
CVE-2022-28644 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-610 |
ZDI-CAN-16470 |
Bentley |
CVE-2022-28645 |
3.3 |
April 12, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-609 |
ZDI-CAN-16468 |
Bentley |
CVE-2022-28643 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-608 |
ZDI-CAN-16424 |
Bentley |
CVE-2022-28642 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-607 |
ZDI-CAN-16368 |
Bentley |
CVE-2022-28316 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT IFC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-606 |
ZDI-CAN-16367 |
Bentley |
CVE-2022-28315 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT IFC File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-605 |
ZDI-CAN-16332 |
Bentley |
CVE-2022-28314 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT IFC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-604 |
ZDI-CAN-16369 |
Bentley |
|
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT IFC File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-22-603 |
ZDI-CAN-16343 |
Bentley |
CVE-2022-28313 |
3.3 |
April 12, 2022 |
|
Bentley MicroStation CONNECT 3DS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-602 |
ZDI-CAN-16342 |
Bentley |
CVE-2022-28312 |
3.3 |
April 12, 2022 |
|
Bentley MicroStation CONNECT 3DS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-601 |
ZDI-CAN-16341 |
Bentley |
CVE-2022-28311 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-600 |
ZDI-CAN-16308 |
Bentley |
CVE-2022-28309 |
3.3 |
April 12, 2022 |
|
Bentley View 3DS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-599 |
ZDI-CAN-16307 |
Bentley |
CVE-2022-28308 |
3.3 |
April 12, 2022 |
|
Bentley View 3DS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-598 |
ZDI-CAN-16306 |
Bentley |
CVE-2022-28307 |
7.8 |
April 12, 2022 |
|
Bentley View DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-597 |
ZDI-CAN-16282 |
Bentley |
CVE-2022-28320 |
7.8 |
April 12, 2022 |
|
Bentley View 3DM File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-22-596 |
ZDI-CAN-16280 |
Bentley |
CVE-2022-28303 |
7.8 |
April 12, 2022 |
|
Bentley View SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-595 |
ZDI-CAN-16174 |
Bentley |
CVE-2022-28306 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT OBJ File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-594 |
ZDI-CAN-16171 |
Bentley |
CVE-2022-28304 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT OBJ File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-593 |
ZDI-CAN-16172 |
Bentley |
CVE-2022-28305 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT OBJ File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-592 |
ZDI-CAN-16202 |
Bentley |
CVE-2022-28300 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-591 |
ZDI-CAN-16340 |
Bentley |
CVE-2022-28319 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT 3DM File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-22-590 |
ZDI-CAN-16339 |
Bentley |
CVE-2022-28310 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-589 |
ZDI-CAN-15176 |
Rockwell Automation |
CVE-2022-1118 |
7.8 |
April 8, 2022 |
|
Rockwell Automation Connected Components Workbench CCWARC File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-588 |
ZDI-CAN-15175 |
Rockwell Automation |
CVE-2022-1118 |
7.8 |
April 8, 2022 |
|
Rockwell Automation Connected Components Workbench CCWARC File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-587 |
ZDI-CAN-15174 |
Rockwell Automation |
CVE-2022-1118 |
7.8 |
April 8, 2022 |
|
Rockwell Automation Connected Components Workbench CCWARC File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-586 |
ZDI-CAN-15173 |
Rockwell Automation |
CVE-2022-1118 |
7.8 |
April 8, 2022 |
|
Rockwell Automation Connected Components Workbench CCWARC File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-585 |
ZDI-CAN-15179 |
Rockwell Automation |
|
5.5 |
April 5, 2022 |
|
Rockwell Automation Connected Components Workbench ccwsln File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-584 |
ZDI-CAN-15177 |
Rockwell Automation |
|
5.5 |
April 5, 2022 |
|
Rockwell Automation Connected Components Workbench ccwsln File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-583 |
ZDI-CAN-15180 |
Schneider Electric |
CVE-2022-0221 |
5.5 |
April 5, 2022 |
|
Schneider Electric SCADAPack Workbench isasln File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-582 |
ZDI-CAN-15181 |
Schneider Electric |
CVE-2022-0221 |
5.5 |
April 5, 2022 |
|
Schneider Electric SCADAPack Workbench isasln File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-581 |
ZDI-CAN-14778 |
Omron |
CVE-2022-26022 |
7.8 |
April 5, 2022 |
|
Omron CX-One CX-Position NCI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-580 |
ZDI-CAN-14776 |
Omron |
CVE-2022-26419 |
7.8 |
April 5, 2022 |
|
Omron CX-One CX-Position NCI File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-579 |
ZDI-CAN-14775 |
Omron |
CVE-2022-26419 |
7.8 |
April 5, 2022 |
|
Omron CX-One CX-Position NCI File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-578 |
ZDI-CAN-14753 |
Omron |
CVE-2022-26417 |
7.8 |
April 5, 2022 |
|
Omron CX-One CX-Position NCI File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-577 |
ZDI-CAN-14677 |
Omron |
CVE-2022-25959 |
7.8 |
April 5, 2022 |
|
Omron CX-One CX-Position NCI File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-576 |
ZDI-CAN-14676 |
Omron |
CVE-2022-26419 |
7.8 |
April 5, 2022 |
|
Omron CX-One CX-Position NCI File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-575 |
ZDI-CAN-14674 |
Omron |
CVE-2022-26419 |
7.8 |
April 5, 2022 |
|
Omron CX-One CX-Position NCI File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-574 |
ZDI-CAN-16015 |
Autodesk |
CVE-2022-25796 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Freedom DWF File Parsing Double Free Remote Code Execution Vulnerability |
| ZDI-22-573 |
ZDI-CAN-16048 |
Autodesk |
CVE-2022-25791 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage DWF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-572 |
ZDI-CAN-16047 |
Autodesk |
CVE-2022-25791 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage DWFX File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-571 |
ZDI-CAN-16046 |
Autodesk |
CVE-2022-25789 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage DWFX File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-570 |
ZDI-CAN-16044 |
Autodesk |
CVE-2022-25790 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-569 |
ZDI-CAN-16043 |
Autodesk |
CVE-2022-25790 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-568 |
ZDI-CAN-16041 |
Autodesk |
CVE-2022-27528 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-567 |
ZDI-CAN-16040 |
Autodesk |
CVE-2022-25792 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage DWF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-566 |
ZDI-CAN-16045 |
Autodesk |
CVE-2022-27528 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-565 |
ZDI-CAN-16012 |
Autodesk |
CVE-2022-25792 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Freedom DWF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-564 |
ZDI-CAN-16016 |
Autodesk |
CVE-2022-25791 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Freedom DWFX File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-563 |
ZDI-CAN-16014 |
Autodesk |
CVE-2022-25790 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Freedom DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-562 |
ZDI-CAN-16009 |
Autodesk |
CVE-2022-25790 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Freedom DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-561 |
ZDI-CAN-16018 |
Autodesk |
CVE-2022-25791 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Freedom DWF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-560 |
ZDI-CAN-16011 |
Autodesk |
CVE-2022-25790 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Freedom DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-559 |
ZDI-CAN-16013 |
Autodesk |
CVE-2022-25790 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Freedom DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-558 |
ZDI-CAN-16017 |
Autodesk |
CVE-2022-25791 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Freedom DWF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-557 |
ZDI-CAN-16010 |
Autodesk |
CVE-2022-27528 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Freedom DWFX File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-556 |
ZDI-CAN-15522 |
Autodesk |
CVE-2022-25795 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-555 |
ZDI-CAN-15521 |
Autodesk |
CVE-2022-25795 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage PDF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-554 |
ZDI-CAN-15686 |
Autodesk |
CVE-2022-25792 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Freedom DWF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-553 |
ZDI-CAN-15672 |
Autodesk |
CVE-2022-25790 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Freedom DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-552 |
ZDI-CAN-15466 |
Autodesk |
CVE-2022-25795 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage PDF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-551 |
ZDI-CAN-15451 |
Autodesk |
CVE-2022-25795 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-550 |
ZDI-CAN-15519 |
Autodesk |
CVE-2022-25795 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage PDF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-549 |
ZDI-CAN-15518 |
Autodesk |
CVE-2022-25795 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage PDF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-548 |
ZDI-CAN-15517 |
Autodesk |
CVE-2022-25795 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage PDF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-547 |
ZDI-CAN-15917 |
Samsung |
|
6.1 |
April 5, 2022 |
|
(0Day) (Pwn2Own) Samsung Galaxy S21 Exposed Dangerous Method Local Privilege Escalation Vulnerability |
| ZDI-22-546 |
ZDI-CAN-14816 |
Trend Micro |
CVE-2022-27883 |
7.8 |
April 1, 2022 |
|
Trend Micro Antivirus for Mac Link Following Privilege Escalation Vulnerability |
| ZDI-22-545 |
ZDI-CAN-15307 |
Siemens |
|
3.3 |
March 29, 2022 |
|
(0Day) Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Information Disclosure Vulnerability |
| ZDI-22-544 |
ZDI-CAN-15806 |
NETGEAR |
CVE-2022-27641 |
8.8 |
March 29, 2022 |
|
(Pwn2Own) Netgear R6700v3 NetUSB Integer Overflow Remote Code Execution Vulnerability |
| ZDI-22-543 |
ZDI-CAN-14868 |
KOYO |
CVE-2022-27648 |
7.8 |
March 29, 2022 |
|
KOYO Screen Creator SCA2 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-542 |
ZDI-CAN-15114 |
Siemens |
|
7.8 |
March 28, 2022 |
March 29, 2022 |
(0Day) Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-541 |
ZDI-CAN-14468 |
Array Networks |
|
7.8 |
April 4, 2022 |
April 4, 2022 |
(0Day) Array Networks MotionPro Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-540 |
ZDI-CAN-16128 |
Adobe |
CVE-2021-44705 |
3.3 |
March 25, 2022 |
|
Adobe Acrobat Reader DC JP2 File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-539 |
ZDI-CAN-16127 |
Adobe |
CVE-2021-44707 |
7.8 |
March 25, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-538 |
ZDI-CAN-14615 |
Epic Games |
|
6.1 |
March 24, 2022 |
March 29, 2022 |
(0Day) Epic Games Launcher Link Following Denial-of-Service Vulnerability |
| ZDI-22-537 |
ZDI-CAN-14604 |
Epic Games |
|
6.1 |
March 24, 2022 |
March 29, 2022 |
(0Day) Epic Games Launcher Link Following Denial-of-Service Vulnerability |
| ZDI-22-536 |
ZDI-CAN-14470 |
Electronic Arts |
|
7.8 |
March 24, 2022 |
March 29, 2022 |
(0Day) Electronic Arts Origin Web Helper Service Link Following Privilege Escalation Vulnerability |
| ZDI-22-535 |
ZDI-CAN-15832 |
HP |
CVE-2022-24292 |
4.3 |
March 23, 2022 |
|
(Pwn2Own) HP LaserJet Pro MFP M283fdw CFF Font Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-534 |
ZDI-CAN-15897 |
HP |
CVE-2022-24291 |
6.5 |
March 23, 2022 |
|
(Pwn2Own) HP LaserJet Pro MFP M283fdw ScanJobs Memory Corruption Denial-of-Service Vulnerability |
| ZDI-22-533 |
ZDI-CAN-15896 |
HP |
CVE-2022-24293 |
8.0 |
March 23, 2022 |
|
(Pwn2Own) HP LaserJet Pro MFP M283fdw eContactRestore Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-532 |
ZDI-CAN-15831 |
HP |
CVE-2022-3942 |
8.8 |
March 23, 2022 |
|
(Pwn2Own) HP LaserJet Pro MFP M283fdw LLMNR Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-531 |
ZDI-CAN-15696 |
Siemens |
CVE-2021-45465 |
7.8 |
March 23, 2022 |
|
Siemens syngo fastView BMP File Parsing Write-what-where Condition Remote Code Execution Vulnerability |
| ZDI-22-530 |
ZDI-CAN-15876 |
Netatalk |
CVE-2022-0194 |
9.8 |
March 23, 2022 |
|
(Pwn2Own) Netatalk ad_addcomment Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-529 |
ZDI-CAN-15837 |
Netatalk |
CVE-2022-23122 |
9.8 |
March 23, 2022 |
|
(Pwn2Own) Netatalk setfilparams Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-528 |
ZDI-CAN-15830 |
Netatalk |
CVE-2022-23123 |
5.3 |
March 23, 2022 |
|
(Pwn2Own) Netatalk getdirparams Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-527 |
ZDI-CAN-15819 |
Netatalk |
CVE-2022-23121 |
9.8 |
March 23, 2022 |
|
(Pwn2Own) Netatalk parse_entries Improper Handling of Exceptional Conditions Remote Code Execution Vulnerability |
| ZDI-22-526 |
ZDI-CAN-15869 |
Netatalk |
CVE-2022-23125 |
9.8 |
March 23, 2022 |
|
(Pwn2Own) Netatalk copyapplfile Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-525 |
ZDI-CAN-15870 |
Netatalk |
CVE-2022-23124 |
5.3 |
March 23, 2022 |
|
(Pwn2Own) Netatalk get_finderinfo Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-524 |
ZDI-CAN-15874 |
NETGEAR |
CVE-2022-27647 |
8.0 |
March 23, 2022 |
|
(Pwn2Own) NETGEAR R6700v3 libreadycloud.so Command Injection Remote Code Execution Vulnerability |
| ZDI-22-523 |
ZDI-CAN-15879 |
NETGEAR |
CVE-2022-27646 |
8.0 |
March 23, 2022 |
|
(Pwn2Own) NETGEAR R6700v3 circled Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-522 |
ZDI-CAN-15762 |
NETGEAR |
CVE-2022-27645 |
8.8 |
March 23, 2022 |
|
(Pwn2Own) NETGEAR R6700v3 readycloud_control.cgi Authentication Bypass Vulnerability |
| ZDI-22-521 |
ZDI-CAN-15782 |
NETGEAR |
|
3.1 |
March 23, 2022 |
|
(Pwn2Own) NETGEAR R6700v3 Missing Authentication for Critical Function Arbitrary File Upload Vulnerability |
| ZDI-22-520 |
ZDI-CAN-15797 |
NETGEAR |
CVE-2022-27644 |
5.0 |
March 23, 2022 |
|
(Pwn2Own) NETGEAR R6700v3 Improper Certificate Validation Vulnerability |
| ZDI-22-519 |
ZDI-CAN-15692 |
NETGEAR |
CVE-2022-27643 |
8.8 |
March 23, 2022 |
|
(Pwn2Own) NETGEAR R6700v3 upnpd Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-518 |
ZDI-CAN-15854 |
NETGEAR |
CVE-2022-27642 |
6.3 |
March 23, 2022 |
|
(Pwn2Own) NETGEAR R6700v3 httpd Authentication Bypass Vulnerability |
| ZDI-22-517 |
ZDI-CAN-15747 |
Apple |
CVE-2022-22629 |
8.8 |
March 22, 2022 |
|
Apple Safari WebGLMultiDraw Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-516 |
ZDI-CAN-15834 |
Canon |
CVE-2022-24674 |
8.8 |
March 18, 2022 |
|
(Pwn2Own) Canon imageCLASS MF644Cdw privet Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-515 |
ZDI-CAN-15845 |
Canon |
CVE-2022-24673 |
8.8 |
March 18, 2022 |
|
(Pwn2Own) Canon imageCLASS MF644Cdw SLP Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-514 |
ZDI-CAN-15802 |
Canon |
CVE-2022-24672 |
8.8 |
March 18, 2022 |
|
(Pwn2Own) Canon imageCLASS MF644Cdw CADM Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-513 |
ZDI-CAN-16130 |
Adobe |
CVE-2022-24092 |
7.8 |
March 18, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-512 |
ZDI-CAN-16129 |
Adobe |
CVE-2022-24091 |
7.8 |
March 18, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-511 |
ZDI-CAN-15048 |
Siemens |
CVE-2021-46162 |
7.8 |
March 18, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-510 |
ZDI-CAN-15943 |
Apple |
CVE-2022-22584 |
3.3 |
March 16, 2022 |
|
Apple macOS ColorSync ICC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-509 |
ZDI-CAN-15061 |
Siemens |
CVE-2021-46699 |
7.8 |
March 16, 2022 |
|
Siemens Simcenter Femap BDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-508 |
ZDI-CAN-15192 |
Cisco |
CVE-2015-3269 |
7.5 |
March 11, 2022 |
|
Cisco Nexus Dashboard Fabric Controller XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-507 |
ZDI-CAN-14806 |
Cisco |
CVE-2017-5641 |
7.8 |
March 11, 2022 |
|
Cisco Nexus Dashboard Fabric Controller Improper Privilege Management Privilege Escalation Vulnerability |
| ZDI-22-506 |
ZDI-CAN-14805 |
Cisco |
CVE-2017-5641 |
7.3 |
March 11, 2022 |
|
Cisco Nexus Dashboard Fabric Controller AMF Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-505 |
ZDI-CAN-15564 |
Autodesk |
CVE-2021-27039 |
7.8 |
March 11, 2022 |
|
Autodesk AutoCAD PCX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-504 |
ZDI-CAN-15662 |
Autodesk |
CVE-2022-25788 |
7.8 |
March 11, 2022 |
|
Autodesk AutoCAD JT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-503 |
ZDI-CAN-16517 |
MyBB |
CVE-2022-24734 |
7.2 |
March 11, 2022 |
|
MyBB Admin Control Panel Code Injection Remote Code Execution Vulnerability |
| ZDI-22-502 |
ZDI-CAN-16716 |
Mozilla |
CVE-2022-26381 |
8.8 |
March 9, 2022 |
|
Mozilla Firefox textPath Element Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-501 |
ZDI-CAN-15764 |
Microsoft |
CVE-2022-24509 |
7.8 |
March 9, 2022 |
|
Microsoft Office Visio EMF EMR_COMMENT_EMFPLUS Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-500 |
ZDI-CAN-15730 |
Microsoft |
CVE-2022-24461 |
7.8 |
March 9, 2022 |
|
Microsoft Office Visio EMF EMR_COMMENT_EMFPLUS Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-499 |
ZDI-CAN-7819 |
Microsoft |
CVE-2022-24455 |
7.8 |
March 9, 2022 |
|
Microsoft Windows CD-ROM Driver Uninitialized Pointer Privilege Escalation Vulnerability |
| ZDI-22-498 |
ZDI-CAN-7818 |
Microsoft |
CVE-2022-24455 |
7.8 |
March 9, 2022 |
|
Microsoft Windows CD-ROM Driver Uninitialized Pointer Privilege Escalation Vulnerability |
| ZDI-22-497 |
ZDI-CAN-15986 |
Microsoft |
CVE-2022-23281 |
4.2 |
March 9, 2022 |
|
Microsoft Windows CLFS Integer Overflow Information Disclosure Vulnerability |
| ZDI-22-496 |
ZDI-CAN-16123 |
Microsoft |
CVE-2022-23266 |
8.8 |
March 9, 2022 |
|
Microsoft Azure Defender for IoT Password Change Command Injection Privilege Escalation Vulnerability |
| ZDI-22-495 |
ZDI-CAN-15761 |
Microsoft |
CVE-2022-23265 |
4.2 |
March 9, 2022 |
|
Microsoft Azure Defender for IoT Password Change Command Injection Local Privilege Escalation Vulnerability |
| ZDI-22-494 |
ZDI-CAN-15754 |
Microsoft |
CVE-2022-24510 |
7.8 |
March 9, 2022 |
|
Microsoft Office Visio EMF EMR_COMMENT_EMFPLUS Type Confusion Remote Code Execution Vulnerability |
| ZDI-22-493 |
ZDI-CAN-16030 |
Microsoft |
CVE-2022-23299 |
8.8 |
March 9, 2022 |
|
Microsoft Windows win32kfull PDEV Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-22-492 |
ZDI-CAN-14446 |
Ecava |
|
3.3 |
March 9, 2022 |
March 29, 2022 |
(0Day) Ecava IntegraXor Inkscape EMF File Parsing Out-Of-Bound Read Information Disclosure Vulnerability |
| ZDI-22-491 |
ZDI-CAN-14445 |
Ecava |
|
7.8 |
March 9, 2022 |
March 29, 2022 |
(0Day) Ecava IntegraXor Inkscape EMF File Parsing Out-Of-Bound Write Remote Code Execution Vulnerability |
| ZDI-22-490 |
ZDI-CAN-14444 |
Ecava |
|
7.8 |
March 9, 2022 |
March 29, 2022 |
(0Day) Ecava IntegraXor Inkscape WMF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-489 |
ZDI-CAN-14384 |
Ecava |
|
3.3 |
March 9, 2022 |
March 29, 2022 |
(0Day) Ecava IntegraXor Inkscape EMF File Parsing Uninitialized Pointer Information Disclosure Vulnerability |
| ZDI-22-488 |
ZDI-CAN-14383 |
Ecava |
|
3.3 |
March 9, 2022 |
March 29, 2022 |
(0Day) Ecava IntegraXor Inkscape EMF File Parsing Uninitialized Pointer Information Disclosure Vulnerability |
| ZDI-22-487 |
ZDI-CAN-14382 |
Ecava |
|
3.3 |
March 9, 2022 |
March 29, 2022 |
(0Day) Ecava IntegraXor Inkscape EMF File Parsing Out-Of-Bound Read Information Disclosure Vulnerability |
| ZDI-22-486 |
ZDI-CAN-14381 |
Ecava |
|
3.3 |
March 9, 2022 |
March 29, 2022 |
(0Day) Ecava IntegraXor Inkscape EMF File Parsing Out-Of-Bound Read Information Disclosure Vulnerability |
| ZDI-22-485 |
ZDI-CAN-14275 |
Ecava |
|
3.3 |
March 9, 2022 |
March 29, 2022 |
(0Day) Ecava IntegraXor Inkscape PCX File Parsing Out-Of-Bound Read Information Disclosure Vulnerability |
| ZDI-22-484 |
ZDI-CAN-15206 |
Bitdefender |
CVE-2021-4199 |
7.8 |
March 9, 2022 |
|
Bitdefender Total Security Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-483 |
ZDI-CAN-15197 |
Bitdefender |
CVE-2021-4198 |
6.1 |
March 9, 2022 |
|
Bitdefender Total Security Link Following Denial-of-Service Vulnerability |
| ZDI-22-482 |
ZDI-CAN-15560 |
Autodesk |
CVE-2021-27036 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-481 |
ZDI-CAN-15561 |
Autodesk |
CVE-2021-27035 |
3.3 |
March 7, 2022 |
|
Autodesk AutoCAD TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-480 |
ZDI-CAN-15562 |
Autodesk |
CVE-2021-27035 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD PCX File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-479 |
ZDI-CAN-15563 |
Autodesk |
CVE-2021-27036 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD PICT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-478 |
ZDI-CAN-15565 |
Autodesk |
CVE-2021-27041 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-477 |
ZDI-CAN-15566 |
Autodesk |
CVE-2022-25789 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD DWFX File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-476 |
ZDI-CAN-15567 |
Autodesk |
CVE-2022-25792 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD DWF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-475 |
ZDI-CAN-15568 |
Autodesk |
CVE-2022-25790 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-474 |
ZDI-CAN-15569 |
Autodesk |
CVE-2021-40160 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-473 |
ZDI-CAN-15570 |
Autodesk |
CVE-2021-27040 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-472 |
ZDI-CAN-15576 |
Autodesk |
CVE-2022-25795 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD PDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-471 |
ZDI-CAN-15577 |
Autodesk |
CVE-2022-25789 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD 3DS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-470 |
ZDI-CAN-15578 |
Autodesk |
CVE-2021-27043 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-469 |
ZDI-CAN-15579 |
Autodesk |
CVE-2022-25795 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD PDF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-468 |
ZDI-CAN-15614 |
Autodesk |
CVE-2022-25795 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD PDF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-467 |
ZDI-CAN-15615 |
Autodesk |
CVE-2022-25795 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD PDF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-466 |
ZDI-CAN-15616 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-465 |
ZDI-CAN-15552 |
Autodesk |
CVE-2022-25789 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD DWF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-464 |
ZDI-CAN-15553 |
Autodesk |
CVE-2022-25791 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD DWF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-463 |
ZDI-CAN-15554 |
Autodesk |
CVE-2022-25790 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-462 |
ZDI-CAN-15555 |
Autodesk |
CVE-2021-27036 |
3.3 |
March 7, 2022 |
|
Autodesk AutoCAD PICT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-461 |
ZDI-CAN-15556 |
Autodesk |
CVE-2022-25789 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD PICT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-460 |
ZDI-CAN-15557 |
Autodesk |
CVE-2022-25792 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD PICT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-459 |
ZDI-CAN-15558 |
Autodesk |
CVE-2021-27037 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD TIF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-458 |
ZDI-CAN-15559 |
Autodesk |
CVE-2021-27036 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD PICT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-457 |
ZDI-CAN-15273 |
Autodesk |
CVE-2021-27036 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-456 |
ZDI-CAN-15298 |
Autodesk |
CVE-2021-27036 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-455 |
ZDI-CAN-15618 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-454 |
ZDI-CAN-15619 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-453 |
ZDI-CAN-15620 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-452 |
ZDI-CAN-15617 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-451 |
ZDI-CAN-15622 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-450 |
ZDI-CAN-15621 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-449 |
ZDI-CAN-15623 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-448 |
ZDI-CAN-15657 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-447 |
ZDI-CAN-15656 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-446 |
ZDI-CAN-15625 |
Autodesk |
CVE-2021-27042 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-445 |
ZDI-CAN-15661 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-444 |
ZDI-CAN-15659 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-443 |
ZDI-CAN-15660 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-442 |
ZDI-CAN-15658 |
Autodesk |
CVE-2022-25788 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-441 |
ZDI-CAN-15624 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-440 |
ZDI-CAN-14854 |
Fatek Automation |
CVE-2022-23985 |
7.8 |
March 7, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-439 |
ZDI-CAN-14858 |
Fatek Automation |
CVE-2022-21209 |
7.8 |
March 7, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-438 |
ZDI-CAN-14855 |
Fatek Automation |
CVE-2022-23985 |
7.8 |
March 7, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-437 |
ZDI-CAN-14852 |
Fatek Automation |
CVE-2022-23985 |
7.8 |
March 7, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-436 |
ZDI-CAN-14853 |
Fatek Automation |
CVE-2022-21209 |
7.8 |
March 7, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-435 |
ZDI-CAN-14591 |
Fatek Automation |
CVE-2022-21209 |
7.8 |
March 7, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-434 |
ZDI-CAN-14802 |
Fatek Automation |
CVE-2022-23985 |
7.8 |
March 7, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-433 |
ZDI-CAN-14800 |
Fatek Automation |
CVE-2022-23985 |
7.8 |
March 7, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-432 |
ZDI-CAN-14797 |
Fatek Automation |
CVE-2022-23985 |
7.8 |
March 7, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-431 |
ZDI-CAN-14233 |
Kaspersky |
CVE-2021-35053 |
6.1 |
March 3, 2022 |
March 4, 2022 |
Kaspersky Total Security Link Following Denial-of-Service Vulnerability |
| ZDI-22-430 |
ZDI-CAN-15141 |
Adobe |
CVE-2021-42734 |
3.3 |
March 2, 2022 |
|
Adobe Photoshop TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-429 |
ZDI-CAN-15246 |
Adobe |
CVE-2021-39865 |
3.3 |
March 2, 2022 |
|
Adobe FrameMaker TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-428 |
ZDI-CAN-14533 |
Microsoft |
|
5.3 |
March 1, 2022 |
|
(0Day) Microsoft Visual Studio Link Following Denial-of-Service Vulnerability |
| ZDI-22-427 |
ZDI-CAN-14534 |
Microsoft |
|
5.3 |
March 1, 2022 |
|
(0Day) Microsoft Visual Studio Link Following Denial-of-Service Vulnerability |
| ZDI-22-426 |
ZDI-CAN-14528 |
Microsoft |
|
6.1 |
March 1, 2022 |
|
(0Day) Microsoft .NET Link Following Denial-of-Service Vulnerability |
| ZDI-22-425 |
ZDI-CAN-14586 |
Microsoft |
|
5.3 |
March 1, 2022 |
|
(0Day) Microsoft Visual Studio Link Following Denial-of-Service Vulnerability |
| ZDI-22-424 |
ZDI-CAN-15581 |
Delta Industrial Automation |
|
7.5 |
March 1, 2022 |
March 30, 2022 |
(0Day) Delta Industrial Automation DIAEnergie AM_Handler SQL Injection Information Disclosure Vulnerability |
| ZDI-22-423 |
ZDI-CAN-15580 |
Delta Industrial Automation |
|
9.8 |
March 1, 2022 |
March 30, 2022 |
(0Day) Delta Industrial Automation DIAEnergie HandlerPage_KID Arbitrary File Upload Remote Code Execution Vulnerability |
| ZDI-22-422 |
ZDI-CAN-15202 |
Delta Industrial Automation |
CVE-2022-1404 |
7.8 |
March 1, 2022 |
May 10, 2022 |
(0Day) Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-421 |
ZDI-CAN-15201 |
Delta Industrial Automation |
CVE-2022-1404 |
3.3 |
March 1, 2022 |
May 10, 2022 |
(0Day) Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-420 |
ZDI-CAN-15946 |
Cisco |
CVE-2022-20702 |
7.0 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 utility-ping-request Insecure Temporary File Local Privilege Escalation Vulnerability |
| ZDI-22-419 |
ZDI-CAN-15940 |
Cisco |
CVE-2022-20707 |
7.8 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 JSON RPC file-copy Command Injection Local Privilege Escalation Vulnerability |
| ZDI-22-418 |
ZDI-CAN-15774 |
Cisco |
CVE-2022-20706 |
9.8 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 Plug and Play Command Injection Remote Code Execution Vulnerability |
| ZDI-22-417 |
ZDI-CAN-15893 |
Cisco |
CVE-2022-20708 |
6.8 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 update-clients Command Injection Remote Code Execution Vulnerability |
| ZDI-22-416 |
ZDI-CAN-15892 |
Cisco |
CVE-2022-20709, CVE-2022-20711 |
6.3 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 NGINX Missing Authentication Information Disclosure Vulnerability |
| ZDI-22-415 |
ZDI-CAN-15848 |
Cisco |
CVE-2022-20705 |
6.5 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 NGINX Improper Authentication Unrestricted File Upload Vulnerability |
| ZDI-22-414 |
ZDI-CAN-15784 |
Cisco |
CVE-2022-20699 |
9.8 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 SSLVPN Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-413 |
ZDI-CAN-15810 |
Cisco |
CVE-2022-20703, CVE-2022-20704 |
7.1 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 Firmware Update Improper Certificate Validation Remote Code Execution Vulnerability |
| ZDI-22-412 |
ZDI-CAN-15886 |
Cisco |
CVE-2022-20701 |
7.8 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 confd_cli Unnecessary Privileges Local Privilege Escalation Vulnerability |
| ZDI-22-411 |
ZDI-CAN-15883 |
Cisco |
CVE-2022-20707 |
4.3 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 upload.cgi JSON Command Injection Privilege Escalation Vulnerability |
| ZDI-22-410 |
ZDI-CAN-15882 |
Cisco |
CVE-2022-20705 |
8.8 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 upload.cgi sessionid Improper Input Validation Authentication Bypass Vulnerability |
| ZDI-22-409 |
ZDI-CAN-15610 |
Cisco |
CVE-2022-20705, CVE-2022-20707 |
8.8 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 NGINX sessionid Directory Traversal Authentication Bypass Vulnerability |
| ZDI-22-408 |
ZDI-CAN-15611 |
Cisco |
CVE-2022-20703 |
8.8 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 Firmware Update Missing Integrity Check Remote Code Execution Vulnerability |
| ZDI-22-407 |
ZDI-CAN-13993 |
TP-Link |
CVE-2022-0650 |
6.8 |
Feb. 22, 2022 |
|
TP-Link TL-WR940N httpd newBridgessid Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-406 |
ZDI-CAN-13992 |
TP-Link |
CVE-2022-24973 |
6.8 |
Feb. 22, 2022 |
|
TP-Link TL-WR940N httpd ssid1 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-405 |
ZDI-CAN-13911 |
TP-Link |
CVE-2022-24972 |
6.5 |
Feb. 22, 2022 |
|
TP-Link TL-WR940N httpd Improper Access Control Information Disclosure Vulnerability |
| ZDI-22-404 |
ZDI-CAN-14724 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing Trend Tag WordAddr1 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-403 |
ZDI-CAN-14723 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing XY Tag WordAddr4 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-402 |
ZDI-CAN-14721 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing Trend Tag WordAddr2 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-401 |
ZDI-CAN-14713 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing Alarm Tag WordAddr9 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-400 |
ZDI-CAN-14711 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing Alarm Tag WordAddr9 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-399 |
ZDI-CAN-14710 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing Extra Tag WordAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-398 |
ZDI-CAN-14709 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing Alarm Tag bitaddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-397 |
ZDI-CAN-14707 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing Extra Tag bitaddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-396 |
ZDI-CAN-14706 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing Alarm Tag WordAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-395 |
ZDI-CAN-14705 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing Disc Tag WordAddr4 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-394 |
ZDI-CAN-14704 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing Disc Tag WordAddr3 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-393 |
ZDI-CAN-14703 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP FIle Parsing Disc Tag WordAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-392 |
ZDI-CAN-14702 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing Disc Tag WordAddr1 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-391 |
ZDI-CAN-14701 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing Disc Tag WordAddr2 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-390 |
ZDI-CAN-14700 |
WECON |
|
7.8 |
Feb. 22, 2022 |
Feb. 22, 2022 |
(0Day) WECON LeviStudioU UMP File Parsing Trend Tag WordAddr4 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-389 |
ZDI-CAN-13990 |
Fuji Electric |
CVE-2022-21228 |
7.8 |
Feb. 22, 2022 |
March 23, 2022 |
(0Day) Fuji Electric Alpha5 Servo Operator C5P File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-388 |
ZDI-CAN-13938 |
Fuji Electric |
CVE-2022-21202 |
3.3 |
March 23, 2022 |
March 23, 2022 |
(0Day) Fuji Electric Alpha5 Servo Operator C5P File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-387 |
ZDI-CAN-13876 |
Fuji Electric |
CVE-2022-21168 |
3.3 |
Feb. 22, 2022 |
March 23, 2022 |
(0Day) Fuji Electric Alpha5 C5V File Parsing Uninitialized Pointer Information Disclosure Vulnerability |
| ZDI-22-386 |
ZDI-CAN-14969 |
Parallels |
CVE-2021-34987 |
8.2 |
Feb. 18, 2022 |
|
Parallels Desktop HDAudio Buffer Overflow Local Privilege Escalation Vulnerability |
| ZDI-22-385 |
ZDI-CAN-13932 |
Parallels |
CVE-2021-34986 |
7.8 |
Feb. 18, 2022 |
|
Parallels Desktop Service Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-22-384 |
ZDI-CAN-15731 |
Microsoft |
CVE-2022-21988 |
7.0 |
Feb. 18, 2022 |
|
Microsoft Office Visio EMF EMR_DELETEOBJECT Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-383 |
ZDI-CAN-15585 |
Microsoft |
CVE-2022-22716 |
2.5 |
Feb. 18, 2022 |
|
Microsoft Office Excel XLS File Parsing Untrusted Pointer Dereference Information Disclosure Vulnerability |
| ZDI-22-382 |
ZDI-CAN-15982 |
Lexmark |
CVE-2021-44738 |
8.8 |
Feb. 18, 2022 |
|
Lexmark MC3224i PostScript Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-381 |
ZDI-CAN-14886 |
Microsoft |
|
6.5 |
Feb. 18, 2022 |
|
Microsoft Outlook for Mac Hyperlink UI Misrepresentation Vulnerability |
| ZDI-22-380 |
ZDI-CAN-15916 |
Samsung |
|
4.6 |
Feb. 18, 2022 |
|
(Pwn2Own) Samsung Galaxy S21 Improper Error Handling Remote Code Execution Vulnerability |
| ZDI-22-379 |
ZDI-CAN-15871 |
Samsung |
|
8.8 |
Feb. 18, 2022 |
|
(Pwn2Own) Samsung Galaxy S21 Open Redirect Remote Code Execution Vulnerability |
| ZDI-22-378 |
ZDI-CAN-14059 |
ICONICS |
CVE-2021-27040 |
3.3 |
Feb. 18, 2022 |
|
ICONICS GENESIS64 DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-377 |
ZDI-CAN-13835 |
Apple |
CVE-2021-30771 |
7.8 |
Feb. 16, 2022 |
|
Apple macOS libFontParser TTF Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-376 |
ZDI-CAN-15254 |
Adobe |
CVE-2022-23200 |
7.8 |
Feb. 16, 2022 |
|
Adobe After Effects 3GP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-375 |
ZDI-CAN-13664 |
SolarWinds |
CVE-2021-35244 |
8.8 |
Feb. 16, 2022 |
|
SolarWinds Orion Platform Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-22-374 |
ZDI-CAN-14204 |
Omron |
CVE-2022-21137 |
7.8 |
Feb. 16, 2022 |
|
Omron CX-One FLN File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-373 |
ZDI-CAN-14038 |
Omron |
CVE-2022-21137 |
7.8 |
Feb. 16, 2022 |
|
Omron CX-One SDD File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-372 |
ZDI-CAN-15047 |
Trend Micro |
CVE-2022-24678 |
5.3 |
Feb. 16, 2022 |
|
Trend Micro Apex One Security Agent Resource Exhaustion Denial-of-Service Vulnerability |
| ZDI-22-371 |
ZDI-CAN-14998 |
Trend Micro |
CVE-2022-24671 |
7.8 |
Feb. 16, 2022 |
|
Trend Micro Antivirus for Mac Link Following Privilege Escalation Vulnerability |
| ZDI-22-370 |
ZDI-CAN-14926 |
Trend Micro |
CVE-2022-24679 |
7.8 |
Feb. 16, 2022 |
|
Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-369 |
ZDI-CAN-14815 |
Trend Micro |
CVE-2022-24680 |
7.8 |
Feb. 16, 2022 |
|
Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-368 |
ZDI-CAN-16192 |
MariaDB |
CVE-2022-24048 |
7.0 |
Feb. 16, 2022 |
|
MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-22-367 |
ZDI-CAN-16190 |
MariaDB |
CVE-2022-24052 |
7.0 |
Feb. 16, 2022 |
|
MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-22-366 |
ZDI-CAN-16209 |
MariaDB |
CVE-2022-24052 |
7.0 |
Feb. 16, 2022 |
|
MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-22-365 |
ZDI-CAN-16208 |
MariaDB |
CVE-2022-24051 |
7.0 |
Feb. 16, 2022 |
|
MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability |
| ZDI-22-364 |
ZDI-CAN-16207 |
MariaDB |
CVE-2022-24050 |
7.0 |
Feb. 16, 2022 |
|
MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vulnerability |
| ZDI-22-363 |
ZDI-CAN-16191 |
MariaDB |
CVE-2022-24048 |
7.0 |
Feb. 16, 2022 |
|
MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-22-362 |
ZDI-CAN-14621 |
Linux |
|
8.8 |
Feb. 16, 2022 |
|
Linux Kernel io_uring Use-After-Free Privilege Escalation Vulnerability |
| ZDI-22-361 |
ZDI-CAN-15639 |
Apple |
CVE-2022-22579 |
3.3 |
Feb. 16, 2022 |
|
Apple macOS ModelIO STL File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-360 |
ZDI-CAN-15320 |
Apple |
CVE-2021-30995 |
7.8 |
Feb. 16, 2022 |
|
Apple macOS fclonefileat Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-22-359 |
ZDI-CAN-15199 |
Apple |
CVE-2021-30939 |
3.3 |
Feb. 16, 2022 |
|
Apple macOS ImageIO DDS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-358 |
ZDI-CAN-15171 |
Apple |
CVE-2021-30979 |
7.8 |
Feb. 16, 2022 |
|
Apple macOS ModelIO ABC File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-357 |
ZDI-CAN-14385 |
Apple |
CVE-2021-30919 |
7.8 |
Feb. 16, 2022 |
|
Apple macOS CoreGraphics PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-356 |
ZDI-CAN-14515 |
Apple |
CVE-2021-30928 |
3.3 |
Feb. 16, 2022 |
|
Apple macOS CoreGraphics PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-355 |
ZDI-CAN-14040 |
Apple |
CVE-2021-30832 |
7.8 |
Feb. 16, 2022 |
|
Apple macOS CVMServer Use-After-Free Privilege Escalation Vulnerability |
| ZDI-22-354 |
ZDI-CAN-13804 |
Apple |
CVE-2021-30825 |
3.3 |
Feb. 16, 2022 |
|
Apple macOS CoreML MLMODEL File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-353 |
ZDI-CAN-13806 |
Apple |
CVE-2021-30785 |
7.8 |
Feb. 16, 2022 |
|
Apple macOS ImageIO PICT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-352 |
ZDI-CAN-16027 |
Microsoft |
CVE-2022-22005 |
8.8 |
Feb. 15, 2022 |
|
Microsoft SharePoint Chart Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-351 |
ZDI-CAN-16187 |
Foxit |
CVE-2022-24908 |
7.8 |
Feb. 15, 2022 |
|
Foxit PDF Reader JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-350 |
ZDI-CAN-16186 |
Foxit |
CVE-2022-24907 |
7.8 |
Feb. 15, 2022 |
|
Foxit PDF Reader JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-349 |
ZDI-CAN-15859 |
Western Digital |
CVE-2022-22994 |
8.8 |
Feb. 15, 2022 |
|
(Pwn2Own) Western Digital My Cloud Pro Series PR4100 ConnectivityService Insufficient Verification of Data Authenticity Remote Code Execution Vulnerability |
| ZDI-22-348 |
ZDI-CAN-15889 |
Western Digital |
CVE-2022-22993 |
8.0 |
Feb. 15, 2022 |
|
(Pwn2Own) Western Digital MyCloud PR4100 cgi_api Server-Side Request Forgery Privilege Escalation Vulnerability |
| ZDI-22-347 |
ZDI-CAN-15888 |
Western Digital |
CVE-2022-22990 |
6.3 |
Feb. 15, 2022 |
|
(Pwn2Own) Western Digital MyCloud PR4100 nasAdmin Authentication Bypass Vulnerability |
| ZDI-22-346 |
ZDI-CAN-15804 |
Western Digital |
|
8.8 |
Feb. 15, 2022 |
|
(Pwn2Own) Western Digital MyCloud PR4100 samba Configuration Remote Code Execution Vulnerability |
| ZDI-22-345 |
ZDI-CAN-14408 |
WECON |
|
7.8 |
Feb. 15, 2022 |
Feb. 17, 2022 |
(0Day) WECON LeviStudioU UMP File Parsing XY Tag WordAddr10 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-344 |
ZDI-CAN-14410 |
WECON |
|
7.8 |
Feb. 15, 2022 |
Feb. 17, 2022 |
(0Day) WECON LeviStudioU UMP File Parsing Trend Tag WordAddr8 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-343 |
ZDI-CAN-15245 |
Adobe |
CVE-2022-23200 |
3.3 |
Feb. 15, 2022 |
|
Adobe FrameMaker PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-342 |
ZDI-CAN-15277 |
Adobe |
CVE-2022-23204 |
3.3 |
Feb. 15, 2022 |
|
Adobe Premiere Rush JPEG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-341 |
ZDI-CAN-14619 |
DevExpress |
CVE-2021-36483 |
8.8 |
Feb. 15, 2022 |
March 10, 2022 |
DevExpress SafeBinaryFormatter Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-340 |
ZDI-CAN-15112 |
Siemens |
CVE-2021-44018 |
7.8 |
Feb. 15, 2022 |
|
Siemens JT2Go PAR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-339 |
ZDI-CAN-15113 |
Siemens |
CVE-2021-38405 |
3.3 |
Feb. 15, 2022 |
|
Siemens JT2Go PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-338 |
ZDI-CAN-15110 |
Siemens |
CVE-2021-44016 |
7.8 |
Feb. 15, 2022 |
|
Siemens JT2Go PAR File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-337 |
ZDI-CAN-15108 |
Siemens |
CVE-2021-38405 |
3.3 |
Feb. 15, 2022 |
|
Siemens JT2Go PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-336 |
ZDI-CAN-15106 |
Siemens |
CVE-2021-38405 |
7.8 |
Feb. 15, 2022 |
|
Siemens JT2Go PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-335 |
ZDI-CAN-15053 |
Siemens |
CVE-2021-44000 |
7.8 |
Feb. 15, 2022 |
|
Siemens JT2Go PAR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-334 |
ZDI-CAN-15107 |
Siemens |
CVE-2021-43336 |
7.8 |
Feb. 15, 2022 |
|
Siemens JT2Go DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-333 |
ZDI-CAN-15820 |
Lexmark |
CVE-2021-44737 |
8.8 |
Feb. 15, 2022 |
|
(Pwn2Own) Lexmark MC3224i PJL Exposed Dangerous Function Remote Code Execution Vulnerability |
| ZDI-22-332 |
ZDI-CAN-15844 |
Lexmark |
CVE-2021-44734 |
8.8 |
Feb. 15, 2022 |
|
(Pwn2Own) Lexmark MC3224i Web Configuration File Code Injection Remote Code Execution Vulnerability |
| ZDI-22-331 |
ZDI-CAN-15800 |
Lexmark |
CVE-2021-44736 |
9.6 |
Feb. 15, 2022 |
|
(Pwn2Own) Lexmark MC3224i Unprotected API Remote Code Execution Vulnerability |
| ZDI-22-330 |
ZDI-CAN-15894 |
Lexmark |
CVE-2021-44735 |
5.5 |
Feb. 15, 2022 |
|
(Pwn2Own) Lexmark MC3224i Command Injection Remote Code Execution Vulnerability |
| ZDI-22-329 |
ZDI-CAN-15895 |
Lexmark |
CVE-2021-44735 |
7.8 |
Feb. 15, 2022 |
|
(Pwn2Own) Lexmark MC3224i setuid Local Privilege Escalation Vulnerability |
| ZDI-22-328 |
ZDI-CAN-15924 |
Lexmark |
CVE-2021-44738 |
8.8 |
Feb. 15, 2022 |
|
(Pwn2Own) Lexmark MC3224i PostScript Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-327 |
ZDI-CAN-15925 |
Lexmark |
CVE-2021-44738 |
7.1 |
Feb. 15, 2022 |
|
(Pwn2Own) Lexmark MC3224i pagemaker Insufficient Session Expiration Local Privilege Escalation Vulnerability |
| ZDI-22-326 |
ZDI-CAN-15927 |
Lexmark |
CVE-2021-44735 |
7.8 |
Feb. 15, 2022 |
|
(Pwn2Own) Lexmark MC3224i setuid Local Privilege Escalation Vulnerability |
| ZDI-22-325 |
ZDI-CAN-15198 |
Schneider Electric |
CVE-2022-24313 |
9.8 |
Feb. 11, 2022 |
Feb. 16, 2022 |
Schneider Electric IGSS IGSSDataServer Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-324 |
ZDI-CAN-15193 |
Schneider Electric |
CVE-2022-24317 |
5.3 |
Feb. 11, 2022 |
Feb. 16, 2022 |
Schneider Electric IGSS Missing Authentication Information Disclosure Vulnerability |
| ZDI-22-323 |
ZDI-CAN-15119 |
Schneider Electric |
CVE-2022-24316 |
5.3 |
Feb. 11, 2022 |
Feb. 16, 2022 |
Schneider Electric IGSS IGSSdataServer Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-22-322 |
ZDI-CAN-15118 |
Schneider Electric |
CVE-2022-24315 |
7.5 |
Feb. 11, 2022 |
Feb. 16, 2022 |
Schneider Electric IGSS Out-Of-Bounds Read Denial-of-Service Vulnerability |
| ZDI-22-321 |
ZDI-CAN-14943 |
Schneider Electric |
CVE-2022-24312 |
9.8 |
Feb. 11, 2022 |
Feb. 16, 2022 |
Schneider Electric IGSS IGSSdataServer Directory Traversal Remote Code Execution Vulnerability |
| ZDI-22-320 |
ZDI-CAN-14942 |
Schneider Electric |
CVE-2022-24311 |
9.8 |
Feb. 11, 2022 |
Feb. 16, 2022 |
Schneider Electric IGSS IGSSdataServer Directory Traversal Remote Code Execution Vulnerability |
| ZDI-22-319 |
ZDI-CAN-15812 |
Foxit |
CVE-2022-24971 |
7.8 |
Feb. 11, 2022 |
|
Foxit PDF Reader JPEG2000 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-318 |
ZDI-CAN-16193 |
MariaDB |
CVE-2022-24051 |
7.0 |
Feb. 11, 2022 |
|
MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability |
| ZDI-22-317 |
ZDI-CAN-15296 |
Microsoft |
CVE-2022-22002 |
6.1 |
Feb. 11, 2022 |
|
Microsoft Windows User Profile Picture Link Following Denial-of-Service Vulnerability |
| ZDI-22-316 |
ZDI-CAN-15302 |
Siemens |
CVE-2021-46161 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-315 |
ZDI-CAN-15286 |
Siemens |
CVE-2021-46160 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-314 |
ZDI-CAN-15050 |
Siemens |
CVE-2021-46159 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-313 |
ZDI-CAN-15602 |
Siemens |
CVE-2021-46158 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-312 |
ZDI-CAN-15289 |
Siemens |
CVE-2021-46158 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-311 |
ZDI-CAN-15085 |
Siemens |
CVE-2021-46158 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-310 |
ZDI-CAN-14757 |
Siemens |
CVE-2021-46157 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-309 |
ZDI-CAN-14684 |
Siemens |
CVE-2021-46156 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-308 |
ZDI-CAN-15593 |
Siemens |
CVE-2021-46155 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-307 |
ZDI-CAN-15303 |
Siemens |
CVE-2021-46155 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-306 |
ZDI-CAN-15283 |
Siemens |
CVE-2021-46155 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-305 |
ZDI-CAN-14683 |
Siemens |
CVE-2021-46155 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-304 |
ZDI-CAN-15304 |
Siemens |
CVE-2021-46154 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-303 |
ZDI-CAN-15084 |
Siemens |
CVE-2021-46154 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-302 |
ZDI-CAN-14679 |
Siemens |
CVE-2021-46154 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-22-301 |
ZDI-CAN-14646 |
Siemens |
CVE-2021-46154 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-300 |
ZDI-CAN-15599 |
Siemens |
CVE-2021-46153 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-299 |
ZDI-CAN-15589 |
Siemens |
CVE-2021-46153 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-298 |
ZDI-CAN-15305 |
Siemens |
CVE-2021-46153 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-297 |
ZDI-CAN-14645 |
Siemens |
CVE-2021-46153 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-296 |
ZDI-CAN-15183 |
Siemens |
CVE-2021-46152 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-295 |
ZDI-CAN-14755 |
Siemens |
CVE-2021-46152 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-22-294 |
ZDI-CAN-14644 |
Siemens |
CVE-2021-46152 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-22-293 |
ZDI-CAN-14643 |
Siemens |
CVE-2021-46152 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-22-292 |
ZDI-CAN-14754 |
Siemens |
CVE-2021-46151 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-291 |
ZDI-CAN-15082 |
Siemens |
CVE-2021-46151 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-290 |
ZDI-CAN-14618 |
BMC |
CVE-2022-24047 |
5.3 |
Feb. 10, 2022 |
Feb. 11, 2022 |
BMC Track-It! HTTP Module Improper Access Control Authentication Bypass Vulnerability |
| ZDI-22-289 |
ZDI-CAN-15668 |
Autodesk |
CVE-2021-40159 |
7.8 |
Feb. 10, 2022 |
|
Autodesk Inventor JT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-288 |
ZDI-CAN-15667 |
Autodesk |
CVE-2021-40158 |
7.8 |
Feb. 10, 2022 |
|
Autodesk Inventor JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-287 |
ZDI-CAN-15666 |
Autodesk |
CVE-2021-40158 |
7.8 |
Feb. 10, 2022 |
|
Autodesk Inventor JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-286 |
ZDI-CAN-15665 |
Autodesk |
CVE-2021-40158 |
7.8 |
Feb. 10, 2022 |
|
Autodesk Inventor JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-285 |
ZDI-CAN-15664 |
Autodesk |
CVE-2021-40158 |
7.8 |
Feb. 10, 2022 |
|
Autodesk Inventor JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-284 |
ZDI-CAN-15670 |
Autodesk |
CVE-2021-40158 |
7.8 |
Feb. 10, 2022 |
|
Autodesk Inventor JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-283 |
ZDI-CAN-15669 |
Autodesk |
CVE-2021-40158 |
7.8 |
Feb. 10, 2022 |
|
Autodesk Inventor JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-282 |
ZDI-CAN-15671 |
Autodesk |
CVE-2021-40159 |
7.8 |
Feb. 10, 2022 |
|
Autodesk Inventor JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-281 |
ZDI-CAN-15675 |
Autodesk |
CVE-2021-40158 |
7.8 |
Feb. 10, 2022 |
|
Autodesk Inventor JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-280 |
ZDI-CAN-16087 |
Foxit |
CVE-2022-24369 |
7.8 |
Feb. 10, 2022 |
Feb. 18, 2022 |
Foxit PDF Reader JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-279 |
ZDI-CAN-16115 |
Foxit |
CVE-2022-24368 |
3.3 |
Feb. 10, 2022 |
Feb. 18, 2022 |
Foxit PDF Reader Doc Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-278 |
ZDI-CAN-15877 |
Foxit |
CVE-2022-24367 |
7.8 |
Feb. 10, 2022 |
Feb. 18, 2022 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-277 |
ZDI-CAN-15853 |
Foxit |
CVE-2022-24366 |
7.8 |
Feb. 10, 2022 |
Feb. 18, 2022 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-276 |
ZDI-CAN-15852 |
Foxit |
CVE-2022-24365 |
7.8 |
Feb. 10, 2022 |
Feb. 18, 2022 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-275 |
ZDI-CAN-15851 |
Foxit |
CVE-2022-24364 |
7.8 |
Feb. 10, 2022 |
Feb. 18, 2022 |
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-274 |
ZDI-CAN-15861 |
Foxit |
CVE-2022-24363 |
7.8 |
Feb. 10, 2022 |
Feb. 18, 2022 |
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-273 |
ZDI-CAN-15987 |
Foxit |
CVE-2022-24362 |
7.8 |
Feb. 10, 2022 |
Feb. 18, 2022 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-272 |
ZDI-CAN-15811 |
Foxit |
CVE-2022-24361 |
7.8 |
Feb. 10, 2022 |
Feb. 18, 2022 |
Foxit PDF Reader JPG2000 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-271 |
ZDI-CAN-15744 |
Foxit |
CVE-2022-24360 |
7.8 |
Feb. 10, 2022 |
Feb. 18, 2022 |
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-270 |
ZDI-CAN-15702 |
Foxit |
CVE-2022-24359 |
7.8 |
Feb. 10, 2022 |
Feb. 18, 2022 |
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-269 |
ZDI-CAN-15703 |
Foxit |
CVE-2022-24358 |
7.8 |
Feb. 10, 2022 |
|
Foxit PDF Reader Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-268 |
ZDI-CAN-15743 |
Foxit |
CVE-2022-24357 |
7.8 |
Feb. 10, 2022 |
|
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-267 |
ZDI-CAN-14848 |
Foxit |
CVE-2022-24356 |
7.8 |
Feb. 10, 2022 |
|
Foxit PDF Reader OnMouseExit Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-266 |
ZDI-CAN-14819 |
Foxit |
CVE-2022-24370 |
3.3 |
Feb. 10, 2022 |
|
Foxit PDF Reader XFA Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-265 |
ZDI-CAN-13910 |
TP-Link |
CVE-2022-24355 |
8.8 |
Feb. 10, 2022 |
|
TP-Link TL-WR940N httpd httpRpmFs Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-264 |
ZDI-CAN-15835 |
TP-Link |
CVE-2022-24354 |
8.8 |
Feb. 10, 2022 |
|
TP-Link AC1750 NetUSB Integer Overflow Remote Code Execution Vulnerability |
| ZDI-22-263 |
ZDI-CAN-15769 |
TP-Link |
CVE-2022-24353 |
8.8 |
Feb. 10, 2022 |
|
(Pwn2Own) TP-Link AC1750 NetUSB Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-262 |
ZDI-CAN-15773 |
TP-Link |
CVE-2022-24352 |
8.8 |
Feb. 10, 2022 |
|
(Pwn2Own) TP-Link AC1750 NetUSB Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-261 |
ZDI-CAN-15798 |
Sonos |
CVE-2022-24049 |
9.8 |
Feb. 10, 2022 |
Feb. 14, 2022 |
(Pwn2Own) Sonos One Speaker ALAC Frame Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-260 |
ZDI-CAN-15828 |
Sonos |
CVE-2022-24046 |
9.8 |
Feb. 10, 2022 |
Feb. 14, 2022 |
(Pwn2Own) Sonos One Speaker Integer Underflow Remote Code Execution Vulnerability |
| ZDI-22-259 |
ZDI-CAN-12966 |
Advantech |
CVE-2021-38389 |
9.8 |
Feb. 2, 2022 |
|
Advantech WebAccess IOCTL 0x1138B Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-258 |
ZDI-CAN-12944 |
Advantech |
CVE-2021-33023 |
9.8 |
Feb. 2, 2022 |
|
Advantech WebAccess IOCTL 0x2722 Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-257 |
ZDI-CAN-12942 |
Advantech |
CVE-2021-33023 |
9.8 |
Feb. 2, 2022 |
|
Advantech WebAccess IOCTL 0x2722 Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-256 |
ZDI-CAN-15161 |
Sante |
CVE-2022-24064 |
7.8 |
Feb. 2, 2022 |
|
Sante DICOM Viewer Pro J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-255 |
ZDI-CAN-15105 |
Sante |
CVE-2022-24063 |
7.8 |
Feb. 2, 2022 |
|
Sante DICOM Viewer Pro JP2 File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-254 |
ZDI-CAN-15104 |
Sante |
CVE-2022-24062 |
7.8 |
Feb. 2, 2022 |
|
Sante DICOM Viewer Pro JP2 File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-253 |
ZDI-CAN-15100 |
Sante |
CVE-2022-24061 |
3.3 |
Feb. 2, 2022 |
|
Sante DICOM Viewer Pro DCM File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-252 |
ZDI-CAN-15099 |
Sante |
CVE-2022-24060 |
3.3 |
Feb. 2, 2022 |
|
Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-251 |
ZDI-CAN-15098 |
Sante |
CVE-2022-24059 |
7.8 |
Feb. 2, 2022 |
|
Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-250 |
ZDI-CAN-15095 |
Sante |
CVE-2022-24058 |
7.8 |
Feb. 2, 2022 |
|
Sante DICOM Viewer Pro J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-249 |
ZDI-CAN-15077 |
Sante |
CVE-2022-24057 |
7.8 |
Feb. 2, 2022 |
|
Sante DICOM Viewer Pro J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-248 |
ZDI-CAN-15076 |
Sante |
CVE-2022-24056 |
7.8 |
Feb. 2, 2022 |
|
Sante DICOM Viewer Pro J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-247 |
ZDI-CAN-14972 |
Sante |
CVE-2022-24055 |
3.3 |
Feb. 2, 2022 |
|
Sante DICOM Viewer Pro GIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-246 |
ZDI-CAN-15846 |
Samba |
CVE-2021-44142 |
9.8 |
Feb. 1, 2022 |
Feb. 1, 2022 |
(Pwn2Own) Samba fruit_pwrite Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-245 |
ZDI-CAN-15833 |
Samba |
CVE-2021-44142 |
5.3 |
Feb. 1, 2022 |
Feb. 1, 2022 |
(Pwn2Own) Samba fruit_pread Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-244 |
ZDI-CAN-16156 |
Samba |
CVE-2021-44142 |
9.8 |
Feb. 1, 2022 |
|
Samba AppleDouble Entry Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-243 |
ZDI-CAN-15631 |
Bentley |
CVE-2021-46656 |
7.8 |
Jan. 31, 2022 |
|
Bentley View JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-242 |
ZDI-CAN-15630 |
Bentley |
CVE-2021-46655 |
7.8 |
Jan. 31, 2022 |
|
Bentley View JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-241 |
ZDI-CAN-15540 |
Bentley |
CVE-2021-46654 |
3.3 |
Jan. 31, 2022 |
|
Bentley View DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-240 |
ZDI-CAN-15539 |
Bentley |
CVE-2021-46653 |
7.8 |
Jan. 31, 2022 |
|
Bentley View BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-239 |
ZDI-CAN-15538 |
Bentley |
CVE-2021-46652 |
7.8 |
Jan. 31, 2022 |
|
Bentley View DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-238 |
ZDI-CAN-15537 |
Bentley |
CVE-2021-46651 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-237 |
ZDI-CAN-15536 |
Bentley |
CVE-2021-46650 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-236 |
ZDI-CAN-15535 |
Bentley |
CVE-2021-46649 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-235 |
ZDI-CAN-15534 |
Bentley |
CVE-2021-46648 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-234 |
ZDI-CAN-15533 |
Bentley |
CVE-2021-46647 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-233 |
ZDI-CAN-15532 |
Bentley |
CVE-2021-46646 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-232 |
ZDI-CAN-15531 |
Bentley |
CVE-2021-46645 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-231 |
ZDI-CAN-15530 |
Bentley |
CVE-2021-46644 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-230 |
ZDI-CAN-15515 |
Bentley |
CVE-2021-46643 |
7.8 |
Jan. 31, 2022 |
|
Bentley View DGN File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-229 |
ZDI-CAN-15514 |
Bentley |
CVE-2021-46642 |
3.3 |
Jan. 31, 2022 |
|
Bentley View DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-228 |
ZDI-CAN-15513 |
Bentley |
CVE-2021-46641 |
7.8 |
Jan. 31, 2022 |
|
Bentley View DGN File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-227 |
ZDI-CAN-15512 |
Bentley |
CVE-2021-46640 |
7.8 |
Jan. 31, 2022 |
|
Bentley View DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-226 |
ZDI-CAN-15511 |
Bentley |
CVE-2021-46639 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-225 |
ZDI-CAN-15510 |
Bentley |
CVE-2021-46638 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-224 |
ZDI-CAN-15509 |
Bentley |
CVE-2021-46637 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-223 |
ZDI-CAN-15508 |
Bentley |
CVE-2021-46636 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-222 |
ZDI-CAN-15507 |
Bentley |
CVE-2021-46635 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-221 |
ZDI-CAN-15464 |
Bentley |
CVE-2021-46634 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-220 |
ZDI-CAN-15463 |
Bentley |
CVE-2021-46633 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT PDF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-219 |
ZDI-CAN-15462 |
Bentley |
CVE-2021-46632 |
3.3 |
Jan. 31, 2022 |
|
Bentley View JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-218 |
ZDI-CAN-15461 |
Bentley |
CVE-2021-46631 |
7.8 |
Jan. 31, 2022 |
|
Bentley View TIF File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-22-217 |
ZDI-CAN-15460 |
Bentley |
CVE-2021-46630 |
3.3 |
Jan. 31, 2022 |
|
Bentley View FBX File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-216 |
ZDI-CAN-15459 |
Bentley |
CVE-2021-46629 |
3.3 |
Jan. 31, 2022 |
|
Bentley View BMP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-215 |
ZDI-CAN-15458 |
Bentley |
CVE-2021-46628 |
3.3 |
Jan. 31, 2022 |
|
Bentley View BMP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-214 |
ZDI-CAN-15457 |
Bentley |
CVE-2021-46627 |
7.8 |
Jan. 31, 2022 |
|
Bentley View DXF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-213 |
ZDI-CAN-15456 |
Bentley |
CVE-2021-46626 |
7.8 |
Jan. 31, 2022 |
|
Bentley View J2K File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-212 |
ZDI-CAN-15455 |
Bentley |
CVE-2021-46625 |
7.8 |
Jan. 31, 2022 |
|
Bentley View JT File Parsing Double Free Remote Code Execution Vulnerability |
| ZDI-22-211 |
ZDI-CAN-15454 |
Bentley |
CVE-2021-46624 |
3.3 |
Jan. 31, 2022 |
|
Bentley View DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-210 |
ZDI-CAN-15453 |
Bentley |
CVE-2021-46623 |
3.3 |
Jan. 31, 2022 |
|
Bentley View 3DS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-209 |
ZDI-CAN-15416 |
Bentley |
CVE-2021-46622 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT J2K File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-208 |
ZDI-CAN-15415 |
Bentley |
CVE-2021-46621 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Double Free Remote Code Execution Vulnerability |
| ZDI-22-207 |
ZDI-CAN-15414 |
Bentley |
CVE-2021-46620 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT FBX File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-206 |
ZDI-CAN-15413 |
Bentley |
CVE-2021-46619 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-205 |
ZDI-CAN-15412 |
Bentley |
CVE-2021-46618 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT PNG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-204 |
ZDI-CAN-15411 |
Bentley |
CVE-2021-46617 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT TIF File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-22-203 |
ZDI-CAN-15410 |
Bentley |
CVE-2021-46616 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT BMP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-202 |
ZDI-CAN-15409 |
Bentley |
CVE-2021-46615 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT BMP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-201 |
ZDI-CAN-15408 |
Bentley |
CVE-2021-46614 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT J2K File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-200 |
ZDI-CAN-15407 |
Bentley |
CVE-2021-46613 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DXF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-199 |
ZDI-CAN-15406 |
Bentley |
CVE-2021-46612 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-198 |
ZDI-CAN-15405 |
Bentley |
CVE-2021-46611 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-197 |
ZDI-CAN-15404 |
Bentley |
CVE-2021-46610 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-196 |
ZDI-CAN-15403 |
Bentley |
CVE-2021-46609 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT PDF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-195 |
ZDI-CAN-15402 |
Bentley |
CVE-2021-46608 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-194 |
ZDI-CAN-15401 |
Bentley |
CVE-2021-46607 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT 3DS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-193 |
ZDI-CAN-15400 |
Bentley |
CVE-2021-46606 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-192 |
ZDI-CAN-15399 |
Bentley |
CVE-2021-46605 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-191 |
ZDI-CAN-15398 |
Bentley |
CVE-2021-46604 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT PNG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-190 |
ZDI-CAN-15397 |
Bentley |
CVE-2021-46603 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT J2K File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-189 |
ZDI-CAN-15396 |
Bentley |
CVE-2021-46602 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT 3DS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-188 |
ZDI-CAN-15395 |
Bentley |
CVE-2021-46601 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-187 |
ZDI-CAN-15394 |
Bentley |
CVE-2021-46600 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-186 |
ZDI-CAN-15393 |
Bentley |
CVE-2021-46599 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-185 |
ZDI-CAN-15392 |
Bentley |
CVE-2021-46598 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-184 |
ZDI-CAN-15391 |
Bentley |
CVE-2021-46597 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-183 |
ZDI-CAN-15390 |
Bentley |
CVE-2021-46596 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT OBJ File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-182 |
ZDI-CAN-15389 |
Bentley |
CVE-2021-46595 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT 3DS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-181 |
ZDI-CAN-15388 |
Bentley |
CVE-2021-46594 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-180 |
ZDI-CAN-15387 |
Bentley |
CVE-2021-46593 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-179 |
ZDI-CAN-15386 |
Bentley |
CVE-2021-46592 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT 3DS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-178 |
ZDI-CAN-15385 |
Bentley |
CVE-2021-46591 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-177 |
ZDI-CAN-15384 |
Bentley |
CVE-2021-46590 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-176 |
ZDI-CAN-15383 |
Bentley |
CVE-2021-46589 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-175 |
ZDI-CAN-15382 |
Bentley |
CVE-2021-46588 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-174 |
ZDI-CAN-15381 |
Bentley |
CVE-2021-46587 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT 3DS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-173 |
ZDI-CAN-15380 |
Bentley |
CVE-2021-46586 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT 3DS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-172 |
ZDI-CAN-15379 |
Bentley |
CVE-2021-46585 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-171 |
ZDI-CAN-15378 |
Bentley |
CVE-2021-46584 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-170 |
ZDI-CAN-15377 |
Bentley |
CVE-2021-46583 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-169 |
ZDI-CAN-15376 |
Bentley |
CVE-2021-46582 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JP2 File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-168 |
ZDI-CAN-15375 |
Bentley |
CVE-2021-46581 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-167 |
ZDI-CAN-15374 |
Bentley |
CVE-2021-46580 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-166 |
ZDI-CAN-15373 |
Bentley |
CVE-2021-46579 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-165 |
ZDI-CAN-15372 |
Bentley |
CVE-2021-46578 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-164 |
ZDI-CAN-15371 |
Bentley |
CVE-2021-46577 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-163 |
ZDI-CAN-15370 |
Bentley |
CVE-2021-46576 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-162 |
ZDI-CAN-15369 |
Bentley |
CVE-2021-46575 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-161 |
ZDI-CAN-15368 |
Bentley |
CVE-2021-46574 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-160 |
ZDI-CAN-15367 |
Bentley |
CVE-2021-46573 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-159 |
ZDI-CAN-15366 |
Bentley |
CVE-2021-46572 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-158 |
ZDI-CAN-15365 |
Bentley |
CVE-2021-46571 |
7.8 |
Jan. 31, 2022 |
|
Bentley View JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-157 |
ZDI-CAN-15364 |
Bentley |
CVE-2021-46570 |
7.8 |
Jan. 31, 2022 |
|
Bentley View JT File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-22-156 |
ZDI-CAN-15031 |
Bentley |
CVE-2021-46569 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-155 |
ZDI-CAN-15030 |
Bentley |
CVE-2021-46568 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-154 |
ZDI-CAN-15028 |
Bentley |
CVE-2021-46567 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-153 |
ZDI-CAN-15027 |
Bentley |
CVE-2021-46566 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-22-152 |
ZDI-CAN-15024 |
Bentley |
CVE-2021-46565 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-151 |
ZDI-CAN-15023 |
Bentley |
CVE-2021-46564 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-150 |
ZDI-CAN-14990 |
Bentley |
CVE-2021-46563 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-149 |
ZDI-CAN-14987 |
Bentley |
CVE-2021-46562 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-148 |
ZDI-CAN-14162 |
ESET |
CVE-2021-37852 |
7.0 |
Jan. 31, 2022 |
|
ESET Endpoint Antivirus Unnecessary Privileges Local Privilege Escalation Vulnerability |
| ZDI-22-147 |
ZDI-CAN-13856 |
Trend Micro |
CVE-2022-23805 |
3.3 |
Jan. 31, 2022 |
|
Trend Micro Worry-Free Business Security Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-146 |
ZDI-CAN-14433 |
Esri |
CVE-2021-29117 |
7.8 |
Jan. 31, 2022 |
|
Esri ArcReader PMF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-145 |
ZDI-CAN-14439 |
Esri |
CVE-2021-29118 |
3.3 |
Jan. 31, 2022 |
|
Esri ArcReader PMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-144 |
ZDI-CAN-14267 |
Esri |
CVE-2021-29112 |
3.3 |
Jan. 31, 2022 |
|
Esri ArcReader PMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-143 |
ZDI-CAN-13801 |
Bitdefender |
CVE-2021-3641 |
6.1 |
Jan. 27, 2022 |
|
Bitdefender GravityZone Link Following Denial-of-Service Vulnerability |
| ZDI-22-142 |
ZDI-CAN-14722 |
WECON |
CVE-2021-23138 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU UMP File Parsing Trend Tag WordAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-141 |
ZDI-CAN-14720 |
WECON |
CVE-2021-23138 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU UMP File Parsing Trend Tag WordAddr3 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-140 |
ZDI-CAN-14719 |
WECON |
CVE-2021-23138 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU UMP File Parsing XY Tag WordAddr3 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-139 |
ZDI-CAN-14718 |
WECON |
CVE-2021-23138 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU UMP File Parsing XY Tag WordAddr2 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-138 |
ZDI-CAN-14717 |
WECON |
CVE-2021-23138 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU UMP File Parsing XY Tag WordAddr1 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-137 |
ZDI-CAN-14582 |
WECON |
CVE-2021-23138 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU XML File Parsing Add Tag DigitCount Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-136 |
ZDI-CAN-14581 |
WECON |
CVE-2021-23138 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU XML File Parsing BitAddr Tag ContralAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-135 |
ZDI-CAN-14580 |
WECON |
CVE-2021-23138 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU XML File Parsing Add Tag DstAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-134 |
ZDI-CAN-14579 |
WECON |
CVE-2021-23138 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU XML File Parsing BitAddr Tag ContralAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-133 |
ZDI-CAN-14578 |
WECON |
CVE-2021-23138 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU UMP FIle Parsing HmiSet Tag Type Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-132 |
ZDI-CAN-14584 |
WECON |
CVE-2021-23157 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU UMP File Parsing ScreenInfo Tag ScrnFile Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-131 |
ZDI-CAN-14577 |
WECON |
CVE-2021-23138 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU XML File Parsing Add Tag PLCAddr1 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-130 |
ZDI-CAN-14576 |
WECON |
CVE-2021-23157 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU UMP File Parsing ScreenInfo Tag ScrnName Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-129 |
ZDI-CAN-14575 |
WECON |
CVE-2021-23138 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU UMP File Parsing BaseSet Tag BgOnOffBitAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-128 |
ZDI-CAN-16026 |
Oracle |
CVE-2022-21394 |
6.5 |
Jan. 21, 2022 |
|
Oracle VirtualBox TFTP Server Directory Traversal Information Disclosure Vulnerability |
| ZDI-22-127 |
ZDI-CAN-16120 |
Oracle |
CVE-2022-21380 |
6.5 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability |
| ZDI-22-126 |
ZDI-CAN-15121 |
Oracle |
CVE-2022-21356 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-125 |
ZDI-CAN-15122 |
Oracle |
CVE-2022-21357 |
6.5 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability |
| ZDI-22-124 |
ZDI-CAN-15120 |
Oracle |
CVE-2022-21355 |
6.5 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-123 |
ZDI-CAN-15063 |
Oracle |
CVE-2022-21346 |
7.5 |
Jan. 21, 2022 |
|
Oracle Business Intelligence ReportTemplateService XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-122 |
ZDI-CAN-14524 |
Oracle |
CVE-2022-21337 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-121 |
ZDI-CAN-14523 |
Oracle |
CVE-2022-21336 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-120 |
ZDI-CAN-14522 |
Oracle |
CVE-2022-21335 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-119 |
ZDI-CAN-14521 |
Oracle |
CVE-2022-21334 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-118 |
ZDI-CAN-14520 |
Oracle |
CVE-2022-21333 |
6.5 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability |
| ZDI-22-117 |
ZDI-CAN-14509 |
Oracle |
CVE-2022-21332 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-22-116 |
ZDI-CAN-14507 |
Oracle |
CVE-2022-21331 |
6.5 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability |
| ZDI-22-115 |
ZDI-CAN-14506 |
Oracle |
CVE-2022-21330 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-22-114 |
ZDI-CAN-14505 |
Oracle |
CVE-2022-21329 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-22-113 |
ZDI-CAN-14504 |
Oracle |
CVE-2022-21328 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-22-112 |
ZDI-CAN-14503 |
Oracle |
CVE-2022-21327 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-111 |
ZDI-CAN-14502 |
Oracle |
CVE-2022-21326 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-22-110 |
ZDI-CAN-14501 |
Oracle |
CVE-2022-21325 |
6.5 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability |
| ZDI-22-109 |
ZDI-CAN-14500 |
Oracle |
CVE-2022-21324 |
6.5 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability |
| ZDI-22-108 |
ZDI-CAN-14499 |
Oracle |
CVE-2022-21323 |
6.5 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability |
| ZDI-22-107 |
ZDI-CAN-14498 |
Oracle |
CVE-2022-21322 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-106 |
ZDI-CAN-14497 |
Oracle |
CVE-2022-21321 |
6.5 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability |
| ZDI-22-105 |
ZDI-CAN-14496 |
Oracle |
CVE-2022-21320 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-104 |
ZDI-CAN-14495 |
Oracle |
CVE-2022-21319 |
6.5 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability |
| ZDI-22-103 |
ZDI-CAN-14494 |
Oracle |
CVE-2022-21318 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-22-102 |
ZDI-CAN-14493 |
Oracle |
CVE-2022-21317 |
6.5 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability |
| ZDI-22-101 |
ZDI-CAN-14492 |
Oracle |
CVE-2022-21316 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-22-100 |
ZDI-CAN-14491 |
Oracle |
CVE-2022-21315 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-22-099 |
ZDI-CAN-14490 |
Oracle |
CVE-2022-21314 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-098 |
ZDI-CAN-14489 |
Oracle |
CVE-2022-21313 |
6.5 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability |
| ZDI-22-097 |
ZDI-CAN-14488 |
Oracle |
CVE-2022-21312 |
6.5 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability |
| ZDI-22-096 |
ZDI-CAN-14487 |
Oracle |
CVE-2022-21311 |
6.5 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability |
| ZDI-22-095 |
ZDI-CAN-14486 |
Oracle |
CVE-2022-21310 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-22-094 |
ZDI-CAN-14458 |
Oracle |
CVE-2022-21309 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-22-093 |
ZDI-CAN-14222 |
Oracle |
CVE-2022-21308 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-092 |
ZDI-CAN-14206 |
Oracle |
CVE-2022-21307 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-091 |
ZDI-CAN-13925 |
Oracle |
CVE-2022-21284 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-090 |
ZDI-CAN-13924 |
Oracle |
CVE-2022-21289 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-089 |
ZDI-CAN-13986 |
Oracle |
CVE-2022-21285 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-22-088 |
ZDI-CAN-13966 |
Oracle |
CVE-2022-21286 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-22-087 |
ZDI-CAN-13964 |
Oracle |
CVE-2022-21287 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-086 |
ZDI-CAN-13963 |
Oracle |
CVE-2022-21290 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-085 |
ZDI-CAN-13922 |
Oracle |
CVE-2022-21288 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-22-084 |
ZDI-CAN-13866 |
Oracle |
CVE-2022-21280 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Management API Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-083 |
ZDI-CAN-13865 |
Oracle |
CVE-2022-21279 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Management API Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-082 |
ZDI-CAN-13818 |
TeamViewer |
CVE-2021-35005 |
3.3 |
Jan. 20, 2022 |
|
TeamViewer Improper Validation of Array Index Information Disclosure Vulnerability |
| ZDI-22-081 |
ZDI-CAN-14656 |
TP-Link |
CVE-2021-35004 |
8.8 |
Jan. 17, 2022 |
|
TP-Link TL-WA1201 DNS Response Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-080 |
ZDI-CAN-14655 |
TP-Link |
CVE-2021-35003 |
9.8 |
Jan. 17, 2022 |
|
TP-Link Archer C90 DNS Response Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-079 |
ZDI-CAN-14371 |
Adobe |
CVE-2021-43746 |
3.3 |
Jan. 17, 2022 |
|
Adobe Illustrator SVG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-078 |
ZDI-CAN-14137 |
Fortinet |
CVE-2021-26089 |
7.8 |
Jan. 17, 2022 |
|
Fortinet FortiClient Network Access Control Uncontrolled Search Path Element Privilege Escalation Vulnerability |
| ZDI-22-077 |
ZDI-CAN-15856 |
Western Digital |
CVE-2022-22991 |
8.8 |
Jan. 17, 2022 |
Jan. 18, 2022 |
(Pwn2Own) Western Digital MyCloud PR4100 ConnectivityService Command Injection Remote Code Execution Vulnerability |
| ZDI-22-076 |
ZDI-CAN-15872 |
Western Digital |
CVE-2022-22992 |
8.0 |
Jan. 17, 2022 |
Feb. 10, 2022 |
(Pwn2Own) Western Digital MyCloud PR4100 cloudAccess Command Injection Remote Code Execution Vulnerability |
| ZDI-22-075 |
ZDI-CAN-14539 |
NetBSD |
|
5.5 |
Jan. 14, 2022 |
|
NetBSD Kernel stat System Call Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-22-074 |
ZDI-CAN-14978 |
Microsoft |
CVE-2021-42309 |
8.8 |
Jan. 14, 2022 |
|
Microsoft SharePoint Server-Side Control Improper Input Validation Remote Code Execution Vulnerability |
| ZDI-22-073 |
ZDI-CAN-14540 |
OpenBSD |
CVE-2021-34999 |
3.8 |
Jan. 13, 2022 |
|
OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-22-072 |
ZDI-CAN-15148 |
Adobe |
CVE-2021-45053 |
7.8 |
Jan. 13, 2022 |
|
Adobe InCopy JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-071 |
ZDI-CAN-15151 |
Adobe |
CVE-2021-45054 |
3.3 |
Jan. 13, 2022 |
|
Adobe InCopy JPEG2000 Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-070 |
ZDI-CAN-15234 |
Adobe |
CVE-2021-45055 |
7.8 |
Jan. 13, 2022 |
|
Adobe InCopy TIF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-069 |
ZDI-CAN-15233 |
Adobe |
CVE-2021-45056 |
7.8 |
Jan. 13, 2022 |
|
Adobe InCopy JPEG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-068 |
ZDI-CAN-15232 |
Adobe |
CVE-2021-45058 |
7.8 |
Jan. 13, 2022 |
|
Adobe InDesign JPEG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-067 |
ZDI-CAN-15150 |
Adobe |
CVE-2021-45059 |
3.3 |
Jan. 13, 2022 |
|
Adobe InDesign JPEG2000 Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-066 |
ZDI-CAN-15144 |
Adobe |
CVE-2021-45057 |
7.8 |
Jan. 13, 2022 |
|
Adobe InDesign JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-065 |
ZDI-CAN-15152 |
Adobe |
CVE-2021-45051 |
3.3 |
Jan. 13, 2022 |
|
Adobe Bridge JPEG2000 Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-064 |
ZDI-CAN-15142 |
Adobe |
CVE-2021-45052 |
3.3 |
Jan. 13, 2022 |
|
Adobe Bridge TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-063 |
ZDI-CAN-15146 |
Adobe |
CVE-2021-44743 |
7.8 |
Jan. 13, 2022 |
|
Adobe Bridge JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-062 |
ZDI-CAN-15244 |
Adobe |
CVE-2021-44700 |
3.3 |
Jan. 13, 2022 |
|
Adobe Illustrator JPEG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-061 |
ZDI-CAN-15143 |
Adobe |
CVE-2021-43752 |
3.3 |
Jan. 13, 2022 |
|
Adobe Illustrator TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-060 |
ZDI-CAN-15698 |
Adobe |
CVE-2021-45060 |
7.8 |
Jan. 13, 2022 |
|
Adobe Acrobat Reader DC TTF Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-059 |
ZDI-CAN-15902 |
Adobe |
CVE-2021-45063 |
3.3 |
Jan. 13, 2022 |
|
Adobe Acrobat Reader DC JP2 File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-058 |
ZDI-CAN-15900 |
Adobe |
CVE-2021-45068 |
7.8 |
Jan. 13, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-057 |
ZDI-CAN-15196 |
Adobe |
CVE-2021-44701 |
7.8 |
Jan. 13, 2022 |
|
Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-056 |
ZDI-CAN-15903 |
Adobe |
CVE-2021-45061 |
7.8 |
Jan. 13, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-055 |
ZDI-CAN-15586 |
Adobe |
CVE-2021-45064 |
7.8 |
Jan. 13, 2022 |
|
Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-054 |
ZDI-CAN-15901 |
Adobe |
CVE-2021-45062 |
7.8 |
Jan. 13, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-053 |
ZDI-CAN-14727 |
Open Design Alliance (ODA) |
CVE-2022-23095 |
7.8 |
Jan. 13, 2022 |
|
Open Design Alliance (ODA) Drawings Explorer JPG File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-052 |
ZDI-CAN-15212 |
Microsoft |
CVE-2022-21899 |
5.5 |
Jan. 13, 2022 |
|
Microsoft Windows EFI Partition Incorrect Authorization Denial-of-Service Vulnerability |
| ZDI-22-051 |
ZDI-CAN-15188 |
Microsoft |
CVE-2022-21876 |
5.5 |
Jan. 13, 2022 |
|
Microsoft Windows DirectComposition Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-050 |
ZDI-CAN-15331 |
Microsoft |
CVE-2022-21895 |
7.8 |
Jan. 13, 2022 |
|
Microsoft Windows User Profile Service Directory Junction Privilege Escalation Vulnerability |
| ZDI-22-049 |
ZDI-CAN-14660 |
Microsoft |
CVE-2022-21838 |
7.0 |
Jan. 13, 2022 |
|
Microsoft Windows SilentCleanup Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-048 |
ZDI-CAN-14957 |
Microsoft |
CVE-2022-21877 |
5.6 |
Jan. 13, 2022 |
|
Microsoft Windows Storage Spaces Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-047 |
ZDI-CAN-14411 |
WECON |
CVE-2021-43983 |
7.8 |
Jan. 13, 2022 |
|
WECON LeviStudioU UMP File Parsing XY Tag WordAddr9 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-046 |
ZDI-CAN-14413 |
WECON |
CVE-2021-43983 |
7.8 |
Jan. 13, 2022 |
|
WECON LeviStudioU UMP File Parsing Alarm Tag bitaddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-045 |
ZDI-CAN-14417 |
WECON |
CVE-2021-43983 |
7.8 |
Jan. 13, 2022 |
|
WECON LeviStudioU UMP File Parsing Alarm Tag WordAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-044 |
ZDI-CAN-14419 |
WECON |
CVE-2021-43983 |
7.8 |
Jan. 13, 2022 |
|
WECON LeviStudioU UMP File Parsing Trend Tag WordAddr12 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-043 |
ZDI-CAN-14420 |
WECON |
CVE-2021-43983 |
7.8 |
Jan. 13, 2022 |
|
WECON LeviStudioU UMP File Parsing XY Tag WordAddr7 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-042 |
ZDI-CAN-14421 |
WECON |
CVE-2021-43983 |
7.8 |
Jan. 13, 2022 |
|
WECON LeviStudioU UMP File Parsing Trend Tag WordAddr11 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-041 |
ZDI-CAN-14422 |
WECON |
CVE-2021-43983 |
7.8 |
Jan. 13, 2022 |
|
WECON LeviStudioU UMP File Parsing XY Tag WordAddr5 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-040 |
ZDI-CAN-14423 |
WECON |
CVE-2021-43983 |
7.8 |
Jan. 13, 2022 |
|
WECON LeviStudioU UMP File Parsing XY Tag WordAddr6 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-039 |
ZDI-CAN-14569 |
WECON |
CVE-2021-43983 |
7.8 |
Jan. 13, 2022 |
|
WECON LeviStudioU UMP File Parsing BaseSet Tag HMINAME Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-038 |
ZDI-CAN-14570 |
WECON |
CVE-2021-43983 |
7.8 |
Jan. 13, 2022 |
|
WECON LeviStudioU UMP File Parsing HmiSet Tag Style Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-037 |
ZDI-CAN-14574 |
WECON |
CVE-2021-43983 |
7.8 |
Jan. 13, 2022 |
|
WECON LeviStudioU UMP File Parsing BaseSet Tag CurScrIdAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-036 |
ZDI-CAN-14573 |
WECON |
CVE-2021-43983 |
7.8 |
Jan. 13, 2022 |
|
WECON LeviStudioU UMP File Parsing BaseSet Tag ScrIdWordAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-035 |
ZDI-CAN-14572 |
WECON |
CVE-2021-43983 |
7.8 |
Jan. 13, 2022 |
|
WECON LeviStudioU UMP File Parsing BaseSet Tag PowerEnterTime Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-034 |
ZDI-CAN-14571 |
WECON |
CVE-2021-43983 |
7.8 |
Jan. 13, 2022 |
|
WECON LeviStudioU UMP File Parsing BaseSet Tag EnterTime Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-033 |
ZDI-CAN-14634 |
Fatek Automation |
CVE-2021-43554 |
7.8 |
Jan. 13, 2022 |
|
Fatek Automation WinProladder PDW File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-032 |
ZDI-CAN-14568 |
Fatek Automation |
CVE-2021-43556 |
7.8 |
Jan. 13, 2022 |
|
Fatek Automation WinProladder PDW File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-031 |
ZDI-CAN-14465 |
Fatek Automation |
CVE-2021-43556 |
7.8 |
Jan. 13, 2022 |
|
Fatek Automation WinProladder TAB File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-030 |
ZDI-CAN-14225 |
Fatek Automation |
CVE-2021-43554 |
7.8 |
Jan. 13, 2022 |
|
Fatek Automation WinProladder PDW File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-029 |
ZDI-CAN-14566 |
Fatek Automation |
CVE-2021-43556 |
7.8 |
Jan. 13, 2022 |
|
Fatek Automation WinProladder SPF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-028 |
ZDI-CAN-14517 |
Fatek Automation |
CVE-2021-43554 |
7.8 |
Jan. 13, 2022 |
|
Fatek Automation WinProladder PDW File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-027 |
ZDI-CAN-13030 |
Delta Industrial Automation |
CVE-2021-32965 |
7.8 |
Jan. 11, 2022 |
|
Delta Industrial Automation DIAScreen XLS File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-026 |
ZDI-CAN-13029 |
Delta Industrial Automation |
CVE-2021-32965 |
7.8 |
Jan. 11, 2022 |
|
Delta Industrial Automation DIAScreen XLS File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-025 |
ZDI-CAN-13033 |
Delta Industrial Automation |
CVE-2021-32965 |
7.8 |
Jan. 11, 2022 |
|
Delta Industrial Automation DIAScreen XLS File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-024 |
ZDI-CAN-13032 |
Delta Industrial Automation |
CVE-2021-32969 |
7.8 |
Jan. 11, 2022 |
|
Delta Industrial Automation DIAScreen XLS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-023 |
ZDI-CAN-13031 |
Delta Industrial Automation |
CVE-2021-32969 |
7.8 |
Jan. 11, 2022 |
|
Delta Industrial Automation DIAScreen XLS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-022 |
ZDI-CAN-14860 |
Siemens |
CVE-2021-42028 |
7.8 |
Jan. 10, 2022 |
|
Siemens syngo fastView BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-021 |
ZDI-CAN-15097 |
Siemens |
CVE-2021-40367 |
7.8 |
Jan. 10, 2022 |
|
Siemens syngo DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-020 |
ZDI-CAN-15541 |
WordPress |
CVE-2022-21661 |
7.5 |
Jan. 10, 2022 |
|
WordPress Core WP_Query SQL Injection Information Disclosure Vulnerability |
| ZDI-22-019 |
ZDI-CAN-14955 |
Microsoft |
CVE-2021-43238 |
5.5 |
Jan. 6, 2022 |
|
Microsoft Windows Remote Access Connection Manager Service Link Following Denial-of-Service Vulnerability |
| ZDI-22-018 |
ZDI-CAN-14770 |
Microsoft |
CVE-2021-43237 |
7.0 |
Jan. 6, 2022 |
|
Microsoft Windows Update Assistant Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-017 |
ZDI-CAN-14607 |
Trend Micro |
CVE-2021-45441 |
7.8 |
Jan. 6, 2022 |
|
Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability |
| ZDI-22-016 |
ZDI-CAN-14218 |
Trend Micro |
CVE-2021-45440 |
7.0 |
Jan. 6, 2022 |
|
Trend Micro Worry-Free Business Security Unnecessary Privileges Local Privilege Escalation Vulnerability |
| ZDI-22-015 |
ZDI-CAN-14967 |
Trend Micro |
CVE-2021-45442 |
6.1 |
Jan. 6, 2022 |
|
Trend Micro Worry-Free Business Security Link Following Denial-of-Service Vulnerability |
| ZDI-22-014 |
ZDI-CAN-13364 |
Trend Micro |
CVE-2021-44024 |
6.1 |
Jan. 6, 2022 |
|
Trend Micro Apex One Link Following Denial-of-Service Vulnerability |
| ZDI-22-013 |
ZDI-CAN-13365 |
Trend Micro |
CVE-2021-45231 |
7.8 |
Jan. 6, 2022 |
|
Trend Micro Apex One Link Following Privilege Escalation Vulnerability |
| ZDI-22-012 |
ZDI-CAN-16112 |
OpenBSD |
CVE-2021-35000 |
3.3 |
Jan. 6, 2022 |
|
OpenBSD Kernel Multicast Routing Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-22-011 |
ZDI-CAN-15111 |
Siemens |
CVE-2021-44017 |
3.3 |
Jan. 6, 2022 |
Jan. 9, 2022 |
Siemens JT2Go TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-010 |
ZDI-CAN-15109 |
Siemens |
CVE-2021-44015 |
3.3 |
Jan. 6, 2022 |
Jan. 9, 2022 |
Siemens JT2Go CGM File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-009 |
ZDI-CAN-15103 |
Siemens |
CVE-2021-44013 |
7.8 |
Jan. 6, 2022 |
Jan. 9, 2022 |
Siemens JT2Go JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-008 |
ZDI-CAN-15102 |
Siemens |
CVE-2021-44012 |
3.3 |
Jan. 6, 2022 |
Jan. 9, 2022 |
Siemens JT2Go JT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-007 |
ZDI-CAN-15101 |
Siemens |
CVE-2021-44011 |
3.3 |
Jan. 6, 2022 |
Jan. 9, 2022 |
Siemens JT2Go JT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-006 |
ZDI-CAN-15058 |
Siemens |
CVE-2021-44002 |
7.8 |
Jan. 6, 2022 |
Jan. 9, 2022 |
Siemens JT2Go JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-005 |
ZDI-CAN-15057 |
Siemens |
CVE-2021-44014 |
7.8 |
Jan. 6, 2022 |
Jan. 9, 2022 |
Siemens JT2Go JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-004 |
ZDI-CAN-14974 |
Siemens |
CVE-2021-44001 |
7.8 |
Jan. 6, 2022 |
Jan. 9, 2022 |
Siemens JT2Go PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-003 |
ZDI-CAN-14237 |
VMware |
CVE-2021-22045 |
7.8 |
Jan. 6, 2022 |
Jan. 11, 2022 |
VMware Workstation SCSI Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-22-002 |
ZDI-CAN-14122 |
BMC |
CVE-2021-35002 |
8.8 |
Jan. 6, 2022 |
|
BMC Track-It! Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-22-001 |
ZDI-CAN-14527 |
BMC |
CVE-2021-35001 |
3.1 |
Jan. 6, 2022 |
|
BMC Track-It! GetData Missing Authorization Information Disclosure Vulnerability |
