| ZDI-24-1420 |
ZDI-CAN-23502 |
Schneider Electric |
CVE-2015-0250 |
6.5 |
2024-10-18 |
2024-10-18 |
Schneider Electric EcoStruxure Data Center Expert XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-24-1419 |
ZDI-CAN-17700 |
Trend Micro |
CVE-2024-48903 |
7.8 |
2024-10-17 |
2024-10-17 |
Trend Micro Deep Security Improper Access Control Local Privilege Escalation Vulnerability |
| ZDI-24-1418 |
ZDI-CAN-23182 |
Trend Micro |
CVE-2024-48904 |
9.8 |
2024-10-17 |
2024-10-17 |
Trend Micro Cloud Edge REST API Command Injection Remote Code Execution Vulnerability |
| ZDI-24-1417 |
ZDI-CAN-23203 |
Schneider Electric |
CVE-2024-8531 |
7.2 |
2024-10-17 |
2024-10-18 |
Schneider Electric EcoStruxure Data Center Expert Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability |
| ZDI-24-1416 |
ZDI-CAN-23489 |
Schneider Electric |
CVE-2024-8530 |
5.9 |
2024-10-17 |
2024-10-18 |
Schneider Electric EcoStruxure Data Center Expert Missing Authentication Information Disclosure Vulnerability |
| ZDI-24-1415 |
ZDI-CAN-22347 |
Schneider Electric |
CVE-2024-8422 |
7.8 |
2024-10-17 |
2024-10-17 |
Schneider Electric Zelio Soft 2 ZM2 File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1414 |
ZDI-CAN-25016 |
Oracle |
CVE-2024-21273 |
6.0 |
2024-10-17 |
2024-10-17 |
Oracle VirtualBox BusLogic Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-24-1413 |
ZDI-CAN-23961 |
Oracle |
CVE-2024-21259 |
7.5 |
2024-10-17 |
2024-10-17 |
Oracle VirtualBox TPM Heap-based Buffer Overflow Local Privilege Escalation Vulnerability |
| ZDI-24-1412 |
ZDI-CAN-24045 |
Oracle |
CVE-2024-21248 |
5.3 |
2024-10-17 |
2024-10-17 |
Oracle VirtualBox Shared Folders Incorrect Authorization Local Privilege Escalation Vulnerability |
| ZDI-24-1411 |
ZDI-CAN-24765 |
Delta Electronics |
CVE-2024-47966 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-24-1410 |
ZDI-CAN-24200 |
Delta Electronics |
CVE-2024-47962 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1409 |
ZDI-CAN-24199 |
Delta Electronics |
CVE-2024-47963 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1408 |
ZDI-CAN-24197 |
Delta Electronics |
CVE-2024-47963 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1407 |
ZDI-CAN-24196 |
Delta Electronics |
CVE-2024-47962 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1406 |
ZDI-CAN-24202 |
Delta Electronics |
CVE-2024-47962 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1405 |
ZDI-CAN-24201 |
Delta Electronics |
CVE-2024-47962 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 ALM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1404 |
ZDI-CAN-23768 |
Delta Electronics |
CVE-2024-47962 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1403 |
ZDI-CAN-25270 |
Delta Electronics |
CVE-2024-47963 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-1402 |
ZDI-CAN-25055 |
Delta Electronics |
CVE-2024-47962 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1401 |
ZDI-CAN-25056 |
Delta Electronics |
CVE-2024-47962 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1400 |
ZDI-CAN-25034 |
Delta Electronics |
CVE-2024-47963 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-1399 |
ZDI-CAN-25037 |
Delta Electronics |
CVE-2024-47964 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1398 |
ZDI-CAN-24788 |
Delta Electronics |
CVE-2024-47962 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DOPSoft ALM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1397 |
ZDI-CAN-24790 |
Delta Electronics |
CVE-2024-47962 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DOPSoft CMT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1396 |
ZDI-CAN-24994 |
Delta Electronics |
CVE-2024-47962 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1395 |
ZDI-CAN-24758 |
Delta Electronics |
CVE-2024-47962 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1394 |
ZDI-CAN-24826 |
Delta Electronics |
CVE-2024-47963 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1393 |
ZDI-CAN-24829 |
Delta Electronics |
CVE-2024-47963 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1392 |
ZDI-CAN-24910 |
Delta Electronics |
CVE-2024-47963 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-1391 |
ZDI-CAN-24971 |
Delta Electronics |
CVE-2024-47963 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1390 |
ZDI-CAN-24363 |
Delta Electronics |
CVE-2024-47962 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1389 |
ZDI-CAN-24358 |
Delta Electronics |
CVE-2024-47962 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1388 |
ZDI-CAN-24766 |
Delta Electronics |
CVE-2024-47965 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-1387 |
ZDI-CAN-24767 |
Delta Electronics |
|
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1386 |
ZDI-CAN-24825 |
Delta Electronics |
CVE-2024-47963 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1385 |
ZDI-CAN-24827 |
Delta Electronics |
CVE-2024-47963 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1384 |
ZDI-CAN-24828 |
Delta Electronics |
CVE-2024-47963 |
7.8 |
2024-10-15 |
2024-10-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1383 |
ZDI-CAN-25351 |
PostHog |
CVE-2024-9710 |
7.1 |
2024-10-15 |
2024-10-15 |
PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability |
| ZDI-24-1382 |
ZDI-CAN-23962 |
QEMU |
CVE-2024-6519 |
8.2 |
2024-10-15 |
2024-10-15 |
QEMU SCSI Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-24-1381 |
ZDI-CAN-24146 |
Trimble |
CVE-2024-9730 |
7.8 |
2024-10-11 |
2024-10-11 |
Trimble SketchUp Viewer SKP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-1380 |
ZDI-CAN-24144 |
Trimble |
CVE-2024-9729 |
7.8 |
2024-10-11 |
2024-10-11 |
Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1379 |
ZDI-CAN-24103 |
Trimble |
CVE-2024-9719 |
7.8 |
2024-10-11 |
2024-10-11 |
Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1378 |
ZDI-CAN-24102 |
Trimble |
CVE-2024-9718 |
7.8 |
2024-10-11 |
2024-10-11 |
Trimble SketchUp Viewer SKP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-1377 |
ZDI-CAN-24101 |
Trimble |
CVE-2024-9717 |
7.8 |
2024-10-11 |
2024-10-11 |
Trimble SketchUp Viewer SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-24-1376 |
ZDI-CAN-24098 |
Trimble |
CVE-2024-9715 |
7.8 |
2024-10-11 |
2024-10-11 |
Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1375 |
ZDI-CAN-24100 |
Trimble |
CVE-2024-9716 |
7.8 |
2024-10-11 |
2024-10-11 |
Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1374 |
ZDI-CAN-23283 |
IrfanView |
CVE-2024-9261 |
7.8 |
2024-10-11 |
2024-10-11 |
IrfanView SID File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1373 |
ZDI-CAN-23280 |
IrfanView |
CVE-2024-9260 |
7.8 |
2024-10-11 |
2024-10-11 |
IrfanView SID File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1372 |
ZDI-CAN-23278 |
IrfanView |
CVE-2024-9259 |
7.8 |
2024-10-11 |
2024-10-11 |
IrfanView SID File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1371 |
ZDI-CAN-23277 |
IrfanView |
CVE-2024-9767 |
7.8 |
2024-10-11 |
2024-10-11 |
IrfanView SID File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-1370 |
ZDI-CAN-23276 |
IrfanView |
CVE-2024-9258 |
7.8 |
2024-10-11 |
2024-10-11 |
IrfanView SID File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-24-1369 |
ZDI-CAN-23939 |
Zimbra |
CVE-2024-9665 |
6.5 |
2024-10-11 |
2024-10-11 |
Zimbra GraphQL Cross-Site Request Forgery Information Disclosure Vulnerability |
| ZDI-24-1368 |
ZDI-CAN-24472 |
Tungsten Automation |
CVE-2024-9755 |
7.8 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-1367 |
ZDI-CAN-24473 |
Tungsten Automation |
CVE-2024-9757 |
3.3 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1366 |
ZDI-CAN-24477 |
Tungsten Automation |
CVE-2024-9761 |
3.3 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1365 |
ZDI-CAN-24451 |
Tungsten Automation |
CVE-2024-9735 |
7.8 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF JPF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1364 |
ZDI-CAN-24460 |
Tungsten Automation |
CVE-2024-9744 |
7.8 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1363 |
ZDI-CAN-24468 |
Tungsten Automation |
CVE-2024-9751 |
7.8 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-1362 |
ZDI-CAN-24480 |
Tungsten Automation |
CVE-2024-9764 |
7.8 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF PDF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1361 |
ZDI-CAN-24474 |
Tungsten Automation |
CVE-2024-9758 |
3.3 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1360 |
ZDI-CAN-24470 |
Tungsten Automation |
CVE-2024-9753 |
3.3 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1359 |
ZDI-CAN-24479 |
Tungsten Automation |
CVE-2024-9763 |
3.3 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1358 |
ZDI-CAN-24478 |
Tungsten Automation |
CVE-2024-9762 |
3.3 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF OXPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1357 |
ZDI-CAN-24476 |
Tungsten Automation |
CVE-2024-9760 |
3.3 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF PNG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1356 |
ZDI-CAN-24475 |
Tungsten Automation |
CVE-2024-9759 |
3.3 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF GIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1355 |
ZDI-CAN-24471 |
Tungsten Automation |
CVE-2024-9754 |
3.3 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1354 |
ZDI-CAN-24469 |
Tungsten Automation |
CVE-2024-9752 |
3.3 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1353 |
ZDI-CAN-24400 |
Tungsten Automation |
CVE-2024-9734 |
7.8 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1352 |
ZDI-CAN-24389 |
Tungsten Automation |
CVE-2024-9733 |
7.8 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1351 |
ZDI-CAN-24452 |
Tungsten Automation |
CVE-2024-9736 |
7.8 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1350 |
ZDI-CAN-24453 |
Tungsten Automation |
CVE-2024-9737 |
7.8 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1349 |
ZDI-CAN-24455 |
Tungsten Automation |
CVE-2024-9739 |
7.8 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-1348 |
ZDI-CAN-24466 |
Tungsten Automation |
CVE-2024-9750 |
7.8 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF PNG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-1347 |
ZDI-CAN-24461 |
Tungsten Automation |
CVE-2024-9745 |
7.8 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF TIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1346 |
ZDI-CAN-24457 |
Tungsten Automation |
CVE-2024-9741 |
7.8 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1345 |
ZDI-CAN-24462 |
Tungsten Automation |
CVE-2024-9746 |
7.8 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1344 |
ZDI-CAN-24463 |
Tungsten Automation |
CVE-2024-9747 |
7.8 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1343 |
ZDI-CAN-24456 |
Tungsten Automation |
CVE-2024-9740 |
7.8 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1342 |
ZDI-CAN-24458 |
Tungsten Automation |
CVE-2024-9742 |
7.8 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1341 |
ZDI-CAN-24454 |
Tungsten Automation |
CVE-2024-9738 |
7.8 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-1340 |
ZDI-CAN-24465 |
Tungsten Automation |
CVE-2024-9749 |
3.3 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1339 |
ZDI-CAN-24464 |
Tungsten Automation |
CVE-2024-9748 |
7.8 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF XPS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1338 |
ZDI-CAN-24459 |
Tungsten Automation |
CVE-2024-9743 |
7.8 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1337 |
ZDI-CAN-24385 |
Tungsten Automation |
CVE-2024-9732 |
7.8 |
2024-10-11 |
2024-10-11 |
Tungsten Automation Power PDF XPS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1336 |
ZDI-CAN-24304 |
Wacom |
CVE-2024-9766 |
7.8 |
2024-10-11 |
2024-10-11 |
Wacom Center WTabletServicePro Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-1335 |
ZDI-CAN-22656 |
SonicWALL |
CVE-2024-45315 |
6.1 |
2024-10-11 |
2024-10-11 |
SonicWALL Connect Tunnel Link Following Denial-of-Service Vulnerability |
| ZDI-24-1334 |
ZDI-CAN-22655 |
SonicWALL |
CVE-2024-45316 |
7.8 |
2024-10-11 |
2024-10-11 |
SonicWALL Connect Tunnel Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-1333 |
ZDI-CAN-24764 |
NVIDIA |
CVE-2024-0113 |
8.8 |
2024-10-09 |
2024-10-09 |
NVIDIA Onyx Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-1332 |
ZDI-CAN-24026 |
Adobe |
CVE-2024-45146 |
7.8 |
2024-10-08 |
2024-10-08 |
Adobe Dimension SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1331 |
ZDI-CAN-24056 |
Adobe |
CVE-2024-45138 |
7.8 |
2024-10-08 |
2024-10-08 |
Adobe Substance 3D Stager SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1330 |
ZDI-CAN-24370 |
Microsoft |
CVE-2024-43556 |
7.8 |
2024-10-08 |
2024-10-08 |
Microsoft Windows win32kfull Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-24-1329 |
ZDI-CAN-25281 |
Axis Communications |
|
8.8 |
2024-10-08 |
2024-10-08 |
Axis Communications Autodesk Plugin AxisAddin axisapphelpfiles Remote Code Execution Vulnerability |
| ZDI-24-1328 |
ZDI-CAN-25280 |
Axis Communications |
|
8.8 |
2024-10-08 |
2024-10-08 |
Axis Communications Autodesk Plugin AzureBlobRestAPI axiscontentfiles Remote Code Execution Vulnerability |
| ZDI-24-1327 |
ZDI-CAN-23526 |
Ivanti |
CVE-2024-47011 |
7.5 |
2024-10-08 |
2024-10-08 |
Ivanti Avalanche Faces ResourceManager Information Disclosure Vulnerability |
| ZDI-24-1326 |
ZDI-CAN-23524 |
Ivanti |
CVE-2024-47010 |
7.3 |
2024-10-08 |
2024-10-08 |
Ivanti Avalanche SecureFilter allowPassThrough Authentication Bypass Vulnerability |
| ZDI-24-1325 |
ZDI-CAN-23523 |
Ivanti |
CVE-2024-47009 |
7.3 |
2024-10-08 |
2024-10-08 |
Ivanti Avalanche SecureFilter Content-Type Authentication Bypass Vulnerability |
| ZDI-24-1324 |
ZDI-CAN-23520 |
Ivanti |
CVE-2024-47008 |
7.5 |
2024-10-08 |
2024-10-08 |
Ivanti Avalanche validateAMCWSConnection Server-Side Request Forgery Information Disclosure Vulnerability |
| ZDI-24-1323 |
ZDI-CAN-24536 |
Centreon |
CVE-2024-39843 |
4.7 |
2024-10-08 |
2024-10-08 |
Centreon updateContactContactGroup SQL Injection Privilege Escalation Vulnerability |
| ZDI-24-1322 |
ZDI-CAN-24534 |
Centreon |
CVE-2024-39842 |
4.7 |
2024-10-08 |
2024-10-08 |
Centreon updateAccessGroupLinks SQL Injection Privilege Escalation Vulnerability |
| ZDI-24-1321 |
ZDI-CAN-24149 |
Apple |
CVE-2024-40841 |
8.8 |
2024-10-02 |
2024-10-02 |
Apple macOS AppleVADriver Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1320 |
ZDI-CAN-24743 |
Autodesk |
CVE-2024-7674 |
7.8 |
2024-10-02 |
2024-10-02 |
Autodesk Navisworks Freedom DWF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1319 |
ZDI-CAN-24496 |
Autodesk |
CVE-2024-7672 |
7.8 |
2024-10-02 |
2024-10-02 |
Autodesk Navisworks Freedom DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1318 |
ZDI-CAN-24562 |
Autodesk |
CVE-2024-7671 |
7.8 |
2024-10-02 |
2024-10-02 |
Autodesk Navisworks Freedom DWFX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1317 |
ZDI-CAN-24559 |
Autodesk |
CVE-2024-7670 |
7.8 |
2024-10-02 |
2024-10-02 |
Autodesk Navisworks Freedom DWFX File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-1316 |
ZDI-CAN-24560 |
Autodesk |
CVE-2024-7673 |
7.8 |
2024-10-02 |
2024-10-02 |
Autodesk Navisworks Freedom DWFX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1315 |
ZDI-CAN-24561 |
Autodesk |
CVE-2024-7675 |
7.8 |
2024-10-02 |
2024-10-02 |
Autodesk Navisworks Freedom DWF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1314 |
ZDI-CAN-24042 |
PaperCut |
CVE-2024-8405 |
6.1 |
2024-10-02 |
2024-10-02 |
PaperCut NG pc-web-print Link Following Denial-of-Service Vulnerability |
| ZDI-24-1313 |
ZDI-CAN-24194 |
Apple |
CVE-2024-40777 |
7.8 |
2024-10-02 |
2024-10-02 |
Apple macOS ImageIO PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1312 |
ZDI-CAN-23980 |
Apple |
CVE-2024-40784 |
3.3 |
2024-10-02 |
2024-10-02 |
Apple macOS ImageIO KTX Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1311 |
ZDI-CAN-23562 |
Microsoft |
CVE-2024-38066 |
7.8 |
2024-10-02 |
2024-10-02 |
Microsoft Windows Menu DC Path Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-24-1310 |
ZDI-CAN-23010 |
Lenovo |
CVE-2024-4696 |
7.5 |
2024-09-27 |
2024-09-27 |
Lenovo Service Bridge Command Injection Remote Code Execution Vulnerability |
| ZDI-24-1309 |
ZDI-CAN-25267 |
Foxit |
CVE-2024-9256 |
3.3 |
2024-09-26 |
2024-09-26 |
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1308 |
ZDI-CAN-25174 |
Foxit |
CVE-2024-9255 |
7.8 |
2024-09-26 |
2024-09-26 |
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1307 |
ZDI-CAN-25173 |
Foxit |
CVE-2024-9254 |
7.8 |
2024-09-26 |
2024-09-26 |
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1306 |
ZDI-CAN-24490 |
Foxit |
CVE-2024-9251 |
3.3 |
2024-09-26 |
2024-09-26 |
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability |
| ZDI-24-1305 |
ZDI-CAN-24492 |
Foxit |
CVE-2024-9253 |
3.3 |
2024-09-26 |
2024-09-26 |
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1304 |
ZDI-CAN-24491 |
Foxit |
CVE-2024-9252 |
3.3 |
2024-09-26 |
2024-09-26 |
Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulnerability |
| ZDI-24-1303 |
ZDI-CAN-24489 |
Foxit |
CVE-2024-9250 |
7.8 |
2024-09-26 |
2024-09-26 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1302 |
ZDI-CAN-24300 |
Foxit |
CVE-2024-9248 |
7.8 |
2024-09-26 |
2024-09-26 |
Foxit PDF Reader PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1301 |
ZDI-CAN-24301 |
Foxit |
CVE-2024-9249 |
7.8 |
2024-09-26 |
2024-09-26 |
Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-1300 |
ZDI-CAN-24173 |
Foxit |
CVE-2024-9247 |
7.8 |
2024-09-26 |
2024-09-26 |
Foxit PDF Reader Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1299 |
ZDI-CAN-24135 |
Foxit |
CVE-2024-9246 |
3.3 |
2024-09-26 |
2024-09-26 |
Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1298 |
ZDI-CAN-23933 |
Foxit |
CVE-2024-9244 |
7.8 |
2024-09-26 |
2024-09-26 |
Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability |
| ZDI-24-1297 |
ZDI-CAN-23966 |
Foxit |
CVE-2024-9245 |
7.8 |
2024-09-26 |
2024-09-26 |
Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability |
| ZDI-24-1296 |
ZDI-CAN-23932 |
Foxit |
CVE-2024-9243 |
7.8 |
2024-09-26 |
2024-09-26 |
Foxit PDF Reader AcroForm Doc Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1295 |
ZDI-CAN-25265 |
Logsign |
CVE-2024-9257 |
4.3 |
2024-09-26 |
2024-09-26 |
Logsign Unified SecOps Platform delete_gsuite_key_file Input Validation Arbitrary File Deletion Vulnerability |
| ZDI-24-1294 |
ZDI-CAN-22537 |
Western Digital |
CVE-2024-22170 |
7.5 |
2024-09-26 |
2024-09-26 |
Western Digital MyCloud PR4100 ddns-start Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1293 |
ZDI-CAN-24175 |
Microsoft |
CVE-2024-38249 |
8.8 |
2024-09-26 |
2024-09-26 |
Microsoft Windows BeginPaint Brush Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-24-1292 |
ZDI-CAN-24179 |
Microsoft |
CVE-2024-38249 |
8.8 |
2024-09-26 |
2024-09-26 |
Microsoft Windows BeginPaint Color Space Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-24-1291 |
ZDI-CAN-24091 |
Microsoft |
CVE-2024-38249 |
7.8 |
2024-09-26 |
2024-09-26 |
Microsoft Windows Device Context Improper Release Local Privilege Escalation Vulnerability |
| ZDI-24-1290 |
ZDI-CAN-24740 |
TeamViewer |
CVE-2024-7481 |
8.8 |
2024-09-26 |
2024-09-26 |
TeamViewer Missing Authentication Local Privilege Escalation Vulnerability |
| ZDI-24-1289 |
ZDI-CAN-24623 |
TeamViewer |
CVE-2024-7479 |
8.8 |
2024-09-26 |
2024-09-26 |
TeamViewer Missing Authentication Local Privilege Escalation Vulnerability |
| ZDI-24-1288 |
ZDI-CAN-24088 |
Apple |
CVE-2024-40846 |
7.5 |
2024-09-25 |
2024-09-25 |
Apple macOS AppleIntelKBLGraphicsMTLDriver Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1287 |
ZDI-CAN-24140 |
Apple |
CVE-2024-44160 |
8.8 |
2024-09-25 |
2024-09-25 |
Apple macOS AppleVADriver Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1286 |
ZDI-CAN-24411 |
Apple |
CVE-2024-44161 |
4.3 |
2024-09-25 |
2024-09-25 |
Apple macOS AppleGVA Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1285 |
ZDI-CAN-24142 |
Apple |
CVE-2024-44154 |
4.3 |
2024-09-25 |
2024-09-25 |
Apple macOS VideoToolbox Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-24-1284 |
ZDI-CAN-24087 |
Apple |
CVE-2024-40841 |
7.5 |
2024-09-25 |
2024-09-25 |
Apple macOS AppleIntelKBLGraphicsMTLDriver Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-1283 |
ZDI-CAN-24570 |
Apple |
CVE-2024-44176 |
7.8 |
2024-09-25 |
2024-09-25 |
Apple macOS ImageIO JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1282 |
ZDI-CAN-23949 |
Apple |
CVE-2024-40845 |
4.3 |
2024-09-25 |
2024-09-25 |
Apple macOS AppleGVA Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1281 |
ZDI-CAN-24133 |
Apple |
CVE-2024-27861 |
4.3 |
2024-09-25 |
2024-09-25 |
Apple macOS AppleVADriver Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1280 |
ZDI-CAN-24132 |
Apple |
CVE-2024-27861 |
4.3 |
2024-09-25 |
2024-09-25 |
Apple macOS AppleVADriver Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1279 |
ZDI-CAN-24129 |
Apple |
CVE-2024-27860 |
4.3 |
2024-09-25 |
2024-09-25 |
Apple macOS AppleVADriver Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1278 |
ZDI-CAN-24126 |
Apple |
CVE-2024-27861 |
4.3 |
2024-09-25 |
2024-09-25 |
Apple macOS AppleVADriver Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1277 |
ZDI-CAN-24125 |
Apple |
CVE-2024-27861 |
4.3 |
2024-09-25 |
2024-09-25 |
Apple macOS AppleVADriver Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1276 |
ZDI-CAN-24124 |
Apple |
CVE-2024-27861 |
4.3 |
2024-09-25 |
2024-09-25 |
Apple macOS AppleVADriver Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1275 |
ZDI-CAN-25145 |
FastStone |
CVE-2024-9114 |
7.8 |
2024-09-23 |
2024-09-23 |
(0Day) FastStone Image Viewer GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1274 |
ZDI-CAN-25140 |
FastStone |
CVE-2024-9113 |
7.8 |
2024-09-23 |
2024-09-23 |
(0Day) FastStone Image Viewer TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1273 |
ZDI-CAN-25102 |
FastStone |
CVE-2024-9112 |
7.8 |
2024-09-23 |
2024-09-23 |
(0Day) FastStone Image Viewer PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1272 |
ZDI-CAN-25269 |
PDF-XChange |
CVE-2024-8849 |
3.3 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1271 |
ZDI-CAN-25268 |
PDF-XChange |
CVE-2024-8848 |
3.3 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1270 |
ZDI-CAN-25198 |
PDF-XChange |
CVE-2024-8847 |
7.8 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-1269 |
ZDI-CAN-24835 |
PDF-XChange |
CVE-2024-8846 |
3.3 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1268 |
ZDI-CAN-24553 |
PDF-XChange |
CVE-2024-8845 |
3.3 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1267 |
ZDI-CAN-24550 |
PDF-XChange |
CVE-2024-8844 |
3.3 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1266 |
ZDI-CAN-24495 |
PDF-XChange |
CVE-2024-8843 |
3.3 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1265 |
ZDI-CAN-24481 |
PDF-XChange |
CVE-2024-8842 |
7.8 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor RTF File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-24-1264 |
ZDI-CAN-24432 |
PDF-XChange |
CVE-2024-8841 |
3.3 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1263 |
ZDI-CAN-24420 |
PDF-XChange |
CVE-2024-8840 |
7.8 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-1262 |
ZDI-CAN-24419 |
PDF-XChange |
CVE-2024-8839 |
3.3 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1261 |
ZDI-CAN-24409 |
PDF-XChange |
CVE-2024-8838 |
7.8 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-1260 |
ZDI-CAN-24408 |
PDF-XChange |
CVE-2024-8837 |
7.8 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-1259 |
ZDI-CAN-24354 |
PDF-XChange |
CVE-2024-8836 |
3.3 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1258 |
ZDI-CAN-24320 |
PDF-XChange |
CVE-2024-8835 |
3.3 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1257 |
ZDI-CAN-24319 |
PDF-XChange |
CVE-2024-8834 |
3.3 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1256 |
ZDI-CAN-24318 |
PDF-XChange |
CVE-2024-8833 |
7.8 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-1255 |
ZDI-CAN-24317 |
PDF-XChange |
CVE-2024-8832 |
3.3 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1254 |
ZDI-CAN-24316 |
PDF-XChange |
CVE-2024-8831 |
7.8 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-1253 |
ZDI-CAN-24315 |
PDF-XChange |
CVE-2024-8830 |
7.8 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor XPS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1252 |
ZDI-CAN-24314 |
PDF-XChange |
CVE-2024-8829 |
3.3 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1251 |
ZDI-CAN-24313 |
PDF-XChange |
CVE-2024-8828 |
3.3 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1250 |
ZDI-CAN-24306 |
PDF-XChange |
CVE-2024-8827 |
7.8 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor PPM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1249 |
ZDI-CAN-24305 |
PDF-XChange |
CVE-2024-8826 |
7.8 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-1248 |
ZDI-CAN-24263 |
PDF-XChange |
CVE-2024-8825 |
7.8 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-1247 |
ZDI-CAN-24262 |
PDF-XChange |
CVE-2024-8824 |
3.3 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1246 |
ZDI-CAN-24261 |
PDF-XChange |
CVE-2024-8823 |
3.3 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1245 |
ZDI-CAN-24217 |
PDF-XChange |
CVE-2024-8822 |
3.3 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1244 |
ZDI-CAN-24216 |
PDF-XChange |
CVE-2024-8821 |
3.3 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-24-1243 |
ZDI-CAN-24215 |
PDF-XChange |
CVE-2024-8820 |
3.3 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1242 |
ZDI-CAN-24214 |
PDF-XChange |
CVE-2024-8819 |
3.3 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1241 |
ZDI-CAN-24213 |
PDF-XChange |
CVE-2024-8818 |
7.8 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1240 |
ZDI-CAN-24212 |
PDF-XChange |
CVE-2024-8817 |
7.8 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1239 |
ZDI-CAN-24211 |
PDF-XChange |
CVE-2024-8816 |
3.3 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-24-1238 |
ZDI-CAN-24210 |
PDF-XChange |
CVE-2024-8815 |
7.8 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor U3D File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-1237 |
ZDI-CAN-24209 |
PDF-XChange |
CVE-2024-8814 |
7.8 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-1236 |
ZDI-CAN-24208 |
PDF-XChange |
CVE-2024-8813 |
7.8 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1235 |
ZDI-CAN-24207 |
PDF-XChange |
CVE-2024-8812 |
7.8 |
2024-09-17 |
2024-09-17 |
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-1234 |
ZDI-CAN-23983 |
WinZip Computing |
CVE-2024-8811 |
7.8 |
2024-09-17 |
2024-09-17 |
WinZip Mark-of-the-Web Bypass Vulnerability |
| ZDI-24-1233 |
ZDI-CAN-24178 |
Cohesive Networks |
CVE-2024-8809 |
8.8 |
2024-09-17 |
2024-09-17 |
Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability |
| ZDI-24-1232 |
ZDI-CAN-24177 |
Cohesive Networks |
CVE-2024-8808 |
8.8 |
2024-09-17 |
2024-09-17 |
Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability |
| ZDI-24-1231 |
ZDI-CAN-24176 |
Cohesive Networks |
CVE-2024-8807 |
9.8 |
2024-09-17 |
2024-09-17 |
Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability |
| ZDI-24-1230 |
ZDI-CAN-24160 |
Cohesive Networks |
CVE-2024-8806 |
9.8 |
2024-09-17 |
2024-09-17 |
Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability |
| ZDI-24-1229 |
ZDI-CAN-25177 |
BlueZ |
CVE-2024-8805 |
8.8 |
2024-09-17 |
2024-10-09 |
BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability |
| ZDI-24-1228 |
ZDI-CAN-24585 |
Trend Micro |
CVE-2024-46903 |
6.5 |
2024-09-17 |
2024-09-17 |
Trend Micro Deep Discovery Inspector SQL Injection Information Disclosure Vulnerability |
| ZDI-24-1227 |
ZDI-CAN-24584 |
Trend Micro |
CVE-2024-46902 |
4.9 |
2024-09-17 |
2024-09-17 |
Trend Micro Deep Discovery Inspector SQL Injection Information Disclosure Vulnerability |
| ZDI-24-1226 |
ZDI-CAN-23546 |
mySCADA |
CVE-2024-4708 |
9.8 |
2024-09-13 |
2024-09-13 |
mySCADA myPRO Hard-Coded Credentials Remote Code Execution Vulnerability |
| ZDI-24-1225 |
ZDI-CAN-24271 |
SolarWinds |
CVE-2024-28990 |
7.3 |
2024-09-13 |
2024-09-13 |
SolarWinds Access Rights Manager Hard-Coded Credentials Authentication Bypass Vulnerability |
| ZDI-24-1224 |
ZDI-CAN-24270 |
SolarWinds |
CVE-2024-28991 |
9.9 |
2024-09-13 |
2024-09-13 |
SolarWinds Access Rights Manager JsonSerializationBinder Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-1223 |
ZDI-CAN-23850 |
Ivanti |
CVE-2024-29847 |
9.8 |
2024-09-12 |
2024-09-12 |
Ivanti Endpoint Manager AgentPortal Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-1222 |
ZDI-CAN-23860 |
Ivanti |
CVE-2024-8012 |
7.8 |
2024-09-11 |
2024-09-11 |
Ivanti Workspace Control RES Exposed Dangerous Method Local Privilege Escalation Vulnerability |
| ZDI-24-1221 |
ZDI-CAN-24302 |
Ivanti |
CVE-2024-34785 |
7.2 |
2024-09-11 |
2024-09-11 |
Ivanti Endpoint Manager LoadMotherboardTable SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-1220 |
ZDI-CAN-24296 |
Ivanti |
CVE-2024-34783 |
7.2 |
2024-09-11 |
2024-09-11 |
Ivanti Endpoint Manager LoadSlotsTable SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-1219 |
ZDI-CAN-24291 |
Ivanti |
CVE-2024-34779 |
7.2 |
2024-09-11 |
2024-09-11 |
Ivanti Endpoint Manager loadModuleTable SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-1218 |
ZDI-CAN-24290 |
Ivanti |
CVE-2024-32848 |
7.2 |
2024-09-11 |
2024-09-11 |
Ivanti Endpoint Manager updateAssetInfo SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-1217 |
ZDI-CAN-24288 |
Ivanti |
CVE-2024-32846 |
7.2 |
2024-09-11 |
2024-09-11 |
Ivanti Endpoint Manager loadSystemInfo SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-1216 |
ZDI-CAN-24287 |
Ivanti |
CVE-2024-32845 |
7.2 |
2024-09-11 |
2024-09-11 |
Ivanti Endpoint Manager GetSQLStatement SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-1215 |
ZDI-CAN-24285 |
Ivanti |
CVE-2024-32843 |
7.2 |
2024-09-11 |
2024-09-11 |
Ivanti Endpoint Manager loadKeyboardTable SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-1214 |
ZDI-CAN-24284 |
Ivanti |
CVE-2024-32842 |
7.2 |
2024-09-11 |
2024-09-11 |
Ivanti Endpoint Manager GetVulnerabilitiesDataTable SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-1213 |
ZDI-CAN-24282 |
Ivanti |
CVE-2024-32840 |
7.2 |
2024-09-11 |
2024-09-11 |
Ivanti Endpoint Manager loadMouseTable SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-1212 |
ZDI-CAN-24046 |
Ivanti |
CVE-2024-37397 |
8.2 |
2024-09-11 |
2024-09-11 |
Ivanti Endpoint Manager ImportXml XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-24-1211 |
ZDI-CAN-24274 |
Ivanti |
CVE-2024-8191 |
7.8 |
2024-09-11 |
2024-09-11 |
Ivanti Endpoint Manager WasPreviouslyMapped SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-1210 |
ZDI-CAN-24000 |
Microsoft |
CVE-2024-38213 |
8.8 |
2024-09-11 |
2024-09-11 |
Microsoft Windows Drag and Drop SmartScreen Bypass Vulnerability |
| ZDI-24-1209 |
ZDI-CAN-23616 |
Microsoft |
CVE-2024-38213 |
8.8 |
2024-09-11 |
2024-09-11 |
Microsoft Windows Defender SmartScreen Bypass Vulnerability |
| ZDI-24-1208 |
ZDI-CAN-20112 |
Visteon |
CVE-2024-8355 |
6.8 |
2024-09-11 |
2024-09-11 |
(0Day) Visteon Infotainment System DeviceManager iAP Serial Number SQL Injection Vulnerability |
| ZDI-24-1207 |
ZDI-CAN-24998 |
Microsoft |
CVE-2024-43461 |
7.5 |
2024-09-10 |
2024-09-10 |
Microsoft Windows Internet Explorer File Extension Spoofing Remote Code Execution Vulnerability |
| ZDI-24-1206 |
ZDI-CAN-24482 |
Microsoft |
CVE-2024-43466 |
6.5 |
2024-09-10 |
2024-09-10 |
Microsoft SharePoint SPAutoSerializingObject Deserialization of Untrusted Data Denial-of-Service Vulnerability |
| ZDI-24-1205 |
ZDI-CAN-24174 |
Microsoft |
CVE-2024-38249 |
8.8 |
2024-09-10 |
2024-09-10 |
Microsoft Windows BeginPaint Pen Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-24-1204 |
ZDI-CAN-23930 |
Microsoft |
CVE-2024-38018 |
8.8 |
2024-09-10 |
2024-09-10 |
Microsoft SharePoint SPThemes Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-1203 |
ZDI-CAN-24266 |
Adobe |
CVE-2024-43760 |
7.8 |
2024-09-10 |
2024-09-10 |
Adobe Photoshop JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1202 |
ZDI-CAN-24049 |
Adobe |
CVE-2024-39381 |
7.8 |
2024-09-10 |
2024-09-10 |
Adobe After Effects AVI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1201 |
ZDI-CAN-24052 |
Adobe |
CVE-2024-39384 |
7.8 |
2024-09-10 |
2024-09-10 |
Adobe Premiere Pro AVI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1200 |
ZDI-CAN-24051 |
Adobe |
CVE-2024-39377 |
7.8 |
2024-09-10 |
2024-09-10 |
Adobe Media Encoder AVI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1199 |
ZDI-CAN-24048 |
Adobe |
CVE-2024-39382 |
3.3 |
2024-09-10 |
2024-09-10 |
Adobe After Effects AVI File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1198 |
ZDI-CAN-24053 |
Adobe |
CVE-2024-39385 |
3.3 |
2024-09-10 |
2024-09-10 |
Adobe Premiere Pro AVI File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-24-1197 |
ZDI-CAN-24050 |
Adobe |
CVE-2024-39378 |
7.8 |
2024-09-10 |
2024-09-10 |
Adobe Audition AVI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1196 |
ZDI-CAN-24186 |
Adobe |
CVE-2024-45107 |
3.3 |
2024-09-09 |
2024-09-09 |
Adobe Acrobat Reader DC Doc Object Use-After-Free Information Disclosure Vulnerability |
| ZDI-24-1195 |
ZDI-CAN-22321 |
Malwarebytes |
CVE-2024-6260 |
7.0 |
2024-09-05 |
2024-09-05 |
Malwarebytes Antimalware Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-1194 |
ZDI-CAN-24058 |
Linux |
CVE-2024-39463 |
7.8 |
2024-09-05 |
2024-09-05 |
Linux Kernel Plan 9 File System Race Condition Local Privilege Escalation Vulnerability |
| ZDI-24-1193 |
ZDI-CAN-23810 |
Delta Electronics |
CVE-2024-7502 |
7.8 |
2024-09-05 |
2024-09-05 |
Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1192 |
ZDI-CAN-23421 |
Visteon |
CVE-2024-8360 |
6.8 |
2024-08-30 |
2024-08-30 |
(0Day) Visteon Infotainment REFLASH_DDU_ExtractFile Command Injection Remote Code Execution Vulnerability |
| ZDI-24-1191 |
ZDI-CAN-23420 |
Visteon |
CVE-2024-8359 |
6.8 |
2024-08-30 |
2024-08-30 |
(0Day) Visteon Infotainment REFLASH_DDU_FindFile Command Injection Remote Code Execution Vulnerability |
| ZDI-24-1190 |
ZDI-CAN-23422 |
Visteon |
CVE-2024-8358 |
6.8 |
2024-08-30 |
2024-08-30 |
(0Day) Visteon Infotainment UPDATES_ExtractFile Command Injection Remote Code Execution Vulnerability |
| ZDI-24-1189 |
ZDI-CAN-23759 |
Visteon |
CVE-2024-8357 |
7.8 |
2024-08-30 |
2024-08-30 |
(0Day) Visteon Infotainment App SoC Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability |
| ZDI-24-1188 |
ZDI-CAN-23758 |
Visteon |
CVE-2024-8356 |
8.8 |
2024-08-30 |
2024-08-30 |
(0Day) Visteon Infotainment VIP MCU Code Insufficient Validation of Data Authenticity Local Privilege Escalation Vulnerability |
| ZDI-24-1187 |
ZDI-CAN-23667 |
Progress Software |
CVE-2024-6672 |
8.8 |
2024-08-29 |
2024-08-29 |
Progress Software WhatsUp Gold getMonitorJoin SQL Injection Privilege Escalation Vulnerability |
| ZDI-24-1186 |
ZDI-CAN-23662 |
Progress Software |
CVE-2024-6671 |
9.8 |
2024-08-29 |
2024-08-29 |
Progress Software WhatsUp Gold GetStatisticalMonitorList SQL Injection Authentication Bypass Vulnerability |
| ZDI-24-1185 |
ZDI-CAN-23660 |
Progress Software |
CVE-2024-6670 |
9.8 |
2024-08-29 |
2024-08-29 |
Progress Software WhatsUp Gold HasErrors SQL Injection Authentication Bypass Vulnerability |
| ZDI-24-1184 |
ZDI-CAN-22322 |
Progress Software |
CVE-2024-7744 |
4.3 |
2024-08-29 |
2024-08-29 |
Progress Software WS_FTP Directory Traversal Information Disclosure Vulnerability |
| ZDI-24-1183 |
ZDI-CAN-22330 |
Delta Electronics |
CVE-2024-8255 |
7.8 |
2024-08-29 |
2024-08-29 |
Delta Electronics DTN Soft BIN File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-1182 |
ZDI-CAN-24591 |
Linux |
|
6.5 |
2024-08-27 |
2024-08-27 |
Linux Kernel Netfilter Conntrack Type Confusion Information Disclosure Vulnerability |
| ZDI-24-1181 |
ZDI-CAN-24830 |
Axis Communications |
|
7.6 |
2024-08-23 |
2024-08-23 |
Axis Communications Autodesk Plugin Exposure of Sensitive Information Authentication Bypass Vulnerability |
| ZDI-24-1180 |
ZDI-CAN-24061 |
Apple |
CVE-2024-27857 |
7.8 |
2024-08-23 |
2024-08-23 |
Apple macOS AMDRadeonX6000MTLDriver KTX Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1179 |
ZDI-CAN-24068 |
Apple |
CVE-2024-27857 |
3.3 |
2024-08-23 |
2024-08-23 |
Apple macOS AMDRadeonX6000MTLDriver KTX Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1178 |
ZDI-CAN-24083 |
Qualcomm Technologies |
CVE-2024-21473 |
9.8 |
2024-08-23 |
2024-08-23 |
Qualcomm Wi-Fi SON LDB Service Improper Input Validation Remote Code Execution Vulnerability |
| ZDI-24-1177 |
ZDI-CAN-24023 |
Amazon |
|
9.8 |
2024-08-23 |
2024-08-23 |
Amazon AWS CloudFormation Templates Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-1176 |
ZDI-CAN-23901 |
Amazon |
|
9.8 |
2024-08-23 |
2024-08-23 |
Amazon AWS aws-glue-with-s2s-vpn Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-1175 |
ZDI-CAN-23812 |
Delta Electronics |
CVE-2024-7502 |
7.8 |
2024-08-22 |
2024-08-22 |
Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1174 |
ZDI-CAN-23834 |
Delta Electronics |
CVE-2024-7502 |
7.8 |
2024-08-22 |
2024-08-22 |
Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1173 |
ZDI-CAN-23833 |
Delta Electronics |
CVE-2024-7502 |
7.8 |
2024-08-22 |
2024-08-22 |
Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1172 |
ZDI-CAN-23808 |
Delta Electronics |
CVE-2024-7502 |
7.8 |
2024-08-22 |
2024-08-22 |
Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1171 |
ZDI-CAN-23806 |
Delta Electronics |
CVE-2024-7502 |
7.8 |
2024-08-22 |
2024-08-22 |
Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1170 |
ZDI-CAN-23805 |
Delta Electronics |
CVE-2024-7502 |
7.8 |
2024-08-22 |
2024-08-22 |
Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1169 |
ZDI-CAN-23804 |
Delta Electronics |
CVE-2024-7502 |
7.8 |
2024-08-22 |
2024-08-22 |
Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1168 |
ZDI-CAN-23803 |
Delta Electronics |
CVE-2024-7502 |
7.8 |
2024-08-22 |
2024-08-22 |
Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1167 |
ZDI-CAN-23802 |
Delta Electronics |
CVE-2024-7502 |
7.8 |
2024-08-22 |
2024-08-22 |
Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1166 |
ZDI-CAN-23801 |
Delta Electronics |
CVE-2024-7502 |
7.8 |
2024-08-22 |
2024-08-22 |
Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1165 |
ZDI-CAN-23609 |
Allegra |
CVE-2024-30372 |
8.8 |
2024-08-22 |
2024-08-22 |
Allegra getLinkText Server-Side Template Injection Remote Code Execution Vulnerability |
| ZDI-24-1164 |
ZDI-CAN-23453 |
Allegra |
CVE-2024-5581 |
7.2 |
2024-08-22 |
2024-08-22 |
Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-1163 |
ZDI-CAN-23452 |
Allegra |
CVE-2024-5580 |
7.2 |
2024-08-22 |
2024-08-22 |
Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-1162 |
ZDI-CAN-23451 |
Allegra |
CVE-2024-5579 |
7.2 |
2024-08-22 |
2024-08-22 |
Allegra renderFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-1161 |
ZDI-CAN-23566 |
Linux |
CVE-2024-36960 |
6.7 |
2024-08-22 |
2024-08-22 |
Linux Kernel vmwgfx Driver Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1160 |
ZDI-CAN-23730 |
Apple |
CVE-2024-40789 |
4.3 |
2024-08-22 |
2024-08-22 |
Apple WebKit WebCodecs VideoFrame Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1159 |
ZDI-CAN-23381 |
G DATA |
CVE-2024-30377 |
7.8 |
2024-08-22 |
2024-08-22 |
G DATA Total Security Scan Server Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-1158 |
ZDI-CAN-24040 |
Rockwell Automation |
CVE-2024-7988 |
9.8 |
2024-08-22 |
2024-08-22 |
Rockwell Automation ThinManager ThinServer Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-24-1157 |
ZDI-CAN-24006 |
Rockwell Automation |
CVE-2024-7987 |
7.8 |
2024-08-22 |
2024-08-22 |
Rockwell Automation ThinManager ThinServer Arbitrary File Creation Privilege Escalation Vulnerability |
| ZDI-24-1156 |
ZDI-CAN-24002 |
Rockwell Automation |
CVE-2024-7986 |
5.5 |
2024-08-22 |
2024-08-22 |
Rockwell Automation ThinManager ThinServer Arbitrary File Read Information Disclosure Vulnerability |
| ZDI-24-1155 |
ZDI-CAN-23859 |
PaperCut |
CVE-2024-4712 |
7.8 |
2024-08-22 |
2024-08-22 |
PaperCut NG image-handler Directory Traversal Local Privilege Escalation Vulnerability |
| ZDI-24-1154 |
ZDI-CAN-23384 |
Autel |
CVE-2024-7795 |
8.8 |
2024-08-20 |
2024-08-20 |
Autel MaxiCharger AC Elite Business C50 AppAuthenExchangeRandomNum Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1153 |
ZDI-CAN-24499 |
Autodesk |
CVE-2024-7305 |
7.8 |
2024-08-20 |
2024-08-20 |
Autodesk AutoCAD DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1152 |
ZDI-CAN-23499 |
Phoenix Contact |
CVE-2024-3913 |
5.0 |
2024-08-20 |
2024-08-20 |
Phoenix Contact CHARX SEC-3100 Improper Access Control Authentication Bypass Vulnerability |
| ZDI-24-1151 |
ZDI-CAN-24220 |
Ivanti |
CVE-2024-37399 |
7.5 |
2024-08-15 |
2024-08-15 |
Ivanti Avalanche WLAvalancheService Null Pointer Dereference Denial-of-Service Vulnerability |
| ZDI-24-1150 |
ZDI-CAN-22083 |
Ivanti |
CVE-2024-38653 |
8.2 |
2024-08-15 |
2024-08-15 |
Ivanti Avalanche decodeToMap XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-24-1149 |
ZDI-CAN-21401 |
Ivanti |
CVE-2024-38652 |
8.2 |
2024-08-15 |
2024-08-15 |
Ivanti Avalanche deleteSkin Directory Traversal Arbitrary File Deletion Vulnerability |
| ZDI-24-1148 |
ZDI-CAN-24264 |
Microsoft |
CVE-2024-38171 |
7.8 |
2024-08-13 |
2024-08-15 |
Microsoft Office PowerPoint PPTX File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1147 |
ZDI-CAN-23936 |
Microsoft |
CVE-2024-38163 |
7.0 |
2024-08-13 |
2024-08-15 |
Microsoft Windows 10 WinREUpdateInstaller_2401B_amd64 Link Following Privilege Escalation Vulnerability |
| ZDI-24-1146 |
ZDI-CAN-23934 |
Microsoft |
CVE-2024-38163 |
7.0 |
2024-08-13 |
2024-08-15 |
Microsoft Windows 10 WinREUpdateInstaller DLL Hijacking Local Privilege Escalation Vulnerability |
| ZDI-24-1145 |
ZDI-CAN-23552 |
Microsoft |
CVE-2024-38169 |
7.8 |
2024-08-13 |
2024-08-15 |
Microsoft Office Visio VSDX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1144 |
ZDI-CAN-24055 |
Adobe |
CVE-2024-39388 |
7.8 |
2024-08-13 |
2024-08-15 |
Adobe Substance 3D Stager SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1143 |
ZDI-CAN-24031 |
Adobe |
CVE-2024-34124 |
7.8 |
2024-08-13 |
2024-08-15 |
Adobe Dimension SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1142 |
ZDI-CAN-24030 |
Adobe |
CVE-2024-20789 |
7.8 |
2024-08-13 |
2024-08-15 |
Adobe Dimension SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1141 |
ZDI-CAN-24027 |
Adobe |
CVE-2024-34125 |
3.3 |
2024-08-13 |
2024-08-15 |
Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1140 |
ZDI-CAN-24028 |
Adobe |
CVE-2024-34126 |
3.3 |
2024-08-13 |
2024-08-15 |
Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1139 |
ZDI-CAN-24057 |
Adobe |
CVE-2024-39386 |
7.8 |
2024-08-13 |
2024-08-15 |
Adobe Bridge AVI FIle Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1138 |
ZDI-CAN-24607 |
Adobe |
CVE-2024-41840 |
7.8 |
2024-08-13 |
2024-08-15 |
Adobe Bridge JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1137 |
ZDI-CAN-24047 |
Adobe |
CVE-2024-39387 |
3.3 |
2024-08-13 |
2024-08-15 |
Adobe Bridge AVI FIle Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1136 |
ZDI-CAN-24182 |
Adobe |
CVE-2024-39423 |
7.8 |
2024-08-13 |
2024-08-15 |
Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1135 |
ZDI-CAN-24090 |
Adobe |
CVE-2024-39422 |
7.8 |
2024-08-13 |
2024-08-15 |
Adobe Acrobat Reader DC AcroForm Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1134 |
ZDI-CAN-24309 |
Adobe |
CVE-2024-39424 |
7.8 |
2024-08-13 |
2024-08-15 |
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1133 |
ZDI-CAN-24569 |
Adobe |
CVE-2024-41831 |
7.8 |
2024-08-13 |
2024-08-15 |
Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1132 |
ZDI-CAN-24310 |
Adobe |
CVE-2024-41833 |
3.3 |
2024-08-13 |
2024-08-15 |
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1131 |
ZDI-CAN-24311 |
Adobe |
CVE-2024-41834 |
3.3 |
2024-08-13 |
2024-08-15 |
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1130 |
ZDI-CAN-24312 |
Adobe |
CVE-2024-39426 |
7.8 |
2024-08-13 |
2024-08-15 |
Adobe Acrobat Reader DC Annotation Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-1129 |
ZDI-CAN-23964 |
Magnet Forensics |
CVE-2024-7448 |
8.0 |
2024-08-13 |
2024-08-15 |
Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability |
| ZDI-24-1128 |
ZDI-CAN-23326 |
Samsung |
CVE-2024-7399 |
9.8 |
2024-08-13 |
2024-08-15 |
Samsung MagicInfo Server getFileFromMultipartFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-1127 |
ZDI-CAN-23928 |
Foxit |
CVE-2024-7725 |
7.8 |
2024-08-13 |
2024-08-15 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1126 |
ZDI-CAN-23900 |
Foxit |
CVE-2024-7724 |
7.8 |
2024-08-13 |
2024-08-15 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1125 |
ZDI-CAN-23736 |
Foxit |
CVE-2024-7723 |
7.8 |
2024-08-13 |
2024-08-15 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1124 |
ZDI-CAN-23702 |
Foxit |
CVE-2024-7722 |
3.3 |
2024-08-13 |
2024-08-15 |
Foxit PDF Reader Doc Object Use-After-Free Information Disclosure Vulnerability |
| ZDI-24-1123 |
ZDI-CAN-22458 |
QNAP |
CVE-2024-32765 |
8.1 |
2024-08-12 |
2024-08-15 |
(Pwn2Own) QNAP TS-464 Netmgr Endpoint Command Injection Remote Code Execution Vulnerability |
| ZDI-24-1122 |
ZDI-CAN-23588 |
Apple |
CVE-2024-27829 |
3.1 |
2024-08-08 |
2024-08-15 |
Apple macOS VideoToolbox Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1121 |
ZDI-CAN-23591 |
Apple |
CVE-2024-27829 |
4.3 |
2024-08-08 |
2024-08-15 |
Apple macOS VideoToolbox Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1120 |
ZDI-CAN-24130 |
Apple |
CVE-2024-27829 |
8.8 |
2024-08-08 |
2024-08-15 |
Apple macOS AppleVADriver Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1119 |
ZDI-CAN-24059 |
Apple |
CVE-2024-27857 |
3.3 |
2024-08-08 |
2024-08-15 |
Apple macOS AMDRadeonX6000MTLDriver KTX Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1118 |
ZDI-CAN-24060 |
Apple |
CVE-2024-27857 |
7.8 |
2024-08-08 |
2024-08-15 |
Apple macOS AMDRadeonX6000MTLDriver KTX Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1117 |
ZDI-CAN-24063 |
Apple |
CVE-2024-27857 |
3.3 |
2024-08-08 |
2024-08-15 |
Apple macOS AMDRadeonX6000MTLDriver KTX Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1116 |
ZDI-CAN-24066 |
Apple |
CVE-2024-27857 |
7.8 |
2024-08-08 |
2024-08-15 |
Apple macOS AMDRadeonX6000MTLDriver KTX Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1115 |
ZDI-CAN-24069 |
Apple |
CVE-2024-27857 |
7.8 |
2024-08-08 |
2024-08-15 |
Apple macOS AMDRadeonX6000MTLDriver KTX Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1114 |
ZDI-CAN-24062 |
Apple |
CVE-2024-27857 |
3.3 |
2024-08-08 |
2024-08-15 |
Apple macOS AMDRadeonX6000MTLDriver KTX Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1113 |
ZDI-CAN-24064 |
Apple |
CVE-2024-27857 |
3.3 |
2024-08-08 |
2024-08-15 |
Apple macOS AMDRadeonX6000MTLDriver KTX Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1112 |
ZDI-CAN-24065 |
Apple |
CVE-2024-27857 |
7.8 |
2024-08-08 |
2024-08-15 |
Apple macOS AMDRadeonX6000MTLDriver KTX Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1111 |
ZDI-CAN-24067 |
Apple |
CVE-2024-27857 |
3.3 |
2024-08-08 |
2024-08-15 |
Apple macOS AMDRadeonX6000MTLDriver KTX Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1110 |
ZDI-CAN-24035 |
Apple |
CVE-2024-27857 |
3.3 |
2024-08-08 |
2024-08-15 |
Apple macOS AMDRadeonX6000MTLDriver KTX Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1109 |
ZDI-CAN-24037 |
Apple |
CVE-2024-27857 |
3.3 |
2024-08-08 |
2024-08-15 |
Apple macOS AMDRadeonX6000MTLDriver KTX Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1108 |
ZDI-CAN-24036 |
Apple |
CVE-2024-27857 |
3.3 |
2024-08-08 |
2024-08-15 |
Apple macOS AMDRadeonX6000MTLDriver KTX Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1107 |
ZDI-CAN-24038 |
Apple |
CVE-2024-27857 |
3.3 |
2024-08-08 |
2024-08-15 |
Apple macOS AMDRadeonX6000MTLDriver KTX Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1106 |
ZDI-CAN-25026 |
Logsign |
CVE-2024-7601 |
7.1 |
2024-08-08 |
2024-08-15 |
Logsign Unified SecOps Platform Directory data_export_delete_all Traversal Arbitrary File Deletion Vulnerability |
| ZDI-24-1105 |
ZDI-CAN-25028 |
Logsign |
CVE-2024-7603 |
7.1 |
2024-08-08 |
2024-08-15 |
Logsign Unified SecOps Platform Directory Traversal Arbitrary Directory Deletion Vulnerability |
| ZDI-24-1104 |
ZDI-CAN-25029 |
Logsign |
CVE-2024-7604 |
5.1 |
2024-08-08 |
2024-08-15 |
Logsign Unified SecOps Platform Incorrect Authorization Authentication Bypass Vulnerability |
| ZDI-24-1103 |
ZDI-CAN-25025 |
Logsign |
CVE-2024-7600 |
7.1 |
2024-08-08 |
2024-08-15 |
Logsign Unified SecOps Platform Directory Traversal Arbitrary File Deletion Vulnerability |
| ZDI-24-1102 |
ZDI-CAN-25027 |
Logsign |
CVE-2024-7602 |
6.5 |
2024-08-08 |
2024-08-15 |
Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability |
| ZDI-24-1101 |
ZDI-CAN-22578 |
Apple |
CVE-2024-27802 |
3.3 |
2024-08-06 |
2024-08-15 |
Apple macOS Metal Framework KTX Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1100 |
ZDI-CAN-19060 |
SMARTBEAR |
CVE-2024-7565 |
7.8 |
2024-08-06 |
2024-08-15 |
SMARTBEAR SoapUI unpackageAll Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-1099 |
ZDI-CAN-24775 |
Apache |
CVE-2024-38856 |
9.8 |
2024-08-06 |
2024-08-15 |
Apache OFBiz resolveURI Authentication Bypass Vulnerability |
| ZDI-24-1098 |
ZDI-CAN-22870 |
Microsoft |
|
5.5 |
2024-08-06 |
2024-08-15 |
(0Day) Microsoft Windows Error Reporting Service Missing Authorization Arbitrary Process Termination Vulnerability |
| ZDI-24-1097 |
ZDI-CAN-22453 |
Microsoft |
|
9.9 |
2024-08-06 |
2024-08-15 |
(0Day) Microsoft GitHub Dev-Containers Improper Privilege Management Privilege Escalation Vulnerability |
| ZDI-24-1096 |
ZDI-CAN-22344 |
Microsoft |
|
3.3 |
2024-08-06 |
2024-08-15 |
(0Day) Microsoft Office Visio EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1095 |
ZDI-CAN-22326 |
Microsoft |
|
3.3 |
2024-08-06 |
2024-08-15 |
(0Day) Microsoft Office Visio DXF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1094 |
ZDI-CAN-22291 |
Microsoft |
|
3.3 |
2024-08-06 |
2024-08-15 |
(0Day) Microsoft Office Visio EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1093 |
ZDI-CAN-22290 |
Microsoft |
|
3.3 |
2024-08-06 |
2024-08-15 |
(0Day) Microsoft Office Visio EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1092 |
ZDI-CAN-22289 |
Microsoft |
|
3.3 |
2024-08-06 |
2024-08-15 |
(0Day) Microsoft Office Visio DXF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1091 |
ZDI-CAN-20572 |
Microsoft |
|
5.5 |
2024-08-06 |
2024-08-15 |
(0Day) Microsoft Windows DirectComposition Out-Of-Bounds Read Denial-of-Service Vulnerability |
| ZDI-24-1090 |
ZDI-CAN-20571 |
Microsoft |
|
5.5 |
2024-08-06 |
2024-08-15 |
(0Day) Microsoft Windows DirectComposition Null Pointer Dereference Denial-of-Service Vulnerability |
| ZDI-24-1089 |
ZDI-CAN-20166 |
Microsoft |
|
3.3 |
2024-08-06 |
2024-08-15 |
(0Day) Microsoft Office Visio DXF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1088 |
ZDI-CAN-19051 |
Microsoft |
|
3.3 |
2024-08-06 |
2024-08-15 |
(0Day) Microsoft 3D Viewer GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1087 |
ZDI-CAN-23460 |
oFono |
CVE-2024-7547 |
7.0 |
2024-08-05 |
2024-08-15 |
(0Day) oFono SMS Decoder Stack-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-24-1086 |
ZDI-CAN-23459 |
oFono |
CVE-2024-7546 |
7.8 |
2024-08-05 |
2024-08-15 |
(0Day) oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-24-1085 |
ZDI-CAN-23458 |
oFono |
CVE-2024-7545 |
7.8 |
2024-08-05 |
2024-08-15 |
(0Day) oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-24-1084 |
ZDI-CAN-23457 |
oFono |
CVE-2024-7544 |
7.8 |
2024-08-05 |
2024-08-15 |
(0Day) oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-24-1083 |
ZDI-CAN-23456 |
oFono |
CVE-2024-7543 |
7.8 |
2024-08-05 |
2024-08-15 |
(0Day) oFono SimToolKit Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-24-1082 |
ZDI-CAN-23309 |
oFono |
CVE-2024-7542 |
3.3 |
2024-08-05 |
2024-08-15 |
(0Day) (Pwn2Own) oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability |
| ZDI-24-1081 |
ZDI-CAN-23308 |
oFono |
CVE-2024-7541 |
3.3 |
2024-08-05 |
2024-08-15 |
(0Day) (Pwn2Own) oFono AT CMT Command Uninitialized Variable Information Disclosure Vulnerability |
| ZDI-24-1080 |
ZDI-CAN-23307 |
oFono |
CVE-2024-7540 |
3.3 |
2024-08-05 |
2024-08-15 |
(0Day) (Pwn2Own) oFono AT CMGL Command Uninitialized Variable Information Disclosure Vulnerability |
| ZDI-24-1079 |
ZDI-CAN-23195 |
oFono |
CVE-2024-7539 |
7.8 |
2024-08-05 |
2024-08-15 |
(0Day) (Pwn2Own) oFono CUSD Stack-based Buffer Overflow Code Execution Vulnerability |
| ZDI-24-1078 |
ZDI-CAN-23190 |
oFono |
CVE-2024-7538 |
7.8 |
2024-08-05 |
2024-08-15 |
(0Day) (Pwn2Own) oFono CUSD AT Command Stack-based Buffer Overflow Code Execution Vulnerability |
| ZDI-24-1077 |
ZDI-CAN-23157 |
oFono |
CVE-2024-7537 |
3.3 |
2024-08-05 |
2024-08-15 |
(0Day) (Pwn2Own) oFono QMI SMS Handling Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1076 |
ZDI-CAN-23414 |
Microsoft |
CVE-2024-30082 |
8.8 |
2024-08-05 |
2024-08-15 |
Microsoft Windows Menu DC Color Space Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-24-1075 |
ZDI-CAN-23296 |
Microsoft |
|
9.8 |
2024-08-05 |
2024-08-15 |
Microsoft PowerShell Reference for Office Products officedocs-cdn Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-1074 |
ZDI-CAN-23295 |
Microsoft |
|
9.8 |
2024-08-05 |
2024-08-15 |
Microsoft PowerShell Gallery psg-prod-centralus Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-1073 |
ZDI-CAN-23269 |
Microsoft |
|
9.8 |
2024-08-05 |
2024-08-15 |
Microsoft Azure uAMQP azure-iot-sdks-ci Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-1072 |
ZDI-CAN-23258 |
Microsoft |
|
9.8 |
2024-08-05 |
2024-08-15 |
Microsoft CameraTraps cameratracrsppftkje Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-1071 |
ZDI-CAN-23234 |
Microsoft |
|
9.8 |
2024-08-05 |
2024-08-15 |
Microsoft Azure GPT ALE palantirdemoacr Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-1070 |
ZDI-CAN-23075 |
Microsoft |
|
9.8 |
2024-08-05 |
2024-08-15 |
Microsoft Partner Resources openhacks Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-1069 |
ZDI-CAN-23067 |
Microsoft |
|
9.8 |
2024-08-05 |
2024-08-15 |
Microsoft Technical Case Studies athena-dashboard Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-1068 |
ZDI-CAN-23066 |
Microsoft |
|
5.3 |
2024-08-05 |
2024-08-15 |
Microsoft Azure ML.NET Samples mlnetfilestorage Uncontrolled Search Path Element Vulnerability |
| ZDI-24-1067 |
ZDI-CAN-23055 |
Microsoft |
|
9.4 |
2024-08-05 |
2024-08-15 |
Microsoft Azure CollectSFData docs-analytics-eus Uncontrolled Search Path Element Impersonation Vulnerability |
| ZDI-24-1066 |
ZDI-CAN-23054 |
Microsoft |
|
9.8 |
2024-08-05 |
2024-08-15 |
Microsoft Azure DataStoriesSamples machinelearningdatasets Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-1065 |
ZDI-CAN-23041 |
Microsoft |
|
9.8 |
2024-08-05 |
2024-08-15 |
Microsoft Azure Availability Monitor for Kafka esnewdeveastdockerregistry Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-1064 |
ZDI-CAN-23029 |
Microsoft |
|
9.8 |
2024-08-05 |
2024-08-15 |
Microsoft AirSim airsimci Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-1063 |
ZDI-CAN-23028 |
Microsoft |
|
9.8 |
2024-08-05 |
2024-08-15 |
Microsoft Reactor Workshops reactorworkshops Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-1062 |
ZDI-CAN-23027 |
Microsoft |
|
9.8 |
2024-08-05 |
2024-08-15 |
Microsoft Fluid Framework prague Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-1061 |
ZDI-CAN-23026 |
Microsoft |
|
9.8 |
2024-08-05 |
2024-08-15 |
Microsoft What The Hack docsmsftpdfs Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-1060 |
ZDI-CAN-23023 |
Microsoft |
|
9.8 |
2024-08-05 |
2024-08-15 |
Microsoft Azure Aztack aztack1528763526 Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-1059 |
ZDI-CAN-23022 |
Microsoft |
|
9.8 |
2024-08-05 |
2024-08-15 |
Microsoft Azure Linux Automation konkaciwestus1 Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-1058 |
ZDI-CAN-23021 |
Microsoft |
|
9.8 |
2024-08-05 |
2024-08-15 |
Microsoft Azure NodeJS LogPoint logpointsassets Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-1057 |
ZDI-CAN-23000 |
Trimble |
CVE-2024-7511 |
3.3 |
2024-08-05 |
2024-08-15 |
Trimble SketchUp Pro SKP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1056 |
ZDI-CAN-19631 |
Trimble |
CVE-2024-7510 |
7.8 |
2024-08-05 |
2024-08-15 |
Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-1055 |
ZDI-CAN-19576 |
Trimble |
CVE-2024-7509 |
7.8 |
2024-08-05 |
2024-08-15 |
Trimble SketchUp SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1054 |
ZDI-CAN-19575 |
Trimble |
CVE-2024-7508 |
7.8 |
2024-08-05 |
2024-08-15 |
Trimble SketchUp Viewer SKP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1053 |
ZDI-CAN-23317 |
ChargePoint |
CVE-2024-23971 |
8.8 |
2024-08-01 |
2024-08-21 |
(0Day) (Pwn2Own) ChargePoint Home Flex OCPP bswitch Command Injection Remote Code Execution Vulnerability |
| ZDI-24-1052 |
ZDI-CAN-23229 |
ChargePoint |
CVE-2024-23970 |
6.5 |
2024-08-01 |
2024-08-15 |
(0Day) (Pwn2Own) ChargePoint Home Flex Improper Certificate Validation Vulnerability |
| ZDI-24-1051 |
ZDI-CAN-23313 |
ChargePoint |
CVE-2024-23969 |
8.8 |
2024-08-01 |
2024-08-21 |
(0Day) (Pwn2Own) ChargePoint Home Flex wlanchnllst Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1050 |
ZDI-CAN-23222 |
ChargePoint |
CVE-2024-23968 |
8.8 |
2024-08-01 |
2024-08-21 |
(0Day) (Pwn2Own) ChargePoint Home Flex SrvrToSmSetAutoChnlListMsg Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-1049 |
ZDI-CAN-23300 |
ChargePoint |
CVE-2024-23921 |
8.8 |
2024-08-01 |
2024-08-21 |
(0Day) (Pwn2Own) ChargePoint Home Flex wlanapp Command Injection Remote Code Execution Vulnerability |
| ZDI-24-1048 |
ZDI-CAN-23150 |
ChargePoint |
CVE-2024-23920 |
8.8 |
2024-08-01 |
2024-08-21 |
(0Day) (Pwn2Own) ChargePoint Home Flex onboardee Improper Access Control Remote Code Execution Vulnerability |
| ZDI-24-1047 |
ZDI-CAN-21455 |
ChargePoint |
CVE-2024-7392 |
4.3 |
2024-08-01 |
2024-08-15 |
(0Day) ChargePoint Home Flex Bluetooth Low Energy Denial-of-Service Vulnerability |
| ZDI-24-1046 |
ZDI-CAN-21454 |
ChargePoint |
CVE-2024-7391 |
2.6 |
2024-08-01 |
2024-08-15 |
(0Day) ChargePoint Home Flex Bluetooth Low Energy Information Disclosure Vulnerability |
| ZDI-24-1045 |
ZDI-CAN-23101 |
Pioneer |
CVE-2024-23928 |
6.5 |
2024-08-01 |
2024-08-15 |
(0Day) (Pwn2Own) Pioneer DMH-WT7600NEX Telematics Improper Certificate Validation Vulnerability |
| ZDI-24-1044 |
ZDI-CAN-23301 |
Pioneer |
CVE-2024-23929 |
7.3 |
2024-08-01 |
2024-08-15 |
(0Day) (Pwn2Own) Pioneer DMH-WT7600NEX Telematics Directory Traversal Arbitrary File Creation Vulnerability |
| ZDI-24-1043 |
ZDI-CAN-23302 |
Pioneer |
CVE-2024-23930 |
4.3 |
2024-08-01 |
2024-08-15 |
(0Day) (Pwn2Own) Pioneer DMH-WT7600NEX Media Service Improper Handling of Exceptional Conditions Denial-of-Service Vulnerability |
| ZDI-24-1042 |
ZDI-CAN-24039 |
NoMachine |
CVE-2024-7253 |
7.8 |
2024-08-01 |
2024-08-15 |
NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability |
| ZDI-24-1041 |
ZDI-CAN-20781 |
Google |
CVE-2023-7261 |
7.8 |
2024-08-01 |
2024-08-15 |
Google Chrome Updater DosDevices Local Privilege Escalation Vulnerability |
| ZDI-24-1040 |
ZDI-CAN-24127 |
Apple |
CVE-2024-27877 |
4.3 |
2024-07-31 |
2024-08-15 |
Apple macOS AppleVADriver Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1039 |
ZDI-CAN-23757 |
PaperCut |
CVE-2024-8404 |
7.8 |
2024-07-31 |
2024-09-30 |
PaperCut NG web-print-hot-folder Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-1038 |
ZDI-CAN-20972 |
PaperCut |
CVE-2024-3037 |
7.8 |
2024-07-31 |
2024-08-15 |
PaperCut NG pc-web-print Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-1037 |
ZDI-CAN-23550 |
PDF-XChange |
CVE-2024-7352 |
7.8 |
2024-07-31 |
2024-08-15 |
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-1036 |
ZDI-CAN-21677 |
Check Point |
CVE-2024-6233 |
7.8 |
2024-07-31 |
2024-08-15 |
Check Point ZoneAlarm Extreme Security Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-1035 |
ZDI-CAN-22668 |
Microsoft |
CVE-2024-21371 |
8.8 |
2024-07-31 |
2024-08-15 |
Microsoft Windows NTFS Junction Heap-based Buffer Overflow Local Privilege Escalation Vulnerability |
| ZDI-24-1034 |
ZDI-CAN-23673 |
Oracle |
CVE-2024-21164 |
2.5 |
2024-07-30 |
2024-08-15 |
Oracle VirtualBox EHCI USB Controller Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-1033 |
ZDI-CAN-23183 |
NI |
CVE-2024-6122 |
5.5 |
2024-07-30 |
2024-08-15 |
NI FlexLogger Redis Server Incorrect Permission Assignment Information Disclosure Vulnerability |
| ZDI-24-1032 |
ZDI-CAN-21802 |
NI |
CVE-2024-6121 |
7.8 |
2024-07-30 |
2024-08-15 |
NI FlexLogger Redis Local Privilege Escalation Vulnerability |
| ZDI-24-1031 |
ZDI-CAN-21927 |
NI |
CVE-2024-6675 |
7.8 |
2024-07-30 |
2024-08-15 |
NI VeriStand NIVSPRJ File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-1030 |
ZDI-CAN-22009 |
NI |
CVE-2024-6791 |
7.8 |
2024-07-30 |
2024-08-15 |
NI VeriStand VSMODEL File Parsing Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-1029 |
ZDI-CAN-22068 |
NI |
CVE-2024-6793 |
9.8 |
2024-07-30 |
2024-08-15 |
NI VeriStand DataLoggingServer Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-1028 |
ZDI-CAN-22069 |
NI |
CVE-2024-6794 |
9.8 |
2024-07-30 |
2024-08-15 |
NI VeriStand WaveformStreamingServer Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-1027 |
ZDI-CAN-22106 |
NI |
CVE-2024-6806 |
9.8 |
2024-07-30 |
2024-08-15 |
NI VeriStand ProjectServer OpenTool Exposed Dangerous Method Remote Code Execution Vulnerability |
| ZDI-24-1026 |
ZDI-CAN-22162 |
NI |
CVE-2024-6806 |
9.8 |
2024-07-30 |
2024-08-15 |
NI VeriStand ProjectServer Exposed Dangerous Method Remote Code Execution Vulnerability |
| ZDI-24-1025 |
ZDI-CAN-22070 |
NI |
CVE-2024-6805 |
7.5 |
2024-07-30 |
2024-08-15 |
NI VeriStand IFileTransferServer Exposed Dangerous Method Information Disclosure Vulnerability |
| ZDI-24-1024 |
ZDI-CAN-22167 |
NI |
CVE-2024-6805 |
7.5 |
2024-07-30 |
2024-08-15 |
NI VeriStand ProjectServer Exposed Dangerous Method Denial-of-Service Vulnerability |
| ZDI-24-1023 |
ZDI-CAN-22717 |
Trend Micro |
CVE-2024-41183 |
7.8 |
2024-07-30 |
2024-08-15 |
Trend Micro VPN Proxy One Pro Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-1022 |
ZDI-CAN-22716 |
Trend Micro |
CVE-2024-41183 |
7.0 |
2024-07-30 |
2024-08-15 |
Trend Micro VPN Proxy One Pro Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-1021 |
ZDI-CAN-24680 |
Logsign |
CVE-2024-7564 |
4.3 |
2024-07-30 |
2024-08-15 |
Logsign Unified SecOps Platform Directory Traversal Information Disclosure Vulnerability |
| ZDI-24-1020 |
ZDI-CAN-23514 |
SolarWinds |
CVE-2024-28992 |
8.6 |
2024-07-29 |
2024-08-15 |
SolarWinds Access Rights Manager deleteTransferFile Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability |
| ZDI-24-1019 |
ZDI-CAN-23779 |
Docker |
CVE-2024-6222 |
8.2 |
2024-07-29 |
2024-08-15 |
(Pwn2Own) Docker Desktop extension-manager Exposed Dangerous Function Privilege Escalation Vulnerability |
| ZDI-24-1018 |
ZDI-CAN-23851 |
Linux |
CVE-2024-35880 |
7.8 |
2024-07-29 |
2024-08-15 |
(Pwn2Own) Linux Kernel io_uring Buffer List Race Condition Local Privilege Escalation Vulnerability |
| ZDI-24-1017 |
ZDI-CAN-23402 |
Panda Security |
CVE-2024-7242 |
7.8 |
2024-07-29 |
2024-08-15 |
(0Day) Panda Security Dome Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-1016 |
ZDI-CAN-23375 |
Panda Security |
CVE-2024-7241 |
7.8 |
2024-07-29 |
2024-08-15 |
(0Day) Panda Security Dome Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-1015 |
ZDI-CAN-23429 |
Panda Security |
CVE-2024-7245 |
7.0 |
2024-07-29 |
2024-08-15 |
(0Day) Panda Security Dome VPN Incorrect Permission Assignment Local Privilege Escalation Vulnerability |
| ZDI-24-1014 |
ZDI-CAN-23428 |
Panda Security |
CVE-2024-7244 |
7.8 |
2024-07-29 |
2024-08-15 |
(0Day) Panda Security Dome VPN DLL Hijacking Local Privilege Escalation Vulnerability |
| ZDI-24-1013 |
ZDI-CAN-23413 |
Panda Security |
CVE-2024-7243 |
7.8 |
2024-07-29 |
2024-08-15 |
(0Day) Panda Security Dome Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-1012 |
ZDI-CAN-23005 |
F-Secure |
CVE-2024-7240 |
7.3 |
2024-07-29 |
2024-08-15 |
(0Day) F-Secure Total Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-1011 |
ZDI-CAN-22238 |
VIPRE |
CVE-2024-7238 |
7.8 |
2024-07-29 |
2024-08-15 |
(0Day) VIPRE Advanced Security SBAMSvc Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-1010 |
ZDI-CAN-22314 |
VIPRE |
CVE-2024-7239 |
7.8 |
2024-07-29 |
2024-08-15 |
(0Day) VIPRE Advanced Security Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-1009 |
ZDI-CAN-22942 |
AVG |
CVE-2024-7236 |
5.3 |
2024-07-29 |
2024-08-15 |
AVG AntiVirus Free icarus Arbitrary File Creation Denial of Service Vulnerability |
| ZDI-24-1008 |
ZDI-CAN-22260 |
AVG |
CVE-2024-7234 |
7.8 |
2024-07-29 |
2024-08-15 |
AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-1007 |
ZDI-CAN-22960 |
AVG |
CVE-2024-7237 |
7.8 |
2024-07-29 |
2024-08-15 |
AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-1006 |
ZDI-CAN-22803 |
AVG |
CVE-2024-7235 |
6.1 |
2024-07-29 |
2024-08-15 |
AVG AntiVirus Free Link Following Denial-of-Service Vulnerability |
| ZDI-24-1005 |
ZDI-CAN-23731 |
Avast |
CVE-2024-7233 |
7.8 |
2024-07-29 |
2024-08-15 |
(0Day) Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-1004 |
ZDI-CAN-22963 |
Avast |
CVE-2024-7232 |
7.8 |
2024-07-29 |
2024-08-15 |
(0Day) Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-1003 |
ZDI-CAN-22272 |
Avast |
CVE-2024-7227 |
7.8 |
2024-07-29 |
2024-08-15 |
(0Day) Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-1002 |
ZDI-CAN-22892 |
Avast |
CVE-2024-7229 |
7.8 |
2024-07-29 |
2024-08-15 |
(0Day) Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-1001 |
ZDI-CAN-22894 |
Avast |
CVE-2024-7231 |
7.8 |
2024-07-29 |
2024-08-15 |
(0Day) Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-1000 |
ZDI-CAN-22893 |
Avast |
CVE-2024-7230 |
7.8 |
2024-07-29 |
2024-08-15 |
(0Day) Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-999 |
ZDI-CAN-22806 |
Avast |
CVE-2024-7228 |
6.1 |
2024-07-29 |
2024-08-15 |
(0Day) Avast Free Antivirus Link Following Denial-of-Service Vulnerability |
| ZDI-24-998 |
ZDI-CAN-22317 |
KernelCI |
|
8.2 |
2024-07-29 |
2024-08-15 |
KernelCI SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability |
| ZDI-24-997 |
ZDI-CAN-22869 |
Linux |
CVE-2024-0565 |
8.3 |
2024-07-29 |
2024-08-15 |
Linux Kernel CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability |
| ZDI-24-996 |
ZDI-CAN-22271 |
Linux |
CVE-2023-52755 |
9.0 |
2024-07-29 |
2024-08-15 |
Linux Kernel ksmbd ACL Inheritance Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-995 |
ZDI-CAN-21202 |
Linux |
CVE-2023-39197 |
4.0 |
2024-07-29 |
2024-08-15 |
Linux Kernel Netfilter Conntrack Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-994 |
ZDI-CAN-20940 |
Linux |
CVE-2023-39198 |
7.5 |
2024-07-29 |
2024-08-15 |
Linux Kernel QXL VGA Driver Race Condition Local Privilege Escalation Vulnerability |
| ZDI-24-993 |
ZDI-CAN-23299 |
Microsoft |
|
7.5 |
2024-07-29 |
2024-08-15 |
Microsoft Azure myapiendpoint.developer.azure-api Improper Access Control Information Disclosure Vulnerability |
| ZDI-24-992 |
ZDI-CAN-23542 |
Microsoft |
|
9.8 |
2024-07-29 |
2024-08-15 |
Microsoft Azure VSTS CLI vstscli Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-991 |
ZDI-CAN-23522 |
Microsoft |
|
9.8 |
2024-07-29 |
2024-08-15 |
Microsoft Azure Arc Jumpstart Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-990 |
ZDI-CAN-19131 |
Microsoft |
|
3.3 |
2024-07-29 |
2024-08-15 |
Microsoft 3D Builder GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-989 |
ZDI-CAN-23298 |
Microsoft |
|
9.8 |
2024-07-29 |
2024-08-15 |
Microsoft Azure Container Network Management sbidprod Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-988 |
ZDI-CAN-23268 |
Microsoft |
|
9.8 |
2024-07-29 |
2024-08-15 |
Microsoft Azure MQTT azure-iot-sdks-ci Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-987 |
ZDI-CAN-23259 |
Microsoft |
|
9.8 |
2024-07-29 |
2024-08-15 |
Microsoft Object Detection Solution Accelerator csaddevamlacr Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-986 |
ZDI-CAN-23235 |
Microsoft |
|
9.8 |
2024-07-29 |
2024-08-15 |
Microsoft Azure IoT Edge Dev Tool iotedgetoolscontainerregistry Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-985 |
ZDI-CAN-23050 |
Microsoft |
|
9.8 |
2024-07-29 |
2024-08-15 |
Microsoft Azure Service Fabric servicefabricsdkstorage Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-984 |
ZDI-CAN-18535 |
Microsoft |
|
7.8 |
2024-07-29 |
2024-08-15 |
Microsoft Word DOC File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-983 |
ZDI-CAN-23036 |
Microsoft |
|
9.8 |
2024-07-29 |
2024-08-15 |
Microsoft Azure Go Labs microsoftgoproxy Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-982 |
ZDI-CAN-23025 |
Microsoft |
|
5.3 |
2024-07-29 |
2024-08-15 |
Microsoft Azure SQL Workshop azuremlsampleexperiments Uncontrolled Search Path Element Vulnerability |
| ZDI-24-981 |
ZDI-CAN-23020 |
Microsoft |
|
9.8 |
2024-07-29 |
2024-08-15 |
Microsoft Azure Machine Learning Notebooks azuremlpackages Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-980 |
ZDI-CAN-23019 |
Microsoft |
|
9.8 |
2024-07-29 |
2024-08-15 |
Microsoft Azure Machine Learning Forecasting Toolkit azuremlftkrelease Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-979 |
ZDI-CAN-19066 |
Microsoft |
|
7.8 |
2024-07-29 |
2024-08-15 |
Microsoft Office Visio DXF File Parsing Integer Overflow Remote Code Execution Vulnerability |
| ZDI-24-978 |
ZDI-CAN-22503 |
Microsoft |
|
7.8 |
2024-07-29 |
2024-08-15 |
Microsoft PC Manager Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-977 |
ZDI-CAN-22158 |
Microsoft |
|
7.8 |
2024-07-29 |
2024-08-15 |
Microsoft Office Excel XLW File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-976 |
ZDI-CAN-20982 |
Microsoft |
|
7.8 |
2024-07-29 |
2024-08-15 |
Microsoft Office PowerPoint GLB File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-975 |
ZDI-CAN-18381 |
Microsoft |
|
3.3 |
2024-07-29 |
2024-08-15 |
Microsoft Excel FBX File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-24-974 |
ZDI-CAN-23261 |
IrfanView |
CVE-2024-6822 |
7.8 |
2024-07-26 |
2024-08-15 |
IrfanView CIN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-973 |
ZDI-CAN-23260 |
IrfanView |
CVE-2024-6821 |
7.8 |
2024-07-26 |
2024-08-15 |
IrfanView CIN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-972 |
ZDI-CAN-23232 |
IrfanView |
CVE-2024-6820 |
7.8 |
2024-07-26 |
2024-08-15 |
IrfanView AWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-971 |
ZDI-CAN-23219 |
IrfanView |
CVE-2024-6819 |
7.8 |
2024-07-26 |
2024-08-15 |
IrfanView PSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-970 |
ZDI-CAN-23217 |
IrfanView |
CVE-2024-6818 |
7.8 |
2024-07-26 |
2024-08-15 |
IrfanView PSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-969 |
ZDI-CAN-23216 |
IrfanView |
CVE-2024-6817 |
7.8 |
2024-07-26 |
2024-08-15 |
IrfanView PSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-968 |
ZDI-CAN-23214 |
IrfanView |
CVE-2024-6816 |
7.8 |
2024-07-26 |
2024-08-15 |
IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-967 |
ZDI-CAN-23159 |
IrfanView |
CVE-2024-6815 |
7.8 |
2024-07-26 |
2024-08-15 |
IrfanView RLE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-966 |
ZDI-CAN-23533 |
Docker |
CVE-2024-5652 |
6.1 |
2024-07-26 |
2024-08-15 |
Docker Desktop Daemon CLI External Control of File Path Denial-of-Service Vulnerability |
| ZDI-24-965 |
ZDI-CAN-23325 |
Apple |
CVE-2024-27829 |
8.8 |
2024-07-26 |
2024-08-15 |
Apple macOS VideoToolbox Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-964 |
ZDI-CAN-23904 |
Autodesk |
CVE-2024-23147 |
7.8 |
2024-07-25 |
2024-08-15 |
Autodesk AutoCAD STEP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-963 |
ZDI-CAN-23840 |
Autodesk |
CVE-2024-23146 |
7.8 |
2024-07-25 |
2024-08-15 |
Autodesk AutoCAD X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-962 |
ZDI-CAN-23830 |
Autodesk |
CVE-2024-23146 |
7.8 |
2024-07-25 |
2024-08-15 |
Autodesk AutoCAD X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-961 |
ZDI-CAN-23772 |
Autodesk |
CVE-2024-23147 |
7.8 |
2024-07-25 |
2024-08-15 |
Autodesk AutoCAD X_B File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-960 |
ZDI-CAN-23846 |
Autodesk |
CVE-2024-23152 |
7.8 |
2024-07-25 |
2024-08-15 |
Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-959 |
ZDI-CAN-23839 |
Autodesk |
CVE-2024-37007 |
7.8 |
2024-07-25 |
2024-08-15 |
Autodesk AutoCAD X_T File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-958 |
ZDI-CAN-23829 |
Autodesk |
CVE-2024-37005 |
7.8 |
2024-07-25 |
2024-08-15 |
Autodesk AutoCAD X_T File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-957 |
ZDI-CAN-22831 |
Comodo |
CVE-2024-7252 |
7.8 |
2024-07-23 |
2024-08-15 |
(0Day) Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-956 |
ZDI-CAN-22832 |
Comodo |
CVE-2024-7251 |
7.8 |
2024-07-23 |
2024-08-15 |
(0Day) Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-955 |
ZDI-CAN-22829 |
Comodo |
CVE-2024-7250 |
7.8 |
2024-07-23 |
2024-08-15 |
(0Day) Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-954 |
ZDI-CAN-21794 |
Comodo |
CVE-2024-7249 |
7.8 |
2024-07-23 |
2024-08-15 |
(0Day) Comodo Firewall Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-953 |
ZDI-CAN-19055 |
Comodo |
CVE-2024-7248 |
7.8 |
2024-07-23 |
2024-08-15 |
(0Day) Comodo Internet Security Pro Directory Traversal Local Privilege Escalation Vulnerability |
| ZDI-24-952 |
ZDI-CAN-23926 |
Delta Electronics |
CVE-2024-39881 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-951 |
ZDI-CAN-23925 |
Delta Electronics |
CVE-2024-39883 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-950 |
ZDI-CAN-23924 |
Delta Electronics |
CVE-2024-39881 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-949 |
ZDI-CAN-23923 |
Delta Electronics |
CVE-2024-39883 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-948 |
ZDI-CAN-23920 |
Delta Electronics |
CVE-2024-39882 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-947 |
ZDI-CAN-23919 |
Delta Electronics |
CVE-2024-39881 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-946 |
ZDI-CAN-23918 |
Delta Electronics |
CVE-2024-39881 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-945 |
ZDI-CAN-23917 |
Delta Electronics |
CVE-2024-39881 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-944 |
ZDI-CAN-23916 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-943 |
ZDI-CAN-23915 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-942 |
ZDI-CAN-23914 |
Delta Electronics |
CVE-2024-39882 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-941 |
ZDI-CAN-23842 |
Delta Electronics |
CVE-2024-39881 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-940 |
ZDI-CAN-23841 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-939 |
ZDI-CAN-23832 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-938 |
ZDI-CAN-23831 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-937 |
ZDI-CAN-23811 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-936 |
ZDI-CAN-23809 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-935 |
ZDI-CAN-23807 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-934 |
ZDI-CAN-23770 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-933 |
ZDI-CAN-23769 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-932 |
ZDI-CAN-23767 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-931 |
ZDI-CAN-23766 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-930 |
ZDI-CAN-23765 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-929 |
ZDI-CAN-23764 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-928 |
ZDI-CAN-23763 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-927 |
ZDI-CAN-23648 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-926 |
ZDI-CAN-23581 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-31 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-925 |
ZDI-CAN-23580 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-924 |
ZDI-CAN-23579 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 ALM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-923 |
ZDI-CAN-23578 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 ALM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-922 |
ZDI-CAN-23577 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 CMT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-921 |
ZDI-CAN-23576 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 ALM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-920 |
ZDI-CAN-23575 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 ALM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-919 |
ZDI-CAN-23574 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 ALM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-918 |
ZDI-CAN-23573 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 ALM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-917 |
ZDI-CAN-23572 |
Delta Electronics |
CVE-2024-39880 |
7.8 |
2024-07-22 |
2024-08-15 |
Delta Electronics CNCSoft-G2 ALM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-916 |
ZDI-CAN-23061 |
SolarWinds |
CVE-2024-23475 |
10.0 |
2024-07-18 |
2024-08-15 |
SolarWinds Access Rights Manager AddReportResult Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability |
| ZDI-24-915 |
ZDI-CAN-23062 |
SolarWinds |
CVE-2024-23472 |
10.0 |
2024-07-18 |
2024-08-15 |
SolarWinds Access Rights Manager AddGeneratedReport Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability |
| ZDI-24-914 |
ZDI-CAN-23063 |
SolarWinds |
CVE-2024-23474 |
8.6 |
2024-07-18 |
2024-08-15 |
SolarWinds Access Rights Manager deleteTransferFile Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability |
| ZDI-24-913 |
ZDI-CAN-23060 |
SolarWinds |
CVE-2024-23468 |
8.6 |
2024-07-18 |
2024-08-15 |
SolarWinds Access Rights Manager deleteTransferFile Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability |
| ZDI-24-912 |
ZDI-CAN-23039 |
SolarWinds |
CVE-2024-23469 |
10.0 |
2024-07-18 |
2024-08-15 |
SolarWinds Access Rights Manager EndUpdate Exposed Dangerous Method Remote Code Execution Vulnerability |
| ZDI-24-911 |
ZDI-CAN-22712 |
SolarWinds |
CVE-2024-23470 |
10.0 |
2024-07-18 |
2024-08-15 |
SolarWinds Access Rights Manager UserScriptHumster Exposed Dangerous Method Remote Command Execution Vulnerability |
| ZDI-24-910 |
ZDI-CAN-22711 |
SolarWinds |
CVE-2024-23471 |
10.0 |
2024-07-18 |
2024-08-15 |
SolarWinds Access Rights Manager CreateFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-909 |
ZDI-CAN-22697 |
SolarWinds |
CVE-2024-23467 |
10.0 |
2024-07-18 |
2024-08-15 |
SolarWinds Access Rights Manager ExpandZipFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-908 |
ZDI-CAN-22681 |
SolarWinds |
CVE-2024-23466 |
10.0 |
2024-07-18 |
2024-08-15 |
SolarWinds Access Rights Manager Connect Method Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-907 |
ZDI-CAN-23053 |
SolarWinds |
CVE-2024-23465 |
9.0 |
2024-07-18 |
2024-08-15 |
SolarWinds Access Rights Manager ChangeHumster Exposed Dangerous Method Authentication Bypass Vulnerability |
| ZDI-24-906 |
ZDI-CAN-22554 |
SolarWinds |
CVE-2024-28074 |
10.0 |
2024-07-18 |
2024-08-15 |
SolarWinds Access Rights Manager createGlobalServerChannelInternal Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-905 |
ZDI-CAN-23515 |
SolarWinds |
CVE-2024-28992 |
8.6 |
2024-07-18 |
2024-08-15 |
SolarWinds Access Rights Manager deleteTransferFile Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability |
| ZDI-24-904 |
ZDI-CAN-23273 |
IrfanView |
CVE-2024-6812 |
7.8 |
2024-07-18 |
2024-08-15 |
IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-903 |
ZDI-CAN-24192 |
IrfanView |
CVE-2024-6811 |
7.8 |
2024-07-18 |
2024-08-15 |
IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-902 |
ZDI-CAN-23207 |
NETGEAR |
CVE-2024-6813 |
8.8 |
2024-07-18 |
2024-08-15 |
NETGEAR ProSAFE Network Management System getSortString SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-901 |
ZDI-CAN-23399 |
NETGEAR |
CVE-2024-6814 |
8.8 |
2024-07-18 |
2024-08-15 |
NETGEAR ProSAFE Network Management System getFilterString SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-900 |
ZDI-CAN-19105 |
Parse |
CVE-2024-27298 |
8.6 |
2024-07-16 |
2024-08-15 |
Parse Server literalizeRegexPart SQL Injection Information Disclosure Vulnerability |
| ZDI-24-899 |
ZDI-CAN-23078 |
Centreon |
CVE-2024-39841 |
8.8 |
2024-07-15 |
2024-08-15 |
Centreon testServiceExistence SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-898 |
ZDI-CAN-23314 |
ESET |
CVE-2024-2003 |
7.3 |
2024-07-05 |
2024-08-15 |
ESET Smart Security Premium Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-897 |
ZDI-CAN-22968 |
Trend Micro |
CVE-2024-39753 |
7.5 |
2024-07-05 |
2024-08-15 |
Trend Micro Apex One modOSCE SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-896 |
ZDI-CAN-23894 |
Parse |
CVE-2024-39309 |
9.8 |
2024-07-03 |
2024-08-15 |
Parse Server literalizeRegexPart SQL Injection Authentication Bypass Vulnerability |
| ZDI-24-895 |
ZDI-CAN-22319 |
Progress Software |
CVE-2024-5008 |
8.8 |
2024-07-03 |
2024-08-15 |
Progress Software WhatsUp Gold APM Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-24-894 |
ZDI-CAN-23913 |
Progress Software |
CVE-2024-4884 |
9.8 |
2024-07-03 |
2024-08-15 |
Progress Software WhatsUp Gold CommunityController Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-24-893 |
ZDI-CAN-24003 |
Progress Software |
CVE-2024-4885 |
9.8 |
2024-07-03 |
2024-08-15 |
Progress Software WhatsUp Gold GetFileWithoutZip Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-892 |
ZDI-CAN-23663 |
Progress Software |
CVE-2024-4883 |
9.8 |
2024-07-03 |
2024-08-15 |
Progress Software WhatsUp Gold WriteDataFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-891 |
ZDI-CAN-23668 |
Progress Software |
CVE-2024-5016 |
7.2 |
2024-07-03 |
2024-08-15 |
Progress Software WhatsUp Gold OnMessage Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-890 |
ZDI-CAN-23670 |
Progress Software |
CVE-2024-5015 |
7.1 |
2024-07-03 |
2024-08-15 |
Progress Software WhatsUp Gold SessionControler Server-Side Request Forgery Information Disclosure Vulnerability |
| ZDI-24-889 |
ZDI-CAN-23869 |
Progress Software |
CVE-2024-5013 |
7.5 |
2024-07-03 |
2024-08-15 |
Progress Software WhatsUp Gold InstallController Denial-of-Service Vulnerability |
| ZDI-24-888 |
ZDI-CAN-23659 |
Progress Software |
CVE-2024-5015 |
7.5 |
2024-07-03 |
2024-08-15 |
Progress Software WhatsUp Gold Missing Authentication GetWindowsCredential Information Disclosure Vulnerability |
| ZDI-24-887 |
ZDI-CAN-23564 |
Progress Software |
CVE-2024-5014 |
7.1 |
2024-07-03 |
2024-08-15 |
Progress Software WhatsUp Gold GetASPReport Server-Side Request Forgery Information Disclosure Vulnerability |
| ZDI-24-886 |
ZDI-CAN-24004 |
Progress Software |
CVE-2024-5009 |
8.4 |
2024-07-03 |
2024-08-15 |
Progress Software WhatsUp Gold SetAdminPassword Improper Access Control Privilege Escalation Vulnerability |
| ZDI-24-885 |
ZDI-CAN-23760 |
Progress Software |
CVE-2024-5018 |
5.3 |
2024-07-03 |
2024-08-15 |
Progress Software WhatsUp Gold LoadUsingBasePath Directory Traversal Information Disclosure Vulnerability |
| ZDI-24-884 |
ZDI-CAN-23874 |
Progress Software |
CVE-2024-5019 |
5.3 |
2024-07-03 |
2024-08-15 |
Progress Software WhatsUp Gold LoadCSSUsingBasePath Directory Traversal Information Disclosure Vulnerability |
| ZDI-24-883 |
ZDI-CAN-21408 |
Zen Cart |
CVE-2024-5762 |
8.1 |
2024-06-26 |
2024-08-15 |
Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability |
| ZDI-24-882 |
ZDI-CAN-20007 |
VMware |
CVE-2024-37087 |
5.3 |
2024-06-25 |
2024-08-15 |
VMware vCenter Server Appliance License Server Uncontrolled Memory Allocation Denial-of-Service Vulnerability |
| ZDI-24-881 |
ZDI-CAN-23318 |
Ubiquiti Networks |
CVE-2024-29206 |
8.0 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Ubiquiti Networks EV Station setDebugPortEnabled Exposed Dangerous Method Remote Code Execution Vulnerability |
| ZDI-24-880 |
ZDI-CAN-23187 |
Ubiquiti Networks |
CVE-2024-29207 |
6.3 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Ubiquiti Networks EV Station EVCLauncher Improper Certificate Validation Vulnerability |
| ZDI-24-879 |
ZDI-CAN-23186 |
Ubiquiti Networks |
CVE-2024-29208 |
8.8 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Ubiquiti Networks EV Station changeUserPassword Missing Authentication Remote Code Execution Vulnerability |
| ZDI-24-878 |
ZDI-CAN-23319 |
Sony |
CVE-2024-23922 |
6.8 |
2024-06-21 |
2024-08-15 |
Sony XAV-AX5500 Insufficient Verification of Data Authenticity Remote Code Execution Vulnerability |
| ZDI-24-877 |
ZDI-CAN-23238 |
Sony |
CVE-2024-23933 |
6.8 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Sony XAV-AX5500 CarPlay TLV Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-876 |
ZDI-CAN-23185 |
Sony |
CVE-2024-23972 |
6.8 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Sony XAV-AX5500 USB Configuration Descriptor Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-875 |
ZDI-CAN-22994 |
Sony |
CVE-2024-23934 |
8.8 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Sony XAV-AX5500 WMV/ASF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-874 |
ZDI-CAN-22939 |
Sony |
CVE-2024-23922 |
6.8 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Sony XAV-AX5500 Insufficient Firmware Update Validation Remote Code Execution Vulnerability |
| ZDI-24-873 |
ZDI-CAN-23396 |
Silicon Labs |
CVE-2024-23973 |
8.8 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Silicon Labs Gecko OS HTTP GET Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-872 |
ZDI-CAN-23392 |
Silicon Labs |
CVE-2024-24737 |
6.5 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Silicon Labs Gecko OS DNS Response Processing Infinite Loop Denial-of-Service Vulnerability |
| ZDI-24-871 |
ZDI-CAN-23245 |
Silicon Labs |
CVE-2024-24736 |
8.8 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Silicon Labs Gecko OS HTTP Request Handling Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-870 |
ZDI-CAN-23226 |
Silicon Labs |
CVE-2024-24731 |
7.5 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Silicon Labs Gecko OS http_download Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-869 |
ZDI-CAN-23189 |
Silicon Labs |
CVE-2024-23937 |
4.3 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Silicon Labs Gecko OS Debug Interface Format String Information Disclosure Vulnerability |
| ZDI-24-868 |
ZDI-CAN-23184 |
Silicon Labs |
CVE-2024-23938 |
8.8 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Silicon Labs Gecko OS Debug Interface Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-867 |
ZDI-CAN-24096 |
Phoenix Contact |
CVE-2024-25994 |
5.3 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 CharxUpdateAgent Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-24-866 |
ZDI-CAN-24095 |
Phoenix Contact |
CVE-2024-26004 |
6.5 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 CANopenDevice Null Pointer Dereference Denial-of-Service Vulnerability |
| ZDI-24-865 |
ZDI-CAN-21407 |
Phoenix Contact |
CVE-2024-25999 |
7.8 |
2024-06-21 |
2024-08-15 |
Phoenix Contact CHARX SEC-3100 charx_pack_logs Improper Input Validation Local Privilege Escalation Vulnerability |
| ZDI-24-864 |
ZDI-CAN-23320 |
Phoenix Contact |
CVE-2024-25998 |
7.5 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 OCPP Protocol UpdateFirmware Command Injection Remote Code Execution Vulnerability |
| ZDI-24-863 |
ZDI-CAN-23305 |
Phoenix Contact |
CVE-2024-26002 |
7.8 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 plctool Improper Privilege Management Local Privilege Escalation Vulnerability |
| ZDI-24-862 |
ZDI-CAN-23304 |
Phoenix Contact |
CVE-2024-26001 |
5.0 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 MQTT Protocol JSON Parsing Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-861 |
ZDI-CAN-23303 |
Phoenix Contact |
CVE-2024-26005 |
8.8 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 ClientSession Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-860 |
ZDI-CAN-23244 |
Phoenix Contact |
CVE-2024-26003 |
4.3 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 HomePlug Protocol Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-859 |
ZDI-CAN-23239 |
Phoenix Contact |
CVE-2024-26000 |
4.3 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 MTQQ Protocol JSON Parsing Type Confusion Information Disclosure Vulnerability |
| ZDI-24-858 |
ZDI-CAN-23225 |
Phoenix Contact |
CVE-2024-26288 |
6.3 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 OCPP Protocol Missing Encryption Authentication Bypass Vulnerability |
| ZDI-24-857 |
ZDI-CAN-23221 |
Phoenix Contact |
CVE-2024-25996 |
5.0 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 Improper Access Control Firewall Bypass Vulnerability |
| ZDI-24-856 |
ZDI-CAN-23158 |
Phoenix Contact |
CVE-2024-25995 |
7.5 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 Config Manager Improper Input Validation Remote Code Execution Vulnerability |
| ZDI-24-855 |
ZDI-CAN-23321 |
Phoenix Contact |
CVE-2024-25997 |
3.1 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 OCPP Protocol Improper Log Output Neutralization Remote Code Execution Vulnerability |
| ZDI-24-854 |
ZDI-CAN-23241 |
Autel |
CVE-2024-23957 |
8.8 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Autel MaxiCharger AC Elite Business C50 DLB_HostHeartBeat Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-853 |
ZDI-CAN-23230 |
Autel |
CVE-2024-23967 |
8.0 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Autel MaxiCharger AC Elite Business C50 WebSocket Base64 Decoding Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-852 |
ZDI-CAN-23196 |
Autel |
CVE-2024-23958 |
6.5 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Autel MaxiCharger AC Elite Business C50 BLE Hardcoded Credentials Authentication Bypass Vulnerability |
| ZDI-24-851 |
ZDI-CAN-23194 |
Autel |
CVE-2024-23959 |
8.0 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Autel MaxiCharger AC Elite Business C50 BLE AppChargingControl Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-850 |
ZDI-CAN-23312 |
Alpine |
CVE-2024-23963 |
8.0 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Alpine Halo9 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-849 |
ZDI-CAN-23306 |
Alpine |
CVE-2024-23961 |
6.8 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Alpine Halo9 UPDM_wemCmdUpdFSpeDecomp Command Injection Remote Code Execution Vulnerability |
| ZDI-24-848 |
ZDI-CAN-23249 |
Alpine |
CVE-2024-23935 |
8.0 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Alpine Halo9 DecodeUTF7 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-847 |
ZDI-CAN-23246 |
Alpine |
CVE-2024-23962 |
5.3 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Alpine Halo9 Missing Authentication Information Disclosure Vulnerability |
| ZDI-24-846 |
ZDI-CAN-23105 |
Alpine |
CVE-2024-23924 |
6.8 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Alpine Halo9 UPDM_wemCmdCreatSHA256Hash Command Injection Remote Code Execution Vulnerability |
| ZDI-24-845 |
ZDI-CAN-23102 |
Alpine |
CVE-2024-23960 |
4.6 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Alpine Halo9 Improper Verification of Cryptographic Signature Vulnerability |
| ZDI-24-844 |
ZDI-CAN-22945 |
Alpine |
CVE-2024-23923 |
8.8 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Alpine Halo9 prh_l2_sar_data_ind Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-843 |
ZDI-CAN-22273 |
Linux |
|
7.1 |
2024-06-21 |
2024-08-15 |
Linux Kernel USB/IP VHCI Driver Race Condition Privilege Escalation Vulnerability |
| ZDI-24-842 |
ZDI-CAN-22579 |
Linux |
CVE-2023-6200 |
8.3 |
2024-06-21 |
2024-08-15 |
Linux Kernel ICMPv6 Router Advertisement Race Condition Remote Code Execution Vulnerability |
| ZDI-24-841 |
ZDI-CAN-21491 |
Zope |
|
7.5 |
2024-06-21 |
2024-08-15 |
(0Day) Zope CMFCore Uncontrolled Resource Consumption Denial-of-Service Vulnerability |
| ZDI-24-840 |
ZDI-CAN-22419 |
Wyze |
CVE-2024-6249 |
8.8 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Wyze Cam v3 TCP Traffic Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-839 |
ZDI-CAN-22393 |
Wyze |
CVE-2024-6248 |
7.5 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Wyze Cam v3 Cloud Infrastructure Improper Authentication Remote Code Execution Vulnerability |
| ZDI-24-838 |
ZDI-CAN-22337 |
Wyze |
CVE-2024-6247 |
6.8 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Wyze Cam v3 Wi-Fi SSID OS Command Injection Remote Code Execution Vulnerability |
| ZDI-24-837 |
ZDI-CAN-22310 |
Wyze |
CVE-2024-6246 |
9.6 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Wyze Cam v3 Realtek Wi-Fi Driver Heap-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-836 |
ZDI-CAN-22461 |
Synology |
|
6.8 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Synology BC500 update_ntp_config Command Injection Remote Code Execution Vulnerability |
| ZDI-24-835 |
ZDI-CAN-22460 |
Synology |
CVE-2024-39352 |
6.8 |
2024-07-11 |
2024-08-15 |
(Pwn2Own) Synology BC500 Protection Mechanism Failure Software Downgrade Vulnerability |
| ZDI-24-834 |
ZDI-CAN-22311 |
Synology |
CVE-2024-39350 |
7.8 |
2024-07-11 |
2024-08-15 |
(Pwn2Own) Synology BC500 Improper Compartmentalization Local Privilege Escalation Vulnerability |
| ZDI-24-833 |
ZDI-CAN-22418 |
Synology |
CVE-2024-39349 |
8.8 |
2024-07-11 |
2024-08-15 |
(Pwn2Own) Synology BC500 synocam_param.cgi Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-832 |
ZDI-CAN-22430 |
Synology |
CVE-2024-39347 |
6.6 |
2024-07-11 |
2024-08-15 |
(Pwn2Own) Synology RT6600ax Improper Access Control Firewall Bypass Vulnerability |
| ZDI-24-831 |
ZDI-CAN-22404 |
Samsung |
|
8.8 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Samsung Galaxy S23 Galaxy Store Deeplink Permissive List of Allowed Inputs Remote Code Execution Vulnerability |
| ZDI-24-830 |
ZDI-CAN-22368 |
Samsung |
CVE-2023-42581 |
8.8 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Samsung Galaxy S23 Instant Plays Improper Input Validation Remote Code Execution Vulnerability |
| ZDI-24-829 |
ZDI-CAN-22409 |
Samsung |
|
8.8 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Samsung Galaxy S23 McsWebViewActivity Permissive List of Allowed Inputs Remote Code Execution Vulnerability |
| ZDI-24-828 |
ZDI-CAN-22441 |
Samsung |
CVE-2023-42580 |
8.8 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) Samsung Galaxy S23 instantgame Improper Input Validation Remote Code Execution Vulnerability |
| ZDI-24-827 |
ZDI-CAN-22497 |
QNAP |
CVE-2024-32766 |
8.8 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) QNAP TS-464 username Command Injection Remote Code Execution Vulnerability |
| ZDI-24-826 |
ZDI-CAN-22496 |
QNAP |
CVE-2024-32766 |
9.8 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) QNAP TS-464 Improper Validation Authentication Bypass Vulnerability |
| ZDI-24-825 |
ZDI-CAN-22463 |
QNAP |
CVE-2023-51364 |
8.1 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) QNAP TS-464 Log Upload Command Injection Remote Code Execution Vulnerability |
| ZDI-24-824 |
ZDI-CAN-22462 |
QNAP |
CVE-2024-27124 |
7.5 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) QNAP TS-464 Cloud Utility Command Injection Remote Code Execution Vulnerability |
| ZDI-24-823 |
ZDI-CAN-22422 |
QNAP |
CVE-2024-32764 |
7.3 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) QNAP TS-464 TURN Server create_session Server-Side Request Forgery Vulnerability |
| ZDI-24-822 |
ZDI-CAN-22377 |
HP |
CVE-2024-0794 |
8.8 |
2024-06-21 |
2024-08-15 |
(Pwn2Own) HP Color LaserJet Pro MFP 4301fdw CFF Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-821 |
ZDI-CAN-23852 |
Linux |
CVE-2024-36886 |
9.0 |
2024-06-20 |
2024-08-15 |
Linux Kernel TIPC Message Reassembly Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-820 |
ZDI-CAN-23441 |
Windscribe |
CVE-2024-6141 |
7.8 |
2024-06-20 |
2024-08-15 |
Windscribe Directory Traversal Local Privilege Escalation Vulnerability |
| ZDI-24-819 |
ZDI-CAN-22345 |
VIPRE |
CVE-2024-5930 |
7.8 |
2024-06-20 |
2024-08-15 |
VIPRE Advanced Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability |
| ZDI-24-818 |
ZDI-CAN-22316 |
VIPRE |
CVE-2024-5929 |
7.8 |
2024-06-20 |
2024-08-15 |
VIPRE Advanced Security PMAgent Uncontrolled Search Path Element Local Privilege Escalation Vulnerability |
| ZDI-24-817 |
ZDI-CAN-22315 |
VIPRE |
CVE-2024-5928 |
7.8 |
2024-06-20 |
2024-08-15 |
VIPRE Advanced Security PMAgent Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-816 |
ZDI-CAN-23370 |
Microsoft |
CVE-2024-30082 |
8.8 |
2024-06-20 |
2024-08-15 |
Microsoft Windows Menu DC Bitmap Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-24-815 |
ZDI-CAN-23111 |
Toshiba |
CVE-2024-3498 |
7.8 |
2024-06-18 |
2024-08-15 |
Toshiba e-STUDIO2518A vsftpd Incorrect Permission Assignment Privilege Escalation Vulnerability |
| ZDI-24-814 |
ZDI-CAN-23109 |
Toshiba |
CVE-2024-3497 |
8.8 |
2024-06-18 |
2024-08-15 |
Toshiba e-STUDIO2518A unzip Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-813 |
ZDI-CAN-23108 |
Toshiba |
CVE-2024-3496 |
8.8 |
2024-06-18 |
2024-08-15 |
Toshiba e-STUDIO2518A Authentication Bypass Vulnerability |
| ZDI-24-812 |
ZDI-CAN-22691 |
Hewlett Packard Enterprise |
CVE-2021-40438 |
8.2 |
2024-06-18 |
2024-08-15 |
Hewlett Packard Enterprise OneView Apache Server-Side Request Forgery Vulnerability |
| ZDI-24-811 |
ZDI-CAN-22455 |
Hewlett Packard Enterprise |
CVE-2023-50275 |
7.5 |
2024-06-18 |
2024-08-15 |
Hewlett Packard Enterprise OneView clusterService Authentication Bypass Denial-of-Service Vulnerability |
| ZDI-24-810 |
ZDI-CAN-22454 |
Hewlett Packard Enterprise |
CVE-2023-50274 |
7.8 |
2024-06-18 |
2024-08-15 |
Hewlett Packard Enterprise OneView startUpgradeCommon Command Injection Local Privilege Escalation Vulnerability |
| ZDI-24-809 |
ZDI-CAN-21418 |
Actiontec |
CVE-2024-6146 |
8.8 |
2024-06-18 |
2024-08-15 |
(0Day) Actiontec WCB6200Q uh_get_postdata_withupload Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-808 |
ZDI-CAN-21417 |
Actiontec |
CVE-2024-6145 |
8.8 |
2024-06-18 |
2024-08-15 |
(0Day) Actiontec WCB6200Q Cookie Format String Remote Code Execution Vulnerability |
| ZDI-24-807 |
ZDI-CAN-21416 |
Actiontec |
CVE-2024-6144 |
8.8 |
2024-06-18 |
2024-08-15 |
(0Day) Actiontec WCB6200Q Multipart Boundary Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-806 |
ZDI-CAN-21414 |
Actiontec |
CVE-2024-6143 |
8.8 |
2024-06-18 |
2024-08-15 |
(0Day) Actiontec WCB6200Q uh_tcp_recv_header Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-805 |
ZDI-CAN-21410 |
Actiontec |
CVE-2024-6142 |
8.8 |
2024-06-18 |
2024-08-15 |
(0Day) Actiontec WCB6200Q uh_tcp_recv_content Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-804 |
ZDI-CAN-20450 |
Parallels |
CVE-2024-6154 |
8.2 |
2024-06-18 |
2024-08-15 |
Parallels Desktop Toolgate Heap-based Buffer Overflow Local Privilege Escalation Vulnerability |
| ZDI-24-803 |
ZDI-CAN-19481 |
Parallels |
CVE-2024-6153 |
7.8 |
2024-06-18 |
2024-08-15 |
Parallels Desktop Updater Protection Mechanism Failure Software Downgrade Vulnerability |
| ZDI-24-802 |
ZDI-CAN-18271 |
Poly |
CVE-2024-6147 |
7.8 |
2024-06-18 |
2024-08-30 |
(0Day) Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-801 |
ZDI-CAN-21959 |
Tenable |
CVE-2023-5622 |
7.8 |
2024-06-18 |
2024-08-15 |
Tenable Nessus Network Monitor Uncontrolled Search Path Element Local Privilege Escalation Vulnerability |
| ZDI-24-800 |
ZDI-CAN-23905 |
Autodesk |
CVE-2024-23157 |
7.8 |
2024-06-18 |
2024-08-15 |
(0Day) Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-799 |
ZDI-CAN-23897 |
Autodesk |
CVE-2024-23156 |
7.8 |
2024-06-18 |
2024-08-15 |
(0Day) Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-798 |
ZDI-CAN-23505 |
Autodesk |
CVE-2024-23158 |
7.8 |
2024-06-18 |
2024-08-15 |
(0Day) Autodesk AutoCAD IGES File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-797 |
ZDI-CAN-23464 |
Autodesk |
CVE-2024-23152 |
7.8 |
2024-06-18 |
2024-08-15 |
(0Day) Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-796 |
ZDI-CAN-23431 |
Autodesk |
CVE-2024-23156 |
7.8 |
2024-06-18 |
2024-08-15 |
(0Day) Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-795 |
ZDI-CAN-23426 |
Autodesk |
CVE-2024-23153 |
7.8 |
2024-06-18 |
2024-08-15 |
(0Day) Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-794 |
ZDI-CAN-23409 |
Autodesk |
CVE-2024-23159 |
7.8 |
2024-06-18 |
2024-08-15 |
(0Day) Autodesk AutoCAD STP File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-24-793 |
ZDI-CAN-23390 |
Autodesk |
CVE-2024-23151 |
7.8 |
2024-06-18 |
2024-08-15 |
(0Day) Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-792 |
ZDI-CAN-23376 |
Autodesk |
CVE-2024-23150 |
7.8 |
2024-06-18 |
2024-08-15 |
(0Day) Autodesk AutoCAD PRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-791 |
ZDI-CAN-23369 |
Autodesk |
CVE-2024-23152 |
7.8 |
2024-06-18 |
2024-08-15 |
(0Day) Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-790 |
ZDI-CAN-23361 |
Autodesk |
CVE-2024-23154 |
7.8 |
2024-06-18 |
2024-08-15 |
(0Day) Autodesk AutoCAD SLDPRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-789 |
ZDI-CAN-23359 |
Autodesk |
CVE-2024-36999 |
7.8 |
2024-06-18 |
2024-08-15 |
(0Day) Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-788 |
ZDI-CAN-23340 |
Autodesk |
CVE-2024-23152 |
7.8 |
2024-06-18 |
2024-08-15 |
(0Day) Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-787 |
ZDI-CAN-23335 |
Autodesk |
CVE-2024-23155 |
7.8 |
2024-06-18 |
2024-08-15 |
(0Day) Autodesk AutoCAD MODEL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-786 |
ZDI-CAN-20965 |
PaperCut |
CVE-2023-39470 |
7.2 |
2024-06-18 |
2024-08-15 |
PaperCut NG print.script.sandboxed Exposed Dangerous Function Remote Code Execution Vulnerability |
| ZDI-24-785 |
ZDI-CAN-23481 |
PaperCut |
CVE-2024-1882 |
7.2 |
2024-06-18 |
2024-08-15 |
PaperCut MF EmailRenderer Server-Side Template Injection Remote Code Execution Vulnerability |
| ZDI-24-784 |
ZDI-CAN-23254 |
PaperCut |
CVE-2024-1883 |
8.8 |
2024-06-18 |
2024-08-15 |
PaperCut MF handleServiceException Cross-Site Scripting Authentication Bypass Vulnerability |
| ZDI-24-783 |
ZDI-CAN-23116 |
PaperCut |
CVE-2024-1884 |
8.2 |
2024-06-18 |
2024-08-15 |
PaperCut MF pc-upconnector-service Server-Side Request Forgery Information Disclosure Vulnerability |
| ZDI-24-782 |
ZDI-CAN-22812 |
PaperCut |
CVE-2024-1222 |
8.6 |
2024-06-18 |
2024-08-15 |
PaperCut NG PrintDeployProxyController Incorrect Authorization Authentication Bypass Vulnerability |
| ZDI-24-781 |
ZDI-CAN-22328 |
PaperCut |
CVE-2024-1654 |
7.2 |
2024-06-18 |
2024-08-15 |
PaperCut NG generateNextFileName Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-780 |
ZDI-CAN-23074 |
PaperCut |
CVE-2024-1221 |
6.5 |
2024-06-18 |
2024-08-15 |
PaperCut NG upload Link Following Information Disclosure Vulnerability |
| ZDI-24-779 |
ZDI-CAN-22165 |
PaperCut |
CVE-2024-1223 |
8.2 |
2024-06-18 |
2024-08-15 |
PaperCut NG VendorKeys Hardcoded Credentials Authentication Bypass Vulnerability |
| ZDI-24-778 |
ZDI-CAN-22042 |
Linux |
|
7.1 |
2024-06-14 |
2024-08-15 |
Linux Kernel USB Core Out-Of-Bounds Read Local Privilege Escalation Vulnerability |
| ZDI-24-777 |
ZDI-CAN-21826 |
Linux |
|
4.0 |
2024-06-14 |
2024-08-15 |
Linux Kernel ksmbd Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-776 |
ZDI-CAN-23777 |
Oracle |
CVE-2024-21121 |
8.2 |
2024-06-14 |
2024-08-15 |
(Pwn2Own) Oracle VirtualBox OHCI USB Controller Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-24-775 |
ZDI-CAN-23838 |
Autodesk |
CVE-2024-23120 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STEP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-774 |
ZDI-CAN-23725 |
Autodesk |
CVE-2024-23129 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-773 |
ZDI-CAN-23724 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-772 |
ZDI-CAN-23723 |
Autodesk |
CVE-2024-23147 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD X_B File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-771 |
ZDI-CAN-23722 |
Autodesk |
CVE-2024-37005 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD X_B File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-770 |
ZDI-CAN-23721 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-769 |
ZDI-CAN-23654 |
Autodesk |
CVE-2024-23130 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-768 |
ZDI-CAN-23652 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-767 |
ZDI-CAN-23651 |
Autodesk |
CVE-2024-23120 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-766 |
ZDI-CAN-23639 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-765 |
ZDI-CAN-23638 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-764 |
ZDI-CAN-23637 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-763 |
ZDI-CAN-23636 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-762 |
ZDI-CAN-23635 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-761 |
ZDI-CAN-23634 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-760 |
ZDI-CAN-23633 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-759 |
ZDI-CAN-23632 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-758 |
ZDI-CAN-23631 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-757 |
ZDI-CAN-23630 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-756 |
ZDI-CAN-23629 |
Autodesk |
CVE-2024-37004 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD SLDPRT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-755 |
ZDI-CAN-23628 |
Autodesk |
CVE-2024-23127 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD SLDPRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-754 |
ZDI-CAN-23627 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-753 |
ZDI-CAN-23615 |
Autodesk |
CVE-2024-23130 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-752 |
ZDI-CAN-23613 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-751 |
ZDI-CAN-23612 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-750 |
ZDI-CAN-23611 |
Autodesk |
CVE-2024-23147 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STEP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-749 |
ZDI-CAN-23610 |
Autodesk |
CVE-2024-37000 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-748 |
ZDI-CAN-23560 |
Autodesk |
CVE-2024-37000 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-747 |
ZDI-CAN-23559 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-746 |
ZDI-CAN-23535 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-745 |
ZDI-CAN-23512 |
Autodesk |
CVE-2024-23137 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD SLDPRT File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-24-744 |
ZDI-CAN-23511 |
Autodesk |
CVE-2024-23149 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD SLDDRW File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-743 |
ZDI-CAN-23510 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-742 |
ZDI-CAN-23509 |
Autodesk |
CVE-2024-0446 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-741 |
ZDI-CAN-23508 |
Autodesk |
CVE-2024-0446 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-740 |
ZDI-CAN-23507 |
Autodesk |
CVE-2024-37000 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-739 |
ZDI-CAN-23506 |
Autodesk |
CVE-2024-23134 |
7.8 |
2024-06-17 |
2024-08-15 |
Autodesk AutoCAD IGS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-738 |
ZDI-CAN-23497 |
Autodesk |
CVE-2024-23127 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD SLDPRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-737 |
ZDI-CAN-23496 |
Autodesk |
CVE-2024-37003 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD SLDPRT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-736 |
ZDI-CAN-23495 |
Autodesk |
CVE-2024-23130 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD SLDPRT File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-735 |
ZDI-CAN-23494 |
Autodesk |
CVE-2024-23127 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD SLDASM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-734 |
ZDI-CAN-23493 |
Autodesk |
CVE-2024-23137 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD SLDPRT File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-24-733 |
ZDI-CAN-23492 |
Autodesk |
CVE-2024-23127 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD SLDASM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-732 |
ZDI-CAN-23491 |
Autodesk |
CVE-2024-23130 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-731 |
ZDI-CAN-23470 |
Autodesk |
CVE-2024-23146 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-730 |
ZDI-CAN-23469 |
Autodesk |
CVE-2024-23146 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-729 |
ZDI-CAN-23468 |
Autodesk |
CVE-2024-23146 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-728 |
ZDI-CAN-23467 |
Autodesk |
CVE-2024-23146 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-727 |
ZDI-CAN-23463 |
Autodesk |
CVE-2024-23129 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-726 |
ZDI-CAN-23455 |
Autodesk |
CVE-2024-23142 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD MODEL File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-725 |
ZDI-CAN-23432 |
Autodesk |
CVE-2024-23143 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD X_B File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-724 |
ZDI-CAN-23430 |
Autodesk |
CVE-2024-23141 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-723 |
ZDI-CAN-23427 |
Autodesk |
CVE-2024-0446 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-722 |
ZDI-CAN-23425 |
Autodesk |
CVE-2024-23143 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-721 |
ZDI-CAN-23424 |
Autodesk |
CVE-2024-37002 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD MODEL File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-24-720 |
ZDI-CAN-23423 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-719 |
ZDI-CAN-23412 |
Autodesk |
CVE-2024-23143 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-718 |
ZDI-CAN-23411 |
Autodesk |
CVE-2024-37000 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD X_B File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-717 |
ZDI-CAN-23410 |
Autodesk |
CVE-2024-23143 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-716 |
ZDI-CAN-23408 |
Autodesk |
CVE-2024-37001 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD 3DM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-715 |
ZDI-CAN-23407 |
Autodesk |
CVE-2024-23142 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-714 |
ZDI-CAN-23406 |
Autodesk |
CVE-2024-23142 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-713 |
ZDI-CAN-23404 |
Autodesk |
CVE-2024-37006 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD CATPRODUCT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-712 |
ZDI-CAN-23395 |
Autodesk |
CVE-2024-23143 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-711 |
ZDI-CAN-23394 |
Autodesk |
CVE-2024-23140 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-710 |
ZDI-CAN-23389 |
Autodesk |
CVE-2024-0446 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-709 |
ZDI-CAN-23380 |
Autodesk |
CVE-2024-23147 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD CATPART File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-708 |
ZDI-CAN-23379 |
Autodesk |
CVE-2024-23146 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-707 |
ZDI-CAN-23378 |
Autodesk |
CVE-2024-23123 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-706 |
ZDI-CAN-23377 |
Autodesk |
CVE-2024-23128 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD MODEL File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-705 |
ZDI-CAN-23365 |
Autodesk |
CVE-2024-23142 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD MODEL File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-704 |
ZDI-CAN-23364 |
Autodesk |
CVE-2024-23140 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-703 |
ZDI-CAN-23363 |
Autodesk |
CVE-2024-23145 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD PRT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-702 |
ZDI-CAN-23362 |
Autodesk |
CVE-2024-23128 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-701 |
ZDI-CAN-23360 |
Autodesk |
CVE-2024-0446 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD MODEL File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-700 |
ZDI-CAN-23352 |
Autodesk |
CVE-2024-23141 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD MODEL File Parsing Double Free Remote Code Execution Vulnerability |
| ZDI-24-699 |
ZDI-CAN-23351 |
Autodesk |
CVE-2024-23144 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-698 |
ZDI-CAN-23350 |
Autodesk |
CVE-2024-23143 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-697 |
ZDI-CAN-23349 |
Autodesk |
CVE-2024-23143 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-696 |
ZDI-CAN-23348 |
Autodesk |
CVE-2024-23143 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-695 |
ZDI-CAN-23347 |
Autodesk |
CVE-2024-23122 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-694 |
ZDI-CAN-23346 |
Autodesk |
CVE-2024-23130 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-693 |
ZDI-CAN-23342 |
Autodesk |
CVE-2024-23142 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD CATPART File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-692 |
ZDI-CAN-23341 |
Autodesk |
CVE-2024-23144 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-691 |
ZDI-CAN-23339 |
Autodesk |
CVE-2024-23129 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-690 |
ZDI-CAN-23338 |
Autodesk |
CVE-2024-23146 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-689 |
ZDI-CAN-23337 |
Autodesk |
CVE-2024-23130 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-688 |
ZDI-CAN-23336 |
Autodesk |
CVE-2024-23130 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-687 |
ZDI-CAN-23334 |
Autodesk |
CVE-2024-23127 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD MODEL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-686 |
ZDI-CAN-23333 |
Autodesk |
CVE-2024-23130 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-685 |
ZDI-CAN-23332 |
Autodesk |
CVE-2024-23157 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD SLDPRT File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-684 |
ZDI-CAN-23331 |
Autodesk |
CVE-2024-23128 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD MODEL File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-683 |
ZDI-CAN-22302 |
Autodesk |
CVE-2024-37003 |
7.8 |
2024-06-13 |
2024-08-15 |
Autodesk AutoCAD DWG File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-682 |
ZDI-CAN-22958 |
Siemens |
CVE-2024-35303 |
7.8 |
2024-06-13 |
2024-08-15 |
Siemens Tecnomatix Plant Simulation MODEL File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-681 |
ZDI-CAN-22747 |
Fuji Electric |
CVE-2024-37029 |
7.8 |
2024-06-13 |
2024-08-15 |
Fuji Electric Tellus Lite V-Simulator 6 V10 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-680 |
ZDI-CAN-22813 |
Fuji Electric |
CVE-2024-37029 |
7.8 |
2024-06-13 |
2024-08-15 |
Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-679 |
ZDI-CAN-22875 |
Fuji Electric |
CVE-2024-37029 |
7.8 |
2024-06-13 |
2024-08-15 |
Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-678 |
ZDI-CAN-22746 |
Fuji Electric |
CVE-2024-37022 |
7.8 |
2024-06-13 |
2024-08-15 |
Fuji Electric Tellus Lite V-Simulator 6 X1 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-677 |
ZDI-CAN-23991 |
Dropbox |
CVE-2024-5924 |
8.8 |
2024-06-13 |
2024-08-15 |
(0Day) Dropbox Desktop Folder Sharing Mark-of-the-Web Bypass Vulnerability |
| ZDI-24-676 |
ZDI-CAN-23174 |
Deep Sea Electronics |
CVE-2024-5952 |
4.3 |
2024-06-13 |
2024-08-15 |
(0Day) Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability |
| ZDI-24-675 |
ZDI-CAN-23173 |
Deep Sea Electronics |
CVE-2024-5951 |
7.1 |
2024-06-13 |
2024-08-15 |
(0Day) Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability |
| ZDI-24-674 |
ZDI-CAN-23172 |
Deep Sea Electronics |
CVE-2024-5950 |
8.8 |
2024-06-13 |
2024-08-15 |
(0Day) Deep Sea Electronics DSE855 Multipart Value Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-673 |
ZDI-CAN-23171 |
Deep Sea Electronics |
CVE-2024-5949 |
4.3 |
2024-06-13 |
2024-08-15 |
(0Day) Deep Sea Electronics DSE855 Multipart Boundary Infinite Loop Denial-of-Service Vulnerability |
| ZDI-24-672 |
ZDI-CAN-23170 |
Deep Sea Electronics |
CVE-2024-5948 |
8.8 |
2024-06-13 |
2024-08-15 |
(0Day) Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-671 |
ZDI-CAN-22679 |
Deep Sea Electronics |
CVE-2024-5947 |
6.5 |
2024-06-13 |
2024-08-15 |
(0Day) Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability |
| ZDI-24-670 |
ZDI-CAN-20768 |
Famatech |
CVE-2024-30376 |
7.3 |
2024-06-13 |
2024-08-15 |
(0Day) Famatech Advanced IP Scanner Uncontrolled Search Path Element Local Privilege Escalation Vulnerability |
| ZDI-24-669 |
ZDI-CAN-23973 |
IrfanView |
CVE-2024-5876 |
7.8 |
2024-06-12 |
2024-08-15 |
IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-668 |
ZDI-CAN-23972 |
IrfanView |
CVE-2024-5875 |
7.8 |
2024-06-12 |
2024-08-15 |
IrfanView SHP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-667 |
ZDI-CAN-23969 |
IrfanView |
CVE-2024-5874 |
7.8 |
2024-06-12 |
2024-08-15 |
IrfanView PNT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-666 |
ZDI-CAN-23974 |
IrfanView |
CVE-2024-5877 |
7.8 |
2024-06-12 |
2024-08-15 |
IrfanView PIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-665 |
ZDI-CAN-23848 |
Mozilla |
CVE-2024-29944 |
7.8 |
2024-06-12 |
2024-08-15 |
(Pwn2Own) Mozilla Firefox Exposed Dangerous Function Sandbox Escape Vulnerability |
| ZDI-24-664 |
ZDI-CAN-23794 |
Mozilla |
CVE-2024-29943 |
5.4 |
2024-06-12 |
2024-08-15 |
(Pwn2Own) Mozilla Firefox SpiderMonkey JIT Compiler Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-663 |
ZDI-CAN-23014 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-662 |
ZDI-CAN-23016 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-661 |
ZDI-CAN-23017 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-660 |
ZDI-CAN-23031 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-659 |
ZDI-CAN-23032 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-658 |
ZDI-CAN-23034 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-657 |
ZDI-CAN-23045 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft ALM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-656 |
ZDI-CAN-23046 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft ALM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-655 |
ZDI-CAN-23047 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft CMT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-654 |
ZDI-CAN-23048 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft ALM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-653 |
ZDI-CAN-23068 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft TBK File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-652 |
ZDI-CAN-23079 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-651 |
ZDI-CAN-23085 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-650 |
ZDI-CAN-23080 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-649 |
ZDI-CAN-23081 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-648 |
ZDI-CAN-23142 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-647 |
ZDI-CAN-23143 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-646 |
ZDI-CAN-23165 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-645 |
ZDI-CAN-23166 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-644 |
ZDI-CAN-23167 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-643 |
ZDI-CAN-23175 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-642 |
ZDI-CAN-23168 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-641 |
ZDI-CAN-23176 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-640 |
ZDI-CAN-23177 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-639 |
ZDI-CAN-23169 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-638 |
ZDI-CAN-23178 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-637 |
ZDI-CAN-23179 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-636 |
ZDI-CAN-23134 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-635 |
ZDI-CAN-23135 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-634 |
ZDI-CAN-23136 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-633 |
ZDI-CAN-23087 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-632 |
ZDI-CAN-23084 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-631 |
ZDI-CAN-23083 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-630 |
ZDI-CAN-23082 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-629 |
ZDI-CAN-23137 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-628 |
ZDI-CAN-23138 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-627 |
ZDI-CAN-23139 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-626 |
ZDI-CAN-23140 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-625 |
ZDI-CAN-23141 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-624 |
ZDI-CAN-23144 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-623 |
ZDI-CAN-23132 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-622 |
ZDI-CAN-23133 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-621 |
ZDI-CAN-23088 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-620 |
ZDI-CAN-23086 |
Delta Electronics |
CVE-2024-4192 |
7.8 |
2024-06-12 |
2024-08-15 |
Delta Electronics CNCSoft-G2 DOPSoft DPAX File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-619 |
ZDI-CAN-24167 |
Logsign |
CVE-2024-5719 |
8.8 |
2024-06-12 |
2024-08-15 |
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability |
| ZDI-24-618 |
ZDI-CAN-24166 |
Logsign |
CVE-2024-5718 |
8.1 |
2024-06-12 |
2024-08-15 |
Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability |
| ZDI-24-617 |
ZDI-CAN-24165 |
Logsign |
CVE-2024-5717 |
8.8 |
2024-06-12 |
2024-08-15 |
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability |
| ZDI-24-616 |
ZDI-CAN-24164 |
Logsign |
CVE-2024-5716 |
8.6 |
2024-06-12 |
2024-08-15 |
Logsign Unified SecOps Platform Authentication Bypass Vulnerability |
| ZDI-24-615 |
ZDI-CAN-24169 |
Logsign |
CVE-2024-5721 |
8.1 |
2024-06-12 |
2024-08-15 |
Logsign Unified SecOps Platform Missing Authentication Remote Code Execution Vulnerability |
| ZDI-24-614 |
ZDI-CAN-24170 |
Logsign |
CVE-2024-5722 |
8.8 |
2024-06-12 |
2024-08-15 |
Logsign Unified SecOps Platform HTTP API Hard-coded Cryptographic Key Remote Code Execution Vulnerability |
| ZDI-24-613 |
ZDI-CAN-24168 |
Logsign |
CVE-2024-5720 |
8.8 |
2024-06-12 |
2024-08-15 |
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability |
| ZDI-24-612 |
ZDI-CAN-23163 |
Luxion |
|
7.8 |
2024-06-12 |
2024-08-15 |
(0Day) Luxion KeyShot Viewer JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-611 |
ZDI-CAN-23124 |
Luxion |
|
7.8 |
2024-06-12 |
2024-08-15 |
Luxion KeyShot Viewer X_T File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-610 |
ZDI-CAN-17863 |
Advantech |
CVE-2023-52335 |
7.5 |
2024-06-12 |
2024-08-15 |
Advantech iView ConfigurationServlet SQL Injection Information Disclosure Vulnerability |
| ZDI-24-609 |
ZDI-CAN-23461 |
Microsoft |
CVE-2024-30082 |
8.8 |
2024-06-12 |
2024-08-15 |
Microsoft Windows Menu DC Pen Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-24-608 |
ZDI-CAN-23462 |
Microsoft |
CVE-2024-30082 |
8.8 |
2024-06-12 |
2024-08-15 |
Microsoft Windows Menu DC Brush Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-24-607 |
ZDI-CAN-23789 |
Microsoft |
CVE-2024-30089 |
8.8 |
2024-06-12 |
2024-08-15 |
(Pwn2Own) Microsoft Windows mskssrv Driver Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-24-606 |
ZDI-CAN-23449 |
Microsoft |
CVE-2024-30088 |
8.8 |
2024-06-12 |
2024-08-15 |
(Pwn2Own) Microsoft Windows NtQueryInformationToken Race Condition Local Privilege Escalation Vulnerability |
| ZDI-24-605 |
ZDI-CAN-23774 |
Microsoft |
CVE-2024-30087 |
8.8 |
2024-06-12 |
2024-08-15 |
(Pwn2Own) Microsoft Windows win32kfull Improper Input Validation Local Privilege Escalation Vulnerability |
| ZDI-24-604 |
ZDI-CAN-23788 |
Microsoft |
CVE-2024-35250 |
8.8 |
2024-06-12 |
2024-08-15 |
(Pwn2Own) Microsoft Windows UnserializePropertySet Privilege Context Switching Error Local Privilege Escalation Vulnerability |
| ZDI-24-603 |
ZDI-CAN-23773 |
Microsoft |
CVE-2024-30084 |
8.8 |
2024-06-12 |
2024-08-15 |
(Pwn2Own) Microsoft Windows UnserializePropertySet Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability |
| ZDI-24-602 |
ZDI-CAN-23791 |
Microsoft |
CVE-2024-30086 |
8.8 |
2024-06-12 |
2024-08-15 |
(Pwn2Own) Microsoft Windows DirectComposition Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-24-601 |
ZDI-CAN-23845 |
Microsoft |
CVE-2024-30085 |
7.8 |
2024-06-12 |
2024-08-15 |
(Pwn2Own) Microsoft Windows cldflt Heap-based Buffer Overflow Local Privilege Escalation Vulnerability |
| ZDI-24-600 |
ZDI-CAN-21034 |
Schneider Electric |
|
9.8 |
2024-06-11 |
2024-08-15 |
Schneider Electric APC Easy UPS Online startRun Exposed Dangerous Method Remote Code Execution Vulnerability |
| ZDI-24-599 |
ZDI-CAN-24054 |
Adobe |
CVE-2024-34115 |
7.8 |
2024-06-11 |
2024-07-01 |
Adobe Substance 3D Stager SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-598 |
ZDI-CAN-16220 |
Microsoft |
|
7.7 |
2024-06-11 |
2024-07-01 |
(0Day) Microsoft Windows Incorrect Permission Assignment Information Disclosure Vulnerability |
| ZDI-24-597 |
ZDI-CAN-22683 |
Centreon |
CVE-2024-5725 |
8.8 |
2024-06-10 |
2024-07-01 |
Centreon initCurveList SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-596 |
ZDI-CAN-23561 |
Centreon |
CVE-2024-32501 |
8.8 |
2024-06-10 |
2024-07-01 |
Centreon updateServiceHost_MC SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-595 |
ZDI-CAN-23294 |
Centreon |
CVE-2024-5723 |
8.8 |
2024-06-10 |
2024-07-01 |
Centreon updateServiceHost SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-594 |
ZDI-CAN-22974 |
Siemens |
CVE-2024-32639 |
7.8 |
2024-06-10 |
2024-07-01 |
Siemens Tecnomatix Plant Simulation MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-593 |
ZDI-CAN-18568 |
Linux |
CVE-2023-31436 |
8.2 |
2024-06-10 |
2024-07-01 |
Linux Kernel Net Scheduler Out-Of-Bounds Access Local Privilege Escalation Vulnerability |
| ZDI-24-592 |
ZDI-CAN-18745 |
Linux |
CVE-2023-39189 |
5.1 |
2024-06-10 |
2024-07-01 |
Linux Kernel nftables Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-591 |
ZDI-CAN-18387 |
Linux |
CVE-2023-42755 |
6.7 |
2024-06-10 |
2024-07-01 |
Linux Kernel RSVP Filter Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-590 |
ZDI-CAN-21824 |
Linux |
CVE-2023-4458 |
4.0 |
2024-06-10 |
2024-07-01 |
Linux Kernel ksmbd smb2_open Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-589 |
ZDI-CAN-21588 |
Linux |
CVE-2023-39180 |
4.0 |
2024-06-10 |
2024-07-01 |
Linux Kernel ksmbd Read Request Memory Leak Denial-of-Service Vulnerability |
| ZDI-24-588 |
ZDI-CAN-21587 |
Linux |
CVE-2023-39179 |
7.5 |
2024-06-10 |
2024-07-01 |
Linux Kernel ksmbd Read Request Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-587 |
ZDI-CAN-21598 |
Linux |
|
6.8 |
2024-06-10 |
2024-07-01 |
Linux Kernel ksmbd SetInfo Request Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-586 |
ZDI-CAN-21589 |
Linux |
CVE-2023-39176 |
5.8 |
2024-06-10 |
2024-07-01 |
Linux Kernel ksmbd Transform Header Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-585 |
ZDI-CAN-22715 |
Trend Micro |
CVE-2024-36473 |
5.3 |
2024-06-10 |
2024-07-01 |
Trend Micro VPN Proxy One Pro Link Following Denial-of-Service Vulnerability |
| ZDI-24-584 |
ZDI-CAN-19843 |
NETGEAR |
CVE-2023-51635 |
8.8 |
2024-06-10 |
2024-07-01 |
(Pwn2Own) NETGEAR RAX30 fing_dil Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-583 |
ZDI-CAN-19589 |
NETGEAR |
CVE-2023-51634 |
7.5 |
2024-06-10 |
2024-07-01 |
(Pwn2Own) NETGEAR RAX30 Improper Certificate Validation Remote Code Execution Vulnerability |
| ZDI-24-582 |
ZDI-CAN-19094 |
SEW-EURODRIVE |
CVE-2024-1167 |
5.5 |
2024-06-06 |
2024-07-01 |
SEW-EURODRIVE MOVITOOLS MotionStudio XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-24-581 |
ZDI-CAN-22281 |
Microsoft |
|
10.0 |
2024-06-06 |
2024-07-01 |
Microsoft Azure SQL Managed Instance Documentation SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability |
| ZDI-24-580 |
ZDI-CAN-22149 |
Microsoft |
|
9.8 |
2024-06-06 |
2024-07-01 |
Microsoft Artifact Registry Container Images Empty Password Authentication Bypass Vulnerability |
| ZDI-24-579 |
ZDI-CAN-22309 |
Apple |
CVE-2024-27836 |
7.8 |
2024-06-12 |
2024-08-06 |
Apple macOS PPM Image Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-578 |
ZDI-CAN-22897 |
Apple |
CVE-2024-23286 |
3.3 |
2024-06-06 |
2024-07-01 |
Apple macOS CoreGraphics Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-577 |
ZDI-CAN-21599 |
Trend Micro |
CVE-2024-37289 |
7.8 |
2024-06-06 |
2024-07-01 |
Trend Micro Apex One Improper Access Control Local Privilege Escalation Vulnerability |
| ZDI-24-576 |
ZDI-CAN-22269 |
Trend Micro |
CVE-2024-32849 |
7.8 |
2024-06-06 |
2024-07-01 |
Trend Micro Maximum Security coreServiceShell Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-575 |
ZDI-CAN-21461 |
Trend Micro |
CVE-2024-36358 |
7.8 |
2024-06-06 |
2024-07-01 |
Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-574 |
ZDI-CAN-21495 |
Trend Micro |
CVE-2024-36359 |
5.4 |
2024-06-06 |
2024-07-01 |
Trend Micro InterScan Web Security Virtual Appliance Cross-Site Scripting Privilege Escalation Vulnerability |
| ZDI-24-573 |
ZDI-CAN-22032 |
Trend Micro |
CVE-2024-36307 |
4.7 |
2024-06-06 |
2024-07-01 |
Trend Micro Apex One Security Agent Link Following Information Disclosure Vulnerability |
| ZDI-24-572 |
ZDI-CAN-22693 |
Trend Micro |
CVE-2024-36305 |
7.8 |
2024-06-06 |
2024-07-01 |
Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-571 |
ZDI-CAN-22667 |
Trend Micro |
CVE-2024-36304 |
7.8 |
2024-06-06 |
2024-07-01 |
Trend Micro Apex One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability |
| ZDI-24-570 |
ZDI-CAN-22481 |
Trend Micro |
CVE-2024-36303 |
7.8 |
2024-06-06 |
2024-07-01 |
Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability |
| ZDI-24-569 |
ZDI-CAN-22039 |
Trend Micro |
CVE-2024-36302 |
7.8 |
2024-06-06 |
2024-07-01 |
Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability |
| ZDI-24-568 |
ZDI-CAN-22038 |
Trend Micro |
CVE-2024-36306 |
6.1 |
2024-06-06 |
2024-07-01 |
Trend Micro Apex One Damage Cleanup Engine Link Following Denial-of-Service Vulnerability |
| ZDI-24-567 |
ZDI-CAN-22873 |
GStreamer |
CVE-2024-0444 |
7.5 |
2024-06-05 |
2024-07-01 |
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-566 |
ZDI-CAN-22449 |
Luxion |
CVE-2024-30374 |
7.8 |
2024-06-05 |
2024-07-01 |
Luxion KeyShot Viewer KSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-565 |
ZDI-CAN-22515 |
Luxion |
CVE-2024-30375 |
7.8 |
2024-06-05 |
2024-07-01 |
Luxion KeyShot Viewer KSP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-564 |
ZDI-CAN-22748 |
Fuji Electric |
CVE-2024-5597 |
7.8 |
2024-06-05 |
2024-07-01 |
Fuji Electric Monitouch V-SFT V9 File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-563 |
ZDI-CAN-22724 |
NETGEAR |
CVE-2024-5505 |
8.8 |
2024-06-04 |
2024-07-01 |
NETGEAR ProSAFE Network Management System UpLoadServlet Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-562 |
ZDI-CAN-22557 |
Canon |
CVE-2023-6234 |
8.8 |
2024-05-31 |
2024-07-01 |
Canon imageCLASS MF753Cdw setResource Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-561 |
ZDI-CAN-23879 |
Progress Software |
CVE-2024-4358 |
9.8 |
2024-05-31 |
2024-07-01 |
Progress Software Telerik Reporting Register Authentication Bypass Vulnerability |
| ZDI-24-560 |
ZDI-CAN-22550 |
Lexmark |
CVE-2023-50738 |
6.3 |
2024-05-31 |
2024-07-01 |
Lexmark CX331adwe Firmware Downgrade Remote Code Execution Vulnerability |
| ZDI-24-559 |
ZDI-CAN-22312 |
G DATA |
CVE-2024-1867 |
7.8 |
2024-05-31 |
2024-07-01 |
G DATA Total Security Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-558 |
ZDI-CAN-22313 |
G DATA |
CVE-2024-1868 |
7.8 |
2024-05-31 |
2024-07-01 |
G DATA Total Security Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-557 |
ZDI-CAN-22092 |
Kofax |
CVE-2024-30373 |
7.8 |
2024-05-31 |
2024-07-01 |
Kofax Power PDF JPF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-556 |
ZDI-CAN-22044 |
Kofax |
CVE-2024-5513 |
7.8 |
2024-05-31 |
2024-07-01 |
Kofax Power PDF JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-555 |
ZDI-CAN-22021 |
Kofax |
CVE-2024-5512 |
3.3 |
2024-05-31 |
2024-07-01 |
Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-554 |
ZDI-CAN-22020 |
Kofax |
CVE-2024-5511 |
7.8 |
2024-05-31 |
2024-07-01 |
Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-553 |
ZDI-CAN-22019 |
Kofax |
CVE-2024-5510 |
7.8 |
2024-05-31 |
2024-07-01 |
Kofax Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-552 |
ZDI-CAN-22933 |
Kofax |
CVE-2024-5307 |
3.3 |
2024-05-31 |
2024-07-01 |
Kofax Power PDF AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-551 |
ZDI-CAN-22930 |
Kofax |
CVE-2024-5306 |
7.8 |
2024-05-31 |
2024-07-01 |
Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-550 |
ZDI-CAN-22921 |
Kofax |
CVE-2024-5305 |
7.8 |
2024-05-31 |
2024-07-01 |
Kofax Power PDF PDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-549 |
ZDI-CAN-22920 |
Kofax |
CVE-2024-5304 |
7.8 |
2024-05-31 |
2024-07-01 |
Kofax Power PDF TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-548 |
ZDI-CAN-22919 |
Kofax |
CVE-2024-5303 |
7.8 |
2024-05-31 |
2024-07-01 |
Kofax Power PDF PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-547 |
ZDI-CAN-22918 |
Kofax |
CVE-2024-5302 |
7.8 |
2024-05-31 |
2024-07-01 |
Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-546 |
ZDI-CAN-22917 |
Kofax |
CVE-2024-5301 |
7.8 |
2024-05-31 |
2024-07-01 |
Kofax Power PDF PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-545 |
ZDI-CAN-22459 |
Sonos |
CVE-2024-5269 |
8.8 |
2024-05-31 |
2024-07-01 |
(Pwn2Own) Sonos Era 100 SMB2 Message Handling Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-544 |
ZDI-CAN-22428 |
Sonos |
CVE-2024-5268 |
4.3 |
2024-05-31 |
2024-07-01 |
(Pwn2Own) Sonos Era 100 SMB2 Message Handling Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-543 |
ZDI-CAN-22384 |
Sonos |
CVE-2024-5267 |
8.8 |
2024-05-31 |
2024-07-01 |
(Pwn2Own) Sonos Era 100 SMB2 Message Handling Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-542 |
ZDI-CAN-22336 |
Sonos |
CVE-2024-5256 |
4.3 |
2024-05-31 |
2024-07-01 |
(Pwn2Own) Sonos Era 100 SMB2 Message Handling Integer Underflow Information Disclosure Vulnerability |
| ZDI-24-541 |
ZDI-CAN-22266 |
Luxion |
CVE-2024-5507 |
7.8 |
2024-05-31 |
2024-07-01 |
Luxion KeyShot Viewer KSP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-540 |
ZDI-CAN-22738 |
Luxion |
CVE-2024-5509 |
7.8 |
2024-05-31 |
2024-07-01 |
Luxion KeyShot BIP File Parsing Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-539 |
ZDI-CAN-22267 |
Luxion |
CVE-2024-5508 |
7.8 |
2024-05-31 |
2024-07-01 |
Luxion KeyShot Viewer KSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-538 |
ZDI-CAN-22514 |
Luxion |
CVE-2024-5506 |
7.8 |
2024-05-31 |
2024-07-01 |
Luxion KeyShot Viewer KSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-537 |
ZDI-CAN-21419 |
Fuji Electric |
CVE-2024-34579 |
7.8 |
2024-05-31 |
2024-07-01 |
Fuji Electric Alpha5 C5V File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-536 |
ZDI-CAN-21423 |
Fuji Electric |
CVE-2024-34579 |
7.8 |
2024-05-31 |
2024-07-01 |
Fuji Electric Alpha5 C5V File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-535 |
ZDI-CAN-22908 |
Fuji Electric |
CVE-2024-34171 |
7.8 |
2024-05-31 |
2024-07-01 |
Fuji Electric Monitouch V-SFT V9C File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-534 |
ZDI-CAN-22896 |
Fuji Electric |
CVE-2024-34171 |
7.8 |
2024-05-31 |
2024-07-01 |
Fuji Electric Monitouch V-SFT V9C File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-533 |
ZDI-CAN-22874 |
Fuji Electric |
CVE-2024-34171 |
7.8 |
2024-05-31 |
2024-07-01 |
Fuji Electric Monitouch V-SFT V9C File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-532 |
ZDI-CAN-22815 |
Fuji Electric |
CVE-2024-34171 |
7.8 |
2024-05-31 |
2024-07-01 |
Fuji Electric Monitouch V-SFT V10 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-531 |
ZDI-CAN-22814 |
Fuji Electric |
CVE-2024-5271 |
7.8 |
2024-05-31 |
2024-07-01 |
Fuji Electric Monitouch V-SFT V9C File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-530 |
ZDI-CAN-22749 |
Fuji Electric |
CVE-2024-34171 |
7.8 |
2024-05-31 |
2024-07-01 |
Fuji Electric Monitouch V-SFT V9C File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-529 |
ZDI-CAN-23782 |
VMware |
CVE-2024-22269 |
6.0 |
2024-05-31 |
2024-07-01 |
(Pwn2Own) VMware Workstation UrbBuf_getDataBuf Uninitialized Variable Information Disclosure Vulnerability |
| ZDI-24-528 |
ZDI-CAN-23783 |
VMware |
CVE-2024-22270 |
6.0 |
2024-05-31 |
2024-07-01 |
(Pwn2Own) VMware Workstation hgfsVMCI_fileread Use of Uninitialized Variable Information Disclosure Vulnerability |
| ZDI-24-527 |
ZDI-CAN-23847 |
VMware |
CVE-2024-22267 |
8.2 |
2024-05-31 |
2024-07-01 |
(Pwn2Own) VMWare Workstation VBluetoothHCI_PacketOut Use-After-Free Privilege Escalation Vulnerability |
| ZDI-24-526 |
ZDI-CAN-23844 |
VMware |
CVE-2024-22267 |
8.2 |
2024-05-30 |
2024-07-01 |
(Pwn2Own) VMware Workstation VBluetoothHCI_PacketOut Use-After-Free Privilege Escalation Vulnerability |
| ZDI-24-525 |
ZDI-CAN-22754 |
A10 |
CVE-2024-30369 |
7.8 |
2024-05-29 |
2024-07-01 |
A10 Thunder ADC Incorrect Permission Assignment Local Privilege Escalation Vulnerability |
| ZDI-24-524 |
ZDI-CAN-22517 |
A10 |
CVE-2024-30368 |
7.2 |
2024-05-29 |
2024-07-01 |
A10 Thunder ADC CsrRequestView Command Injection Remote Code Execution Vulnerability |
| ZDI-24-523 |
ZDI-CAN-20923 |
Phoenix Contact |
CVE-2024-28137 |
7.8 |
2024-05-29 |
2024-07-01 |
Phoenix Contact CHARX SEC-3100 Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-522 |
ZDI-CAN-23330 |
Phoenix Contact |
CVE-2024-28135 |
6.8 |
2024-05-29 |
2024-07-01 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 Filename Command Injection Remote Code Execution Vulnerability |
| ZDI-24-521 |
ZDI-CAN-23391 |
Phoenix Contact |
CVE-2024-28136 |
7.5 |
2024-05-29 |
2024-07-01 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 OCPP charx_pack_logs Command Injection Remote Code Execution Vulnerability |
| ZDI-24-520 |
ZDI-CAN-23418 |
Phoenix Contact |
CVE-2024-28134 |
7.5 |
2024-05-29 |
2024-07-01 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 Missing Encryption Authentication Bypass Vulnerability |
| ZDI-24-519 |
ZDI-CAN-23419 |
Phoenix Contact |
CVE-2024-28133 |
7.8 |
2024-05-29 |
2024-07-01 |
(Pwn2Own) Phoenix Contact CHARX SEC-3100 Untrusted Search Path Local Privilege Escalation Vulnerability |
| ZDI-24-518 |
ZDI-CAN-23880 |
Progress Software |
CVE-2024-4357 |
6.5 |
2024-05-29 |
2024-07-01 |
Progress Software Telerik Reporting ValidateMetadaUri XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-24-517 |
ZDI-CAN-23353 |
Progress Software |
CVE-2024-4561 |
4.2 |
2024-05-29 |
2024-07-01 |
Progress Software WhatsUp Gold FaviconController Server-Side Request Forgery Information Disclosure Vulnerability |
| ZDI-24-516 |
ZDI-CAN-23447 |
Progress Software |
CVE-2024-4562 |
7.1 |
2024-05-28 |
2024-07-01 |
Progress Software WhatsUp Gold HttpContentActiveController Server-Side Request Forgery Information Disclosure Vulnerability |
| ZDI-24-515 |
ZDI-CAN-22951 |
NETGEAR |
CVE-2024-5247 |
8.8 |
2024-05-24 |
2024-07-01 |
NETGEAR ProSAFE Network Management System UpLoadServlet Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-24-514 |
ZDI-CAN-23549 |
Ivanti |
CVE-2024-29846 |
7.2 |
2024-05-24 |
2024-07-01 |
Ivanti Endpoint Manager GetVulnerabilitiesDataTable SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-513 |
ZDI-CAN-23538 |
Ivanti |
CVE-2024-29830 |
7.2 |
2024-05-24 |
2024-07-01 |
Ivanti Endpoint Manager GetLogFileRulesNameUniqueSQL SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-512 |
ZDI-CAN-23537 |
Ivanti |
CVE-2024-29829 |
7.2 |
2024-05-24 |
2024-07-01 |
Ivanti Endpoint Manager GetLogFileRulesSQL SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-511 |
ZDI-CAN-23536 |
Ivanti |
CVE-2024-29828 |
7.2 |
2024-05-24 |
2024-07-01 |
Ivanti Endpoint Manager GetRulesetsSQL SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-510 |
ZDI-CAN-23517 |
Ivanti |
CVE-2024-29827 |
9.8 |
2024-05-24 |
2024-07-01 |
Ivanti Endpoint Manager GetDBPatchProducts SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-509 |
ZDI-CAN-23516 |
Ivanti |
CVE-2024-29826 |
9.8 |
2024-05-24 |
2024-07-01 |
Ivanti Endpoint Manager GetDBPatches SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-508 |
ZDI-CAN-23484 |
Ivanti |
CVE-2024-29825 |
9.8 |
2024-05-24 |
2024-07-01 |
Ivanti Endpoint Manager RecordBrokenApp SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-507 |
ZDI-CAN-23482 |
Ivanti |
CVE-2024-29824 |
9.8 |
2024-05-24 |
2024-07-01 |
Ivanti Endpoint Manager RecordGoodApp SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-506 |
ZDI-CAN-23518 |
Ivanti |
CVE-2024-29823 |
9.8 |
2024-05-24 |
2024-07-01 |
Ivanti Endpoint Manager GetDBVulnerabilities SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-505 |
ZDI-CAN-23483 |
Ivanti |
CVE-2024-29822 |
9.8 |
2024-05-24 |
2024-07-01 |
Ivanti Endpoint Manager RecordGoodApp SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-504 |
ZDI-CAN-23525 |
Ivanti |
CVE-2024-29848 |
7.2 |
2024-05-24 |
2024-07-01 |
Ivanti Avalanche FileStoreConfig Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-24-503 |
ZDI-CAN-22439 |
TP-Link |
CVE-2024-5244 |
5.0 |
2024-05-23 |
2024-07-01 |
(Pwn2Own) TP-Link Omada ER605 Reliance on Security Through Obscurity Vulnerability |
| ZDI-24-502 |
ZDI-CAN-22523 |
TP-Link |
CVE-2024-5243 |
7.5 |
2024-05-23 |
2024-07-01 |
(Pwn2Own) TP-Link Omada ER605 Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-501 |
ZDI-CAN-22522 |
TP-Link |
CVE-2024-5242 |
7.5 |
2024-05-23 |
2024-07-01 |
(Pwn2Own) TP-Link Omada ER605 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-500 |
ZDI-CAN-22383 |
TP-Link |
CVE-2024-5228 |
7.5 |
2024-05-23 |
2024-07-01 |
(Pwn2Own) TP-Link Omada ER605 Comexe DDNS Response Handling Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-499 |
ZDI-CAN-22446 |
TP-Link |
CVE-2024-5227 |
7.5 |
2024-05-23 |
2024-07-01 |
(Pwn2Own) TP-Link Omada ER605 PPTP VPN username Command Injection Remote Code Execution Vulnerability |
| ZDI-24-498 |
ZDI-CAN-22923 |
NETGEAR |
CVE-2024-5247 |
8.8 |
2024-05-22 |
2024-07-01 |
NETGEAR ProSAFE Network Management System UpLoadServlet Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-24-497 |
ZDI-CAN-22868 |
NETGEAR |
CVE-2024-5246 |
8.8 |
2024-05-22 |
2024-07-01 |
NETGEAR ProSAFE Network Management System Tomcat Remote Code Execution Vulnerability |
| ZDI-24-496 |
ZDI-CAN-22755 |
NETGEAR |
CVE-2024-5245 |
7.8 |
2024-05-22 |
2024-07-01 |
NETGEAR ProSAFE Network Management System Default Credentials Local Privilege Escalation Vulnerability |
| ZDI-24-495 |
ZDI-CAN-23790 |
Microsoft |
CVE-2024-30037 |
8.8 |
2024-05-22 |
2024-07-01 |
(Pwn2Own) Microsoft Windows CLFS Integer Underflow Local Privilege Escalation Vulnerability |
| ZDI-24-494 |
ZDI-CAN-23490 |
VMware |
CVE-2024-22268 |
9.6 |
2024-05-22 |
2024-07-01 |
VMware Workstation SVGA Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-493 |
ZDI-CAN-22887 |
Adobe |
CVE-2024-30279 |
7.8 |
2024-05-22 |
2024-07-01 |
Adobe Acrobat Reader DC JPEG2000 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-492 |
ZDI-CAN-22867 |
Adobe |
CVE-2024-30280 |
7.8 |
2024-05-22 |
2024-07-01 |
Adobe Acrobat Pro DC AcroForm Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-491 |
ZDI-CAN-23035 |
WithSecure |
CVE-2024-4454 |
7.3 |
2024-05-22 |
2024-07-01 |
WithSecure Elements Endpoint Protection Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-490 |
ZDI-CAN-22364 |
LAquis |
CVE-2024-5040 |
7.8 |
2024-05-22 |
2024-07-01 |
LAquis SCADA LGX Report Processing AddComboFile Path Traversal Remote Code Execution Vulnerability |
| ZDI-24-489 |
ZDI-CAN-22465 |
LAquis |
CVE-2024-5040 |
7.8 |
2024-05-22 |
2024-07-01 |
LAquis SCADA LGX Report File Open Path Traversal Remote Code Execution Vulnerability |
| ZDI-24-488 |
ZDI-CAN-22358 |
LAquis |
CVE-2024-5040 |
7.8 |
2024-05-22 |
2024-07-01 |
LAquis SCADA LGX Report TextFile Open Path Traversal Remote Code Execution Vulnerability |
| ZDI-24-487 |
ZDI-CAN-22468 |
LAquis |
CVE-2024-5040 |
5.5 |
2024-05-22 |
2024-07-01 |
LAquis SCADA LGX Report STRING READFROMFILE Path Traversal Information Disclosure Vulnerability |
| ZDI-24-486 |
ZDI-CAN-22467 |
LAquis |
CVE-2024-5040 |
7.8 |
2024-05-22 |
2024-07-01 |
LAquis SCADA LGX Report STRING WRITETOFILE Path Traversal Remote Code Execution Vulnerability |
| ZDI-24-485 |
ZDI-CAN-22469 |
LAquis |
CVE-2024-5040 |
7.8 |
2024-05-22 |
2024-07-01 |
LAquis SCADA LGX Report TextFile OpenWithoutMemory Path Traversal Remote Code Execution Vulnerability |
| ZDI-24-484 |
ZDI-CAN-22470 |
LAquis |
CVE-2024-5040 |
7.8 |
2024-05-22 |
2024-07-01 |
LAquis SCADA LGX Report Table Save Path Traversal Remote Code Execution Vulnerability |
| ZDI-24-483 |
ZDI-CAN-23327 |
Adobe |
CVE-2024-30310 |
7.8 |
2024-05-19 |
2024-07-01 |
Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-482 |
ZDI-CAN-23474 |
Adobe |
CVE-2024-34094 |
7.8 |
2024-05-19 |
2024-07-01 |
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-481 |
ZDI-CAN-23475 |
Adobe |
CVE-2024-34095 |
7.8 |
2024-05-19 |
2024-07-01 |
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-480 |
ZDI-CAN-23472 |
Adobe |
CVE-2024-34096 |
7.8 |
2024-05-19 |
2024-07-01 |
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-479 |
ZDI-CAN-23466 |
Adobe |
CVE-2024-30284 |
7.8 |
2024-05-19 |
2024-07-01 |
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-478 |
ZDI-CAN-23473 |
Adobe |
CVE-2024-34097 |
7.8 |
2024-05-19 |
2024-07-01 |
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-477 |
ZDI-CAN-23614 |
Adobe |
CVE-2024-34101 |
3.3 |
2024-05-19 |
2024-07-01 |
Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-476 |
ZDI-CAN-22407 |
QNAP |
CVE-2023-51365 |
6.5 |
2024-05-19 |
2024-07-01 |
(Pwn2Own) QNAP TS-464 HLS_tmp Directory Traversal Arbitrary File Creation Vulnerability |
| ZDI-24-475 |
ZDI-CAN-22410 |
QNAP |
CVE-2023-51364 |
6.5 |
2024-05-19 |
2024-07-01 |
(Pwn2Own) QNAP TS-464 File Upload Directory Traversal Arbitrary File Creation Vulnerability |
| ZDI-24-474 |
ZDI-CAN-22495 |
QNAP |
CVE-2024-32766 |
6.5 |
2024-05-19 |
2024-07-01 |
(Pwn2Own) QNAP TS-464 Exposed Dangerous Method Privilege Escalation Vulnerability |
| ZDI-24-473 |
ZDI-CAN-22378 |
QNAP |
CVE-2024-27124 |
6.5 |
2024-05-19 |
2024-07-01 |
(Pwn2Own) QNAP TS-464 Authentication Service Improper Certificate Validation Vulnerability |
| ZDI-24-472 |
ZDI-CAN-22457 |
QNAP |
CVE-2024-32764 |
7.4 |
2024-05-19 |
2024-07-01 |
(Pwn2Own) QNAP TS-464 Netmgr Endpoint CRLF Injection Arbitrary Configuration Update Vulnerability |
| ZDI-24-471 |
ZDI-CAN-22494 |
QNAP |
CVE-2024-21901 |
8.8 |
2024-05-19 |
2024-07-01 |
(Pwn2Own) QNAP TS-464 authLogin SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-470 |
ZDI-CAN-22493 |
QNAP |
CVE-2024-21899 |
9.1 |
2024-05-19 |
2024-07-01 |
(Pwn2Own) QNAP TS-464 QR Code Device CRLF Injection Arbitrary Configuration Change Vulnerability |
| ZDI-24-469 |
ZDI-CAN-21600 |
Avira |
CVE-2023-51636 |
7.8 |
2024-05-17 |
2024-07-01 |
Avira Prime Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-468 |
ZDI-CAN-21579 |
Sante |
CVE-2023-51637 |
9.8 |
2024-05-17 |
2024-07-01 |
Sante PACS Server PG Patient Query SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-467 |
ZDI-CAN-23896 |
GStreamer |
CVE-2024-4453 |
7.8 |
2024-05-17 |
2024-07-01 |
GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability |
| ZDI-24-466 |
ZDI-CAN-21578 |
Siemens |
CVE-2024-32066 |
7.8 |
2024-05-17 |
2024-07-01 |
Siemens Simcenter Femap IGS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-465 |
ZDI-CAN-21564 |
Siemens |
CVE-2024-32059 |
7.8 |
2024-05-17 |
2024-07-01 |
Siemens Simcenter Femap IGS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-464 |
ZDI-CAN-21566 |
Siemens |
CVE-2024-32061 |
7.8 |
2024-05-17 |
2024-07-01 |
Siemens Simcenter Femap IGS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-463 |
ZDI-CAN-21568 |
Siemens |
CVE-2024-32062 |
7.8 |
2024-05-17 |
2024-07-01 |
Siemens Simcenter Femap IGS File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-462 |
ZDI-CAN-21573 |
Siemens |
CVE-2024-32063 |
7.8 |
2024-05-17 |
2024-07-01 |
Siemens Simcenter Femap IGS File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-461 |
ZDI-CAN-21575 |
Siemens |
CVE-2024-32064 |
7.8 |
2024-05-17 |
2024-07-01 |
Siemens Simcenter Femap IGS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-460 |
ZDI-CAN-21577 |
Siemens |
CVE-2024-32065 |
7.8 |
2024-05-17 |
2024-07-01 |
Siemens Simcenter Femap IGS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-459 |
ZDI-CAN-21565 |
Siemens |
CVE-2024-32060 |
7.8 |
2024-05-17 |
2024-07-01 |
Siemens Simcenter Femap IGS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-458 |
ZDI-CAN-21562 |
Siemens |
CVE-2024-32057 |
7.8 |
2024-05-17 |
2024-07-01 |
Siemens Simcenter Femap IGS File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-457 |
ZDI-CAN-21563 |
Siemens |
CVE-2024-32058 |
7.8 |
2024-05-17 |
2024-07-01 |
Siemens Simcenter Femap IGS File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-456 |
ZDI-CAN-21906 |
NI |
CVE-2024-4044 |
7.8 |
2024-05-15 |
2024-07-01 |
NI FlexLogger FLXPROJ File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-455 |
ZDI-CAN-23500 |
SolarWinds |
CVE-2024-28075 |
9.9 |
2024-05-15 |
2024-07-01 |
SolarWinds Access Rights Manager JsonSerializationBinder Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-454 |
ZDI-CAN-23059 |
SolarWinds |
CVE-2024-23473 |
8.6 |
2024-05-15 |
2024-07-01 |
SolarWinds Access Rights Manager Hard-Coded Credentials Authentication Bypass Vulnerability |
| ZDI-24-453 |
ZDI-CAN-23586 |
Microsoft |
CVE-2024-30043 |
7.1 |
2024-05-14 |
2024-07-01 |
Microsoft SharePoint BaseXmlDataSource XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-24-452 |
ZDI-CAN-22417 |
Microsoft |
CVE-2024-30034 |
8.4 |
2024-05-14 |
2024-07-01 |
Microsoft Windows cldflt Type Confusion Information Disclosure Vulnerability |
| ZDI-24-451 |
ZDI-CAN-22907 |
Microsoft |
CVE-2024-30033 |
7.0 |
2024-05-14 |
2024-07-01 |
Microsoft Windows Search Service Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-450 |
ZDI-CAN-21828 |
D-Link |
CVE-2024-5299 |
8.8 |
2024-05-24 |
2024-07-01 |
(0Day) D-Link D-View execMonitorScript Exposed Dangerous Method Remote Code Execution Vulnerability |
| ZDI-24-449 |
ZDI-CAN-21842 |
D-Link |
CVE-2024-5298 |
8.8 |
2024-05-24 |
2024-07-01 |
(0Day) D-Link D-View queryDeviceCustomMonitorResult Exposed Dangerous Method Remote Code Execution Vulnerability |
| ZDI-24-448 |
ZDI-CAN-21821 |
D-Link |
CVE-2024-5297 |
8.8 |
2024-05-24 |
2024-07-01 |
(0Day) D-Link D-View executeWmicCmd Command Injection Remote Code Execution Vulnerability |
| ZDI-24-447 |
ZDI-CAN-21991 |
D-Link |
CVE-2024-5296 |
9.8 |
2024-05-24 |
2024-07-01 |
(0Day) D-Link D-View Use of Hard-coded Cryptographic Key Authentication Bypass Vulnerability |
| ZDI-24-446 |
ZDI-CAN-21294 |
D-Link |
CVE-2024-5295 |
8.8 |
2024-05-24 |
2024-07-01 |
(0Day) D-Link G416 flupl self Command Injection Remote Code Execution Vulnerability |
| ZDI-24-445 |
ZDI-CAN-21668 |
D-Link |
CVE-2024-5294 |
4.3 |
2024-05-24 |
2024-07-01 |
(0Day) D-Link DIR-3040 prog.cgi websSecurityHandler Memory Leak Denial-of-Service Vulnerability |
| ZDI-24-444 |
ZDI-CAN-21853 |
D-Link |
CVE-2024-5293 |
8.8 |
2024-05-24 |
2024-07-01 |
(0Day) D-Link DIR-2640 HTTP Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-443 |
ZDI-CAN-21426 |
D-Link |
CVE-2024-5292 |
7.3 |
2024-05-24 |
2024-07-01 |
(0Day) D-Link Network Assistant Uncontrolled Search Path Element Local Privilege Escalation Vulnerability |
| ZDI-24-442 |
ZDI-CAN-21235 |
D-Link |
CVE-2024-5291 |
8.8 |
2024-05-24 |
2024-07-01 |
(0Day) D-Link DIR-2150 GetDeviceSettings Target Command Injection Remote Code Execution Vulnerability |
| ZDI-24-441 |
ZDI-CAN-21884 |
Delta Electronics |
CVE-2024-1595 |
7.8 |
2024-05-13 |
2024-07-01 |
Delta Electronics CNCSoft-B DOPSoft Uncontrolled Search Path Remote Code Execution Vulnerability |
| ZDI-24-440 |
ZDI-CAN-22502 |
Delta Electronics |
CVE-2023-46604 |
9.8 |
2024-05-13 |
2024-07-01 |
Delta Electronics InfraSuite Device Master ActiveMQ Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-439 |
ZDI-CAN-20464 |
Microsoft |
CVE-2023-24948 |
7.6 |
2024-05-09 |
2024-07-01 |
Microsoft Windows Bluetooth AVDTP Protocol Integer Underflow Remote Code Execution Vulnerability |
| ZDI-24-438 |
ZDI-CAN-22618 |
Dassault Systèmes |
CVE-2024-3298 |
7.8 |
2024-05-09 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-437 |
ZDI-CAN-22619 |
Dassault Systèmes |
CVE-2024-3298 |
7.8 |
2024-05-09 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer DXF File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-436 |
ZDI-CAN-22620 |
Dassault Systèmes |
CVE-2024-3298 |
7.8 |
2024-05-09 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-435 |
ZDI-CAN-22624 |
Dassault Systèmes |
CVE-2024-3298 |
7.8 |
2024-05-09 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer DXF File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-434 |
ZDI-CAN-22625 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-05-09 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer SAT File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-24-433 |
ZDI-CAN-22621 |
Dassault Systèmes |
CVE-2024-3298 |
7.8 |
2024-05-09 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-432 |
ZDI-CAN-22616 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-05-09 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer JT File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-431 |
ZDI-CAN-22623 |
Dassault Systèmes |
CVE-2024-3298 |
7.8 |
2024-05-09 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-430 |
ZDI-CAN-22617 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-05-09 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer JT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-429 |
ZDI-CAN-22622 |
Dassault Systèmes |
CVE-2024-3298 |
7.8 |
2024-05-09 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-428 |
ZDI-CAN-22615 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-05-09 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer JT File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-427 |
ZDI-CAN-23106 |
Adobe |
CVE-2024-30306 |
7.8 |
2024-05-07 |
2024-07-01 |
Adobe Acrobat Reader DC AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-426 |
ZDI-CAN-23077 |
Adobe |
CVE-2024-30302 |
3.3 |
2024-05-07 |
2024-07-01 |
Adobe Acrobat Reader DC AcroForm Use-After-Free Information Disclosure Vulnerability |
| ZDI-24-425 |
ZDI-CAN-23044 |
Adobe |
CVE-2024-30303 |
7.8 |
2024-05-07 |
2024-07-01 |
Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-424 |
ZDI-CAN-23043 |
Adobe |
CVE-2024-30305 |
7.8 |
2024-05-07 |
2024-07-01 |
Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-423 |
ZDI-CAN-23042 |
Adobe |
CVE-2024-30301 |
7.8 |
2024-05-07 |
2024-07-01 |
Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-422 |
ZDI-CAN-23040 |
Adobe |
CVE-2024-30304 |
7.8 |
2024-05-07 |
2024-07-01 |
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-421 |
ZDI-CAN-23521 |
SonicWALL |
CVE-2024-29011 |
7.5 |
2024-05-07 |
2024-07-01 |
SonicWALL GMS Virtual Appliance ECMClientAuthenticator Hard-Coded Credential Authentication Bypass Vulnerability |
| ZDI-24-420 |
ZDI-CAN-22675 |
SonicWALL |
CVE-2024-29010 |
7.1 |
2024-05-07 |
2024-07-01 |
SonicWALL GMS Virtual Appliance ECMPolicy XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-24-419 |
ZDI-CAN-22332 |
Xiaomi |
CVE-2024-4406 |
8.8 |
2024-05-01 |
2024-07-01 |
(Pwn2Own) Xiaomi Pro 13 GetApps integral-dialog-page Cross-Site Scripting Remote Code Execution Vulnerability |
| ZDI-24-418 |
ZDI-CAN-22379 |
Xiaomi |
CVE-2024-4405 |
8.8 |
2024-05-01 |
2024-07-01 |
(Pwn2Own) Xiaomi Pro 13 mimarket manual-upgrade Cross-Site Scripting Remote Code Execution Vulnerability |
| ZDI-24-417 |
ZDI-CAN-22559 |
Xiaomi |
CVE-2023-26322 |
8.8 |
2024-05-01 |
2024-07-01 |
Xiaomi Pro 13 isUrlMatchLevel Permissive List of Allowed Inputs Remote Code Execution Vulnerability |
| ZDI-24-416 |
ZDI-CAN-20731 |
Centreon |
CVE-2023-51633 |
7.5 |
2024-04-29 |
2024-07-01 |
Centreon sysName Cross-Site Scripting Remote Code Execution Vulnerability |
| ZDI-24-415 |
ZDI-CAN-23775 |
Oracle |
CVE-2024-21113 |
6.0 |
2024-04-26 |
2024-07-01 |
(Pwn2Own) Oracle VirtualBox E1000 Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-24-414 |
ZDI-CAN-23787 |
Oracle |
CVE-2024-21112 |
6.0 |
2024-04-26 |
2024-07-01 |
(Pwn2Own) Oracle VirtualBox AHCI Controller Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-24-413 |
ZDI-CAN-23796 |
Oracle |
CVE-2024-21115 |
8.2 |
2024-04-26 |
2024-07-01 |
(Pwn2Own) Oracle VirtualBox DevVGA Out-Of-Bounds Write Local Privilege Escalation Vulnerability |
| ZDI-24-412 |
ZDI-CAN-23797 |
Oracle |
CVE-2024-21114 |
8.2 |
2024-04-26 |
2024-07-01 |
(Pwn2Own) Oracle VirtualBox VirtIOCore Buffer Overflow Local Privilege Escalation Vulnerability |
| ZDI-24-411 |
ZDI-CAN-23798 |
Oracle |
CVE-2024-21121 |
6.0 |
2024-04-26 |
2024-07-01 |
(Pwn2Own) Oracle VirtualBox BusLogic Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-24-410 |
ZDI-CAN-23403 |
Oracle |
CVE-2024-21116 |
7.8 |
2024-04-26 |
2024-07-01 |
Oracle VirtualBox vboxdrv Improper Privilege Management Local Privilege Escalation Vulnerability |
| ZDI-24-409 |
ZDI-CAN-23388 |
Oracle |
CVE-2024-21110 |
7.3 |
2024-04-26 |
2024-07-01 |
Oracle VirtualBox Guest Additions Improper Access Control Local Privilege Escalation Vulnerability |
| ZDI-24-408 |
ZDI-CAN-23076 |
Oracle |
CVE-2024-21109 |
5.9 |
2024-04-26 |
2024-07-01 |
Oracle VirtualBox Web Service Exposure of Resource to Wrong Sphere Information Disclosure Vulnerability |
| ZDI-24-407 |
ZDI-CAN-22880 |
X.Org |
CVE-2024-31083 |
7.8 |
2024-04-26 |
2024-07-01 |
X.Org Server ProcRenderAddGlyphs Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-24-406 |
ZDI-CAN-22173 |
Adobe |
CVE-2023-48633 |
7.8 |
2024-04-26 |
2024-07-01 |
Adobe After Effects AEP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-405 |
ZDI-CAN-22549 |
Lexmark |
CVE-2023-50739 |
8.8 |
2024-04-26 |
2024-07-01 |
Lexmark CX331adwe IPP Server Authorization HTTP Header Heap-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-404 |
ZDI-CAN-22327 |
Apple |
CVE-2024-23264 |
3.3 |
2024-04-25 |
2024-07-01 |
Apple macOS Metal Framework PVR File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-403 |
ZDI-CAN-23903 |
Progress Software |
CVE-2024-1800 |
8.8 |
2024-04-25 |
2024-07-01 |
Progress Software Telerik Report Server ObjectReader Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-402 |
ZDI-CAN-23902 |
Progress Software |
CVE-2024-1856 |
7.2 |
2024-04-25 |
2024-07-01 |
Progress Software Telerik Reporting ObjectReader Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-401 |
ZDI-CAN-23001 |
Progress Software |
CVE-2024-1801 |
7.8 |
2024-04-25 |
2024-07-01 |
Progress Software Telerik Reporting ObjectReader Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-400 |
ZDI-CAN-23558 |
Microsoft |
|
9.8 |
2024-04-25 |
2024-07-01 |
Microsoft uAMQP for Python azure-iot-sdks-ci Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-399 |
ZDI-CAN-22547 |
Microsoft |
CVE-2024-29991 |
7.5 |
2024-04-25 |
2024-07-01 |
Microsoft Windows MHT File Mark-Of-The-Web Bypass Remote Code Execution Vulnerability |
| ZDI-24-398 |
ZDI-CAN-22560 |
Wazuh |
CVE-2023-50260 |
8.8 |
2024-04-25 |
2024-07-01 |
Wazuh Active Response Module Improper Input Validation Remote Code Execution Vulnerability |
| ZDI-24-397 |
ZDI-CAN-22475 |
Wazuh |
CVE-2024-32038 |
9.8 |
2024-04-25 |
2024-07-01 |
Wazuh Analysis Engine Event Decoder Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-396 |
ZDI-CAN-23024 |
Microsoft |
|
9.8 |
2024-04-23 |
2024-07-01 |
Microsoft Azure ODSP nikisos Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-395 |
ZDI-CAN-22810 |
Ivanti |
CVE-2024-27984 |
7.1 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLInfoRailService DELKEY Directory Traversal Arbitrary File Deletion Vulnerability |
| ZDI-24-394 |
ZDI-CAN-22990 |
Ivanti |
CVE-2024-27978 |
6.5 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Null Pointer Dereference Denial-of-Service Vulnerability |
| ZDI-24-393 |
ZDI-CAN-22989 |
Ivanti |
CVE-2024-27977 |
7.1 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Directory Traversal Arbitrary File Deletion Vulnerability |
| ZDI-24-392 |
ZDI-CAN-22988 |
Ivanti |
CVE-2024-27976 |
8.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-391 |
ZDI-CAN-22987 |
Ivanti |
CVE-2024-27975 |
8.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-390 |
ZDI-CAN-22986 |
Ivanti |
CVE-2024-25000 |
8.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-389 |
ZDI-CAN-22985 |
Ivanti |
CVE-2024-24999 |
8.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-388 |
ZDI-CAN-22984 |
Ivanti |
CVE-2024-24998 |
8.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-387 |
ZDI-CAN-22950 |
Ivanti |
CVE-2024-24997 |
8.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-386 |
ZDI-CAN-22940 |
Ivanti |
CVE-2024-24996 |
9.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLInfoRailService Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-385 |
ZDI-CAN-22885 |
Ivanti |
CVE-2024-24995 |
8.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche doInTransaction Time-Of-Check Time-Of-Use Remote Code Execution Vulnerability |
| ZDI-24-384 |
ZDI-CAN-22866 |
Ivanti |
CVE-2024-24994 |
8.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche extractZipEntry Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-383 |
ZDI-CAN-22865 |
Ivanti |
CVE-2024-24993 |
8.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche InstallPackageThread Time-Of-Check Time-Of-Use Remote Code Execution Vulnerability |
| ZDI-24-382 |
ZDI-CAN-22854 |
Ivanti |
CVE-2024-24992 |
8.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche getAdhocFilePath Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-381 |
ZDI-CAN-22839 |
Ivanti |
CVE-2024-24991 |
6.5 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Null Pointer Dereference Denial-of-Service Vulnerability |
| ZDI-24-380 |
ZDI-CAN-22836 |
Ivanti |
CVE-2024-23535 |
8.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche copyFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-379 |
ZDI-CAN-22835 |
Ivanti |
CVE-2024-23534 |
8.8 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche getMasterAdhocCollectionsPath Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-24-378 |
ZDI-CAN-22827 |
Ivanti |
CVE-2024-23532 |
7.5 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-377 |
ZDI-CAN-22826 |
Ivanti |
CVE-2024-23533 |
4.3 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-376 |
ZDI-CAN-22756 |
Ivanti |
CVE-2024-23531 |
7.5 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLInfoRailService Integer Overflow Information Disclosure Vulnerability |
| ZDI-24-375 |
ZDI-CAN-22703 |
Ivanti |
CVE-2024-23530 |
5.3 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-374 |
ZDI-CAN-22702 |
Ivanti |
CVE-2024-23529 |
5.3 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-373 |
ZDI-CAN-22701 |
Ivanti |
CVE-2024-23528 |
5.3 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-372 |
ZDI-CAN-22700 |
Ivanti |
CVE-2024-23527 |
5.3 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-371 |
ZDI-CAN-22699 |
Ivanti |
CVE-2024-23526 |
5.3 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-370 |
ZDI-CAN-22682 |
Ivanti |
CVE-2024-22061 |
8.1 |
2024-04-23 |
2024-07-01 |
Ivanti Avalanche WLInfoRailService Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-369 |
ZDI-CAN-22648 |
Google |
|
5.3 |
2024-04-22 |
2024-07-01 |
Google cAdvisor REST API Improper Access Control Information Disclosure Vulnerability |
| ZDI-24-368 |
ZDI-CAN-22300 |
GStreamer |
CVE-2023-50186 |
7.5 |
2024-04-19 |
2024-07-01 |
GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-367 |
ZDI-CAN-23785 |
Google |
CVE-2024-3159 |
5.4 |
2024-04-15 |
2024-07-01 |
(Pwn2Own) Google Chrome V8 Enum Cache Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-366 |
ZDI-CAN-23792 |
Google |
CVE-2024-2887 |
5.4 |
2024-04-15 |
2024-07-01 |
(Pwn2Own) Google Chrome WASM Improper Input Validation Remote Code Execution Vulnerability |
| ZDI-24-365 |
ZDI-CAN-23799 |
Microsoft |
CVE-2024-3914 |
5.4 |
2024-04-15 |
2024-07-01 |
(Pwn2Own) Microsoft Edge DOMArrayBuffer Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-364 |
ZDI-CAN-21954 |
Arista |
CVE-2024-27889 |
8.8 |
2024-04-09 |
2024-07-01 |
Arista NG Firewall ReportEntry SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-363 |
ZDI-CAN-22924 |
Microsoft |
CVE-2024-26158 |
7.8 |
2024-04-09 |
2024-07-01 |
Microsoft Windows Installer Service Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-362 |
ZDI-CAN-23397 |
Microsoft |
CVE-2024-20685 |
5.9 |
2024-04-09 |
2024-07-01 |
Microsoft Azure Private 5G Core InitialUEMessage Improper Input Validation Denial-of-Service Vulnerability |
| ZDI-24-361 |
ZDI-CAN-23943 |
Microsoft |
CVE-2024-29988 |
8.8 |
2024-04-09 |
2024-07-01 |
Microsoft Windows Internet Shortcut SmartScreen Bypass Vulnerability |
| ZDI-24-360 |
ZDI-CAN-23446 |
JetBrains |
CVE-2024-31138 |
4.6 |
2024-04-01 |
2024-07-01 |
JetBrains TeamCity AgentDistributionSettingsController Cross-Site Scripting Vulnerability |
| ZDI-24-359 |
ZDI-CAN-22591 |
Flexera Software |
CVE-2024-2658 |
7.8 |
2024-04-01 |
2024-07-01 |
Flexera Software FlexNet Publisher Uncontrolled Search Path Element Local Privilege Escalation Vulnerability |
| ZDI-24-358 |
ZDI-CAN-21883 |
GitLab |
CVE-2024-2818 |
4.3 |
2024-04-01 |
2024-07-01 |
GitLab Label Description Uncontrolled Resource Consumption Denial-of-Service Vulnerability |
| ZDI-24-357 |
ZDI-CAN-23156 |
RARLAB |
CVE-2024-30370 |
4.3 |
2024-04-01 |
2024-07-01 |
RARLAB WinRAR Mark-Of-The-Web Bypass Vulnerability |
| ZDI-24-356 |
ZDI-CAN-22051 |
Siemens |
CVE-2024-27907 |
7.8 |
2024-03-28 |
2024-07-01 |
Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-355 |
ZDI-CAN-22164 |
Wireshark |
CVE-2023-6175 |
7.8 |
2024-03-28 |
2024-07-01 |
Wireshark NetScreen File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-354 |
ZDI-CAN-21032 |
Schneider Electric |
CVE-2024-2229 |
7.8 |
2024-03-28 |
2024-07-01 |
Schneider Electric EcoStruxure Power Design - Ecodial BinSerializer Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-353 |
ZDI-CAN-20492 |
Softing |
CVE-2024-0860 |
8.0 |
2024-03-28 |
2024-07-01 |
Softing edgeConnector Siemens Cleartext Transmission of Credentials Authentication Bypass Vulnerability |
| ZDI-24-352 |
ZDI-CAN-21225 |
Softing |
CVE-2023-38126 |
7.2 |
2024-03-28 |
2024-07-01 |
Softing edgeConnector Siemens Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-351 |
ZDI-CAN-22695 |
SolarWinds |
CVE-2024-23479 |
10.0 |
2024-03-28 |
2024-07-01 |
SolarWinds Access Rights Manager OpenFileStreamLocal Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-350 |
ZDI-CAN-22531 |
SolarWinds |
CVE-2023-40057 |
9.9 |
2024-03-28 |
2024-07-01 |
SolarWinds Access Rights Manager JsonSerializationHelper Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-349 |
ZDI-CAN-22713 |
SolarWinds |
CVE-2024-23476 |
10.0 |
2024-03-28 |
2024-07-01 |
SolarWinds Access Rights Manager OpenFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-348 |
ZDI-CAN-22739 |
SolarWinds |
CVE-2024-23477 |
9.0 |
2024-03-28 |
2024-07-01 |
SolarWinds Access Rights Manager openServerFileStream Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-347 |
ZDI-CAN-22416 |
SolarWinds |
CVE-2024-23478 |
9.9 |
2024-03-28 |
2024-07-01 |
SolarWinds Access Rights Manager JsonSerializationBinder Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-346 |
ZDI-CAN-23355 |
Foxit |
CVE-2024-30371 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-345 |
ZDI-CAN-23013 |
Foxit |
CVE-2024-30367 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-344 |
ZDI-CAN-23002 |
Foxit |
CVE-2024-30366 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-343 |
ZDI-CAN-22947 |
Foxit |
CVE-2024-30365 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-342 |
ZDI-CAN-23008 |
Foxit |
CVE-2024-30363 |
3.3 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-341 |
ZDI-CAN-23009 |
Foxit |
CVE-2024-30364 |
3.3 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-340 |
ZDI-CAN-22797 |
Foxit |
CVE-2024-30360 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-339 |
ZDI-CAN-22798 |
Foxit |
CVE-2024-30362 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-338 |
ZDI-CAN-22877 |
Foxit |
CVE-2024-30361 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-337 |
ZDI-CAN-22809 |
Foxit |
CVE-2024-30355 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-336 |
ZDI-CAN-22811 |
Foxit |
CVE-2024-30356 |
3.3 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-335 |
ZDI-CAN-22800 |
Foxit |
CVE-2024-30352 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-334 |
ZDI-CAN-22807 |
Foxit |
CVE-2024-30353 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-333 |
ZDI-CAN-22708 |
Foxit |
CVE-2024-30350 |
3.3 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-332 |
ZDI-CAN-22808 |
Foxit |
CVE-2024-30354 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-331 |
ZDI-CAN-22818 |
Foxit |
CVE-2024-30357 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Annotation Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-330 |
ZDI-CAN-22821 |
Foxit |
CVE-2024-30358 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm User-After-Free Remote Code Execution Vulnerability |
| ZDI-24-329 |
ZDI-CAN-22888 |
Foxit |
CVE-2024-30359 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm 3D Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-328 |
ZDI-CAN-22799 |
Foxit |
CVE-2024-30351 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-327 |
ZDI-CAN-22910 |
Foxit |
CVE-2024-30347 |
3.3 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-326 |
ZDI-CAN-22911 |
Foxit |
CVE-2024-30348 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-325 |
ZDI-CAN-22912 |
Foxit |
CVE-2024-30349 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-324 |
ZDI-CAN-22745 |
Foxit |
CVE-2024-30346 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-323 |
ZDI-CAN-22742 |
Foxit |
CVE-2024-30345 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-322 |
ZDI-CAN-22720 |
Foxit |
CVE-2024-30342 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-321 |
ZDI-CAN-22707 |
Foxit |
CVE-2024-30340 |
3.3 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-320 |
ZDI-CAN-22733 |
Foxit |
CVE-2024-30344 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-319 |
ZDI-CAN-22705 |
Foxit |
CVE-2024-30338 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-318 |
ZDI-CAN-22704 |
Foxit |
CVE-2024-30337 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-317 |
ZDI-CAN-22706 |
Foxit |
CVE-2024-30339 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-316 |
ZDI-CAN-22721 |
Foxit |
CVE-2024-30343 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-315 |
ZDI-CAN-22709 |
Foxit |
CVE-2024-30341 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-314 |
ZDI-CAN-22592 |
Foxit |
CVE-2024-30325 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-313 |
ZDI-CAN-22593 |
Foxit |
CVE-2024-30326 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-312 |
ZDI-CAN-22633 |
Foxit |
CVE-2024-30328 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-311 |
ZDI-CAN-22632 |
Foxit |
CVE-2024-30327 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader template Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-310 |
ZDI-CAN-22634 |
Foxit |
CVE-2024-30329 |
3.3 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability |
| ZDI-24-309 |
ZDI-CAN-22636 |
Foxit |
CVE-2024-30330 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-308 |
ZDI-CAN-22637 |
Foxit |
CVE-2024-30331 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-307 |
ZDI-CAN-22639 |
Foxit |
CVE-2024-30333 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-306 |
ZDI-CAN-22640 |
Foxit |
CVE-2024-30334 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-305 |
ZDI-CAN-22638 |
Foxit |
CVE-2024-30332 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-304 |
ZDI-CAN-22641 |
Foxit |
CVE-2024-30335 |
3.3 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-303 |
ZDI-CAN-22642 |
Foxit |
CVE-2024-30336 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-302 |
ZDI-CAN-22576 |
Foxit |
CVE-2024-30324 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-301 |
ZDI-CAN-22501 |
Foxit |
CVE-2024-30323 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader template Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-300 |
ZDI-CAN-22499 |
Foxit |
CVE-2024-30322 |
7.8 |
2024-03-28 |
2024-07-01 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-299 |
ZDI-CAN-21951 |
Linux |
CVE-2023-52628 |
7.3 |
2024-03-28 |
2024-07-01 |
Linux Kernel nft_exthdr_ipv6_eval Stack-based Buffer Overflow Information Disclosure Vulnerability |
| ZDI-24-298 |
ZDI-CAN-21950 |
Linux |
CVE-2023-52628 |
7.3 |
2024-03-28 |
2024-07-01 |
Linux Kernel nft_exthdr_tcp_eval Stack-based Buffer Overflow Information Disclosure Vulnerability |
| ZDI-24-297 |
ZDI-CAN-21961 |
Linux |
CVE-2023-52628 |
7.3 |
2024-03-28 |
2024-07-01 |
Linux Kernel nft_exthdr_sctp_eval Stack-based Buffer Overflow Information Disclosure Vulnerability |
| ZDI-24-296 |
ZDI-CAN-22587 |
Autodesk |
CVE-2024-23138 |
7.8 |
2024-03-27 |
2024-07-01 |
Autodesk DWG TrueView DWG File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-295 |
ZDI-CAN-21341 |
Autodesk |
CVE-2024-23139 |
7.8 |
2024-03-27 |
2024-07-01 |
Autodesk FBX Review ABC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-294 |
ZDI-CAN-23146 |
Microsoft |
CVE-2024-26199 |
7.8 |
2024-03-13 |
2024-07-01 |
Microsoft Office Performance Monitor Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-293 |
ZDI-CAN-22552 |
Microsoft |
CVE-2024-21411 |
8.8 |
2024-03-13 |
2024-07-01 |
Microsoft Skype Protection Mechanism Failure Remote Code Execution Vulnerability |
| ZDI-24-292 |
ZDI-CAN-22671 |
Adobe |
CVE-2024-20745 |
7.8 |
2024-03-13 |
2024-07-01 |
Adobe Premiere Pro AVI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-291 |
ZDI-CAN-22653 |
Adobe |
CVE-2024-20752 |
7.8 |
2024-03-13 |
2024-07-01 |
Adobe Bridge PS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-290 |
ZDI-CAN-22159 |
NI |
CVE-2024-23609 |
7.8 |
2024-03-12 |
2024-07-01 |
NI LabVIEW VI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-289 |
ZDI-CAN-21996 |
NI |
CVE-2024-23612 |
7.8 |
2024-03-12 |
2024-07-01 |
NI LabVIEW VI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-288 |
ZDI-CAN-21987 |
NI |
CVE-2024-23611 |
7.8 |
2024-03-12 |
2024-07-01 |
NI LabVIEW VI File Parsing Out-of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-287 |
ZDI-CAN-21985 |
NI |
CVE-2024-23610 |
7.8 |
2024-03-12 |
2024-07-01 |
NI LabVIEW VI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-286 |
ZDI-CAN-21984 |
NI |
CVE-2024-23608 |
7.8 |
2024-03-12 |
2024-07-01 |
NI LabVIEW VI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-285 |
ZDI-CAN-22141 |
NI |
CVE-2024-23609 |
7.8 |
2024-03-12 |
2024-07-01 |
NI LabVIEW VI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-284 |
ZDI-CAN-22674 |
Adobe |
CVE-2024-20765 |
7.8 |
2024-03-11 |
2024-07-01 |
Adobe Acrobat Reader DC PDF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-283 |
ZDI-CAN-22250 |
Apple |
CVE-2024-23257 |
3.3 |
2024-03-11 |
2024-07-01 |
Apple macOS JP2 Image Parsing Uninitialized Pointer Information Disclosure Vulnerability |
| ZDI-24-282 |
ZDI-CAN-22371 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer SAT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-281 |
ZDI-CAN-22367 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer SAT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-280 |
ZDI-CAN-22370 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer SAT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-279 |
ZDI-CAN-22372 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer SAT File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-278 |
ZDI-CAN-22490 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer JT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-277 |
ZDI-CAN-22373 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer SAT File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-276 |
ZDI-CAN-22491 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer JT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-275 |
ZDI-CAN-22489 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-274 |
ZDI-CAN-22590 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings Viewer STL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-273 |
ZDI-CAN-22723 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings IPT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-272 |
ZDI-CAN-22857 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings SAT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-271 |
ZDI-CAN-22846 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings SAT File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-270 |
ZDI-CAN-22847 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings STP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-269 |
ZDI-CAN-22848 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings JT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-268 |
ZDI-CAN-22849 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings IPT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-267 |
ZDI-CAN-22850 |
Dassault Systèmes |
CVE-2024-3299 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings SLDDRW File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-24-266 |
ZDI-CAN-22851 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings IPT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-265 |
ZDI-CAN-22852 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings SAT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-264 |
ZDI-CAN-22853 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings IPT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-263 |
ZDI-CAN-22855 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings SAT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-262 |
ZDI-CAN-22856 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-261 |
ZDI-CAN-22858 |
Dassault Systèmes |
CVE-2024-3299 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings SLDPRT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-260 |
ZDI-CAN-22859 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings IPT File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-24-259 |
ZDI-CAN-22860 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings IPT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-258 |
ZDI-CAN-22862 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings CATPART File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-257 |
ZDI-CAN-22863 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-11 |
2024-07-01 |
Dassault Systèmes eDrawings X_B File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-256 |
ZDI-CAN-22861 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-08 |
2024-07-01 |
Dassault Systèmes eDrawings CATPART File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-255 |
ZDI-CAN-22864 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-08 |
2024-07-01 |
Dassault Systèmes eDrawings X_T File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-254 |
ZDI-CAN-22841 |
Dassault Systèmes |
CVE-2024-3298 |
7.8 |
2024-03-08 |
2024-07-01 |
Dassault Systèmes eDrawings DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-253 |
ZDI-CAN-22843 |
Dassault Systèmes |
CVE-2024-3299 |
7.8 |
2024-03-08 |
2024-07-01 |
Dassault Systèmes eDrawings SLDDRW File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-252 |
ZDI-CAN-22844 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-08 |
2024-07-01 |
Dassault Systèmes eDrawings JT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-251 |
ZDI-CAN-22842 |
Dassault Systèmes |
CVE-2024-1847 |
7.8 |
2024-03-08 |
2024-07-01 |
Dassault Systèmes eDrawings SAT File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-250 |
ZDI-CAN-22845 |
Dassault Systèmes |
CVE-2024-3298 |
7.8 |
2024-03-08 |
2024-07-01 |
Dassault Systèmes eDrawings DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-249 |
ZDI-CAN-21918 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt IGS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-248 |
ZDI-CAN-21917 |
Ashlar-Vellum |
|
7.0 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt IGS File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-247 |
ZDI-CAN-21740 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-24-246 |
ZDI-CAN-21741 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-245 |
ZDI-CAN-21732 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-24-244 |
ZDI-CAN-21746 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-243 |
ZDI-CAN-21523 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-242 |
ZDI-CAN-21729 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-241 |
ZDI-CAN-21730 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-240 |
ZDI-CAN-21728 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-239 |
ZDI-CAN-21535 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-238 |
ZDI-CAN-21745 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-237 |
ZDI-CAN-21738 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-236 |
ZDI-CAN-21735 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-235 |
ZDI-CAN-21744 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-24-234 |
ZDI-CAN-21553 |
Ashlar-Vellum |
|
7.8 |
2024-03-05 |
2024-07-01 |
(0Day) Ashlar-Vellum Cobalt STP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-233 |
ZDI-CAN-22789 |
Delta Electronics |
CVE-2024-1941 |
7.8 |
2024-03-04 |
2024-07-01 |
Delta Electronics CNCSoft-B DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-232 |
ZDI-CAN-21978 |
Kofax |
CVE-2024-27334 |
3.3 |
2024-03-04 |
2024-07-01 |
Kofax Power PDF JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-231 |
ZDI-CAN-22925 |
Kofax |
CVE-2024-27339 |
7.8 |
2024-03-04 |
2024-07-01 |
Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-230 |
ZDI-CAN-22033 |
Kofax |
CVE-2024-27337 |
7.8 |
2024-03-04 |
2024-07-01 |
Kofax Power PDF TIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-229 |
ZDI-CAN-21940 |
Linux |
CVE-2023-52440 |
9.0 |
2024-03-01 |
2024-07-01 |
Linux Kernel ksmbd Session Key Exchange Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-228 |
ZDI-CAN-21541 |
Linux |
CVE-2023-52441 |
8.6 |
2024-03-01 |
2024-07-01 |
Linux Kernel ksmbd Negotiate Request Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-227 |
ZDI-CAN-21506 |
Linux |
CVE-2023-52442 |
9.3 |
2024-03-01 |
2024-07-01 |
Linux Kernel ksmbd Chained Request Improper Input Validation Information Disclosure Vulnerability |
| ZDI-24-226 |
ZDI-CAN-22934 |
Kofax |
CVE-2024-27346 |
3.3 |
2024-03-01 |
2024-07-01 |
Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-225 |
ZDI-CAN-22932 |
Kofax |
CVE-2024-27345 |
3.3 |
2024-03-01 |
2024-07-01 |
Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-224 |
ZDI-CAN-22931 |
Kofax |
CVE-2024-27344 |
7.8 |
2024-03-01 |
2024-07-01 |
Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-223 |
ZDI-CAN-22929 |
Kofax |
CVE-2024-27343 |
3.3 |
2024-03-01 |
2024-07-01 |
Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-222 |
ZDI-CAN-22928 |
Kofax |
CVE-2024-27342 |
7.8 |
2024-03-01 |
2024-07-01 |
Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-221 |
ZDI-CAN-22927 |
Kofax |
CVE-2024-27341 |
7.8 |
2024-03-01 |
2024-07-01 |
Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-220 |
ZDI-CAN-22926 |
Kofax |
CVE-2024-27340 |
7.8 |
2024-03-01 |
2024-07-01 |
Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-219 |
ZDI-CAN-22588 |
Kofax |
CVE-2024-27338 |
7.8 |
2024-03-01 |
2024-07-01 |
Kofax Power PDF app response Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-218 |
ZDI-CAN-22022 |
Kofax |
CVE-2024-27336 |
3.3 |
2024-03-01 |
2024-07-01 |
Kofax Power PDF PNG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-217 |
ZDI-CAN-22018 |
Kofax |
CVE-2024-27335 |
7.8 |
2024-03-01 |
2024-07-01 |
Kofax Power PDF PNG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-216 |
ZDI-CAN-21976 |
Kofax |
CVE-2024-27333 |
3.3 |
2024-03-01 |
2024-07-01 |
Kofax Power PDF GIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-215 |
ZDI-CAN-22955 |
SolarWinds |
CVE-2024-0692 |
9.8 |
2024-03-01 |
2024-07-01 |
SolarWinds Security Event Manager AMF Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-214 |
ZDI-CAN-21775 |
NI |
CVE-2024-1156 |
7.8 |
2024-02-28 |
2024-07-01 |
NI FlexLogger RabbitMQ Incorrect Permission Assignment Local Privilege Escalation Vulnerability |
| ZDI-24-213 |
ZDI-CAN-21773 |
NI |
CVE-2024-1155 |
7.8 |
2024-02-28 |
2024-07-01 |
NI FlexLogger userservices Missing Authorization Local Privilege Escalation Vulnerability |
| ZDI-24-212 |
ZDI-CAN-21939 |
NI |
CVE-2024-1155 |
7.8 |
2024-02-28 |
2024-07-01 |
NI FlexLogger TagHistorian Missing Authorization Local Privilege Escalation Vulnerability |
| ZDI-24-211 |
ZDI-CAN-21938 |
NI |
CVE-2024-1155 |
7.8 |
2024-02-28 |
2024-07-01 |
NI FlexLogger DocumentManager Missing Authorization Local Privilege Escalation Vulnerability |
| ZDI-24-210 |
ZDI-CAN-21941 |
NI |
CVE-2024-1155 |
7.8 |
2024-02-28 |
2024-07-01 |
NI FlexLogger SkylineService Missing Authorization Local Privilege Escalation Vulnerability |
| ZDI-24-209 |
ZDI-CAN-21772 |
NI |
CVE-2024-1155 |
7.8 |
2024-02-28 |
2024-07-01 |
NI FlexLogger ServiceRegistry Missing Authorization Local Privilege Escalation Vulnerability |
| ZDI-24-208 |
ZDI-CAN-23012 |
Microsoft |
|
9.8 |
2024-02-26 |
2024-07-01 |
Microsoft Azure MCR VSTS CLI vstscli Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-24-207 |
ZDI-CAN-22261 |
Apple |
CVE-2023-42902 |
8.8 |
2024-02-26 |
2024-07-01 |
Apple macOS VideoToolbox Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-206 |
ZDI-CAN-21769 |
Apple |
CVE-2023-42888 |
3.3 |
2024-02-26 |
2024-07-01 |
Apple macOS ImageIO MPO Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-205 |
ZDI-CAN-22277 |
PDF-XChange |
CVE-2024-27327 |
7.8 |
2024-02-23 |
2024-07-01 |
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-204 |
ZDI-CAN-22276 |
PDF-XChange |
CVE-2024-27326 |
3.3 |
2024-02-23 |
2024-07-01 |
PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-203 |
ZDI-CAN-22275 |
PDF-XChange |
CVE-2024-27325 |
3.3 |
2024-02-23 |
2024-07-01 |
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-202 |
ZDI-CAN-22280 |
PDF-XChange |
CVE-2024-27328 |
3.3 |
2024-02-23 |
2024-07-01 |
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-201 |
ZDI-CAN-22287 |
PDF-XChange |
CVE-2024-27331 |
3.3 |
2024-02-23 |
2024-07-01 |
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-200 |
ZDI-CAN-22285 |
PDF-XChange |
CVE-2024-27329 |
3.3 |
2024-02-23 |
2024-07-01 |
PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-199 |
ZDI-CAN-22286 |
PDF-XChange |
CVE-2024-27330 |
3.3 |
2024-02-23 |
2024-07-01 |
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-198 |
ZDI-CAN-22224 |
PDF-XChange |
CVE-2024-27323 |
7.5 |
2024-02-23 |
2024-07-01 |
PDF-XChange Editor Updater Improper Certificate Validation Remote Code Execution Vulnerability |
| ZDI-24-197 |
ZDI-CAN-22288 |
PDF-XChange |
CVE-2024-27332 |
3.3 |
2024-02-23 |
2024-07-01 |
PDF-XChange Editor JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-196 |
ZDI-CAN-22270 |
PDF-XChange |
CVE-2024-27324 |
3.3 |
2024-02-23 |
2024-07-01 |
PDF-XChange Editor TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-195 |
ZDI-CAN-22991 |
Linux |
CVE-2024-26592 |
9.0 |
2024-02-23 |
2024-07-01 |
Linux Kernel ksmbd TCP Connection Race Condition Remote Code Execution Vulnerability |
| ZDI-24-194 |
ZDI-CAN-22890 |
Linux |
CVE-2024-26594 |
9.3 |
2024-02-23 |
2024-07-01 |
Linux Kernel ksmbd Mech Token Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-193 |
ZDI-CAN-21539 |
Sante |
CVE-2024-1863 |
9.8 |
2024-02-23 |
2024-07-01 |
Sante PACS Server Token Endpoint SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-192 |
ZDI-CAN-22161 |
Schneider Electric |
CVE-2024-0865 |
7.8 |
2024-02-21 |
2024-07-01 |
Schneider Electric EcoStruxure IT Gateway Hard-Coded Credentials Local Privilege Escalation Vulnerability |
| ZDI-24-191 |
ZDI-CAN-22087 |
Schneider Electric |
CVE-2024-0865 |
7.0 |
2024-02-21 |
2024-07-01 |
Schneider Electric EcoStruxure IT Gateway Hard-Coded Credentials Local Privilege Escalation Vulnerability |
| ZDI-24-190 |
ZDI-CAN-18983 |
Trimble |
|
7.8 |
2024-02-21 |
2024-07-01 |
Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-189 |
ZDI-CAN-18984 |
Trimble |
|
3.3 |
2024-02-21 |
2024-07-01 |
Trimble SketchUp SKP File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-24-188 |
ZDI-CAN-19114 |
Trimble |
|
7.8 |
2024-02-21 |
2024-07-01 |
Trimble SketchUp SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-187 |
ZDI-CAN-19112 |
Trimble |
|
7.8 |
2024-02-21 |
2024-07-01 |
Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-186 |
ZDI-CAN-19115 |
Trimble |
|
7.8 |
2024-02-21 |
2024-07-01 |
Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-185 |
ZDI-CAN-22029 |
Inductive Automation |
CVE-2023-50233 |
8.8 |
2024-02-21 |
2024-07-01 |
Inductive Automation Ignition getJavaExecutable Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-184 |
ZDI-CAN-22028 |
Inductive Automation |
CVE-2023-50232 |
8.8 |
2024-02-21 |
2024-07-01 |
Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability |
| ZDI-24-183 |
ZDI-CAN-23030 |
Apache |
CVE-2024-23946 |
5.3 |
2024-02-21 |
2024-07-01 |
Apache OFBiz createRegister Error Message Information Disclosure Vulnerability |
| ZDI-24-182 |
ZDI-CAN-22323 |
ESET |
CVE-2024-0353 |
7.8 |
2024-02-15 |
2024-07-01 |
ESET Smart Security Premium ekrn Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-181 |
ZDI-CAN-22060 |
Siemens |
CVE-2024-24925 |
7.8 |
2024-02-15 |
2024-07-01 |
Siemens Simcenter Femap MODEL File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-24-180 |
ZDI-CAN-22059 |
Siemens |
CVE-2024-24924 |
7.8 |
2024-02-15 |
2024-07-01 |
Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-179 |
ZDI-CAN-22055 |
Siemens |
CVE-2024-24923 |
7.8 |
2024-02-15 |
2024-07-01 |
Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-24-178 |
ZDI-CAN-21715 |
Siemens |
CVE-2024-24922 |
7.8 |
2024-02-15 |
2024-07-01 |
Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-177 |
ZDI-CAN-21712 |
Siemens |
CVE-2024-24921 |
7.8 |
2024-02-15 |
2024-07-01 |
Siemens Simcenter Femap MODEL File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-176 |
ZDI-CAN-21710 |
Siemens |
CVE-2024-24920 |
7.8 |
2024-02-15 |
2024-07-01 |
Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-175 |
ZDI-CAN-22783 |
Siemens |
CVE-2024-23798 |
7.8 |
2024-02-15 |
2024-07-01 |
Siemens Tecnomatix Plant Simulation WRL File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-174 |
ZDI-CAN-22763 |
Siemens |
CVE-2024-23797 |
7.8 |
2024-02-15 |
2024-07-01 |
Siemens Tecnomatix Plant Simulation WRL File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-173 |
ZDI-CAN-22759 |
Siemens |
CVE-2024-23796 |
7.8 |
2024-02-15 |
2024-07-01 |
Siemens Tecnomatix Plant Simulation WRL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-172 |
ZDI-CAN-22758 |
Siemens |
CVE-2024-23795 |
7.0 |
2024-02-15 |
2024-07-01 |
Siemens Tecnomatix Plant Simulation WRL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-171 |
ZDI-CAN-21894 |
SolarWinds |
CVE-2023-50395 |
8.8 |
2024-02-15 |
2024-07-01 |
SolarWinds Orion Platform AppendUpdate SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-170 |
ZDI-CAN-21895 |
SolarWinds |
CVE-2023-35188 |
8.8 |
2024-02-15 |
2024-07-01 |
SolarWinds Orion Platform AppendCreatePrimary SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-169 |
ZDI-CAN-22647 |
Adobe |
CVE-2024-20739 |
7.8 |
2024-02-13 |
2024-07-01 |
Adobe Audition AVI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-168 |
ZDI-CAN-22727 |
Adobe |
CVE-2024-20728 |
7.8 |
2024-02-13 |
2024-07-01 |
Adobe Acrobat Pro DC Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-167 |
ZDI-CAN-22516 |
Adobe |
CVE-2024-20734 |
3.3 |
2024-02-13 |
2024-07-01 |
Adobe Acrobat Pro DC AcroForm Use-After-Free Information Disclosure Vulnerability |
| ZDI-24-166 |
ZDI-CAN-22822 |
Adobe |
CVE-2024-20736 |
3.3 |
2024-02-13 |
2024-07-01 |
Adobe Acrobat Pro DC AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-165 |
ZDI-CAN-23100 |
Microsoft |
CVE-2024-21412 |
8.8 |
2024-02-13 |
2024-07-01 |
Microsoft Windows Internet Shortcut SmartScreen Bypass Vulnerability |
| ZDI-24-164 |
ZDI-CAN-21970 |
Microsoft |
CVE-2024-21379 |
7.8 |
2024-02-13 |
2024-07-01 |
Microsoft Office Word PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-163 |
ZDI-CAN-20875 |
Autodesk |
CVE-2024-0446 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-162 |
ZDI-CAN-20874 |
Autodesk |
|
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD X_T File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-24-161 |
ZDI-CAN-20873 |
Autodesk |
CVE-2024-23123 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-160 |
ZDI-CAN-20879 |
Autodesk |
CVE-2024-23136 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-24-159 |
ZDI-CAN-20880 |
Autodesk |
CVE-2024-23135 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD SLDPRT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-158 |
ZDI-CAN-20962 |
Autodesk |
CVE-2024-23134 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD IGES File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-157 |
ZDI-CAN-20961 |
Autodesk |
CVE-2024-23129 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-156 |
ZDI-CAN-20960 |
Autodesk |
CVE-2024-23129 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-155 |
ZDI-CAN-20959 |
Autodesk |
CVE-2024-23134 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD IGS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-154 |
ZDI-CAN-20958 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-153 |
ZDI-CAN-20957 |
Autodesk |
CVE-2024-23129 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-152 |
ZDI-CAN-20956 |
Autodesk |
CVE-2024-23132 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-151 |
ZDI-CAN-20955 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-150 |
ZDI-CAN-20954 |
Autodesk |
CVE-2024-23127 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD SLDPRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-149 |
ZDI-CAN-20953 |
Autodesk |
CVE-2024-23127 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD SLDASM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-148 |
ZDI-CAN-20952 |
Autodesk |
CVE-2024-23127 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD 3DM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-147 |
ZDI-CAN-20951 |
Autodesk |
CVE-2024-23126 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD CATPART File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-146 |
ZDI-CAN-20950 |
Autodesk |
CVE-2024-0446 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-145 |
ZDI-CAN-20948 |
Autodesk |
CVE-2024-23127 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD SLDASM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-144 |
ZDI-CAN-20947 |
Autodesk |
CVE-2024-23122 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-143 |
ZDI-CAN-20946 |
Autodesk |
CVE-2024-23121 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-142 |
ZDI-CAN-20945 |
Autodesk |
CVE-2024-23137 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD SLDPRT File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-24-141 |
ZDI-CAN-20905 |
Autodesk |
CVE-2024-23124 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-140 |
ZDI-CAN-20885 |
Autodesk |
CVE-2024-23127 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-139 |
ZDI-CAN-20863 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-138 |
ZDI-CAN-20862 |
Autodesk |
CVE-2024-23130 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-137 |
ZDI-CAN-20861 |
Autodesk |
CVE-2024-23129 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD SLDASM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-136 |
ZDI-CAN-20860 |
Autodesk |
CVE-2024-23128 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-135 |
ZDI-CAN-20900 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-134 |
ZDI-CAN-20899 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-133 |
ZDI-CAN-20898 |
Autodesk |
CVE-2024-23130 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD SLDPRT File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-132 |
ZDI-CAN-20896 |
Autodesk |
CVE-2024-23129 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-131 |
ZDI-CAN-20895 |
Autodesk |
CVE-2024-23123 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-130 |
ZDI-CAN-20894 |
Autodesk |
CVE-2024-23131 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD STEP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-129 |
ZDI-CAN-20893 |
Autodesk |
CVE-2024-23128 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-128 |
ZDI-CAN-20859 |
Autodesk |
CVE-2024-23127 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-127 |
ZDI-CAN-20858 |
Autodesk |
CVE-2024-23125 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD SLDPRT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-126 |
ZDI-CAN-20878 |
Autodesk |
CVE-2024-23120 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-125 |
ZDI-CAN-20876 |
Autodesk |
CVE-2024-0446 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-124 |
ZDI-CAN-20877 |
Autodesk |
CVE-2024-0446 |
7.8 |
2024-02-12 |
2024-07-01 |
Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-123 |
ZDI-CAN-22664 |
X.Org |
CVE-2023-6816 |
7.8 |
2024-02-09 |
2024-07-01 |
X.Org Server DeviceFocusEvent Improper Validation of Array Index Local Privilege Escalation Vulnerability |
| ZDI-24-122 |
ZDI-CAN-22665 |
X.Org |
CVE-2023-6816 |
7.8 |
2024-02-09 |
2024-07-01 |
X.Org Server XIQueryPointer Improper Validation of Array Index Local Privilege Escalation Vulnerability |
| ZDI-24-121 |
ZDI-CAN-22678 |
X.Org |
CVE-2024-0229 |
7.8 |
2024-02-09 |
2024-07-01 |
X.Org Server DeliverStateNotifyEvent Heap-based Buffer Overflow Local Privilege Escalation Vulnerability |
| ZDI-24-120 |
ZDI-CAN-22744 |
X.Org |
CVE-2024-21885 |
7.8 |
2024-02-09 |
2024-07-01 |
X.Org Server XISendDeviceHierarchyEvent Heap-based Buffer Overflow Local Privilege Escalation Vulnerability |
| ZDI-24-119 |
ZDI-CAN-22840 |
X.Org |
CVE-2024-21886 |
7.8 |
2024-02-09 |
2024-07-01 |
X.Org Server DisableDevice Heap-based Buffer Overflow Local Privilege Escalation Vulnerability |
| ZDI-24-118 |
ZDI-CAN-22294 |
Centreon |
CVE-2024-0637 |
8.8 |
2024-02-09 |
2024-07-01 |
Centreon updateDirectory SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-117 |
ZDI-CAN-22295 |
Centreon |
CVE-2024-23115 |
7.2 |
2024-02-09 |
2024-07-01 |
Centreon updateGroups SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-116 |
ZDI-CAN-22296 |
Centreon |
CVE-2024-23116 |
7.2 |
2024-02-09 |
2024-07-01 |
Centreon updateLCARelation SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-115 |
ZDI-CAN-22297 |
Centreon |
CVE-2024-23117 |
7.2 |
2024-02-09 |
2024-07-01 |
Centreon updateContactServiceCommands SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-114 |
ZDI-CAN-22298 |
Centreon |
CVE-2024-23118 |
7.2 |
2024-02-09 |
2024-07-01 |
Centreon updateContactHostCommands SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-113 |
ZDI-CAN-22339 |
Centreon |
CVE-2024-23119 |
8.8 |
2024-02-09 |
2024-07-01 |
Centreon insertGraphTemplate SQL Injection Remote Code Execution Vulnerability |
| ZDI-24-112 |
ZDI-CAN-22507 |
Allegra |
CVE-2023-52334 |
7.5 |
2024-02-09 |
2024-07-01 |
Allegra downloadAttachmentGlobal Directory Traversal Information Disclosure Vulnerability |
| ZDI-24-111 |
ZDI-CAN-22360 |
Allegra |
CVE-2023-51638 |
9.8 |
2024-02-09 |
2024-07-01 |
Allegra Hard-coded Credentials Authentication Bypass Vulnerability |
| ZDI-24-110 |
ZDI-CAN-22361 |
Allegra |
CVE-2023-51639 |
9.8 |
2024-02-09 |
2024-07-01 |
Allegra downloadExportedChart Directory Traversal Authentication Bypass Vulnerability |
| ZDI-24-109 |
ZDI-CAN-22527 |
Allegra |
CVE-2023-51646 |
7.2 |
2024-02-09 |
2024-07-01 |
Allegra uploadSimpleFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-108 |
ZDI-CAN-22528 |
Allegra |
CVE-2023-51647 |
7.2 |
2024-02-09 |
2024-07-01 |
Allegra saveInlineEdit Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-107 |
ZDI-CAN-22504 |
Allegra |
CVE-2023-51640 |
7.2 |
2024-02-09 |
2024-07-01 |
Allegra extarctZippedFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-106 |
ZDI-CAN-22505 |
Allegra |
CVE-2023-51641 |
9.8 |
2024-02-09 |
2024-07-01 |
Allegra renderFieldMatch Deserialization of Unstrusted Data Remote Code Execution Vulnerability |
| ZDI-24-105 |
ZDI-CAN-22506 |
Allegra |
CVE-2023-51642 |
9.8 |
2024-02-09 |
2024-07-01 |
Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-104 |
ZDI-CAN-22548 |
Allegra |
CVE-2023-52333 |
9.8 |
2024-02-09 |
2024-07-01 |
Allegra saveFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-103 |
ZDI-CAN-22510 |
Allegra |
CVE-2023-51643 |
7.2 |
2024-02-09 |
2024-07-01 |
Allegra uploadFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-102 |
ZDI-CAN-22512 |
Allegra |
CVE-2023-51644 |
9.8 |
2024-02-09 |
2024-07-01 |
Allegra SiteConfigAction Improper Access Control Remote Code Execution Vulnerability |
| ZDI-24-101 |
ZDI-CAN-22513 |
Allegra |
CVE-2023-51645 |
7.2 |
2024-02-09 |
2024-07-01 |
Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-24-100 |
ZDI-CAN-22532 |
Allegra |
CVE-2023-52332 |
7.5 |
2024-02-09 |
2024-07-01 |
Allegra serveMathJaxLibraries Directory Traversal Information Disclosure Vulnerability |
| ZDI-24-099 |
ZDI-CAN-22530 |
Allegra |
CVE-2023-51648 |
7.5 |
2024-02-09 |
2024-07-01 |
Allegra getFileContentAsString Directory Traversal Information Disclosure Vulnerability |
| ZDI-24-098 |
ZDI-CAN-21065 |
Schneider Electric |
CVE-2023-7032 |
7.8 |
2024-02-08 |
2024-07-01 |
Schneider Electric Easergy Studio InitializeChannel Deserialization of Untrusted Data Local Privilege Escalation Vulnerability |
| ZDI-24-097 |
ZDI-CAN-22015 |
Wazuh |
CVE-2023-42463 |
7.4 |
2024-02-08 |
2024-07-01 |
Wazuh Log Collector Integer Underflow Local Privilege Escalation Vulnerability |
| ZDI-24-096 |
ZDI-CAN-21848 |
Oracle |
CVE-2024-20953 |
8.8 |
2024-02-06 |
2024-07-01 |
Oracle Product Lifecycle Management ExportServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-095 |
ZDI-CAN-22658 |
Canon |
CVE-2024-0244 |
8.8 |
2024-02-06 |
2024-07-01 |
Canon imageCLASS MF753Cdw Fax Job Heap-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-094 |
ZDI-CAN-22533 |
Canon |
CVE-2023-6234 |
8.8 |
2024-02-06 |
2024-07-01 |
(Pwn2Own) Canon imageCLASS MF753Cdw CADM setResource Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-093 |
ZDI-CAN-22389 |
Canon |
CVE-2023-6233 |
8.8 |
2024-02-06 |
2024-07-01 |
(Pwn2Own) Canon imageCLASS MF753Cdw SLP service-url Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-092 |
ZDI-CAN-22386 |
Canon |
CVE-2023-6232 |
8.8 |
2024-02-06 |
2024-07-01 |
(Pwn2Own) Canon imageCLASS MF753Cdw rls-login Authorization Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-091 |
ZDI-CAN-22381 |
Canon |
CVE-2023-6231 |
8.8 |
2024-02-06 |
2024-07-01 |
(Pwn2Own) Canon imageCLASS MF753Cdw Probe message Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-090 |
ZDI-CAN-22391 |
Canon |
CVE-2023-6230 |
8.8 |
2024-02-06 |
2024-07-01 |
(Pwn2Own) Canon imageCLASS MF753Cdw rls-login Authorization Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-089 |
ZDI-CAN-22403 |
Canon |
CVE-2023-6229 |
8.8 |
2024-02-06 |
2024-07-01 |
(Pwn2Own) Canon imageCLASS MF753Cdw CADM rmSetFileName Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-088 |
ZDI-CAN-22440 |
Western Digital |
CVE-2023-22819 |
5.3 |
2024-02-06 |
2024-07-01 |
(Pwn2Own) Western Digital MyCloud PR4100 RESTSDK Uncontrolled Resource Consumption Denial-of-Service Vulnerability |
| ZDI-24-087 |
ZDI-CAN-22456 |
Western Digital |
CVE-2023-22817 |
6.3 |
2024-02-06 |
2024-07-01 |
(Pwn2Own) Western Digital MyCloud PR4100 RESTSDK Server-Side Request Forgery Vulnerability |
| ZDI-24-086 |
ZDI-CAN-22227 |
TP-Link |
CVE-2024-1180 |
6.8 |
2024-02-05 |
2024-07-01 |
TP-Link Omada ER605 Access Control Command Injection Remote Code Execution Vulnerability |
| ZDI-24-085 |
ZDI-CAN-22420 |
TP-Link |
CVE-2024-1179 |
7.5 |
2024-02-05 |
2024-07-01 |
(Pwn2Own) TP-Link Omada ER605 DHCPv6 Client Options Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-084 |
ZDI-CAN-22520 |
Lexmark |
CVE-2023-50737 |
8.8 |
2024-01-31 |
2024-07-01 |
(Pwn2Own) Lexmark CX331adwe Missing Authentication Remote Code Execution Vulnerability |
| ZDI-24-083 |
ZDI-CAN-22445 |
Lexmark |
CVE-2023-50736 |
8.8 |
2024-01-31 |
2024-07-01 |
(Pwn2Own) Lexmark CX331adwe PostScript File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-082 |
ZDI-CAN-22443 |
Lexmark |
CVE-2023-50735 |
7.5 |
2024-01-31 |
2024-07-01 |
(Pwn2Own) Lexmark CX331adwe PDF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-24-081 |
ZDI-CAN-22380 |
Lexmark |
CVE-2023-50734 |
8.8 |
2024-01-31 |
2024-07-01 |
(Pwn2Own) Lexmark CX331adwe make42charstring Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-080 |
ZDI-CAN-20806 |
Trend Micro |
CVE-2023-41178 |
6.3 |
2024-01-19 |
2024-07-01 |
Trend Micro Mobile Security for Enterprises vpplist_assign_list Cross-Site Scripting Vulnerability |
| ZDI-24-079 |
ZDI-CAN-20805 |
Trend Micro |
CVE-2023-41177 |
6.3 |
2024-01-19 |
2024-07-01 |
Trend Micro Mobile Security for Enterprises ServerUpdate_UpdateSuccessful Cross-Site Scripting Vulnerability |
| ZDI-24-078 |
ZDI-CAN-20804 |
Trend Micro |
CVE-2023-41176 |
6.3 |
2024-01-19 |
2024-07-01 |
Trend Micro Mobile Security for Enterprises DevicesManagementEditNotePopupTip Cross-Site Scripting Vulnerability |
| ZDI-24-077 |
ZDI-CAN-20803 |
Trend Micro |
CVE-2023-52324 |
6.5 |
2024-01-19 |
2024-07-01 |
Trend Micro Apex Central Unrestricted File Upload Vulnerability |
| ZDI-24-076 |
ZDI-CAN-21780 |
Trend Micro |
CVE-2023-52338 |
7.8 |
2024-01-19 |
2024-07-01 |
Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-075 |
ZDI-CAN-16568 |
Trend Micro |
CVE-2023-52337 |
7.8 |
2024-01-19 |
2024-07-01 |
Trend Micro Deep Security Improper Access Control Local Privilege Escalation Vulnerability |
| ZDI-24-074 |
ZDI-CAN-18868 |
Trend Micro |
CVE-2023-52329 |
6.1 |
2024-01-18 |
2024-07-01 |
Trend Micro Apex Central Cross-Site Scripting Remote Code Execution Vulnerability |
| ZDI-24-073 |
ZDI-CAN-21182 |
Paessler |
CVE-2023-51630 |
8.8 |
2024-01-15 |
2024-07-01 |
Paessler PRTG Network Monitor Cross-Site Scripting Authentication Bypass Vulnerability |
| ZDI-24-072 |
ZDI-CAN-19708 |
Synology |
CVE-2024-21473 |
7.5 |
2024-01-15 |
2024-07-01 |
Synology RT6600ax Qualcomm LDB Service Improper Input Validation Remote Code Execution Vulnerability |
| ZDI-24-071 |
ZDI-CAN-22643 |
Ivanti |
CVE-2023-46804 |
7.5 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Integer Underflow Denial-of-Service Vulnerability |
| ZDI-24-070 |
ZDI-CAN-22582 |
Ivanti |
CVE-2023-46223 |
9.8 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-069 |
ZDI-CAN-22581 |
Ivanti |
CVE-2023-46222 |
9.8 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-068 |
ZDI-CAN-22580 |
Ivanti |
CVE-2023-46221 |
9.8 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-067 |
ZDI-CAN-22544 |
Ivanti |
CVE-2023-46803 |
7.5 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Divide By Zero Denial-of-Service Vulnerability |
| ZDI-24-066 |
ZDI-CAN-22553 |
Ivanti |
CVE-2023-46220 |
9.8 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-065 |
ZDI-CAN-22586 |
Ivanti |
CVE-2023-46258 |
9.8 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-064 |
ZDI-CAN-22585 |
Ivanti |
CVE-2023-46257 |
9.8 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-063 |
ZDI-CAN-22584 |
Ivanti |
CVE-2023-46225 |
9.8 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-062 |
ZDI-CAN-22583 |
Ivanti |
CVE-2023-46224 |
9.8 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-061 |
ZDI-CAN-21972 |
Ivanti |
CVE-2023-46259 |
9.8 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService TV_FC Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-060 |
ZDI-CAN-21992 |
Ivanti |
CVE-2023-46260 |
7.5 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLAvalancheService TV_NL Null Pointer Dereference Denial-of-Service Vulnerability |
| ZDI-24-059 |
ZDI-CAN-22000 |
Ivanti |
CVE-2023-46261 |
9.8 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche WLInfoRailService Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-058 |
ZDI-CAN-21953 |
Ivanti |
CVE-2021-22962 |
7.3 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche SecureFilter allowPassThrough Authentication Bypass Vulnerability |
| ZDI-24-057 |
ZDI-CAN-21943 |
Ivanti |
CVE-2023-46266 |
7.3 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche SecureFilter Content-Type Authentication Bypass Vulnerability |
| ZDI-24-056 |
ZDI-CAN-21952 |
Ivanti |
CVE-2023-46263 |
7.2 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche FileStoreConfig Arbitrary File Upload Remote Code Execution Vulnerability |
| ZDI-24-055 |
ZDI-CAN-22001 |
Ivanti |
CVE-2023-46264 |
7.2 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche FileStoreConfig Arbitrary File Upload Remote Code Execution Vulnerability |
| ZDI-24-054 |
ZDI-CAN-21458 |
Ivanti |
CVE-2023-46265 |
6.5 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche decode XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-24-053 |
ZDI-CAN-21406 |
Ivanti |
CVE-2023-46262 |
7.5 |
2024-01-11 |
2024-07-01 |
Ivanti Avalanche validateAMCWSConnection Server-Side Request Forgery Information Disclosure Vulnerability |
| ZDI-24-052 |
ZDI-CAN-21888 |
Trend Micro |
CVE-2023-52331 |
9.1 |
2024-01-11 |
2024-07-01 |
Trend Micro Apex Central modVulnerabilityProtect Server-Side Request Forgery Information Disclosure Vulnerability |
| ZDI-24-051 |
ZDI-CAN-21447 |
Trend Micro |
CVE-2023-52330 |
5.4 |
2024-01-11 |
2024-07-01 |
Trend Micro Apex Central Cross-Site Scripting Privilege Escalation Vulnerability |
| ZDI-24-050 |
ZDI-CAN-21675 |
D-Link |
CVE-2023-51631 |
6.8 |
2024-01-11 |
2024-07-01 |
D-Link DIR-X3260 prog.cgi SetUsersSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-049 |
ZDI-CAN-21492 |
D-Link |
CVE-2023-51629 |
6.3 |
2024-01-11 |
2024-07-01 |
D-Link DCS-8300LHV2 ONVIF Hardcoded PIN Authentication Bypass Vulnerability |
| ZDI-24-048 |
ZDI-CAN-21322 |
D-Link |
CVE-2023-51628 |
8.0 |
2024-01-11 |
2024-07-01 |
D-Link DCS-8300LHV2 ONVIF SetHostName Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-047 |
ZDI-CAN-21321 |
D-Link |
CVE-2023-51627 |
8.0 |
2024-01-11 |
2024-07-01 |
D-Link DCS-8300LHV2 ONVIF Duration Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-046 |
ZDI-CAN-21320 |
D-Link |
CVE-2023-51626 |
8.8 |
2024-01-11 |
2024-07-01 |
D-Link DCS-8300LHV2 RTSP ValidateAuthorizationHeader Username Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-045 |
ZDI-CAN-21319 |
D-Link |
CVE-2023-51625 |
8.0 |
2024-01-11 |
2024-07-01 |
D-Link DCS-8300LHV2 ONVIF SetSystemDateAndTime Command Injection Remote Code Execution Vulnerability |
| ZDI-24-044 |
ZDI-CAN-20072 |
D-Link |
CVE-2023-51624 |
8.8 |
2024-01-11 |
2024-07-01 |
D-Link DCS-8300LHV2 RTSP ValidateAuthorizationHeader Nonce Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-043 |
ZDI-CAN-21673 |
D-Link |
CVE-2023-51623 |
6.8 |
2024-01-11 |
2024-07-01 |
D-Link DIR-X3260 prog.cgi SetAPClientSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-042 |
ZDI-CAN-21672 |
D-Link |
CVE-2023-51622 |
6.8 |
2024-01-11 |
2024-07-01 |
D-Link DIR-X3260 prog.cgi SetTriggerPPPoEValidate Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-041 |
ZDI-CAN-21670 |
D-Link |
CVE-2023-51621 |
6.8 |
2024-01-11 |
2024-07-01 |
D-Link DIR-X3260 prog.cgi SetDeviceSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-040 |
ZDI-CAN-21669 |
D-Link |
CVE-2023-51620 |
6.8 |
2024-01-11 |
2024-07-01 |
D-Link DIR-X3260 prog.cgi SetIPv6PppoeSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-039 |
ZDI-CAN-21667 |
D-Link |
CVE-2023-51619 |
6.8 |
2024-01-11 |
2024-07-01 |
D-Link DIR-X3260 prog.cgi SetMyDLinkRegistration Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-038 |
ZDI-CAN-21595 |
D-Link |
CVE-2023-51618 |
6.8 |
2024-01-11 |
2024-07-01 |
D-Link DIR-X3260 prog.cgi SetWLanRadioSecurity Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-037 |
ZDI-CAN-21594 |
D-Link |
CVE-2023-51617 |
6.8 |
2024-01-11 |
2024-07-01 |
D-Link DIR-X3260 prog.cgi SetWanSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-036 |
ZDI-CAN-21593 |
D-Link |
CVE-2023-51616 |
6.8 |
2024-01-11 |
2024-07-01 |
D-Link DIR-X3260 prog.cgi SetSysEmailSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-035 |
ZDI-CAN-21592 |
D-Link |
CVE-2023-51615 |
6.8 |
2024-01-11 |
2024-07-01 |
D-Link DIR-X3260 prog.cgi SetQuickVPNSettings PSK Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-034 |
ZDI-CAN-21591 |
D-Link |
CVE-2023-51614 |
6.8 |
2024-01-11 |
2024-07-01 |
D-Link DIR-X3260 prog.cgi SetQuickVPNSettings Password Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-033 |
ZDI-CAN-21590 |
D-Link |
CVE-2023-51613 |
6.8 |
2024-01-11 |
2024-07-01 |
D-Link DIR-X3260 prog.cgi SetDynamicDNSSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-032 |
ZDI-CAN-22109 |
Foxit |
|
7.8 |
2024-01-10 |
2024-07-01 |
Foxit PDF Reader Doc Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-031 |
ZDI-CAN-22126 |
Microsoft |
CVE-2024-21310 |
7.8 |
2024-01-10 |
2024-07-01 |
Microsoft Windows cldflt Integer Overflow Local Privilege Escalation Vulnerability |
| ZDI-24-030 |
ZDI-CAN-21445 |
Microsoft |
CVE-2024-20677 |
7.8 |
2024-01-10 |
2024-07-01 |
Microsoft Office Word FBX File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-029 |
ZDI-CAN-21860 |
Trend Micro |
CVE-2023-52093 |
7.8 |
2024-01-10 |
2024-07-01 |
Trend Micro Apex One Exposed Dangerous Function Local Privilege Escalation Vulnerability |
| ZDI-24-028 |
ZDI-CAN-21896 |
Trend Micro |
CVE-2023-52094 |
7.0 |
2024-01-10 |
2024-07-01 |
Trend Micro Apex One Security Agent Updater Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-027 |
ZDI-CAN-21522 |
Trend Micro |
CVE-2023-52091 |
7.8 |
2024-01-10 |
2024-07-01 |
Trend Micro Apex One Anti-Spyware Engine Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-026 |
ZDI-CAN-21425 |
Trend Micro |
CVE-2023-52090 |
7.8 |
2024-01-10 |
2024-07-01 |
Trend Micro Apex One Virus Scan Engine Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-025 |
ZDI-CAN-21346 |
Trend Micro |
CVE-2023-52092 |
7.8 |
2024-01-10 |
2024-07-01 |
Trend Micro Apex One Link Following Local Privilege Escalation Vulnerability |
| ZDI-24-024 |
ZDI-CAN-21327 |
Trend Micro |
CVE-2023-52325 |
7.5 |
2024-01-10 |
2024-07-01 |
Trend Micro Apex Central widget WFProxy Local File Inclusion Remote Code Execution Vulnerability |
| ZDI-24-023 |
ZDI-CAN-18873 |
Trend Micro |
CVE-2023-52326 |
6.1 |
2024-01-16 |
2024-07-01 |
Trend Micro Apex Central Cross-Site Scripting Remote Code Execution Vulnerability |
| ZDI-24-022 |
ZDI-CAN-18869 |
Trend Micro |
CVE-2023-52327 |
6.1 |
2024-01-16 |
2024-07-01 |
Trend Micro Apex Central Cross-Site Scripting Remote Code Execution Vulnerability |
| ZDI-24-021 |
ZDI-CAN-18870 |
Trend Micro |
CVE-2023-52328 |
6.1 |
2024-01-16 |
2024-07-01 |
Trend Micro Apex Central Cross-Site Scripting Remote Code Execution Vulnerability |
| ZDI-24-020 |
ZDI-CAN-20527 |
Linux |
CVE-2023-6546 |
8.8 |
2024-01-09 |
2024-07-01 |
Linux Kernel GSM Multiplexing Race Condition Local Privilege Escalation Vulnerability |
| ZDI-24-019 |
ZDI-CAN-19067 |
Bentley |
CVE-2023-44430 |
7.8 |
2024-01-08 |
2024-07-01 |
Bentley View SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-018 |
ZDI-CAN-22127 |
Inductive Automation |
CVE-2023-50223 |
8.8 |
2024-01-05 |
2024-07-01 |
Inductive Automation Ignition ExtendedDocumentCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-017 |
ZDI-CAN-22067 |
Inductive Automation |
CVE-2023-50222 |
8.8 |
2024-01-05 |
2024-07-01 |
Inductive Automation Ignition ResponseParser Notification Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-016 |
ZDI-CAN-21926 |
Inductive Automation |
CVE-2023-50221 |
8.8 |
2024-01-05 |
2024-07-01 |
Inductive Automation Ignition ResponseParser SerializedResponse Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-015 |
ZDI-CAN-21801 |
Inductive Automation |
CVE-2023-50220 |
7.2 |
2024-01-05 |
2024-07-01 |
Inductive Automation Ignition Base64Element Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-014 |
ZDI-CAN-21625 |
Inductive Automation |
CVE-2023-50219 |
8.8 |
2024-01-05 |
2024-07-01 |
Inductive Automation Ignition RunQuery Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-24-013 |
ZDI-CAN-21016 |
oFono |
CVE-2023-4235 |
8.1 |
2024-01-04 |
2024-07-01 |
oFono SMS Decoder Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-012 |
ZDI-CAN-22153 |
X.Org |
CVE-2023-5367 |
7.8 |
2024-01-04 |
2024-07-01 |
X.Org Server ProcXIChangeProperty Heap-based Buffer Overflow Local Privilege Escalation Vulnerability |
| ZDI-24-011 |
ZDI-CAN-22412 |
X.Org |
CVE-2023-6377 |
7.8 |
2024-01-04 |
2024-07-01 |
X.Org Server RecalculateMasterButtons Out-Of-Bounds Access Local Privilege Escalation Vulnerability |
| ZDI-24-010 |
ZDI-CAN-22413 |
X.Org |
CVE-2023-6377 |
7.8 |
2024-01-04 |
2024-07-01 |
X.Org Server DeepCopyPointerClasses Out-Of-Bounds Access Local Privilege Escalation Vulnerability |
| ZDI-24-009 |
ZDI-CAN-22561 |
X.Org |
CVE-2023-6478 |
5.5 |
2024-01-04 |
2024-07-01 |
X.Org Server RRChangeOutputProperty Integer Overflow Information Disclosure Vulnerability |
| ZDI-24-008 |
ZDI-CAN-22753 |
SolarWinds |
CVE-2023-40058 |
8.6 |
2024-01-04 |
2024-07-01 |
SolarWinds Access Rights Manager Hardcoded Credentials Authentication Bypass Vulnerability |
| ZDI-24-007 |
ZDI-CAN-22016 |
Kofax |
CVE-2023-51569 |
7.8 |
2024-01-04 |
2024-07-01 |
Kofax Power PDF BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-24-006 |
ZDI-CAN-21988 |
Kofax |
CVE-2023-51567 |
3.3 |
2024-01-04 |
2024-07-01 |
Kofax Power PDF OXPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-005 |
ZDI-CAN-21990 |
Kofax |
CVE-2023-51568 |
3.3 |
2024-01-04 |
2024-07-01 |
Kofax Power PDF OXPS File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-24-004 |
ZDI-CAN-21980 |
Kofax |
CVE-2023-51566 |
7.8 |
2024-01-04 |
2024-07-01 |
Kofax Power PDF OXPS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-24-003 |
ZDI-CAN-21975 |
Kofax |
CVE-2023-51565 |
7.8 |
2024-01-04 |
2024-07-01 |
Kofax Power PDF XPS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-24-002 |
ZDI-CAN-21606 |
Kofax |
CVE-2023-51564 |
3.3 |
2024-01-04 |
2024-07-01 |
Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-24-001 |
ZDI-CAN-20573 |
Kofax |
CVE-2023-51563 |
7.8 |
2024-01-04 |
2024-07-01 |
Kofax Power PDF XPS File Parsing Use-After-Free Remote Code Execution Vulnerability |
