| ZDI-22-1299 |
ZDI-CAN-16651 |
Trend Micro |
CVE-2022-40709 |
4.4 |
Sept. 23, 2022 |
|
Trend Micro Deep Security Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1298 |
ZDI-CAN-16595 |
Trend Micro |
CVE-2022-40708 |
4.4 |
Sept. 23, 2022 |
|
Trend Micro Deep Security Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1297 |
ZDI-CAN-16594 |
Trend Micro |
CVE-2022-40707 |
4.4 |
Sept. 23, 2022 |
|
Trend Micro Deep Security Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1296 |
ZDI-CAN-15467 |
Trend Micro |
CVE-2022-40710 |
7.8 |
Sept. 23, 2022 |
|
Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-1295 |
ZDI-CAN-16749 |
Apple |
|
2.5 |
Sept. 21, 2022 |
|
Apple macOS TIFF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1294 |
ZDI-CAN-16723 |
FreeBSD |
CVE-2022-23086 |
8.2 |
Sept. 20, 2022 |
|
FreeBSD Kernel MPT Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-22-1293 |
ZDI-CAN-16722 |
FreeBSD |
CVE-2022-23086 |
8.2 |
Sept. 20, 2022 |
|
FreeBSD Kernel MPT Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-22-1292 |
ZDI-CAN-16687 |
FreeBSD |
CVE-2022-23085 |
8.2 |
Sept. 20, 2022 |
|
FreeBSD Kernel Netmap Integer Overflow Privilege Escalation Vulnerability |
| ZDI-22-1291 |
ZDI-CAN-16683 |
FreeBSD |
CVE-2022-23084 |
8.2 |
Sept. 20, 2022 |
|
FreeBSD Kernel Netmap Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-22-1290 |
ZDI-CAN-13796 |
D-Link |
CVE-2022-41140 |
8.8 |
Sept. 20, 2022 |
|
D-Link Multiple Routers lighttpd Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1289 |
ZDI-CAN-16520 |
Apple |
|
3.3 |
Sept. 19, 2022 |
|
Apple macOS vImage ICC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1288 |
ZDI-CAN-17652 |
Microsoft |
CVE-2022-35823 |
8.8 |
Sept. 19, 2022 |
|
Microsoft SharePoint Workflow Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-1287 |
ZDI-CAN-17708 |
Microsoft |
CVE-2022-37963 |
7.8 |
Sept. 19, 2022 |
|
Microsoft Office Visio EMF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-1286 |
ZDI-CAN-16894 |
Microsoft |
CVE-2022-37962 |
7.8 |
Sept. 19, 2022 |
|
Microsoft PowerPoint PPTX File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-1285 |
ZDI-CAN-17112 |
Microsoft |
CVE-2022-37955 |
7.0 |
Sept. 19, 2022 |
|
Microsoft Windows Group Policy Preference Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-1284 |
ZDI-CAN-16686 |
Microsoft |
CVE-2022-37954 |
8.8 |
Sept. 19, 2022 |
|
Microsoft Windows DirectX Graphics Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-22-1283 |
ZDI-CAN-17762 |
Adobe |
CVE-2022-38425 |
3.3 |
Sept. 19, 2022 |
|
Adobe Bridge DCM File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-1282 |
ZDI-CAN-17712 |
Adobe |
CVE-2022-35713 |
7.8 |
Sept. 19, 2022 |
|
Adobe Photoshop U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1281 |
ZDI-CAN-17714 |
Adobe |
CVE-2022-38426 |
7.8 |
Sept. 19, 2022 |
|
Adobe Photoshop U3D File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-22-1280 |
ZDI-CAN-17713 |
Adobe |
CVE-2022-38427 |
7.8 |
Sept. 19, 2022 |
|
Adobe Photoshop U3D File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-22-1279 |
ZDI-CAN-17590 |
Adobe |
CVE-2022-35708 |
7.8 |
Sept. 19, 2022 |
|
Adobe Bridge SGI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1278 |
ZDI-CAN-17618 |
Adobe |
CVE-2022-38412 |
7.8 |
Sept. 19, 2022 |
|
Adobe Animate SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1277 |
ZDI-CAN-17619 |
Adobe |
CVE-2022-38411 |
7.8 |
Sept. 19, 2022 |
|
Adobe Animate SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1276 |
ZDI-CAN-17612 |
Adobe |
CVE-2022-38403 |
7.8 |
Sept. 19, 2022 |
|
Adobe InCopy SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1275 |
ZDI-CAN-17611 |
Adobe |
CVE-2022-38402 |
7.8 |
Sept. 19, 2022 |
|
Adobe InCopy SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1274 |
ZDI-CAN-17610 |
Adobe |
CVE-2022-38404 |
7.8 |
Sept. 19, 2022 |
|
Adobe InCopy SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1273 |
ZDI-CAN-17609 |
Adobe |
CVE-2022-38405 |
7.8 |
Sept. 19, 2022 |
|
Adobe InCopy SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1272 |
ZDI-CAN-17608 |
Adobe |
CVE-2022-38401 |
7.8 |
Sept. 19, 2022 |
|
Adobe InCopy PCX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1271 |
ZDI-CAN-17607 |
Adobe |
CVE-2022-38407 |
3.3 |
Sept. 19, 2022 |
|
Adobe InCopy EPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1270 |
ZDI-CAN-17603 |
Adobe |
CVE-2022-38406 |
3.3 |
Sept. 19, 2022 |
|
Adobe InCopy EPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1269 |
ZDI-CAN-17602 |
Adobe |
CVE-2022-38433 |
7.8 |
Sept. 19, 2022 |
|
Adobe Photoshop SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1268 |
ZDI-CAN-17601 |
Adobe |
CVE-2022-38432 |
7.8 |
Sept. 19, 2022 |
|
Adobe Photoshop SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1267 |
ZDI-CAN-17600 |
Adobe |
CVE-2022-38431 |
7.8 |
Sept. 19, 2022 |
|
Adobe Photoshop SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1266 |
ZDI-CAN-17599 |
Adobe |
CVE-2022-38429 |
7.8 |
Sept. 19, 2022 |
|
Adobe Photoshop SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1265 |
ZDI-CAN-17598 |
Adobe |
CVE-2022-38434 |
7.8 |
Sept. 19, 2022 |
|
Adobe Photoshop SVG File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-1264 |
ZDI-CAN-17597 |
Adobe |
CVE-2022-38428 |
3.3 |
Sept. 19, 2022 |
|
Adobe Photoshop DCM File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-1263 |
ZDI-CAN-17596 |
Adobe |
CVE-2022-38430 |
7.8 |
Sept. 19, 2022 |
|
Adobe Photoshop MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1262 |
ZDI-CAN-17595 |
Adobe |
CVE-2022-38410 |
3.3 |
Sept. 19, 2022 |
|
Adobe Illustrator EPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1261 |
ZDI-CAN-17594 |
Adobe |
CVE-2022-38409 |
3.3 |
Sept. 19, 2022 |
|
Adobe Illustrator EPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1260 |
ZDI-CAN-17593 |
Adobe |
CVE-2022-38408 |
7.8 |
Sept. 19, 2022 |
|
Adobe Illustrator PCX File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-1259 |
ZDI-CAN-17592 |
Adobe |
CVE-2022-35707 |
7.8 |
Sept. 19, 2022 |
|
Adobe Bridge SGI File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1258 |
ZDI-CAN-17591 |
Adobe |
CVE-2022-35706 |
7.8 |
Sept. 19, 2022 |
|
Adobe Bridge SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1257 |
ZDI-CAN-17380 |
Adobe |
CVE-2022-35705 |
7.8 |
Sept. 19, 2022 |
|
Adobe Bridge MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1256 |
ZDI-CAN-17379 |
Adobe |
CVE-2022-35709 |
3.3 |
Sept. 19, 2022 |
|
Adobe Bridge DCM File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-1255 |
ZDI-CAN-17378 |
Adobe |
CVE-2022-35704 |
7.8 |
Sept. 19, 2022 |
|
Adobe Bridge SVG File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-1254 |
ZDI-CAN-17128 |
Adobe |
CVE-2022-35702 |
7.8 |
Sept. 19, 2022 |
|
Adobe Bridge SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1253 |
ZDI-CAN-17127 |
Adobe |
CVE-2022-35703 |
7.8 |
Sept. 19, 2022 |
|
Adobe Bridge SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1252 |
ZDI-CAN-17126 |
Adobe |
CVE-2022-35700 |
7.8 |
Sept. 19, 2022 |
|
Adobe Bridge SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1251 |
ZDI-CAN-17125 |
Adobe |
CVE-2022-35701 |
7.8 |
Sept. 19, 2022 |
|
Adobe Bridge SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1250 |
ZDI-CAN-17062 |
Adobe |
CVE-2022-35699 |
7.8 |
Sept. 19, 2022 |
|
Adobe Bridge Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1249 |
ZDI-CAN-18196 |
Siemens |
CVE-2022-39156 |
7.8 |
Sept. 16, 2022 |
|
Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1248 |
ZDI-CAN-18192 |
Siemens |
CVE-2022-39155 |
7.8 |
Sept. 16, 2022 |
|
Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1247 |
ZDI-CAN-18188 |
Siemens |
CVE-2022-39154 |
7.8 |
Sept. 16, 2022 |
|
Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1246 |
ZDI-CAN-18187 |
Siemens |
CVE-2022-39153 |
7.8 |
Sept. 16, 2022 |
|
Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1245 |
ZDI-CAN-17740 |
Siemens |
CVE-2022-39152 |
7.8 |
Sept. 16, 2022 |
|
Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1244 |
ZDI-CAN-17736 |
Siemens |
CVE-2022-39151 |
7.8 |
Sept. 16, 2022 |
|
Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1243 |
ZDI-CAN-17735 |
Siemens |
CVE-2022-39150 |
7.8 |
Sept. 16, 2022 |
|
Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1242 |
ZDI-CAN-17733 |
Siemens |
CVE-2022-39149 |
7.8 |
Sept. 16, 2022 |
|
Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1241 |
ZDI-CAN-17513 |
Siemens |
CVE-2022-39148 |
7.8 |
Sept. 16, 2022 |
|
Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1240 |
ZDI-CAN-17506 |
Siemens |
CVE-2022-39147 |
7.8 |
Sept. 16, 2022 |
|
Siemens Simcenter Femap X_T File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-22-1239 |
ZDI-CAN-17502 |
Siemens |
CVE-2022-39146 |
7.8 |
Sept. 16, 2022 |
|
Siemens Simcenter Femap X_T File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-22-1238 |
ZDI-CAN-17496 |
Siemens |
CVE-2022-39145 |
7.8 |
Sept. 16, 2022 |
|
Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1237 |
ZDI-CAN-17494 |
Siemens |
CVE-2022-39144 |
7.8 |
Sept. 16, 2022 |
|
Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1236 |
ZDI-CAN-17493 |
Siemens |
CVE-2022-39143 |
7.8 |
Sept. 16, 2022 |
|
Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1235 |
ZDI-CAN-17485 |
Siemens |
CVE-2022-39142 |
7.8 |
Sept. 16, 2022 |
|
Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1234 |
ZDI-CAN-17296 |
Siemens |
CVE-2022-39141 |
3.3 |
Sept. 16, 2022 |
|
Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1233 |
ZDI-CAN-17292 |
Siemens |
CVE-2022-39140 |
7.8 |
Sept. 16, 2022 |
|
Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1232 |
ZDI-CAN-17289 |
Siemens |
CVE-2022-39139 |
7.8 |
Sept. 16, 2022 |
|
Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1231 |
ZDI-CAN-17284 |
Siemens |
CVE-2022-39138 |
7.8 |
Sept. 16, 2022 |
|
Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1230 |
ZDI-CAN-17276 |
Siemens |
CVE-2022-39137 |
3.3 |
Sept. 16, 2022 |
|
Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1229 |
ZDI-CAN-17617 |
Adobe |
CVE-2022-38415 |
7.8 |
Sept. 14, 2022 |
|
Adobe InDesign PCX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1228 |
ZDI-CAN-17616 |
Adobe |
CVE-2022-38414 |
7.8 |
Sept. 14, 2022 |
|
Adobe InDesign SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1227 |
ZDI-CAN-17615 |
Adobe |
CVE-2022-38413 |
7.8 |
Sept. 14, 2022 |
|
Adobe InDesign SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1226 |
ZDI-CAN-17614 |
Adobe |
CVE-2022-38417 |
7.8 |
Sept. 14, 2022 |
|
Adobe InDesign SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1225 |
ZDI-CAN-17613 |
Adobe |
CVE-2022-38416 |
7.8 |
Sept. 14, 2022 |
|
Adobe InDesign SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1224 |
ZDI-CAN-15935 |
D-Link |
CVE-2022-40720 |
8.8 |
Sept. 14, 2022 |
|
D-Link DIR-2150 xupnpd Dreambox Plugin Command Injection Remote Code Execution Vulnerability |
| ZDI-22-1223 |
ZDI-CAN-15906 |
D-Link |
CVE-2022-40719 |
8.8 |
Sept. 14, 2022 |
|
D-Link DIR-2150 xupnpd_generic Plugin Command Injection Remote Code Execution Vulnerability |
| ZDI-22-1222 |
ZDI-CAN-15905 |
D-Link |
CVE-2022-3210 |
8.8 |
Sept. 14, 2022 |
|
D-Link DIR-2150 xupnpd ui_upload Command Injection Remote Code Execution Vulnerability |
| ZDI-22-1221 |
ZDI-CAN-15728 |
D-Link |
CVE-2022-40718 |
8.8 |
Sept. 14, 2022 |
|
D-Link DIR-2150 anweb websocket_data_handler Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1220 |
ZDI-CAN-15727 |
D-Link |
CVE-2022-40717 |
8.8 |
Sept. 14, 2022 |
|
D-Link DIR-2150 anweb action_handler Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1219 |
ZDI-CAN-15697 |
NIKON |
CVE-2022-40663 |
7.8 |
Sept. 14, 2022 |
|
(0Day) NIKON NIS-Elements Viewer TIF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1218 |
ZDI-CAN-15351 |
NIKON |
CVE-2022-40662 |
7.8 |
Sept. 14, 2022 |
|
(0Day) NIKON NIS-Elements Viewer TIF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1217 |
ZDI-CAN-15134 |
NIKON |
CVE-2022-40661 |
7.8 |
Sept. 14, 2022 |
|
(0Day) NIKON NIS-Elements Viewer BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1216 |
ZDI-CAN-15135 |
NIKON |
CVE-2022-40660 |
7.8 |
Sept. 14, 2022 |
|
(0Day) NIKON NIS-Elements Viewer PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1215 |
ZDI-CAN-15214 |
NIKON |
CVE-2022-40659 |
7.8 |
Sept. 14, 2022 |
|
(0Day) NIKON NIS-Elements Viewer TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1214 |
ZDI-CAN-15166 |
NIKON |
CVE-2022-40658 |
7.8 |
Sept. 14, 2022 |
|
(0Day) NIKON NIS-Elements Viewer TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1213 |
ZDI-CAN-15073 |
NIKON |
CVE-2022-40657 |
7.8 |
Sept. 14, 2022 |
|
(0Day) NIKON NIS-Elements Viewer PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1212 |
ZDI-CAN-15072 |
NIKON |
CVE-2022-40656 |
7.8 |
Sept. 14, 2022 |
|
(0Day) NIKON NIS-Elements Viewer ND2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1211 |
ZDI-CAN-15071 |
NIKON |
CVE-2022-40655 |
7.8 |
Sept. 14, 2022 |
|
(0Day) NIKON NIS-Elements Viewer ND2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1210 |
ZDI-CAN-18351 |
Ansys |
CVE-2022-40654 |
7.8 |
Sept. 14, 2022 |
|
(0Day) Ansys SpaceClaim X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1209 |
ZDI-CAN-18349 |
Ansys |
CVE-2022-40653 |
7.8 |
Sept. 14, 2022 |
|
(0Day) Ansys SpaceClaim X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1208 |
ZDI-CAN-17846 |
Ansys |
CVE-2022-40652 |
7.8 |
Sept. 14, 2022 |
|
(0Day) Ansys SpaceClaim X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1207 |
ZDI-CAN-17844 |
Ansys |
CVE-2022-40651 |
7.8 |
Sept. 14, 2022 |
|
(0Day) Ansys SpaceClaim X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1206 |
ZDI-CAN-17838 |
Ansys |
CVE-2022-40650 |
7.8 |
Sept. 14, 2022 |
|
(0Day) Ansys SpaceClaim X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1205 |
ZDI-CAN-17565 |
Ansys |
CVE-2022-40649 |
7.8 |
Sept. 14, 2022 |
|
(0Day) Ansys SpaceClaim X_B File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-22-1204 |
ZDI-CAN-17563 |
Ansys |
CVE-2022-40648 |
7.8 |
Sept. 14, 2022 |
|
(0Day) Ansys SpaceClaim X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1203 |
ZDI-CAN-17558 |
Ansys |
CVE-2022-40647 |
7.8 |
Sept. 14, 2022 |
|
(0Day) Ansys SpaceClaim X_B File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1202 |
ZDI-CAN-17541 |
Ansys |
CVE-2022-40646 |
7.8 |
Sept. 14, 2022 |
|
(0Day) Ansys SpaceClaim X_B File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-22-1201 |
ZDI-CAN-17540 |
Ansys |
CVE-2022-40645 |
7.8 |
Sept. 14, 2022 |
|
(0Day) Ansys SpaceClaim X_B File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-22-1200 |
ZDI-CAN-17408 |
Ansys |
CVE-2022-40644 |
7.8 |
Sept. 14, 2022 |
|
(0Day) Ansys SpaceClaim X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1199 |
ZDI-CAN-17407 |
Ansys |
CVE-2022-40643 |
7.8 |
Sept. 14, 2022 |
|
(0Day) Ansys SpaceClaim X_B File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-22-1198 |
ZDI-CAN-17318 |
Ansys |
CVE-2022-40642 |
7.8 |
Sept. 14, 2022 |
|
(0Day) Ansys SpaceClaim X_B File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-22-1197 |
ZDI-CAN-17317 |
Ansys |
CVE-2022-40641 |
7.8 |
Sept. 14, 2022 |
|
(0Day) Ansys SpaceClaim X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1196 |
ZDI-CAN-17308 |
Ansys |
CVE-2022-40640 |
7.8 |
Sept. 14, 2022 |
|
(0Day) Ansys SpaceClaim X_B File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1195 |
ZDI-CAN-17207 |
Ansys |
CVE-2022-40639 |
7.8 |
Sept. 14, 2022 |
|
(0Day) Ansys SpaceClaim SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-1194 |
ZDI-CAN-17102 |
Ansys |
CVE-2022-40638 |
7.8 |
Sept. 14, 2022 |
|
(0Day) Ansys SpaceClaim X_B File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-1193 |
ZDI-CAN-17045 |
Ansys |
CVE-2022-40637 |
7.0 |
Sept. 14, 2022 |
|
(0Day) Ansys SpaceClaim JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-1192 |
ZDI-CAN-17044 |
Ansys |
CVE-2022-40636 |
7.0 |
Sept. 14, 2022 |
|
(0Day) Ansys SpaceClaim JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1191 |
ZDI-CAN-16435 |
Trend Micro |
CVE-2022-40143 |
7.3 |
Sept. 14, 2022 |
|
Trend Micro Apex One Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-1190 |
ZDI-CAN-16691 |
Trend Micro |
CVE-2022-40142 |
7.8 |
Sept. 14, 2022 |
|
Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-1189 |
ZDI-CAN-16314 |
Trend Micro |
CVE-2022-40140 |
5.5 |
Sept. 14, 2022 |
|
Trend Micro Apex One Origin Validation Error Denial-of-Service Vulnerability |
| ZDI-22-1188 |
ZDI-CAN-17463 |
Tesla |
CVE-2022-3093 |
7.6 |
Sept. 8, 2022 |
|
(Pwn2Own) Tesla ice_updater Time-Of-Check Time-Of-Use Code Execution Vulnerability |
| ZDI-22-1187 |
ZDI-CAN-17448 |
ConnMan |
CVE-2022-32292 |
6.3 |
Sept. 8, 2022 |
|
(Pwn2Own) ConnMan received_data Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1186 |
ZDI-CAN-17447 |
ConnMan |
CVE-2022-32293 |
6.3 |
Sept. 8, 2022 |
|
(Pwn2Own) ConnMan wispr_portal_web_result wp_object Double Free Remote Code Execution Vulnerability |
| ZDI-22-1185 |
ZDI-CAN-16214 |
Microsoft |
CVE-2022-34691 |
8.4 |
Sept. 6, 2022 |
|
Microsoft Windows Active Directory Certificate Services Improper Authorization Privilege Escalation Vulnerability |
| ZDI-22-1184 |
ZDI-CAN-17695 |
ManageEngine |
CVE-2022-37024 |
7.2 |
Sept. 5, 2022 |
|
ManageEngine OpManager Plus getDNSResolveOption Command Injection Remote Code Execution Vulnerability |
| ZDI-22-1183 |
ZDI-CAN-17697 |
ManageEngine |
CVE-2022-37024 |
7.2 |
Sept. 1, 2022 |
|
ManageEngine NetFlow Analyzer getDNSResolveOption Command Injection Remote Code Execution Vulnerability |
| ZDI-22-1182 |
ZDI-CAN-18090 |
ManageEngine |
CVE-2022-38772 |
7.2 |
Sept. 1, 2022 |
|
ManageEngine OpManager getNmapInitialOption Command Injection Remote Code Execution Vulnerability |
| ZDI-22-1181 |
ZDI-CAN-18091 |
ManageEngine |
CVE-2022-38772 |
7.2 |
Sept. 1, 2022 |
|
ManageEngine OpManager Plus getNmapInitialOption Command Injection Remote Code Execution Vulnerability |
| ZDI-22-1180 |
ZDI-CAN-18092 |
ManageEngine |
CVE-2022-38772 |
7.2 |
Sept. 1, 2022 |
|
ManageEngine NetFlow Analyzer getNmapInitialOption Command Injection Remote Code Execution Vulnerability |
| ZDI-22-1179 |
ZDI-CAN-17696 |
ManageEngine |
CVE-2022-37024 |
7.2 |
Sept. 1, 2022 |
|
ManageEngine OpManager getDNSResolveOption Command Injection Remote Code Execution Vulnerability |
| ZDI-22-1178 |
ZDI-CAN-16829 |
Trend Micro |
CVE-2022-38764 |
7.3 |
Aug. 31, 2022 |
|
Trend Micro HouseCall Incorrect Permission Assignment Privilege Escalation Vulnerability |
| ZDI-22-1177 |
ZDI-CAN-16606 |
Trend Micro |
CVE-2022-37348 |
4.4 |
Aug. 31, 2022 |
|
Trend Micro Maximum Security Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1176 |
ZDI-CAN-16605 |
Trend Micro |
CVE-2022-37347 |
4.4 |
Aug. 31, 2022 |
|
Trend Micro Maximum Security Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1175 |
ZDI-CAN-14557 |
Trend Micro |
CVE-2022-34893 |
7.8 |
Aug. 31, 2022 |
|
Trend Micro Maximum Security Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-1174 |
ZDI-CAN-16362 |
Fatek Automation |
CVE-2022-2866 |
7.8 |
Aug. 25, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1173 |
ZDI-CAN-16361 |
Fatek Automation |
CVE-2022-2866 |
7.8 |
Aug. 25, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1172 |
ZDI-CAN-16360 |
Fatek Automation |
CVE-2022-2866 |
7.8 |
Aug. 25, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1171 |
ZDI-CAN-16358 |
Fatek Automation |
CVE-2022-2866 |
7.8 |
Aug. 25, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1170 |
ZDI-CAN-16304 |
Fatek Automation |
CVE-2022-2866 |
7.8 |
Aug. 25, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1169 |
ZDI-CAN-16296 |
Fatek Automation |
CVE-2022-2866 |
7.8 |
Aug. 25, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1168 |
ZDI-CAN-16271 |
Fatek Automation |
CVE-2022-2866 |
7.8 |
Aug. 25, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1167 |
ZDI-CAN-16270 |
Fatek Automation |
CVE-2022-2866 |
7.8 |
Aug. 25, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1166 |
ZDI-CAN-16889 |
Delta Electronics |
CVE-2022-2660 |
9.8 |
Aug. 24, 2022 |
|
Delta Industrial Automation DIALink Hardcoded Cryptographic Key Authentication Bypass Vulnerability |
| ZDI-22-1165 |
ZDI-CAN-17291 |
Linux |
CVE-2022-2959 |
7.8 |
Aug. 24, 2022 |
|
Linux Kernel Watch Queue Race Condition Privilege Escalation Vulnerability |
| ZDI-22-1164 |
ZDI-CAN-16212 |
Tencent |
|
4.3 |
Aug. 23, 2022 |
|
(0Day) Tencent WeChat WXAM Decoder Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1163 |
ZDI-CAN-17361 |
ICONICS |
CVE-2022-33320 |
7.8 |
Aug. 23, 2022 |
|
ICONICS GENESIS64 PKGX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-1162 |
ZDI-CAN-17360 |
ICONICS |
CVE-2022-33317 |
7.0 |
Aug. 23, 2022 |
|
ICONICS GENESIS64 GDFX File Parsing Path Traversal Remote Code Execution Vulnerability |
| ZDI-22-1161 |
ZDI-CAN-17056 |
Softing |
CVE-2022-2336 |
9.8 |
Aug. 23, 2022 |
|
(Pwn2Own) Softing Secure Integration Server Use of Default Credentials Authentication Bypass Vulnerability |
| ZDI-22-1160 |
ZDI-CAN-17058 |
Softing |
CVE-2022-2335 |
7.5 |
Aug. 23, 2022 |
|
Softing Secure Integration Server Content-Length Integer Underflow Denial-of-Service Vulnerability |
| ZDI-22-1159 |
ZDI-CAN-17060 |
Softing |
CVE-2022-1069 |
7.5 |
Aug. 23, 2022 |
|
Softing Secure Integration Server Content-Length Out-Of-Bounds Read Denial-of-Service Vulnerability |
| ZDI-22-1158 |
ZDI-CAN-17059 |
Softing |
CVE-2022-2547 |
7.5 |
Aug. 23, 2022 |
|
Softing Secure Integration Server Content-Type NULL Pointer Dereference Denial-of-Service Vulnerability |
| ZDI-22-1157 |
ZDI-CAN-17057 |
Softing |
CVE-2022-2337 |
7.5 |
Aug. 23, 2022 |
|
Softing Secure Integration Server URI NULL Pointer Dereference Denial-of-Service Vulnerability |
| ZDI-22-1156 |
ZDI-CAN-17255 |
Softing |
CVE-2022-1373 |
7.2 |
Aug. 23, 2022 |
|
(Pwn2Own) Softing Secure Integration Server UnZipFolder Directory Traversal Remote Code Execution Vulnerability |
| ZDI-22-1155 |
ZDI-CAN-17214 |
Softing |
CVE-2022-2338 |
5.7 |
Aug. 23, 2022 |
|
(Pwn2Own) Softing Secure Integration Server Cleartext Transmission of Sensitive Information Authentication Bypass Vulnerability |
| ZDI-22-1154 |
ZDI-CAN-17234 |
Softing |
CVE-2022-2334 |
7.2 |
Aug. 23, 2022 |
|
(Pwn2Own) Softing Secure Integration Server wbemcomn Uncontrolled Search Path Element Privilege Escalation Vulnerability |
| ZDI-22-1153 |
ZDI-CAN-16442 |
Softing |
CVE-2022-1748 |
7.5 |
Aug. 23, 2022 |
|
(Pwn2Own) Softing Secure Integration Server OPC UA Messages NULL Pointer Dereference Denial-of-Service Vulnerability |
| ZDI-22-1152 |
ZDI-CAN-17468 |
Oracle |
|
7.5 |
Aug. 23, 2022 |
|
(0Day) (Pwn2Own) Oracle VirtualBox IEM PGMPhysRead Out-Of-Bounds Write Local Privilege Escalation Vulnerability |
| ZDI-22-1151 |
ZDI-CAN-17431 |
Oracle |
|
4.4 |
Aug. 23, 2022 |
|
(0Day) (Pwn2Own) Oracle VirtualBox SLIRP sosendoob Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1150 |
ZDI-CAN-15341 |
Omron |
|
7.8 |
Aug. 23, 2022 |
|
Omron CX-One CX-Programmer CXP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-1149 |
ZDI-CAN-16433 |
Measuresoft |
CVE-2022-2897 |
7.8 |
Aug. 23, 2022 |
|
Measuresoft ScadaPro Server Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-1148 |
ZDI-CAN-16426 |
Measuresoft |
CVE-2022-2897 |
7.8 |
Aug. 23, 2022 |
|
Measuresoft ScadaPro Client Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-1147 |
ZDI-CAN-16422 |
Measuresoft |
CVE-2022-2897 |
7.8 |
Aug. 23, 2022 |
|
Measuresoft ScadaPro Client Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-1146 |
ZDI-CAN-16417 |
Measuresoft |
CVE-2022-2897 |
7.8 |
Aug. 23, 2022 |
|
Measuresoft ScadaPro Server Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-1145 |
ZDI-CAN-16403 |
Measuresoft |
CVE-2022-2897 |
7.8 |
Aug. 23, 2022 |
|
Measuresoft ScadaPro Server Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-1144 |
ZDI-CAN-16402 |
Measuresoft |
CVE-2022-2897 |
7.8 |
Aug. 23, 2022 |
|
Measuresoft ScadaPro Server Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-1143 |
ZDI-CAN-16263 |
Measuresoft |
CVE-2022-2896 |
7.8 |
Aug. 23, 2022 |
|
Measuresoft ScadaPro Server ORM File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-1142 |
ZDI-CAN-16262 |
Measuresoft |
CVE-2022-2895 |
7.8 |
Aug. 23, 2022 |
|
Measuresoft ScadaPro Server ORM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1141 |
ZDI-CAN-16244 |
Measuresoft |
CVE-2022-2895 |
7.8 |
Aug. 23, 2022 |
|
Measuresoft ScadaPro Server ORM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1140 |
ZDI-CAN-16261 |
Measuresoft |
CVE-2022-2894 |
7.8 |
Aug. 23, 2022 |
|
Measuresoft ScadaPro Server ORM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-1139 |
ZDI-CAN-16243 |
Measuresoft |
CVE-2022-2894 |
7.8 |
Aug. 23, 2022 |
|
Measuresoft ScadaPro Server ORM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-1138 |
ZDI-CAN-16236 |
Measuresoft |
CVE-2022-2894 |
7.8 |
Aug. 23, 2022 |
|
Measuresoft ScadaPro Server ORM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-1137 |
ZDI-CAN-16234 |
Measuresoft |
CVE-2022-2894 |
7.8 |
Aug. 23, 2022 |
|
Measuresoft ScadaPro Server ORM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-1136 |
ZDI-CAN-16233 |
Measuresoft |
CVE-2022-2894 |
7.8 |
Aug. 23, 2022 |
|
Measuresoft ScadaPro Server ORM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-1135 |
ZDI-CAN-16232 |
Measuresoft |
CVE-2022-2894 |
7.8 |
Aug. 23, 2022 |
|
Measuresoft ScadaPro Server ORM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-1134 |
ZDI-CAN-16231 |
Measuresoft |
CVE-2022-2894 |
7.8 |
Aug. 23, 2022 |
|
Measuresoft ScadaPro Server ORM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-1133 |
ZDI-CAN-16235 |
Measuresoft |
CVE-2022-2892 |
7.8 |
Aug. 23, 2022 |
|
Measuresoft ScadaPro Server ORM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1132 |
ZDI-CAN-16423 |
Measuresoft |
CVE-2022-2898 |
6.1 |
Aug. 23, 2022 |
|
Measuresoft ScadaPro Client Link Following Denial-of-Service Vulnerability |
| ZDI-22-1131 |
ZDI-CAN-16434 |
Measuresoft |
CVE-2022-2898 |
6.1 |
Aug. 23, 2022 |
|
Measuresoft ScadaPro Server Link Following Denial-of-Service Vulnerability |
| ZDI-22-1130 |
ZDI-CAN-17034 |
Apple |
CVE-2022-32797 |
3.3 |
Aug. 23, 2022 |
|
Apple macOS AppleScript TASUnparser_PrintObject Untrusted Pointer Dereference Information Disclosure Vulnerability |
| ZDI-22-1129 |
ZDI-CAN-17370 |
AVEVA |
CVE-2022-36970 |
7.8 |
Aug. 23, 2022 |
|
AVEVA Edge APP File Insufficient UI Warning Remote Code Execution Vulnerability |
| ZDI-22-1128 |
ZDI-CAN-17394 |
AVEVA |
CVE-2022-36969 |
5.5 |
Aug. 23, 2022 |
|
AVEVA Edge LoadImportedLibraries XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-1127 |
ZDI-CAN-17201 |
AVEVA |
CVE-2022-28688 |
7.8 |
Aug. 23, 2022 |
|
(Pwn2Own) AVEVA Edge Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-22-1126 |
ZDI-CAN-16257 |
AVEVA |
CVE-2022-28687 |
7.8 |
Aug. 23, 2022 |
|
(Pwn2Own) AVEVA Edge Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-22-1125 |
ZDI-CAN-17114 |
AVEVA |
CVE-2022-28686 |
7.8 |
Aug. 23, 2022 |
|
(Pwn2Own) AVEVA Edge Uncontrolled Search Path Element Remote Code Execution Vulnerability |
| ZDI-22-1124 |
ZDI-CAN-17212 |
AVEVA |
CVE-2022-28685 |
7.8 |
Aug. 23, 2022 |
|
(Pwn2Own) AVEVA Edge SetBytesToManagedControl Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-1123 |
ZDI-CAN-17417 |
Apple |
CVE-2022-32792 |
8.8 |
Aug. 18, 2022 |
|
(Pwn2Own) Apple Safari Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1122 |
ZDI-CAN-18088 |
ManageEngine |
CVE-2022-36923 |
9.4 |
Aug. 18, 2022 |
|
ManageEngine OpManager Plus getUserAPIKey Authentication Bypass Vulnerability |
| ZDI-22-1121 |
ZDI-CAN-18089 |
ManageEngine |
CVE-2022-36923 |
9.4 |
Aug. 18, 2022 |
|
ManageEngine NetFlow Analyzer getUserAPIKey Authentication Bypass Vulnerability |
| ZDI-22-1120 |
ZDI-CAN-18087 |
ManageEngine |
CVE-2022-36923 |
9.4 |
Aug. 18, 2022 |
|
ManageEngine OpManager getUserAPIKey Authentication Bypass Vulnerability |
| ZDI-22-1119 |
ZDI-CAN-17698 |
ManageEngine |
CVE-2022-36923 |
9.8 |
Aug. 18, 2022 |
|
ManageEngine Network Configuration Manager getUserAPIKey Authentication Bypass Vulnerability |
| ZDI-22-1118 |
ZDI-CAN-17470 |
Linux |
CVE-2022-2586 |
8.8 |
Aug. 18, 2022 |
|
(Pwn2Own) Linux Kernel nft_object Use-After-Free Privilege Escalation Vulnerability |
| ZDI-22-1117 |
ZDI-CAN-17440 |
Linux |
CVE-2022-2588 |
8.8 |
Aug. 18, 2022 |
|
(Pwn2Own) Linux Kernel route4_change Double Free Privilege Escalation Vulnerability |
| ZDI-22-1116 |
ZDI-CAN-16989 |
Adobe |
CVE-2022-35678 |
3.3 |
Aug. 18, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1115 |
ZDI-CAN-16999 |
Adobe |
CVE-2022-35671 |
3.3 |
Aug. 18, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1114 |
ZDI-CAN-17622 |
Adobe |
CVE-2022-35675 |
7.8 |
Aug. 18, 2022 |
|
Adobe FrameMaker SVG File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-1113 |
ZDI-CAN-17623 |
Adobe |
CVE-2022-35674 |
7.8 |
Aug. 18, 2022 |
|
Adobe FrameMaker SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1112 |
ZDI-CAN-17377 |
Adobe |
CVE-2022-35667 |
7.8 |
Aug. 18, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1111 |
ZDI-CAN-17624 |
Adobe |
CVE-2022-35673 |
7.8 |
Aug. 18, 2022 |
|
Adobe FrameMaker SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1110 |
ZDI-CAN-17625 |
Adobe |
CVE-2022-35676 |
7.8 |
Aug. 18, 2022 |
|
Adobe FrameMaker SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1109 |
ZDI-CAN-17626 |
Adobe |
CVE-2022-35677 |
7.8 |
Aug. 18, 2022 |
|
Adobe FrameMaker SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1108 |
ZDI-CAN-17080 |
Adobe |
CVE-2022-34263 |
7.8 |
Aug. 18, 2022 |
|
Adobe Illustrator Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-1107 |
ZDI-CAN-17074 |
Adobe |
CVE-2022-34262 |
3.3 |
Aug. 18, 2022 |
|
Adobe Illustrator Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1106 |
ZDI-CAN-17073 |
Adobe |
CVE-2022-34264 |
3.3 |
Aug. 18, 2022 |
|
Adobe FrameMaker Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1105 |
ZDI-CAN-17071 |
Adobe |
CVE-2022-34261 |
3.3 |
Aug. 18, 2022 |
|
Adobe Illustrator Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1104 |
ZDI-CAN-17066 |
Adobe |
CVE-2022-34260 |
7.8 |
Aug. 18, 2022 |
|
Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1103 |
ZDI-CAN-18069 |
PDF-XChange |
CVE-2022-37375 |
3.3 |
Aug. 18, 2022 |
|
PDF-XChange Editor JPC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1102 |
ZDI-CAN-18068 |
PDF-XChange |
CVE-2022-37374 |
7.8 |
Aug. 18, 2022 |
|
PDF-XChange Editor PNG File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-1101 |
ZDI-CAN-17810 |
PDF-XChange |
CVE-2022-37373 |
3.3 |
Aug. 18, 2022 |
|
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1100 |
ZDI-CAN-17809 |
PDF-XChange |
CVE-2022-37372 |
7.8 |
Aug. 18, 2022 |
|
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1099 |
ZDI-CAN-17772 |
PDF-XChange |
CVE-2022-37371 |
7.8 |
Aug. 18, 2022 |
|
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1098 |
ZDI-CAN-17725 |
PDF-XChange |
CVE-2022-37370 |
3.3 |
Aug. 18, 2022 |
|
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1097 |
ZDI-CAN-17724 |
PDF-XChange |
CVE-2022-37369 |
7.8 |
Aug. 18, 2022 |
|
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1096 |
ZDI-CAN-17728 |
PDF-XChange |
CVE-2022-37368 |
3.3 |
Aug. 18, 2022 |
|
PDF-XChange Editor Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1095 |
ZDI-CAN-17726 |
PDF-XChange |
CVE-2022-37367 |
7.8 |
Aug. 18, 2022 |
|
PDF-XChange Editor AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1094 |
ZDI-CAN-17727 |
PDF-XChange |
CVE-2022-37366 |
7.8 |
Aug. 18, 2022 |
|
PDF-XChange Editor Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1093 |
ZDI-CAN-17527 |
PDF-XChange |
CVE-2022-37365 |
7.8 |
Aug. 18, 2022 |
|
PDF-XChange Editor saveAs Exposed Dangerous Method Remote Code Execution Vulnerability |
| ZDI-22-1092 |
ZDI-CAN-17634 |
PDF-XChange |
CVE-2022-37364 |
7.8 |
Aug. 18, 2022 |
|
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1091 |
ZDI-CAN-17673 |
PDF-XChange |
CVE-2022-37363 |
7.8 |
Aug. 18, 2022 |
|
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1090 |
ZDI-CAN-17660 |
PDF-XChange |
CVE-2022-37362 |
7.8 |
Aug. 18, 2022 |
|
PDF-XChange Editor PNG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1089 |
ZDI-CAN-17674 |
PDF-XChange |
CVE-2022-37361 |
3.3 |
Aug. 18, 2022 |
|
PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1088 |
ZDI-CAN-17635 |
PDF-XChange |
CVE-2022-37360 |
3.3 |
Aug. 18, 2022 |
|
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1087 |
ZDI-CAN-17633 |
PDF-XChange |
CVE-2022-37359 |
7.8 |
Aug. 18, 2022 |
|
PDF-XChange Editor J2K File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-1086 |
ZDI-CAN-17632 |
PDF-XChange |
CVE-2022-37358 |
7.8 |
Aug. 18, 2022 |
|
PDF-XChange Editor JPG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1085 |
ZDI-CAN-17631 |
PDF-XChange |
CVE-2022-37357 |
7.8 |
Aug. 18, 2022 |
|
PDF-XChange Editor ICO File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1084 |
ZDI-CAN-17630 |
PDF-XChange |
CVE-2022-37356 |
7.8 |
Aug. 18, 2022 |
|
PDF-XChange Editor JPG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1083 |
ZDI-CAN-17629 |
PDF-XChange |
CVE-2022-37355 |
7.8 |
Aug. 18, 2022 |
|
PDF-XChange Editor JPG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1082 |
ZDI-CAN-17628 |
PDF-XChange |
CVE-2022-37354 |
7.8 |
Aug. 18, 2022 |
|
PDF-XChange Editor J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1081 |
ZDI-CAN-17637 |
PDF-XChange |
CVE-2022-37353 |
3.3 |
Aug. 18, 2022 |
|
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1080 |
ZDI-CAN-17638 |
PDF-XChange |
CVE-2022-37352 |
3.3 |
Aug. 18, 2022 |
|
PDF-XChange Editor WMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1079 |
ZDI-CAN-17636 |
PDF-XChange |
CVE-2022-37351 |
3.3 |
Aug. 18, 2022 |
|
PDF-XChange Editor J2K File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1078 |
ZDI-CAN-17144 |
PDF-XChange |
CVE-2022-37350 |
7.8 |
Aug. 18, 2022 |
|
PDF-XChange Editor Collab Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1077 |
ZDI-CAN-17444 |
Microsoft |
CVE-2022-34699 |
8.8 |
Aug. 18, 2022 |
|
(Pwn2Own) Microsoft Windows win32kbase Use-After-Free Privilege Escalation Vulnerability |
| ZDI-22-1076 |
ZDI-CAN-17142 |
PDF-XChange |
CVE-2022-37349 |
7.8 |
Aug. 18, 2022 |
|
PDF-XChange Editor submitForm Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1075 |
ZDI-CAN-17679 |
Microsoft |
CVE-2022-35750 |
8.8 |
Aug. 18, 2022 |
|
Microsoft Windows win32kfull Bitmap Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-22-1074 |
ZDI-CAN-17384 |
Microsoft |
CVE-2022-35742 |
7.5 |
Aug. 18, 2022 |
|
Microsoft Outlook MIME Header Heap Corruption Denial-of-Service Vulnerability |
| ZDI-22-1073 |
ZDI-CAN-13069 |
Microsoft |
CVE-2022-30194 |
7.8 |
Aug. 18, 2022 |
|
Microsoft Windows Untrusted Script Execution Remote Code Execution Vulnerability |
| ZDI-22-1072 |
ZDI-CAN-17396 |
Microsoft |
CVE-2022-34703 |
8.8 |
Aug. 18, 2022 |
|
(Pwn2Own) Microsoft Windows partmgr Integer Overflow Privilege Escalation Vulnerability |
| ZDI-22-1071 |
ZDI-CAN-17426 |
Microsoft |
CVE-2022-33670 |
8.8 |
Aug. 18, 2022 |
|
(Pwn2Own) Microsoft Windows partmgr Improper Authorization Privilege Escalation Vulnerability |
| ZDI-22-1070 |
ZDI-CAN-17429 |
Microsoft |
CVE-2022-35751 |
8.8 |
Aug. 18, 2022 |
|
(Pwn2Own) Microsoft Windows vhdmp Driver Improper Authorization Privilege Escalation Vulnerability |
| ZDI-22-1069 |
ZDI-CAN-17441 |
Microsoft |
CVE-2022-35750 |
8.8 |
Aug. 18, 2022 |
|
(Pwn2Own) Microsoft Windows cdd Driver Memory Corruption Privilege Escalation Vulnerability |
| ZDI-22-1068 |
ZDI-CAN-17430 |
Microsoft |
CVE-2022-35820 |
8.8 |
Aug. 18, 2022 |
|
(Pwn2Own) Microsoft Windows bthport Driver Improper Authorization Local Privilege Escalation Vulnerability |
| ZDI-22-1067 |
ZDI-CAN-14808 |
NetBSD |
|
5.5 |
Aug. 15, 2022 |
|
NetBSD Kernel stat System Call Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-22-1066 |
ZDI-CAN-15588 |
Apple |
CVE-2022-26696 |
7.8 |
Aug. 15, 2022 |
|
Apple macOS LaunchServices Sandbox Escape Privilege Escalation Vulnerability |
| ZDI-22-1065 |
ZDI-CAN-15191 |
Apple |
CVE-2022-22630 |
8.1 |
Aug. 15, 2022 |
|
Apple macOS Remote Events Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-1064 |
ZDI-CAN-17371 |
OPC Foundation |
CVE-2022-33916 |
5.3 |
Aug. 5, 2022 |
|
OPC Foundation UA .NET Standard BrowseRequest Missing Authentication Information Disclosure Vulnerability |
| ZDI-22-1063 |
ZDI-CAN-17661 |
Foxit |
CVE-2022-37391 |
7.8 |
Aug. 5, 2022 |
|
Foxit PDF Reader AcroForm deletePages Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-1062 |
ZDI-CAN-17551 |
Foxit |
CVE-2022-37390 |
7.8 |
Aug. 5, 2022 |
|
Foxit PDF Reader AcroForm deletePages Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-1061 |
ZDI-CAN-17545 |
Foxit |
CVE-2022-37389 |
7.8 |
Aug. 5, 2022 |
|
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-1060 |
ZDI-CAN-17516 |
Foxit |
CVE-2022-37388 |
7.8 |
Aug. 5, 2022 |
|
Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1059 |
ZDI-CAN-17552 |
Foxit |
CVE-2022-37387 |
7.8 |
Aug. 5, 2022 |
|
Foxit PDF Reader AcroForm deletePages Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-1058 |
ZDI-CAN-17550 |
Foxit |
CVE-2022-37386 |
3.3 |
Aug. 5, 2022 |
|
Foxit PDF Reader AcroForm resetForm Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1057 |
ZDI-CAN-17301 |
Foxit |
CVE-2022-37385 |
7.8 |
Aug. 5, 2022 |
|
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-1056 |
ZDI-CAN-17327 |
Foxit |
CVE-2022-37384 |
7.8 |
Aug. 5, 2022 |
|
Foxit PDF Reader delay Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-1055 |
ZDI-CAN-17111 |
Foxit |
CVE-2022-37383 |
3.3 |
Aug. 5, 2022 |
|
Foxit PDF Reader Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1054 |
ZDI-CAN-17383 |
Foxit |
CVE-2022-37382 |
3.3 |
Aug. 5, 2022 |
|
Foxit PDF Reader removeIcon Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-1053 |
ZDI-CAN-17110 |
Foxit |
CVE-2022-37381 |
7.8 |
Aug. 5, 2022 |
|
Foxit PDF Reader AFSpecial_KeystrokeEx Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-1052 |
ZDI-CAN-17169 |
Foxit |
CVE-2022-37380 |
3.3 |
Aug. 5, 2022 |
|
Foxit PDF Reader newConnection Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1051 |
ZDI-CAN-17168 |
Foxit |
CVE-2022-37379 |
3.3 |
Aug. 5, 2022 |
|
Foxit PDF Reader AFSpecial_KeystrokeEx Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-1050 |
ZDI-CAN-16867 |
Foxit |
CVE-2022-37378 |
7.8 |
Aug. 5, 2022 |
|
Foxit PDF Editor JavaScript Optimization Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-1049 |
ZDI-CAN-16733 |
Foxit |
CVE-2022-37377 |
7.8 |
Aug. 5, 2022 |
|
Foxit PDF Editor JavaScript Optimization Type Confusion Remote Code Execution Vulnerability |
| ZDI-22-1048 |
ZDI-CAN-16599 |
Foxit |
CVE-2022-37376 |
3.3 |
Aug. 5, 2022 |
|
Foxit PDF Editor JavaScript Array Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1047 |
ZDI-CAN-15984 |
Cisco |
CVE-2022-20827 |
8.8 |
Aug. 4, 2022 |
|
Cisco RV340 wfapp Command Injection Remote Code Execution Vulnerability |
| ZDI-22-1046 |
ZDI-CAN-15361 |
Docker |
CVE-2022-23774 |
7.8 |
Aug. 4, 2022 |
|
Docker Desktop Exposed Dangerous Method Local Privilege Escalation Vulnerability |
| ZDI-22-1045 |
ZDI-CAN-16766 |
Microsoft |
CVE-2022-24542 |
8.8 |
Aug. 4, 2022 |
|
Microsoft Windows win32kfull UMPDDrvStrokeAndFillPath Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-22-1044 |
ZDI-CAN-17389 |
ICONICS |
CVE-2022-33319 |
6.5 |
Aug. 3, 2022 |
|
ICONICS GENESIS64 GenBroker64 Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1043 |
ZDI-CAN-16253 |
ICONICS |
CVE-2022-33315 |
7.8 |
Aug. 3, 2022 |
|
ICONICS GENESIS64 GraphWorX64 TDFX File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-1042 |
ZDI-CAN-16509 |
ICONICS |
CVE-2022-29834 |
7.5 |
Aug. 3, 2022 |
|
ICONICS GENESIS64 colorpalletes Directory Traversal Information Disclosure Vulnerability |
| ZDI-22-1041 |
ZDI-CAN-17200 |
ICONICS |
CVE-2022-33318 |
9.8 |
Aug. 3, 2022 |
|
(Pwn2Own) ICONICS GENESIS64 genbroker64 Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-1040 |
ZDI-CAN-17215 |
ICONICS |
CVE-2022-33316 |
7.8 |
Aug. 3, 2022 |
|
(Pwn2Own) ICONICS GENESIS64 ColorPaletteEntry Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-1039 |
ZDI-CAN-17198 |
ICONICS |
CVE-2022-33317 |
7.8 |
Aug. 3, 2022 |
|
(Pwn2Own) ICONICS GENESIS64 TDFX File Parsing Exposed Dangerous Function Remote Code Execution Vulnerability |
| ZDI-22-1038 |
ZDI-CAN-15981 |
Lexmark |
CVE-2022-24935 |
8.8 |
Aug. 2, 2022 |
|
Lexmark MC3224i Firmware Downgrade Remote Code Execution Vulnerability |
| ZDI-22-1037 |
ZDI-CAN-14809 |
NetBSD |
|
5.5 |
Aug. 2, 2022 |
|
NetBSD Kernel getkerninfo System Call Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-22-1036 |
ZDI-CAN-14807 |
NetBSD |
|
5.5 |
Aug. 2, 2022 |
Aug. 3, 2022 |
NetBSD Kernel stat System Call Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-22-1035 |
ZDI-CAN-16887 |
Autodesk |
CVE-2022-33882 |
7.8 |
July 29, 2022 |
|
Autodesk Desktop App Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-1034 |
ZDI-CAN-16882 |
Autodesk |
CVE-2022-33882 |
7.8 |
July 29, 2022 |
|
Autodesk Desktop App Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-1033 |
ZDI-CAN-16692 |
Trend Micro |
CVE-2022-36336 |
7.8 |
July 28, 2022 |
|
Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-1032 |
ZDI-CAN-17481 |
EnterpriseDT |
CVE-2022-2560 |
8.2 |
July 28, 2022 |
|
EnterpriseDT CompleteFTP Server HttpFile Directory Traversal Arbitrary File Deletion Vulnerability |
| ZDI-22-1031 |
ZDI-CAN-16596 |
OPC Labs |
CVE-2022-2561 |
7.8 |
July 28, 2022 |
|
OPC Labs QuickOPC Connectivity Explorer Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-1030 |
ZDI-CAN-16927 |
Unified Automation |
CVE-2022-37012 |
7.5 |
July 28, 2022 |
July 28, 2022 |
(Pwn2Own) Unified Automation OPC UA C++ Improper Update of Reference Count Denial-of-Service Vulnerability |
| ZDI-22-1029 |
ZDI-CAN-17203 |
Unified Automation |
CVE-2022-37013 |
7.5 |
July 28, 2022 |
July 28, 2022 |
(Pwn2Own) Unified Automation OPC UA C++ Infinite Loop Denial-of-Service Vulnerability |
| ZDI-22-1028 |
ZDI-CAN-16967 |
Adobe |
CVE-2022-35672 |
7.8 |
July 28, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1027 |
ZDI-CAN-16961 |
Adobe |
CVE-2022-35669 |
3.3 |
July 28, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1026 |
ZDI-CAN-16769 |
Oracle |
CVE-2022-21550 |
9.8 |
July 27, 2022 |
|
Oracle MySQL Cluster Data Node Integer Underflow Remote Code Execution Vulnerability |
| ZDI-22-1025 |
ZDI-CAN-15594 |
Siemens |
CVE-2022-27653 |
7.8 |
July 15, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1024 |
ZDI-CAN-16768 |
Microsoft |
CVE-2022-24542 |
8.8 |
July 15, 2022 |
|
Microsoft Windows win32kfull UMPDDrvStartBanding Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-22-1023 |
ZDI-CAN-16767 |
Microsoft |
CVE-2022-24542 |
8.8 |
July 15, 2022 |
|
Microsoft Windows win32kfull UMPDDrvFillPath Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-22-1022 |
ZDI-CAN-16760 |
Microsoft |
CVE-2022-24542 |
8.8 |
July 15, 2022 |
|
Microsoft Windows win32kfull UMPDDrvFontManagement Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-22-1021 |
ZDI-CAN-16259 |
VMware |
|
8.1 |
July 28, 2022 |
July 28, 2022 |
VMware ESXi TCP/IP Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-1020 |
ZDI-CAN-16949 |
Inductive Automation |
CVE-2022-35873 |
7.8 |
July 15, 2022 |
|
(Pwn2Own) Inductive Automation Ignition ZIP File Insufficient UI Warning Remote Code Execution Vulnerability |
| ZDI-22-1019 |
ZDI-CAN-17115 |
Inductive Automation |
CVE-2022-35872 |
7.8 |
July 15, 2022 |
|
(Pwn2Own) Inductive Automation Ignition Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-1018 |
ZDI-CAN-17206 |
Inductive Automation |
CVE-2022-35871 |
8.1 |
July 15, 2022 |
|
(Pwn2Own) Inductive Automation Ignition Missing Authentication for Critical Function Remote Code Execution Vulnerability |
| ZDI-22-1017 |
ZDI-CAN-17265 |
Inductive Automation |
CVE-2022-35870 |
8.8 |
July 15, 2022 |
|
(Pwn2Own) Inductive Automation Ignition Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-1016 |
ZDI-CAN-17211 |
Inductive Automation |
CVE-2022-35869 |
7.5 |
July 15, 2022 |
|
(Pwn2Own) Inductive Automation Ignition Authentication Bypass Vulnerability |
| ZDI-22-1015 |
ZDI-CAN-16321 |
ABB |
CVE-2022-31219 |
7.3 |
July 15, 2022 |
|
ABB Automation Builder Platform Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-1014 |
ZDI-CAN-16281 |
ABB |
CVE-2022-31218 |
7.8 |
July 15, 2022 |
|
ABB Automation Builder Platform Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-1013 |
ZDI-CAN-16277 |
ABB |
CVE-2022-31217 |
7.8 |
July 15, 2022 |
|
ABB Automation Builder Platform Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-1012 |
ZDI-CAN-16276 |
ABB |
CVE-2022-31216 |
7.8 |
July 15, 2022 |
|
ABB Automation Builder Platform Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-1011 |
ZDI-CAN-15933 |
Autodesk |
CVE-2022-33881 |
7.8 |
July 14, 2022 |
|
Autodesk AutoCAD PRT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1010 |
ZDI-CAN-15931 |
Autodesk |
CVE-2022-33881 |
7.8 |
July 14, 2022 |
|
Autodesk AutoCAD PRT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-1009 |
ZDI-CAN-17078 |
Adobe |
CVE-2022-34249 |
7.8 |
July 14, 2022 |
|
Adobe InCopy Font Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1008 |
ZDI-CAN-17083 |
Adobe |
CVE-2022-34250 |
7.8 |
July 14, 2022 |
|
Adobe InCopy Font Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1007 |
ZDI-CAN-17075 |
Adobe |
CVE-2022-34252 |
3.3 |
July 14, 2022 |
|
Adobe InCopy Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1006 |
ZDI-CAN-17068 |
Adobe |
CVE-2022-34251 |
7.8 |
July 14, 2022 |
|
Adobe InCopy Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1005 |
ZDI-CAN-17082 |
Adobe |
CVE-2022-34246 |
7.8 |
July 14, 2022 |
|
Adobe InDesign Font Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1004 |
ZDI-CAN-17079 |
Adobe |
CVE-2022-34245 |
7.8 |
July 14, 2022 |
|
Adobe InDesign Font Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-1003 |
ZDI-CAN-17076 |
Adobe |
CVE-2022-34248 |
3.3 |
July 14, 2022 |
|
Adobe InDesign Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-1002 |
ZDI-CAN-17067 |
Adobe |
CVE-2022-34247 |
7.8 |
July 14, 2022 |
|
Adobe InDesign Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-1001 |
ZDI-CAN-16919 |
Adobe |
CVE-2022-34216 |
7.8 |
July 13, 2022 |
|
Adobe Acrobat Reader DC PDF Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-1000 |
ZDI-CAN-17277 |
Adobe |
CVE-2022-34227 |
7.8 |
July 13, 2022 |
|
Adobe Acrobat Reader DC AcroForm value Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-999 |
ZDI-CAN-17621 |
Adobe |
CVE-2022-34241 |
7.8 |
July 13, 2022 |
|
Adobe Character Animator SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-998 |
ZDI-CAN-16955 |
Adobe |
CVE-2022-34220 |
7.8 |
July 13, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-997 |
ZDI-CAN-17620 |
Adobe |
CVE-2022-34242 |
7.8 |
July 13, 2022 |
|
Adobe Character Animator SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-996 |
ZDI-CAN-17324 |
Adobe |
CVE-2022-34225 |
7.8 |
July 13, 2022 |
|
Adobe Acrobat Reader DC AcroForm exportValues Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-995 |
ZDI-CAN-17319 |
Adobe |
CVE-2022-34223 |
7.8 |
July 13, 2022 |
|
Adobe Acrobat Reader DC AcroForm currentValueIndices Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-994 |
ZDI-CAN-17018 |
Adobe |
CVE-2022-34226 |
7.8 |
July 13, 2022 |
|
Adobe Acrobat Reader DC PDF Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-993 |
ZDI-CAN-17307 |
Adobe |
CVE-2022-34229 |
7.8 |
July 13, 2022 |
|
Adobe Acrobat Reader DC AcroForm rect Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-992 |
ZDI-CAN-17303 |
Adobe |
CVE-2022-34224 |
7.8 |
July 13, 2022 |
|
Adobe Acrobat Reader DC AcroForm setItems Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-991 |
ZDI-CAN-17385 |
Adobe |
CVE-2022-34228 |
7.8 |
July 13, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-22-990 |
ZDI-CAN-16952 |
Adobe |
CVE-2022-34217 |
7.8 |
July 13, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-989 |
ZDI-CAN-17063 |
Adobe |
CVE-2022-34219 |
7.8 |
July 13, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-988 |
ZDI-CAN-17026 |
Adobe |
CVE-2022-34222 |
7.8 |
July 13, 2022 |
|
Adobe Acrobat Reader DC query Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-987 |
ZDI-CAN-17001 |
Adobe |
CVE-2022-34243 |
7.8 |
July 13, 2022 |
|
Adobe Photoshop U3D File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-986 |
ZDI-CAN-17002 |
Adobe |
CVE-2022-34244 |
3.3 |
July 13, 2022 |
|
Adobe Photoshop U3D File Parsing Uninitialized Variable Information Disclosure Vulnerability |
| ZDI-22-985 |
ZDI-CAN-16998 |
Adobe |
CVE-2022-34233 |
3.3 |
July 13, 2022 |
|
Adobe Acrobat Reader DC Doc print Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-984 |
ZDI-CAN-17167 |
Adobe |
CVE-2022-34234 |
3.3 |
July 13, 2022 |
|
Adobe Acrobat Reader DC Doc printWithParams Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-983 |
ZDI-CAN-16826 |
Adobe |
CVE-2022-34215 |
7.8 |
July 13, 2022 |
|
Adobe Acrobat Reader DC Annotation Polygon Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-982 |
ZDI-CAN-16876 |
Adobe |
CVE-2022-34232 |
3.3 |
July 13, 2022 |
|
Adobe Acrobat Reader DC Annotation print Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-981 |
ZDI-CAN-16953 |
Adobe |
CVE-2022-34237 |
3.3 |
July 13, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-980 |
ZDI-CAN-16965 |
Adobe |
CVE-2022-34239 |
3.3 |
July 13, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-979 |
ZDI-CAN-16966 |
Adobe |
CVE-2022-34236 |
3.3 |
July 13, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-978 |
ZDI-CAN-16801 |
Microsoft |
CVE-2022-22034 |
8.8 |
July 12, 2022 |
|
Microsoft Windows win32kfull UMPDDrvStretchBltROP Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-22-977 |
ZDI-CAN-16800 |
Microsoft |
CVE-2022-22034 |
8.8 |
July 12, 2022 |
|
Microsoft Windows win32kfull UMPDDrvAlphaBlend Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-22-976 |
ZDI-CAN-16799 |
Microsoft |
CVE-2022-22034 |
8.8 |
July 12, 2022 |
|
Microsoft Windows win32kfull UMPDDrvCopyBits Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-22-975 |
ZDI-CAN-16798 |
Microsoft |
CVE-2022-22034 |
8.8 |
July 12, 2022 |
|
Microsoft Windows win32kfull UMPDDrvStretchBlt Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-22-974 |
ZDI-CAN-16797 |
Microsoft |
CVE-2022-22034 |
8.8 |
July 12, 2022 |
|
Microsoft Windows win32kfull UMPDDrvPlgBlt Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-22-973 |
ZDI-CAN-16796 |
Microsoft |
CVE-2022-22034 |
8.8 |
July 12, 2022 |
|
Microsoft Windows win32kfull UMPDDrvTransparentBlt Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-22-972 |
ZDI-CAN-16795 |
Microsoft |
CVE-2022-22034 |
8.8 |
July 12, 2022 |
|
Microsoft Windows win32kfull UMPDDrvBitBlt Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-22-971 |
ZDI-CAN-16765 |
Microsoft |
CVE-2022-22034 |
8.8 |
July 12, 2022 |
|
Microsoft Windows win32kfull UMPDDrvStrokePath Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-22-970 |
ZDI-CAN-16764 |
Microsoft |
CVE-2022-22034 |
8.8 |
July 12, 2022 |
|
Microsoft Windows win32kfull UMPDDrvGradientFill Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-22-969 |
ZDI-CAN-16762 |
Microsoft |
CVE-2022-22034 |
8.8 |
July 12, 2022 |
|
Microsoft Windows win32kfull UMPDDrvTextOut Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-22-968 |
ZDI-CAN-16709 |
BMC |
CVE-2022-35865 |
7.3 |
July 12, 2022 |
July 14, 2022 |
BMC Track-It! HTTP Module Improper Access Control Remote Code Execution Vulnerability |
| ZDI-22-967 |
ZDI-CAN-16690 |
BMC |
CVE-2022-35864 |
5.3 |
July 12, 2022 |
July 14, 2022 |
BMC Track-It! GetPopupSubQueryDetails SQL Injection Information Disclosure Vulnerability |
| ZDI-22-966 |
ZDI-CAN-17293 |
Siemens |
CVE-2022-34748 |
7.8 |
July 12, 2022 |
|
Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-965 |
ZDI-CAN-15420 |
Siemens |
CVE-2022-34465 |
7.8 |
July 12, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-964 |
ZDI-CAN-16062 |
X.Org |
CVE-2022-2319 |
7.8 |
July 12, 2022 |
|
X.Org Server ProcXkbSetGeometry Out-Of-Bounds Access Local Privilege Escalation Vulnerability |
| ZDI-22-963 |
ZDI-CAN-16070 |
X.Org |
CVE-2022-2320 |
7.8 |
July 12, 2022 |
|
X.Org Server ProcXkbSetDeviceInfo Out-Of-Bounds Access Local Privilege Escalation Vulnerability |
| ZDI-22-962 |
ZDI-CAN-16650 |
Trend Micro |
CVE-2022-35234 |
4.4 |
July 11, 2022 |
|
Trend Micro Maximum Security Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-961 |
ZDI-CAN-17325 |
Linux |
|
8.2 |
July 11, 2022 |
|
Linux Kernel LightNVM Subsystem Heap-based Overflow Privilege Escalation Vulnerability |
| ZDI-22-960 |
ZDI-CAN-17194 |
Linux |
CVE-2022-2991 |
8.2 |
July 11, 2022 |
Aug. 25, 2022 |
Linux Kernel LightNVM Subsystem Heap-based Overflow Privilege Escalation Vulnerability |
| ZDI-22-959 |
ZDI-CAN-17139 |
Vinchin |
CVE-2022-35866 |
9.8 |
July 8, 2022 |
July 14, 2022 |
(0Day) Vinchin Backup and Recovery MySQL Server Use of Hard-coded Credentials Authentication Bypass Vulnerability |
| ZDI-22-958 |
ZDI-CAN-16526 |
SAP |
CVE-2022-32238 |
7.8 |
July 7, 2022 |
|
SAP 3D Visual Enterprise Viewer EPS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-957 |
ZDI-CAN-16510 |
SAP |
CVE-2022-32236 |
7.8 |
July 7, 2022 |
|
SAP 3D Visual Enterprise Viewer BPM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-956 |
ZDI-CAN-16305 |
SAP |
CVE-2022-32242 |
7.8 |
July 7, 2022 |
|
SAP 3D Visual Enterprise Viewer HDR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-955 |
ZDI-CAN-17331 |
Sante |
CVE-2022-2272 |
9.8 |
July 7, 2022 |
July 7, 2022 |
Sante PACS Server SQL Injection Authentication Bypass Vulnerability |
| ZDI-22-954 |
ZDI-CAN-16336 |
Centreon |
CVE-2022-34872 |
6.5 |
July 7, 2022 |
Aug. 3, 2022 |
Centreon Virtual Metrics SQL Injection Information Disclosure Vulnerability |
| ZDI-22-953 |
ZDI-CAN-16335 |
Centreon |
CVE-2022-34871 |
7.2 |
July 7, 2022 |
Aug. 3, 2022 |
Centreon Poller Resource SQL Injection Privilege Escalation Vulnerability |
| ZDI-22-952 |
ZDI-CAN-16777 |
Foxit |
CVE-2022-34873 |
3.3 |
July 7, 2022 |
|
Foxit PDF Reader Annotation modDate Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-951 |
ZDI-CAN-17474 |
Foxit |
CVE-2022-34874 |
3.3 |
July 7, 2022 |
|
Foxit PDF Reader Doc Object color Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-950 |
ZDI-CAN-16981 |
Foxit |
CVE-2022-34875 |
3.3 |
July 7, 2022 |
|
Foxit PDF Reader newConnection Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-949 |
ZDI-CAN-15056 |
xhyve |
CVE-2022-35867 |
7.5 |
July 6, 2022 |
July 14, 2022 |
(0Day) xhyve e1000 Stack-based Buffer Overflow Local Privilege Escalation Vulnerability |
| ZDI-22-948 |
ZDI-CAN-16137 |
Parallels |
CVE-2022-34901 |
7.8 |
July 1, 2022 |
|
Parallels Access Agent Uncontrolled Search Path Element Local Privilege Escalation Vulnerability |
| ZDI-22-947 |
ZDI-CAN-16134 |
Parallels |
CVE-2022-34899 |
7.0 |
July 1, 2022 |
|
Parallels Access Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability |
| ZDI-22-946 |
ZDI-CAN-15787 |
Parallels |
CVE-2022-34902 |
7.8 |
July 1, 2022 |
|
Parallels Access Agent Uncontrolled Search Path Element Local Privilege Escalation Vulnerability |
| ZDI-22-945 |
ZDI-CAN-15213 |
Parallels |
CVE-2022-34900 |
7.8 |
July 1, 2022 |
|
Parallels Access Agent Uncontrolled Search Path Element Privilege Escalation Vulnerability |
| ZDI-22-944 |
ZDI-CAN-15934 |
Autodesk |
CVE-2022-27868 |
7.8 |
June 30, 2022 |
|
Autodesk AutoCAD CATPart File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-943 |
ZDI-CAN-16396 |
Parallels |
CVE-2022-34892 |
7.8 |
June 30, 2022 |
|
Parallels Desktop Updater Race Condition Local Privilege Escalation Vulnerability |
| ZDI-22-942 |
ZDI-CAN-16395 |
Parallels |
CVE-2022-34891 |
7.8 |
June 30, 2022 |
|
Parallels Desktop Updater Incorrect Permission Assignment Local Privilege Escalation Vulnerability |
| ZDI-22-941 |
ZDI-CAN-16653 |
Parallels |
CVE-2022-34890 |
7.3 |
June 30, 2022 |
|
Parallels Desktop Tools Untrusted Pointer Dereference Information Disclosure Vulnerability |
| ZDI-22-940 |
ZDI-CAN-16554 |
Parallels |
CVE-2022-34889 |
8.2 |
June 30, 2022 |
|
Parallels Desktop ACPI Out-Of-Bounds Read Local Privilege Escalation Vulnerability |
| ZDI-22-939 |
ZDI-CAN-16210 |
Tencent |
|
4.3 |
June 30, 2022 |
|
Tencent WeChat WXAM Decoder Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-938 |
ZDI-CAN-16211 |
Tencent |
|
8.8 |
June 30, 2022 |
|
Tencent WeChat WXAM Decoder Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-937 |
ZDI-CAN-16773 |
Advantech |
CVE-2022-2136 |
8.8 |
June 30, 2022 |
July 14, 2022 |
Advantech iView set_useraccount UserName SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-936 |
ZDI-CAN-16685 |
Advantech |
CVE-2022-2143 |
9.8 |
June 30, 2022 |
|
Advantech iView runProViewUpgrade fwfilename Command Injection Remote Code Execution Vulnerability |
| ZDI-22-935 |
ZDI-CAN-16528 |
Advantech |
CVE-2022-2143 |
9.8 |
June 30, 2022 |
|
Advantech iView NetworkServlet backupDatabase backup_filename Command Injection Remote Code Execution Vulnerability |
| ZDI-22-934 |
ZDI-CAN-16607 |
Advantech |
CVE-2022-2142 |
8.1 |
June 30, 2022 |
|
Advantech iView getModulePageContent SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-933 |
ZDI-CAN-16783 |
Advantech |
CVE-2022-2139 |
6.5 |
June 30, 2022 |
|
Advantech iView MenuServlet getUserPrefMenuFragment page Directory Traversal Information Disclosure Vulnerability |
| ZDI-22-932 |
ZDI-CAN-16702 |
Advantech |
CVE-2022-2139 |
9.8 |
June 30, 2022 |
|
Advantech iView findCfgDeviceListDetailsExport filename Directory Traversal Remote Code Execution Vulnerability |
| ZDI-22-931 |
ZDI-CAN-16701 |
Advantech |
CVE-2022-2139 |
9.8 |
June 30, 2022 |
|
Advantech iView exportDeviceList filename Directory Traversal Remote Code Execution Vulnerability |
| ZDI-22-930 |
ZDI-CAN-16774 |
Advantech |
CVE-2022-2138 |
8.2 |
June 30, 2022 |
|
Advantech iView removeDevices Missing Authentication Denial-of-Service Vulnerability |
| ZDI-22-929 |
ZDI-CAN-16776 |
Advantech |
CVE-2022-2138 |
8.2 |
June 30, 2022 |
|
Advantech iView removeSegment Missing Authentication Denial-of-Service Vulnerability |
| ZDI-22-928 |
ZDI-CAN-16688 |
Advantech |
CVE-2022-2138 |
8.2 |
June 30, 2022 |
|
Advantech iView NetworkServlet clearDatabase Missing Authentication Denial-of-Service Vulnerability |
| ZDI-22-927 |
ZDI-CAN-16746 |
Advantech |
CVE-2022-2137 |
4.9 |
June 30, 2022 |
|
Advantech iView addDeviceTreeItem SQL Injection Information Disclosure Vulnerability |
| ZDI-22-926 |
ZDI-CAN-16745 |
Advantech |
CVE-2022-2137 |
4.9 |
June 30, 2022 |
|
Advantech iView addDeviceTreeItem SQL Injection Information Disclosure Vulnerability |
| ZDI-22-925 |
ZDI-CAN-16772 |
Advantech |
CVE-2022-2136 |
6.5 |
June 30, 2022 |
|
Advantech iView updateSystemSettings SQL Injection Information Disclosure Vulnerability |
| ZDI-22-924 |
ZDI-CAN-16771 |
Advantech |
CVE-2022-2136 |
6.5 |
June 30, 2022 |
|
Advantech iView updateLDAPSettings SQL Injection Information Disclosure Vulnerability |
| ZDI-22-923 |
ZDI-CAN-16775 |
Advantech |
CVE-2022-2136 |
6.5 |
June 30, 2022 |
|
Advantech iView exportInventoryTable SQL Injection Information Disclosure Vulnerability |
| ZDI-22-922 |
ZDI-CAN-16752 |
Advantech |
CVE-2022-2136 |
8.8 |
June 30, 2022 |
|
Advantech iView exportTaskMgrReport col_list2 SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-921 |
ZDI-CAN-16744 |
Advantech |
CVE-2022-2136 |
8.8 |
June 30, 2022 |
|
Advantech iView exportPSInventoryTable SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-920 |
ZDI-CAN-16748 |
Advantech |
CVE-2022-2136 |
8.8 |
June 30, 2022 |
|
Advantech iView updatePROMFile ipaddress SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-919 |
ZDI-CAN-16750 |
Advantech |
CVE-2022-2135 |
9.8 |
June 30, 2022 |
|
Advantech iView setTaskEditorItem DESCRIPTION SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-918 |
ZDI-CAN-16529 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView performListSortUpdate SORT_ORDER SQL Injection Information Disclosure Vulnerability |
| ZDI-22-917 |
ZDI-CAN-16535 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView updateSegmentInfo ID SQL Injection Information Disclosure Vulnerability |
| ZDI-22-916 |
ZDI-CAN-16561 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView updatePROMSelect SQL Injection Information Disclosure Vulnerability |
| ZDI-22-915 |
ZDI-CAN-16585 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView updatePROMFilesWithLogin SQL Injection Information Disclosure Vulnerability |
| ZDI-22-914 |
ZDI-CAN-16562 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView updateCfgFileSelect CREATE_DATE SQL Injection Information Disclosure Vulnerability |
| ZDI-22-913 |
ZDI-CAN-16591 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView setTaskMgrItem SQL Injection Information Disclosure Vulnerability |
| ZDI-22-912 |
ZDI-CAN-16751 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView setTaskEditorItem TASKTYPEDESC SQL Injection Information Disclosure Vulnerability |
| ZDI-22-911 |
ZDI-CAN-16531 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView setConfiguration column_value SQL Injection Information Disclosure Vulnerability |
| ZDI-22-910 |
ZDI-CAN-16659 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView saveSearchDevicesToTask CREATE_DATE SQL Injection Information Disclosure Vulnerability |
| ZDI-22-909 |
ZDI-CAN-16660 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView savePSInfo dtInstallDate SQL Injection Information Disclosure Vulnerability |
| ZDI-22-908 |
ZDI-CAN-16747 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView saveEditDeviceValues SQL Injection Information Disclosure Vulnerability |
| ZDI-22-907 |
ZDI-CAN-16549 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView runTaskEditorSearch sortname/sortorder SQL Injection Information Disclosure Vulnerability |
| ZDI-22-906 |
ZDI-CAN-16546 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView retrieveAllTaskMgrUpdateItems sort_field/sort_type SQL Injection Information Disclosure Vulnerability |
| ZDI-22-905 |
ZDI-CAN-16583 |
Advantech |
CVE-2022-2135 |
9.8 |
June 30, 2022 |
|
Advantech iView restoreDatabase restore_filename SQL Injection Authentication Bypass Vulnerability |
| ZDI-22-904 |
ZDI-CAN-16592 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView removeSearchDevicesFromTask CREATE_DATE SQL Injection Information Disclosure Vulnerability |
| ZDI-22-903 |
ZDI-CAN-16724 |
Advantech |
CVE-2022-2135 |
9.8 |
June 30, 2022 |
|
Advantech iView performZTPConfig SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-902 |
ZDI-CAN-16731 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView performSearchDevice SQL Injection Information Disclosure Vulnerability |
| ZDI-22-901 |
ZDI-CAN-16530 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView performListSortUpdate DB_COLUMN SQL Injection Information Disclosure Vulnerability |
| ZDI-22-900 |
ZDI-CAN-16548 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView getPSInventoryInfo sortname/sortorder SQL Injection Information Disclosure Vulnerability |
| ZDI-22-899 |
ZDI-CAN-16545 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView getInventoryReportData sortname/sortorder SQL Injection Information Disclosure Vulnerability |
| ZDI-22-898 |
ZDI-CAN-16693 |
Advantech |
CVE-2022-2135 |
9.8 |
June 30, 2022 |
|
Advantech iView getChassisList strIPAddress SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-897 |
ZDI-CAN-16695 |
Advantech |
CVE-2022-2135 |
9.8 |
June 30, 2022 |
|
Advantech iView getChassisList SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-896 |
ZDI-CAN-16694 |
Advantech |
CVE-2022-2135 |
9.8 |
June 30, 2022 |
|
Advantech iView getChassisList SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-895 |
ZDI-CAN-16544 |
Advantech |
CVE-2022-2135 |
9.8 |
June 30, 2022 |
|
Advantech iView getAllActiveTraps search_date_from/search_date_to SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-894 |
ZDI-CAN-16649 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView findUpdateDeviceListExport sort_type/search_json SQL Injection Information Disclosure Vulnerability |
| ZDI-22-893 |
ZDI-CAN-16648 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView findUpdateDeviceList sort_field/sort_type SQL Injection Information Disclosure Vulnerability |
| ZDI-22-892 |
ZDI-CAN-16547 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView findTaskMgrItems sort_field/sort_type SQL Injection Information Disclosure Vulnerability |
| ZDI-22-891 |
ZDI-CAN-16564 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView findSummaryUpdateDeviceListExport VALUE SQL Injection Information Disclosure Vulnerability |
| ZDI-22-890 |
ZDI-CAN-16656 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView findSummaryUpdateDeviceList VALUE SQL Injection Information Disclosure Vulnerability |
| ZDI-22-889 |
ZDI-CAN-16550 |
Advantech |
CVE-2022-2135 |
9.8 |
June 30, 2022 |
|
Advantech iView findSummaryUpdateDeviceList COLUMN/VALUE SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-888 |
ZDI-CAN-16563 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView findSummaryCfgDeviceListExport VALUE SQL Injection Information Disclosure Vulnerability |
| ZDI-22-887 |
ZDI-CAN-16645 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView findSummaryCfgDeviceList VALUE SQL Injection Information Disclosure Vulnerability |
| ZDI-22-886 |
ZDI-CAN-16560 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView findCfgDeviceListExport segment SQL Injection Information Disclosure Vulnerability |
| ZDI-22-885 |
ZDI-CAN-16584 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView findCfgDeviceListDetailsExport segment SQL Injection Information Disclosure Vulnerability |
| ZDI-22-884 |
ZDI-CAN-16658 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView findCfgDeviceListDetails segment/sort_field/sort_type SQL Injection Information Disclosure Vulnerability |
| ZDI-22-883 |
ZDI-CAN-16646 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView findCfgDeviceList VALUE SQL Injection Information Disclosure Vulnerability |
| ZDI-22-882 |
ZDI-CAN-16647 |
Advantech |
CVE-2022-2135 |
9.8 |
June 30, 2022 |
|
Advantech iView findCfgDeviceList segment SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-881 |
ZDI-CAN-16552 |
Advantech |
CVE-2022-2135 |
9.8 |
June 30, 2022 |
|
Advantech iView findCfgDeviceList COLUMN/VALUE SQL Injection Remote Code Execution Vulnerability |
| ZDI-22-880 |
ZDI-CAN-16782 |
Advantech |
CVE-2022-2135 |
7.5 |
June 30, 2022 |
|
Advantech iView DeviceTreeTable addDeviceTreeItem SQL Injection Information Disclosure Vulnerability |
| ZDI-22-879 |
ZDI-CAN-14791 |
ZyXel |
CVE-2022-0556 |
7.3 |
June 29, 2022 |
|
ZyXel AP Configurator Incorrect Permission Assignment Local Privilege Escalation Vulnerability |
| ZDI-22-878 |
ZDI-CAN-16111 |
Apple |
CVE-2022-22676 |
5.5 |
June 29, 2022 |
|
Apple macOS PackageKit PKInstallService Directory Traversal System Integrity Protection Bypass Vulnerability |
| ZDI-22-877 |
ZDI-CAN-16052 |
Apple |
CVE-2022-26688 |
5.5 |
June 29, 2022 |
|
Apple macOS PackageKit PKCoreShove Link Following System Integrity Protection Bypass Vulnerability |
| ZDI-22-876 |
ZDI-CAN-16119 |
Apache |
CVE-2022-22721 |
8.1 |
June 29, 2022 |
|
Apache HTTPD Server ap_escape_html2 Integer Overflow Remote Code Execution Vulnerability |
| ZDI-22-875 |
ZDI-CAN-16322 |
ABB |
CVE-2022-28702 |
6.1 |
June 29, 2022 |
|
ABB e-Design Link Following Denial-of-Service Vulnerability |
| ZDI-22-874 |
ZDI-CAN-16278 |
ABB |
CVE-2022-29483 |
7.8 |
June 29, 2022 |
|
ABB e-Design Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-873 |
ZDI-CAN-16441 |
Prosys OPC |
CVE-2022-30551 |
7.5 |
June 27, 2022 |
|
(Pwn2Own) Prosys OPC UA SDK for Java OPC UA Messages Resource Exhaustion Denial-of-Service Vulnerability |
| ZDI-22-872 |
ZDI-CAN-16710 |
DevExpress |
CVE-2022-28684 |
8.8 |
June 24, 2022 |
|
DevExpress SafeBinaryFormatter Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-871 |
ZDI-CAN-17014 |
Microsoft |
CVE-2022-30157 |
8.8 |
June 23, 2022 |
|
Microsoft SharePoint Chart Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-870 |
ZDI-CAN-16006 |
SAP |
CVE-2022-26106 |
7.8 |
June 17, 2022 |
|
SAP 3D Visual Enterprise Viewer CGM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-869 |
ZDI-CAN-15996 |
SAP |
CVE-2022-27655 |
7.8 |
June 17, 2022 |
|
SAP 3D Visual Enterprise Viewer U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-868 |
ZDI-CAN-15995 |
SAP |
CVE-2022-27655 |
7.8 |
June 17, 2022 |
|
SAP 3D Visual Enterprise Viewer U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-867 |
ZDI-CAN-15994 |
SAP |
CVE-2022-27655 |
7.8 |
June 17, 2022 |
|
SAP 3D Visual Enterprise Viewer U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-866 |
ZDI-CAN-16007 |
SAP |
CVE-2022-27655 |
7.8 |
June 17, 2022 |
|
SAP 3D Visual Enterprise Viewer U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-865 |
ZDI-CAN-16279 |
SAP |
CVE-2022-26106 |
7.8 |
June 16, 2022 |
|
SAP 3D Visual Enterprise Viewer CGM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-864 |
ZDI-CAN-16274 |
SAP |
CVE-2022-26108 |
7.8 |
June 16, 2022 |
|
SAP 3D Visual Enterprise Viewer PCX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-863 |
ZDI-CAN-16273 |
SAP |
CVE-2022-27654 |
7.8 |
June 16, 2022 |
|
SAP 3D Visual Enterprise Viewer PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-862 |
ZDI-CAN-16272 |
SAP |
CVE-2022-26108 |
7.8 |
June 16, 2022 |
|
SAP 3D Visual Enterprise Viewer PCX File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-861 |
ZDI-CAN-16002 |
SAP |
CVE-2022-26107 |
7.8 |
June 16, 2022 |
June 17, 2022 |
SAP 3D Visual Enterprise Viewer JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-860 |
ZDI-CAN-15999 |
SAP |
CVE-2022-22538 |
7.8 |
June 16, 2022 |
|
SAP 3D Visual Enterprise Viewer AI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-859 |
ZDI-CAN-15997 |
SAP |
CVE-2022-22539 |
7.8 |
June 16, 2022 |
July 11, 2022 |
SAP 3D Visual Enterprise Viewer JPG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-858 |
ZDI-CAN-14735 |
SAP |
CVE-2022-26109 |
7.8 |
June 16, 2022 |
|
SAP 3D Visual Enterprise Viewer PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-857 |
ZDI-CAN-14733 |
SAP |
CVE-2022-26109 |
7.8 |
June 16, 2022 |
|
SAP 3D Visual Enterprise Viewer PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-856 |
ZDI-CAN-17205 |
OPC Foundation |
CVE-2022-29865 |
9.1 |
June 16, 2022 |
June 16, 2022 |
(Pwn2Own) OPC Foundation UA .NET Standard Improper Input Validation Authentication Bypass Vulnerability |
| ZDI-22-855 |
ZDI-CAN-17197 |
OPC Foundation |
CVE-2022-29866 |
7.5 |
June 16, 2022 |
June 16, 2022 |
(Pwn2Own) OPC Foundation UA .NET Standard TranslateBrowsePathsToNodeId Resource Exhaustion Denial-of-Service Vulnerability |
| ZDI-22-854 |
ZDI-CAN-16440 |
OPC Foundation |
CVE-2022-29864 |
7.5 |
June 16, 2022 |
June 22, 2022 |
(Pwn2Own) OPC Foundation UA .NET Standard Resource Exhaustion Denial-of-Service Vulnerability |
| ZDI-22-853 |
ZDI-CAN-16303 |
Trend Micro |
CVE-2022-33158 |
7.8 |
June 16, 2022 |
|
Trend Micro Proxy One Pro Incorrect Permission Assignment Local Privilege Escalation Vulnerability |
| ZDI-22-852 |
ZDI-CAN-16485 |
Adobe |
CVE-2022-30664 |
7.8 |
June 15, 2022 |
|
Adobe Animate SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-851 |
ZDI-CAN-16467 |
Adobe |
CVE-2022-30665 |
7.8 |
June 15, 2022 |
|
Adobe InDesign Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-850 |
ZDI-CAN-16465 |
Adobe |
CVE-2022-30663 |
7.8 |
June 15, 2022 |
|
Adobe InDesign SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-849 |
ZDI-CAN-16466 |
Adobe |
CVE-2022-30662 |
7.8 |
June 15, 2022 |
|
Adobe InDesign Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-848 |
ZDI-CAN-16462 |
Adobe |
CVE-2022-30661 |
7.8 |
June 15, 2022 |
|
Adobe InDesign Font Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-847 |
ZDI-CAN-16464 |
Adobe |
CVE-2022-30660 |
7.8 |
June 15, 2022 |
|
Adobe InDesign PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-846 |
ZDI-CAN-16461 |
Adobe |
CVE-2022-30659 |
7.8 |
June 15, 2022 |
|
Adobe InDesign Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-845 |
ZDI-CAN-16463 |
Adobe |
CVE-2022-30658 |
7.8 |
June 15, 2022 |
|
Adobe InDesign Font Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-844 |
ZDI-CAN-17072 |
Adobe |
CVE-2022-28850 |
3.3 |
June 15, 2022 |
|
Adobe Bridge Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-843 |
ZDI-CAN-17081 |
Adobe |
CVE-2022-28849 |
7.8 |
June 15, 2022 |
|
Adobe Bridge Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-842 |
ZDI-CAN-16567 |
Adobe |
CVE-2022-28848 |
7.8 |
June 15, 2022 |
|
Adobe Bridge PCX File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-841 |
ZDI-CAN-16476 |
Adobe |
CVE-2022-28847 |
7.8 |
June 15, 2022 |
|
Adobe Bridge Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-840 |
ZDI-CAN-16481 |
Adobe |
CVE-2022-28846 |
7.8 |
June 15, 2022 |
|
Adobe Bridge SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-839 |
ZDI-CAN-16494 |
Adobe |
CVE-2022-28845 |
7.8 |
June 15, 2022 |
|
Adobe Bridge Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-838 |
ZDI-CAN-16484 |
Adobe |
CVE-2022-28844 |
7.8 |
June 15, 2022 |
|
Adobe Bridge Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-837 |
ZDI-CAN-16482 |
Adobe |
CVE-2022-28843 |
7.8 |
June 15, 2022 |
|
Adobe Bridge Font Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-836 |
ZDI-CAN-16493 |
Adobe |
CVE-2022-28842 |
7.8 |
June 15, 2022 |
|
Adobe Bridge Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-835 |
ZDI-CAN-16491 |
Adobe |
CVE-2022-28841 |
7.8 |
June 15, 2022 |
|
Adobe Bridge Font Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-834 |
ZDI-CAN-16483 |
Adobe |
CVE-2022-28840 |
7.8 |
June 15, 2022 |
|
Adobe Bridge Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-833 |
ZDI-CAN-16492 |
Adobe |
CVE-2022-28839 |
7.8 |
June 15, 2022 |
|
Adobe Bridge Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-832 |
ZDI-CAN-16459 |
Adobe |
CVE-2022-30657 |
7.8 |
June 15, 2022 |
|
Adobe InCopy Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-831 |
ZDI-CAN-16456 |
Adobe |
CVE-2022-30656 |
7.8 |
June 15, 2022 |
|
Adobe InCopy PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-830 |
ZDI-CAN-16460 |
Adobe |
CVE-2022-30655 |
7.8 |
June 15, 2022 |
|
Adobe InCopy Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-829 |
ZDI-CAN-16455 |
Adobe |
CVE-2022-30654 |
7.8 |
June 15, 2022 |
|
Adobe InCopy Font Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-828 |
ZDI-CAN-16453 |
Adobe |
CVE-2022-30653 |
7.8 |
June 15, 2022 |
|
Adobe InCopy Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-827 |
ZDI-CAN-16457 |
Adobe |
CVE-2022-30652 |
7.8 |
June 15, 2022 |
|
Adobe InCopy SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-826 |
ZDI-CAN-16458 |
Adobe |
CVE-2022-30651 |
7.8 |
June 15, 2022 |
|
Adobe InCopy Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-825 |
ZDI-CAN-16454 |
Adobe |
CVE-2022-30650 |
7.8 |
June 15, 2022 |
|
Adobe InCopy Font Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-824 |
ZDI-CAN-16452 |
Adobe |
CVE-2022-30648 |
7.8 |
June 15, 2022 |
|
Adobe Illustrator Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-823 |
ZDI-CAN-16450 |
Adobe |
CVE-2022-30647 |
7.8 |
June 15, 2022 |
|
Adobe Illustrator Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-822 |
ZDI-CAN-16451 |
Adobe |
CVE-2022-30646 |
7.8 |
June 15, 2022 |
|
Adobe Illustrator Font Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-821 |
ZDI-CAN-16448 |
Adobe |
CVE-2022-30644 |
7.8 |
June 15, 2022 |
|
Adobe Illustrator Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-820 |
ZDI-CAN-16449 |
Adobe |
CVE-2022-30643 |
7.8 |
June 15, 2022 |
|
Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-819 |
ZDI-CAN-16436 |
Adobe |
CVE-2022-30642 |
7.8 |
June 15, 2022 |
|
Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-818 |
ZDI-CAN-16444 |
Adobe |
CVE-2022-30641, CVE-2022-30645 |
7.8 |
June 15, 2022 |
|
Adobe Illustrator SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-817 |
ZDI-CAN-16489 |
Adobe |
CVE-2022-30640 |
7.8 |
June 15, 2022 |
|
Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-816 |
ZDI-CAN-16488 |
Adobe |
CVE-2022-30639 |
7.8 |
June 15, 2022 |
|
Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-815 |
ZDI-CAN-16487 |
Adobe |
CVE-2022-30638 |
7.8 |
June 15, 2022 |
|
Adobe Illustrator Font Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-814 |
ZDI-CAN-16490 |
Adobe |
CVE-2022-30637 |
7.8 |
June 15, 2022 |
|
Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-813 |
ZDI-CAN-15443 |
Microsoft |
CVE-2021-43875 |
7.0 |
June 2, 2022 |
|
Microsoft Word glTF-SDK Integer Overflow Remote Code Execution Vulnerability |
| ZDI-22-812 |
ZDI-CAN-16125 |
Apple |
CVE-2022-26698 |
3.3 |
May 26, 2022 |
June 2, 2022 |
Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-811 |
ZDI-CAN-16024 |
Apple |
CVE-2022-22583 |
5.5 |
June 2, 2022 |
June 2, 2022 |
Apple macOS PackageKit PKInstallSandbox SIP Bypass vulnerability |
| ZDI-22-810 |
ZDI-CAN-16065 |
Microsoft |
CVE-2022-24499 |
7.8 |
June 1, 2022 |
|
Microsoft Windows Installer Service Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-809 |
ZDI-CAN-16249 |
Microsoft |
CVE-2022-26901 |
7.8 |
June 1, 2022 |
|
Microsoft Excel XLS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-808 |
ZDI-CAN-15973 |
Microsoft |
CVE-2022-24479 |
7.8 |
June 1, 2022 |
|
Microsoft Windows DiagTrack Service Link Following Privilege Escalation Vulnerability |
| ZDI-22-807 |
ZDI-CAN-15294 |
Microsoft |
CVE-2022-24513 |
8.4 |
June 1, 2022 |
|
Microsoft Visual Studio VSIX Auto Update Deserialization of Untrusted Data Privilege Escalation Vulnerability |
| ZDI-22-806 |
ZDI-CAN-15980 |
FreeBSD |
CVE-2022-23088 |
8.3 |
May 31, 2022 |
|
FreeBSD 802.11 Network Subsystem Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-805 |
ZDI-CAN-15525 |
KeySight |
CVE-2022-1661 |
7.5 |
May 27, 2022 |
|
KeySight N6841A RF Sensor UserFirmwareRequestHandler Directory Traversal Information Disclosure Vulnerability |
| ZDI-22-804 |
ZDI-CAN-15470 |
KeySight |
CVE-2022-1660 |
9.8 |
May 27, 2022 |
|
KeySight N6841A RF Sensor Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-803 |
ZDI-CAN-15636 |
Cisco |
CVE-2022-20753 |
4.3 |
May 27, 2022 |
|
Cisco RV340 JSON RPC set-snmp Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-802 |
ZDI-CAN-15634 |
Cisco |
CVE-2022-20753 |
4.3 |
May 27, 2022 |
|
Cisco RV340 JSON RPC set-snmp Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-801 |
ZDI-CAN-15757 |
Trend Micro |
CVE-2022-30703 |
6.5 |
May 27, 2022 |
|
Trend Micro Internet Security Exposed Dangerous Method Information Disclosure Vulnerability |
| ZDI-22-800 |
ZDI-CAN-15756 |
Trend Micro |
CVE-2022-30702 |
7.3 |
May 27, 2022 |
|
Trend Micro Internet Security Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-799 |
ZDI-CAN-17469 |
Mozilla |
CVE-2022-1802 |
8.8 |
May 27, 2022 |
|
(Pwn2Own) Mozilla Firefox Top-Level Await Prototype Pollution Remote Code Execution Vulnerability |
| ZDI-22-798 |
ZDI-CAN-17418 |
Mozilla |
CVE-2022-1529 |
7.8 |
May 27, 2022 |
|
(Pwn2Own) Mozilla Firefox Improper Input Validation Sandbox Escape Vulnerability |
| ZDI-22-797 |
ZDI-CAN-16098 |
Trend Micro |
CVE-2022-30701 |
7.8 |
May 26, 2022 |
|
Trend Micro Apex One Uncontrolled Search Path Element Local Privilege Escalation Vulnerability |
| ZDI-22-796 |
ZDI-CAN-14481 |
Delta Industrial Automation |
CVE-2022-1403 |
7.8 |
May 26, 2022 |
|
Delta Industrial Automation ASDA-Soft PAR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-795 |
ZDI-CAN-14471 |
Delta Industrial Automation |
CVE-2022-1402 |
7.8 |
May 26, 2022 |
|
Delta Industrial Automation ASDA-Soft SCP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-794 |
ZDI-CAN-16806 |
Apple |
CVE-2022-26751 |
7.8 |
May 26, 2022 |
|
Apple macOS HEIC File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-793 |
ZDI-CAN-16206 |
Apple |
CVE-2022-26748 |
8.8 |
May 26, 2022 |
|
Apple Safari WebGL generateMipmap Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-792 |
ZDI-CAN-16158 |
Apple |
CVE-2022-26711 |
7.8 |
May 26, 2022 |
|
Apple macOS ImageIO WebP File Parsing Integer Overflow Remote Code Execution Vulnerability |
| ZDI-22-791 |
ZDI-CAN-16073 |
Apple |
CVE-2022-26697 |
3.3 |
May 26, 2022 |
|
Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-790 |
ZDI-CAN-15738 |
Trend Micro |
CVE-2022-30700 |
7.8 |
May 26, 2022 |
|
Trend Micro Apex One Incorrect Permission Assignment Local Privilege Escalation Vulnerability |
| ZDI-22-789 |
ZDI-CAN-15739 |
Trend Micro |
CVE-2022-30687 |
6.1 |
May 26, 2022 |
|
Trend Micro Maximum Security Link Following Arbitrary File Deletion Vulnerability |
| ZDI-22-788 |
ZDI-CAN-15919 |
Ivanti |
CVE-2022-36983 |
7.5 |
May 26, 2022 |
July 27, 2022 |
Ivanti Avalanche SetSettings Exposed Dangerous Function Authentication Bypass Vulnerability |
| ZDI-22-787 |
ZDI-CAN-15967 |
Ivanti |
CVE-2022-36982 |
6.5 |
May 26, 2022 |
July 27, 2022 |
Ivanti Avalanche AgentTaskHandler Directory Traversal Information Disclosure Vulnerability |
| ZDI-22-786 |
ZDI-CAN-15966 |
Ivanti |
CVE-2022-36981 |
8.8 |
May 26, 2022 |
July 27, 2022 |
Ivanti Avalanche DeviceLogResource Directory Traversal Remote Code Execution Vulnerability |
| ZDI-22-785 |
ZDI-CAN-15528 |
Ivanti |
CVE-2022-36980 |
9.4 |
May 26, 2022 |
July 27, 2022 |
Ivanti Avalanche EnterpriseServer Service Race Condition Authentication Bypass Vulnerability |
| ZDI-22-784 |
ZDI-CAN-15493 |
Ivanti |
CVE-2022-36979 |
7.5 |
May 26, 2022 |
July 27, 2022 |
Ivanti Avalanche EnterpriseServer Service SQL Injection Authentication Bypass Vulnerability |
| ZDI-22-783 |
ZDI-CAN-15448 |
Ivanti |
CVE-2022-36978 |
9.8 |
May 26, 2022 |
July 27, 2022 |
Ivanti Avalanche Notification Server Service Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-782 |
ZDI-CAN-15449 |
Ivanti |
CVE-2022-36977 |
9.8 |
May 26, 2022 |
July 27, 2022 |
Ivanti Avalanche Certificate Management Server Service Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-781 |
ZDI-CAN-15333 |
Ivanti |
CVE-2022-36976 |
9.1 |
May 26, 2022 |
July 27, 2022 |
Ivanti Avalanche EnterpriseServer Service SQL Injection Authentication Bypass Vulnerability |
| ZDI-22-780 |
ZDI-CAN-15332 |
Ivanti |
CVE-2022-36975 |
9.1 |
May 26, 2022 |
July 27, 2022 |
Ivanti Avalanche EnterpriseServer Service SQL Injection Authentication Bypass Vulnerability |
| ZDI-22-779 |
ZDI-CAN-15330 |
Ivanti |
CVE-2022-36974 |
9.8 |
May 26, 2022 |
July 27, 2022 |
Ivanti Avalanche Web File Server Service Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-778 |
ZDI-CAN-15329 |
Ivanti |
CVE-2022-36973 |
9.1 |
May 26, 2022 |
July 27, 2022 |
Ivanti Avalanche EnterpriseServer Service SQL Injection Authentication Bypass Vulnerability |
| ZDI-22-777 |
ZDI-CAN-15328 |
Ivanti |
CVE-2022-36972 |
9.1 |
May 26, 2022 |
July 27, 2022 |
Ivanti Avalanche EnterpriseServer Service SQL Injection Authentication Bypass Vulnerability |
| ZDI-22-776 |
ZDI-CAN-15301 |
Ivanti |
CVE-2022-36971 |
9.8 |
May 26, 2022 |
July 27, 2022 |
Ivanti Avalanche JwtTokenUtility Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-775 |
ZDI-CAN-15690 |
Autodesk |
CVE-2022-25793 |
7.8 |
May 26, 2022 |
|
Autodesk 3DS Max ABC File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-774 |
ZDI-CAN-16828 |
Foxit |
CVE-2022-28683 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader deletePages Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-773 |
ZDI-CAN-16778 |
Foxit |
CVE-2022-28682 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-772 |
ZDI-CAN-16825 |
Foxit |
CVE-2022-28681 |
2.5 |
May 12, 2022 |
|
Foxit PDF Reader deletePages Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-771 |
ZDI-CAN-16821 |
Foxit |
CVE-2022-28680 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-770 |
ZDI-CAN-16861 |
Foxit |
CVE-2022-28679 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-769 |
ZDI-CAN-16805 |
Foxit |
CVE-2022-28678 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-768 |
ZDI-CAN-16663 |
Foxit |
CVE-2022-28677 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-767 |
ZDI-CAN-16643 |
Foxit |
CVE-2022-28676 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-766 |
ZDI-CAN-16642 |
Foxit |
CVE-2022-28675 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-765 |
ZDI-CAN-16644 |
Foxit |
CVE-2022-28674 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-764 |
ZDI-CAN-16641 |
Foxit |
CVE-2022-28673 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-763 |
ZDI-CAN-16640 |
Foxit |
CVE-2022-28672 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-762 |
ZDI-CAN-16639 |
Foxit |
CVE-2022-28671 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-761 |
ZDI-CAN-16523 |
Foxit |
CVE-2022-28670 |
3.3 |
May 12, 2022 |
|
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-760 |
ZDI-CAN-16420 |
Foxit |
CVE-2022-28669 |
7.8 |
May 12, 2022 |
|
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-759 |
ZDI-CAN-16159 |
Trend Micro |
CVE-2022-30523 |
7.8 |
May 11, 2022 |
|
Trend Micro Password Manager Link Following Privilege Escalation Vulnerability |
| ZDI-22-758 |
ZDI-CAN-15803 |
NETGEAR |
|
8.8 |
May 10, 2022 |
May 11, 2022 |
(Pwn2Own) NETGEAR R6700v3 Vulnerable Third-Party Component Remote Code Execution Vulnerability |
| ZDI-22-757 |
ZDI-CAN-16083 |
Apple |
CVE-2022-22597 |
3.3 |
April 28, 2022 |
May 11, 2022 |
Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-756 |
ZDI-CAN-15635 |
Cisco |
CVE-2022-20753 |
4.3 |
May 10, 2022 |
|
Cisco RV340 JSON RPC set-snmp Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-755 |
ZDI-CAN-17065 |
Adobe |
CVE-2022-28829 |
7.8 |
May 10, 2022 |
|
Adobe FrameMaker Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-754 |
ZDI-CAN-17012 |
Adobe |
CVE-2022-28837 |
3.3 |
May 10, 2022 |
|
Adobe Acrobat Pro DC Doc buttonSetIcon Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-753 |
ZDI-CAN-17000 |
Adobe |
CVE-2022-28838 |
7.8 |
May 10, 2022 |
|
Adobe Acrobat Pro DC Doc flattenPages Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-752 |
ZDI-CAN-16515 |
Adobe |
CVE-2022-28819 |
7.8 |
May 10, 2022 |
|
Adobe Character Animator SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-751 |
ZDI-CAN-16503 |
Adobe |
CVE-2022-28831 |
7.8 |
May 10, 2022 |
|
Adobe InDesign Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-750 |
ZDI-CAN-16502 |
Adobe |
CVE-2022-28833 |
7.8 |
May 10, 2022 |
|
Adobe InDesign Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-749 |
ZDI-CAN-16501 |
Adobe |
CVE-2022-28832 |
7.8 |
May 10, 2022 |
|
Adobe InDesign Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-748 |
ZDI-CAN-16500 |
Adobe |
CVE-2022-28834 |
7.8 |
May 10, 2022 |
|
Adobe InCopy Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-747 |
ZDI-CAN-16499 |
Adobe |
CVE-2022-28836 |
7.8 |
May 10, 2022 |
|
Adobe InCopy Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-746 |
ZDI-CAN-16498 |
Adobe |
CVE-2022-28835 |
7.8 |
May 10, 2022 |
|
Adobe InCopy Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-745 |
ZDI-CAN-16497 |
Adobe |
CVE-2022-28823 |
7.8 |
May 10, 2022 |
|
Adobe FrameMaker Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-744 |
ZDI-CAN-16496 |
Adobe |
CVE-2022-28822 |
7.8 |
May 10, 2022 |
|
Adobe FrameMaker Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-743 |
ZDI-CAN-16495 |
Adobe |
CVE-2022-28824 |
7.8 |
May 10, 2022 |
|
Adobe FrameMaker Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-742 |
ZDI-CAN-16432 |
Adobe |
CVE-2022-28828 |
7.8 |
May 10, 2022 |
|
Adobe FrameMaker PDF File Parsing Out-Of-Bounds Write Code Execution Vulnerability |
| ZDI-22-741 |
ZDI-CAN-16431 |
Adobe |
CVE-2022-28827 |
7.8 |
May 10, 2022 |
|
Adobe FrameMaker SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-740 |
ZDI-CAN-16430 |
Adobe |
CVE-2022-28830 |
3.3 |
May 10, 2022 |
|
Adobe FrameMaker Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-739 |
ZDI-CAN-16429 |
Adobe |
CVE-2022-28821 |
7.8 |
May 10, 2022 |
|
Adobe FrameMaker Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-738 |
ZDI-CAN-16428 |
Adobe |
CVE-2022-28825 |
7.8 |
May 10, 2022 |
|
Adobe FrameMaker Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-737 |
ZDI-CAN-16427 |
Adobe |
CVE-2022-28826 |
7.8 |
May 10, 2022 |
|
Adobe FrameMaker Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-736 |
ZDI-CAN-16218 |
Microsoft |
CVE-2022-29114 |
5.5 |
May 10, 2022 |
|
Microsoft Windows Print Spooler Service Directory Traversal Information Disclosure Vulnerability |
| ZDI-22-735 |
ZDI-CAN-16215 |
Microsoft |
CVE-2022-29140 |
5.5 |
May 10, 2022 |
|
Microsoft Windows Print Spooler Service Directory Traversal Information Disclosure Vulnerability |
| ZDI-22-734 |
ZDI-CAN-16251 |
Microsoft |
CVE-2022-29104 |
7.0 |
May 10, 2022 |
|
Microsoft Windows Print Spooler Service Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-733 |
ZDI-CAN-16189 |
Microsoft |
CVE-2022-29148 |
7.8 |
May 10, 2022 |
|
Microsoft Visual Studio DDS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-732 |
ZDI-CAN-16228 |
Microsoft |
CVE-2022-30138 |
7.0 |
May 10, 2022 |
June 10, 2022 |
Microsoft Windows Print Spooler Service Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-731 |
ZDI-CAN-16507 |
Microsoft |
CVE-2022-29105 |
8.8 |
May 10, 2022 |
|
Microsoft Windows Media Foundation AVI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-730 |
ZDI-CAN-16229 |
Microsoft |
CVE-2022-29104 |
7.0 |
May 10, 2022 |
|
Microsoft Windows Print Spooler Service Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-729 |
ZDI-CAN-16168 |
Microsoft |
CVE-2022-26923 |
9.0 |
May 10, 2022 |
|
Microsoft Windows Active Directory Certificate Services Improper Authorization Privilege Escalation Vulnerability |
| ZDI-22-728 |
ZDI-CAN-15915 |
Microsoft |
CVE-2022-26927 |
9.6 |
May 10, 2022 |
|
Microsoft Windows OpenType Font File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-727 |
ZDI-CAN-15914 |
Microsoft |
CVE-2022-24542 |
8.8 |
May 10, 2022 |
|
Microsoft Windows Kernel Bitmap Surface Untrusted Pointer Dereference Privilege Escalation Vulnerability |
| ZDI-22-726 |
ZDI-CAN-15974 |
Microsoft |
CVE-2022-24550 |
7.8 |
May 10, 2022 |
|
Microsoft Windows CreateObjectHandler Deserialization of Untrusted Data Local Privilege Escalation Vulnerability |
| ZDI-22-725 |
ZDI-CAN-17077 |
Adobe |
CVE-2022-24099 |
3.3 |
May 9, 2022 |
|
Adobe Photoshop Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-724 |
ZDI-CAN-15637 |
Cisco |
CVE-2022-20801 |
4.3 |
May 9, 2022 |
|
Cisco RV340 JSON RPC set-snmp Command Injection Remote Code Execution Vulnerability |
| ZDI-22-723 |
ZDI-CAN-15633 |
Cisco |
CVE-2022-20801 |
4.3 |
May 9, 2022 |
|
Cisco RV340 JSON RPC set-snmp Command Injection Remote Code Execution Vulnerability |
| ZDI-22-722 |
ZDI-CAN-16042 |
Autodesk |
|
7.8 |
May 10, 2022 |
May 10, 2022 |
(0Day) Autodesk Navisworks Manage SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-721 |
ZDI-CAN-15689 |
Autodesk |
CVE-2022-27532 |
7.8 |
May 10, 2022 |
May 16, 2022 |
(0Day) Autodesk 3DS Max TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-720 |
ZDI-CAN-15687 |
Autodesk |
CVE-2022-27532 |
7.8 |
May 10, 2022 |
May 16, 2022 |
(0Day) Autodesk 3DS Max TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-719 |
ZDI-CAN-15677 |
Autodesk |
CVE-2022-27532 |
7.8 |
May 10, 2022 |
May 16, 2022 |
(0Day) Autodesk 3DS Max TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-718 |
ZDI-CAN-15178 |
Rockwell Automation |
|
5.5 |
May 9, 2022 |
May 10, 2022 |
(0Day) Rockwell Automation ISaGRAF isasln File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-717 |
ZDI-CAN-16164 |
Zoom |
CVE-2022-22782 |
7.8 |
May 9, 2022 |
|
Zoom Client Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-716 |
ZDI-CAN-16162 |
Zoom |
CVE-2022-22782 |
7.8 |
May 9, 2022 |
|
Zoom Client Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-715 |
ZDI-CAN-16076 |
Apple |
CVE-2022-22648 |
3.3 |
April 28, 2022 |
|
Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-714 |
ZDI-CAN-16074 |
Apple |
CVE-2022-22627 |
3.3 |
April 28, 2022 |
|
Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-713 |
ZDI-CAN-16072 |
Apple |
CVE-2022-22648 |
3.3 |
April 28, 2022 |
|
Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-712 |
ZDI-CAN-16084 |
Apple |
CVE-2022-22625 |
3.3 |
April 28, 2022 |
|
Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-711 |
ZDI-CAN-16075 |
Apple |
CVE-2022-22626 |
3.3 |
April 28, 2022 |
|
Apple macOS SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-710 |
ZDI-CAN-15543 |
Autodesk |
CVE-2022-25794 |
7.8 |
April 28, 2022 |
|
Autodesk FBX Review ABC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-709 |
ZDI-CAN-16407 |
Oracle |
CVE-2022-21490 |
9.8 |
April 28, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-22-708 |
ZDI-CAN-16408 |
Oracle |
CVE-2022-21489 |
9.8 |
April 28, 2022 |
|
Oracle MySQL Cluster Data Node Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-707 |
ZDI-CAN-16406 |
Oracle |
CVE-2022-21482 |
9.8 |
April 28, 2022 |
|
Oracle MySQL Cluster Data Node Integer Overflow Remote Code Execution Vulnerability |
| ZDI-22-706 |
ZDI-CAN-16704 |
Oracle |
CVE-2022-21486 |
6.5 |
April 28, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability |
| ZDI-22-705 |
ZDI-CAN-16703 |
Oracle |
CVE-2022-21485 |
6.5 |
April 28, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability |
| ZDI-22-704 |
ZDI-CAN-16409 |
Oracle |
CVE-2022-21484 |
6.5 |
April 28, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability |
| ZDI-22-703 |
ZDI-CAN-16445 |
Oracle |
CVE-2022-21483 |
9.8 |
April 28, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-22-702 |
ZDI-CAN-14479 |
Delta Industrial Automation |
|
5.5 |
April 28, 2022 |
|
(0Day) Delta Industrial Automation DRAS Project File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-701 |
ZDI-CAN-14654 |
Delta Industrial Automation |
|
5.5 |
April 28, 2022 |
|
(0Day) Delta Industrial Automation DRAS DSCP Scope File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-700 |
ZDI-CAN-14653 |
Delta Industrial Automation |
|
5.5 |
April 28, 2022 |
|
(0Day) Delta Industrial Automation DRAS XML Point File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-699 |
ZDI-CAN-14480 |
Delta Industrial Automation |
CVE-2022-1331 |
5.5 |
April 28, 2022 |
|
Delta Industrial Automation DMARS Project File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-698 |
ZDI-CAN-14651 |
Delta Industrial Automation |
CVE-2022-1331 |
5.5 |
April 28, 2022 |
|
Delta Industrial Automation DMARS Scope File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-697 |
ZDI-CAN-14650 |
Delta Industrial Automation |
CVE-2022-1331 |
5.5 |
April 28, 2022 |
|
Delta Industrial Automation DMARS ScopeConfig File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-696 |
ZDI-CAN-14647 |
Delta Industrial Automation |
CVE-2022-1331 |
5.5 |
April 28, 2022 |
|
Delta Industrial Automation DMARS DSCP Scope File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-695 |
ZDI-CAN-16132 |
Adobe |
CVE-2022-28271 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop PDF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-694 |
ZDI-CAN-17069 |
Adobe |
CVE-2022-23205 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-693 |
ZDI-CAN-16725 |
Adobe |
CVE-2022-28240 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-692 |
ZDI-CAN-16708 |
Adobe |
CVE-2022-28268 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-691 |
ZDI-CAN-16707 |
Adobe |
CVE-2022-28239 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-690 |
ZDI-CAN-16579 |
Adobe |
CVE-2022-28269 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-689 |
ZDI-CAN-16553 |
Adobe |
CVE-2022-28236 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-688 |
ZDI-CAN-16537 |
Adobe |
CVE-2022-28235 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Pro DC AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-687 |
ZDI-CAN-16536 |
Adobe |
CVE-2022-28237 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-686 |
ZDI-CAN-16534 |
Adobe |
CVE-2022-27800 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-685 |
ZDI-CAN-16533 |
Adobe |
CVE-2022-27802 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-684 |
ZDI-CAN-16404 |
Adobe |
CVE-2022-28230 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Pro DC AcroForm calculateNow Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-683 |
ZDI-CAN-16385 |
Adobe |
CVE-2022-28232 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Collab Object Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-682 |
ZDI-CAN-16375 |
Adobe |
CVE-2022-27801 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-681 |
ZDI-CAN-16374 |
Adobe |
CVE-2022-27797 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-680 |
ZDI-CAN-16373 |
Adobe |
CVE-2022-28233 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-679 |
ZDI-CAN-16353 |
Adobe |
CVE-2022-27796 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Pro DC AcroForm isBoxChecked Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-678 |
ZDI-CAN-16352 |
Adobe |
CVE-2022-27795 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Pro DC AcroForm isDefaultChecked Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-677 |
ZDI-CAN-16349 |
Adobe |
CVE-2022-27799 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Pro DC AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-676 |
ZDI-CAN-16348 |
Adobe |
CVE-2022-27798 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC zoomType Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-675 |
ZDI-CAN-16298 |
Adobe |
CVE-2022-27786 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-674 |
ZDI-CAN-16293 |
Adobe |
CVE-2022-27785 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-673 |
ZDI-CAN-16292 |
Adobe |
CVE-2022-27788 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-672 |
ZDI-CAN-16291 |
Adobe |
CVE-2022-27787 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-671 |
ZDI-CAN-16095 |
Adobe |
CVE-2022-27790 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-670 |
ZDI-CAN-16053 |
Adobe |
CVE-2022-28231 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-669 |
ZDI-CAN-16705 |
Adobe |
CVE-2022-28245 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-668 |
ZDI-CAN-16865 |
Adobe |
CVE-2022-28256 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-667 |
ZDI-CAN-16864 |
Adobe |
CVE-2022-28250 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-666 |
ZDI-CAN-16863 |
Adobe |
CVE-2022-28251 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-665 |
ZDI-CAN-16817 |
Adobe |
CVE-2022-28241 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-664 |
ZDI-CAN-16809 |
Adobe |
CVE-2022-28242 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-663 |
ZDI-CAN-16803 |
Adobe |
CVE-2022-28243 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-662 |
ZDI-CAN-16794 |
Adobe |
CVE-2022-28252 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-661 |
ZDI-CAN-16793 |
Adobe |
CVE-2022-28253 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-660 |
ZDI-CAN-16792 |
Adobe |
CVE-2022-28254 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-659 |
ZDI-CAN-16791 |
Adobe |
CVE-2022-28255 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-658 |
ZDI-CAN-16790 |
Adobe |
CVE-2022-28257 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-657 |
ZDI-CAN-16789 |
Adobe |
CVE-2022-28265 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-656 |
ZDI-CAN-16788 |
Adobe |
CVE-2022-28258 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-655 |
ZDI-CAN-16787 |
Adobe |
CVE-2022-28263 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-654 |
ZDI-CAN-16786 |
Adobe |
CVE-2022-28259 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-653 |
ZDI-CAN-16785 |
Adobe |
CVE-2022-28267 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-652 |
ZDI-CAN-16784 |
Adobe |
CVE-2022-28264 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-651 |
ZDI-CAN-16757 |
Adobe |
CVE-2022-28262 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-650 |
ZDI-CAN-16756 |
Adobe |
CVE-2022-28260 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-649 |
ZDI-CAN-16755 |
Adobe |
CVE-2022-28261 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-648 |
ZDI-CAN-16754 |
Adobe |
CVE-2022-28266 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-647 |
ZDI-CAN-16734 |
Adobe |
CVE-2022-28248 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-646 |
ZDI-CAN-16730 |
Adobe |
CVE-2022-28246 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-645 |
ZDI-CAN-16711 |
Adobe |
CVE-2022-28249 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-644 |
ZDI-CAN-16538 |
Adobe |
CVE-2022-28238 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-643 |
ZDI-CAN-16506 |
Adobe |
CVE-2022-28272 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-642 |
ZDI-CAN-16505 |
Adobe |
CVE-2022-28273 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-641 |
ZDI-CAN-16504 |
Adobe |
CVE-2022-28274 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-640 |
ZDI-CAN-16475 |
Adobe |
CVE-2022-28279 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-639 |
ZDI-CAN-16474 |
Adobe |
CVE-2022-28275 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-638 |
ZDI-CAN-16473 |
Adobe |
CVE-2022-28278 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-637 |
ZDI-CAN-16472 |
Adobe |
CVE-2022-28277 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-636 |
ZDI-CAN-16471 |
Adobe |
CVE-2022-28276 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-635 |
ZDI-CAN-16414 |
Adobe |
CVE-2022-24098 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop PCX File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-634 |
ZDI-CAN-16410 |
Adobe |
CVE-2022-24105 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-633 |
ZDI-CAN-16183 |
Adobe |
CVE-2022-27789 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-632 |
ZDI-CAN-16131 |
Adobe |
CVE-2022-28270 |
7.8 |
April 28, 2022 |
|
Adobe Photoshop SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-631 |
ZDI-CAN-16096 |
Adobe |
CVE-2022-27794 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-22-630 |
ZDI-CAN-16091 |
Adobe |
CVE-2022-27792 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-629 |
ZDI-CAN-16090 |
Adobe |
CVE-2022-27793 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-628 |
ZDI-CAN-16089 |
Adobe |
CVE-2022-27791 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-627 |
ZDI-CAN-16025 |
Adobe |
CVE-2022-24101 |
3.3 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-626 |
ZDI-CAN-15838 |
Adobe |
CVE-2022-24102 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-625 |
ZDI-CAN-15763 |
Adobe |
CVE-2022-24104 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-624 |
ZDI-CAN-15809 |
Adobe |
CVE-2022-24103 |
7.8 |
April 28, 2022 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-623 |
ZDI-CAN-15592 |
Siemens |
CVE-2022-28663 |
7.8 |
April 28, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-622 |
ZDI-CAN-16679 |
Sante |
CVE-2022-28668 |
7.8 |
April 28, 2022 |
|
Sante DICOM Viewer Pro J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-621 |
ZDI-CAN-15918 |
Samsung |
CVE-2022-1230 |
3.9 |
April 12, 2022 |
|
(Pwn2Own) Samsung Galaxy S21 loadUrl Open Redirect Privilege Escalation Vulnerability |
| ZDI-22-620 |
ZDI-CAN-16316 |
Trend Micro |
CVE-2022-28339 |
7.3 |
April 12, 2022 |
|
Trend Micro HouseCall for Home Networks Uncontrolled Search Path Element Privilege Escalation Vulnerability |
| ZDI-22-619 |
ZDI-CAN-16587 |
Tukaani |
CVE-2022-1271 |
7.0 |
April 12, 2022 |
|
Tukaani XZ Utils xzgrep Argument Injection Remote Code Execution Vulnerability |
| ZDI-22-618 |
ZDI-CAN-16379 |
Bentley |
CVE-2022-28318 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT IFC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-617 |
ZDI-CAN-16573 |
Bentley |
CVE-2022-28647 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT IFC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-616 |
ZDI-CAN-16570 |
Bentley |
CVE-2022-28646 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT IFC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-615 |
ZDI-CAN-16581 |
Bentley |
CVE-2022-1229 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT IFC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-614 |
ZDI-CAN-16446 |
Bentley |
CVE-2022-28302 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT IFC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-613 |
ZDI-CAN-16390 |
Bentley |
CVE-2022-28641 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT IFC File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-612 |
ZDI-CAN-16392 |
Bentley |
CVE-2022-28301 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT IFC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-611 |
ZDI-CAN-16469 |
Bentley |
CVE-2022-28644 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-610 |
ZDI-CAN-16470 |
Bentley |
CVE-2022-28645 |
3.3 |
April 12, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-609 |
ZDI-CAN-16468 |
Bentley |
CVE-2022-28643 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-608 |
ZDI-CAN-16424 |
Bentley |
CVE-2022-28642 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-607 |
ZDI-CAN-16368 |
Bentley |
CVE-2022-28316 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT IFC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-606 |
ZDI-CAN-16367 |
Bentley |
CVE-2022-28315 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT IFC File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-605 |
ZDI-CAN-16332 |
Bentley |
CVE-2022-28314 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT IFC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-604 |
ZDI-CAN-16369 |
Bentley |
|
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT IFC File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-22-603 |
ZDI-CAN-16343 |
Bentley |
CVE-2022-28313 |
3.3 |
April 12, 2022 |
|
Bentley MicroStation CONNECT 3DS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-602 |
ZDI-CAN-16342 |
Bentley |
CVE-2022-28312 |
3.3 |
April 12, 2022 |
|
Bentley MicroStation CONNECT 3DS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-601 |
ZDI-CAN-16341 |
Bentley |
CVE-2022-28311 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-600 |
ZDI-CAN-16308 |
Bentley |
CVE-2022-28309 |
3.3 |
April 12, 2022 |
|
Bentley View 3DS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-599 |
ZDI-CAN-16307 |
Bentley |
CVE-2022-28308 |
3.3 |
April 12, 2022 |
|
Bentley View 3DS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-598 |
ZDI-CAN-16306 |
Bentley |
CVE-2022-28307 |
7.8 |
April 12, 2022 |
|
Bentley View DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-597 |
ZDI-CAN-16282 |
Bentley |
CVE-2022-28320 |
7.8 |
April 12, 2022 |
|
Bentley View 3DM File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-22-596 |
ZDI-CAN-16280 |
Bentley |
CVE-2022-28303 |
7.8 |
April 12, 2022 |
|
Bentley View SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-595 |
ZDI-CAN-16174 |
Bentley |
CVE-2022-28306 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT OBJ File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-594 |
ZDI-CAN-16171 |
Bentley |
CVE-2022-28304 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT OBJ File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-593 |
ZDI-CAN-16172 |
Bentley |
CVE-2022-28305 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT OBJ File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-592 |
ZDI-CAN-16202 |
Bentley |
CVE-2022-28300 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-591 |
ZDI-CAN-16340 |
Bentley |
CVE-2022-28319 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT 3DM File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-22-590 |
ZDI-CAN-16339 |
Bentley |
CVE-2022-28310 |
7.8 |
April 12, 2022 |
|
Bentley MicroStation CONNECT SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-589 |
ZDI-CAN-15176 |
Rockwell Automation |
CVE-2022-1118 |
7.8 |
April 8, 2022 |
|
Rockwell Automation Connected Components Workbench CCWARC File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-588 |
ZDI-CAN-15175 |
Rockwell Automation |
CVE-2022-1118 |
7.8 |
April 8, 2022 |
|
Rockwell Automation Connected Components Workbench CCWARC File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-587 |
ZDI-CAN-15174 |
Rockwell Automation |
CVE-2022-1118 |
7.8 |
April 8, 2022 |
|
Rockwell Automation Connected Components Workbench CCWARC File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-586 |
ZDI-CAN-15173 |
Rockwell Automation |
CVE-2022-1118 |
7.8 |
April 8, 2022 |
|
Rockwell Automation Connected Components Workbench CCWARC File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-585 |
ZDI-CAN-15179 |
Rockwell Automation |
|
5.5 |
April 5, 2022 |
|
Rockwell Automation Connected Components Workbench ccwsln File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-584 |
ZDI-CAN-15177 |
Rockwell Automation |
|
5.5 |
April 5, 2022 |
|
Rockwell Automation Connected Components Workbench ccwsln File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-583 |
ZDI-CAN-15180 |
Schneider Electric |
CVE-2022-0221 |
5.5 |
April 5, 2022 |
|
Schneider Electric SCADAPack Workbench isasln File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-582 |
ZDI-CAN-15181 |
Schneider Electric |
CVE-2022-0221 |
5.5 |
April 5, 2022 |
|
Schneider Electric SCADAPack Workbench isasln File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-581 |
ZDI-CAN-14778 |
Omron |
CVE-2022-26022 |
7.8 |
April 5, 2022 |
|
Omron CX-One CX-Position NCI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-580 |
ZDI-CAN-14776 |
Omron |
CVE-2022-26419 |
7.8 |
April 5, 2022 |
|
Omron CX-One CX-Position NCI File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-579 |
ZDI-CAN-14775 |
Omron |
CVE-2022-26419 |
7.8 |
April 5, 2022 |
|
Omron CX-One CX-Position NCI File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-578 |
ZDI-CAN-14753 |
Omron |
CVE-2022-26417 |
7.8 |
April 5, 2022 |
|
Omron CX-One CX-Position NCI File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-577 |
ZDI-CAN-14677 |
Omron |
CVE-2022-25959 |
7.8 |
April 5, 2022 |
|
Omron CX-One CX-Position NCI File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-576 |
ZDI-CAN-14676 |
Omron |
CVE-2022-26419 |
7.8 |
April 5, 2022 |
|
Omron CX-One CX-Position NCI File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-575 |
ZDI-CAN-14674 |
Omron |
CVE-2022-26419 |
7.8 |
April 5, 2022 |
|
Omron CX-One CX-Position NCI File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-574 |
ZDI-CAN-16015 |
Autodesk |
CVE-2022-25796 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Freedom DWF File Parsing Double Free Remote Code Execution Vulnerability |
| ZDI-22-573 |
ZDI-CAN-16048 |
Autodesk |
CVE-2022-25791 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage DWF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-572 |
ZDI-CAN-16047 |
Autodesk |
CVE-2022-25791 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage DWFX File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-571 |
ZDI-CAN-16046 |
Autodesk |
CVE-2022-25789 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage DWFX File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-570 |
ZDI-CAN-16044 |
Autodesk |
CVE-2022-25790 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-569 |
ZDI-CAN-16043 |
Autodesk |
CVE-2022-25790 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-568 |
ZDI-CAN-16041 |
Autodesk |
CVE-2022-27528 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-567 |
ZDI-CAN-16040 |
Autodesk |
CVE-2022-25792 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage DWF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-566 |
ZDI-CAN-16045 |
Autodesk |
CVE-2022-27528 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-565 |
ZDI-CAN-16012 |
Autodesk |
CVE-2022-25792 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Freedom DWF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-564 |
ZDI-CAN-16016 |
Autodesk |
CVE-2022-25791 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Freedom DWFX File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-563 |
ZDI-CAN-16014 |
Autodesk |
CVE-2022-25790 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Freedom DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-562 |
ZDI-CAN-16009 |
Autodesk |
CVE-2022-25790 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Freedom DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-561 |
ZDI-CAN-16018 |
Autodesk |
CVE-2022-25791 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Freedom DWF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-560 |
ZDI-CAN-16011 |
Autodesk |
CVE-2022-25790 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Freedom DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-559 |
ZDI-CAN-16013 |
Autodesk |
CVE-2022-25790 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Freedom DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-558 |
ZDI-CAN-16017 |
Autodesk |
CVE-2022-25791 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Freedom DWF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-557 |
ZDI-CAN-16010 |
Autodesk |
CVE-2022-27528 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Freedom DWFX File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-556 |
ZDI-CAN-15522 |
Autodesk |
CVE-2022-25795 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-555 |
ZDI-CAN-15521 |
Autodesk |
CVE-2022-25795 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage PDF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-554 |
ZDI-CAN-15686 |
Autodesk |
CVE-2022-25792 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Freedom DWF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-553 |
ZDI-CAN-15672 |
Autodesk |
CVE-2022-25790 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Freedom DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-552 |
ZDI-CAN-15466 |
Autodesk |
CVE-2022-25795 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage PDF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-551 |
ZDI-CAN-15451 |
Autodesk |
CVE-2022-25795 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-550 |
ZDI-CAN-15519 |
Autodesk |
CVE-2022-25795 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage PDF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-549 |
ZDI-CAN-15518 |
Autodesk |
CVE-2022-25795 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage PDF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-548 |
ZDI-CAN-15517 |
Autodesk |
CVE-2022-25795 |
7.8 |
April 5, 2022 |
|
Autodesk Navisworks Manage PDF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-547 |
ZDI-CAN-15917 |
Samsung |
|
6.1 |
April 5, 2022 |
|
(0Day) (Pwn2Own) Samsung Galaxy S21 Exposed Dangerous Method Local Privilege Escalation Vulnerability |
| ZDI-22-546 |
ZDI-CAN-14816 |
Trend Micro |
CVE-2022-27883 |
7.8 |
April 1, 2022 |
|
Trend Micro Antivirus for Mac Link Following Privilege Escalation Vulnerability |
| ZDI-22-545 |
ZDI-CAN-15307 |
Siemens |
|
3.3 |
March 29, 2022 |
|
(0Day) Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Information Disclosure Vulnerability |
| ZDI-22-544 |
ZDI-CAN-15806 |
NETGEAR |
CVE-2022-27641 |
8.8 |
March 29, 2022 |
|
(Pwn2Own) Netgear R6700v3 NetUSB Integer Overflow Remote Code Execution Vulnerability |
| ZDI-22-543 |
ZDI-CAN-14868 |
KOYO |
CVE-2022-27648 |
7.8 |
March 29, 2022 |
|
KOYO Screen Creator SCA2 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-542 |
ZDI-CAN-15114 |
Siemens |
|
7.8 |
March 28, 2022 |
March 29, 2022 |
(0Day) Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-541 |
ZDI-CAN-14468 |
Array Networks |
|
7.8 |
April 4, 2022 |
April 4, 2022 |
(0Day) Array Networks MotionPro Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-540 |
ZDI-CAN-16128 |
Adobe |
CVE-2021-44705 |
3.3 |
March 25, 2022 |
|
Adobe Acrobat Reader DC JP2 File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-539 |
ZDI-CAN-16127 |
Adobe |
CVE-2021-44707 |
7.8 |
March 25, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-538 |
ZDI-CAN-14615 |
Epic Games |
|
6.1 |
March 24, 2022 |
March 29, 2022 |
(0Day) Epic Games Launcher Link Following Denial-of-Service Vulnerability |
| ZDI-22-537 |
ZDI-CAN-14604 |
Epic Games |
|
6.1 |
March 24, 2022 |
March 29, 2022 |
(0Day) Epic Games Launcher Link Following Denial-of-Service Vulnerability |
| ZDI-22-536 |
ZDI-CAN-14470 |
Electronic Arts |
|
7.8 |
March 24, 2022 |
March 29, 2022 |
(0Day) Electronic Arts Origin Web Helper Service Link Following Privilege Escalation Vulnerability |
| ZDI-22-535 |
ZDI-CAN-15832 |
HP |
CVE-2022-24292 |
4.3 |
March 23, 2022 |
|
(Pwn2Own) HP LaserJet Pro MFP M283fdw CFF Font Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-534 |
ZDI-CAN-15897 |
HP |
CVE-2022-24291 |
6.5 |
March 23, 2022 |
|
(Pwn2Own) HP LaserJet Pro MFP M283fdw ScanJobs Memory Corruption Denial-of-Service Vulnerability |
| ZDI-22-533 |
ZDI-CAN-15896 |
HP |
CVE-2022-24293 |
8.0 |
March 23, 2022 |
|
(Pwn2Own) HP LaserJet Pro MFP M283fdw eContactRestore Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-532 |
ZDI-CAN-15831 |
HP |
CVE-2022-3942 |
8.8 |
March 23, 2022 |
|
(Pwn2Own) HP LaserJet Pro MFP M283fdw LLMNR Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-531 |
ZDI-CAN-15696 |
Siemens |
CVE-2021-45465 |
7.8 |
March 23, 2022 |
|
Siemens syngo fastView BMP File Parsing Write-what-where Condition Remote Code Execution Vulnerability |
| ZDI-22-530 |
ZDI-CAN-15876 |
Netatalk |
CVE-2022-0194 |
9.8 |
March 23, 2022 |
|
(Pwn2Own) Netatalk ad_addcomment Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-529 |
ZDI-CAN-15837 |
Netatalk |
CVE-2022-23122 |
9.8 |
March 23, 2022 |
|
(Pwn2Own) Netatalk setfilparams Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-528 |
ZDI-CAN-15830 |
Netatalk |
CVE-2022-23123 |
5.3 |
March 23, 2022 |
|
(Pwn2Own) Netatalk getdirparams Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-527 |
ZDI-CAN-15819 |
Netatalk |
CVE-2022-23121 |
9.8 |
March 23, 2022 |
|
(Pwn2Own) Netatalk parse_entries Improper Handling of Exceptional Conditions Remote Code Execution Vulnerability |
| ZDI-22-526 |
ZDI-CAN-15869 |
Netatalk |
CVE-2022-23125 |
9.8 |
March 23, 2022 |
|
(Pwn2Own) Netatalk copyapplfile Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-525 |
ZDI-CAN-15870 |
Netatalk |
CVE-2022-23124 |
5.3 |
March 23, 2022 |
|
(Pwn2Own) Netatalk get_finderinfo Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-524 |
ZDI-CAN-15874 |
NETGEAR |
CVE-2022-27647 |
8.0 |
March 23, 2022 |
|
(Pwn2Own) NETGEAR R6700v3 libreadycloud.so Command Injection Remote Code Execution Vulnerability |
| ZDI-22-523 |
ZDI-CAN-15879 |
NETGEAR |
CVE-2022-27646 |
8.0 |
March 23, 2022 |
|
(Pwn2Own) NETGEAR R6700v3 circled Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-522 |
ZDI-CAN-15762 |
NETGEAR |
CVE-2022-27645 |
8.8 |
March 23, 2022 |
|
(Pwn2Own) NETGEAR R6700v3 readycloud_control.cgi Authentication Bypass Vulnerability |
| ZDI-22-521 |
ZDI-CAN-15782 |
NETGEAR |
|
3.1 |
March 23, 2022 |
|
(Pwn2Own) NETGEAR R6700v3 Missing Authentication for Critical Function Arbitrary File Upload Vulnerability |
| ZDI-22-520 |
ZDI-CAN-15797 |
NETGEAR |
CVE-2022-27644 |
5.0 |
March 23, 2022 |
|
(Pwn2Own) NETGEAR R6700v3 Improper Certificate Validation Vulnerability |
| ZDI-22-519 |
ZDI-CAN-15692 |
NETGEAR |
CVE-2022-27643 |
8.8 |
March 23, 2022 |
|
(Pwn2Own) NETGEAR R6700v3 upnpd Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-518 |
ZDI-CAN-15854 |
NETGEAR |
CVE-2022-27642 |
6.3 |
March 23, 2022 |
|
(Pwn2Own) NETGEAR R6700v3 httpd Authentication Bypass Vulnerability |
| ZDI-22-517 |
ZDI-CAN-15747 |
Apple |
CVE-2022-22629 |
8.8 |
March 22, 2022 |
|
Apple Safari WebGLMultiDraw Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-516 |
ZDI-CAN-15834 |
Canon |
CVE-2022-24674 |
8.8 |
March 18, 2022 |
|
(Pwn2Own) Canon imageCLASS MF644Cdw privet Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-515 |
ZDI-CAN-15845 |
Canon |
CVE-2022-24673 |
8.8 |
March 18, 2022 |
|
(Pwn2Own) Canon imageCLASS MF644Cdw SLP Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-514 |
ZDI-CAN-15802 |
Canon |
CVE-2022-24672 |
8.8 |
March 18, 2022 |
|
(Pwn2Own) Canon imageCLASS MF644Cdw CADM Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-513 |
ZDI-CAN-16130 |
Adobe |
CVE-2022-24092 |
7.8 |
March 18, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-512 |
ZDI-CAN-16129 |
Adobe |
CVE-2022-24091 |
7.8 |
March 18, 2022 |
|
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-511 |
ZDI-CAN-15048 |
Siemens |
CVE-2021-46162 |
7.8 |
March 18, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-510 |
ZDI-CAN-15943 |
Apple |
CVE-2022-22584 |
3.3 |
March 16, 2022 |
|
Apple macOS ColorSync ICC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-509 |
ZDI-CAN-15061 |
Siemens |
CVE-2021-46699 |
7.8 |
March 16, 2022 |
|
Siemens Simcenter Femap BDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-508 |
ZDI-CAN-15192 |
Cisco |
CVE-2015-3269 |
7.5 |
March 11, 2022 |
|
Cisco Nexus Dashboard Fabric Controller XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-507 |
ZDI-CAN-14806 |
Cisco |
CVE-2017-5641 |
7.8 |
March 11, 2022 |
|
Cisco Nexus Dashboard Fabric Controller Improper Privilege Management Privilege Escalation Vulnerability |
| ZDI-22-506 |
ZDI-CAN-14805 |
Cisco |
CVE-2017-5641 |
7.3 |
March 11, 2022 |
|
Cisco Nexus Dashboard Fabric Controller AMF Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-505 |
ZDI-CAN-15564 |
Autodesk |
CVE-2021-27039 |
7.8 |
March 11, 2022 |
|
Autodesk AutoCAD PCX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-504 |
ZDI-CAN-15662 |
Autodesk |
CVE-2022-25788 |
7.8 |
March 11, 2022 |
|
Autodesk AutoCAD JT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-503 |
ZDI-CAN-16517 |
MyBB |
CVE-2022-24734 |
7.2 |
March 11, 2022 |
|
MyBB Admin Control Panel Code Injection Remote Code Execution Vulnerability |
| ZDI-22-502 |
ZDI-CAN-16716 |
Mozilla |
CVE-2022-26381 |
8.8 |
March 9, 2022 |
|
Mozilla Firefox textPath Element Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-501 |
ZDI-CAN-15764 |
Microsoft |
CVE-2022-24509 |
7.8 |
March 9, 2022 |
|
Microsoft Office Visio EMF EMR_COMMENT_EMFPLUS Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-500 |
ZDI-CAN-15730 |
Microsoft |
CVE-2022-24461 |
7.8 |
March 9, 2022 |
|
Microsoft Office Visio EMF EMR_COMMENT_EMFPLUS Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-499 |
ZDI-CAN-7819 |
Microsoft |
CVE-2022-24455 |
7.8 |
March 9, 2022 |
|
Microsoft Windows CD-ROM Driver Uninitialized Pointer Privilege Escalation Vulnerability |
| ZDI-22-498 |
ZDI-CAN-7818 |
Microsoft |
CVE-2022-24455 |
7.8 |
March 9, 2022 |
|
Microsoft Windows CD-ROM Driver Uninitialized Pointer Privilege Escalation Vulnerability |
| ZDI-22-497 |
ZDI-CAN-15986 |
Microsoft |
CVE-2022-23281 |
4.2 |
March 9, 2022 |
|
Microsoft Windows CLFS Integer Overflow Information Disclosure Vulnerability |
| ZDI-22-496 |
ZDI-CAN-16123 |
Microsoft |
CVE-2022-23266 |
8.8 |
March 9, 2022 |
|
Microsoft Azure Defender for IoT Password Change Command Injection Privilege Escalation Vulnerability |
| ZDI-22-495 |
ZDI-CAN-15761 |
Microsoft |
CVE-2022-23265 |
4.2 |
March 9, 2022 |
|
Microsoft Azure Defender for IoT Password Change Command Injection Local Privilege Escalation Vulnerability |
| ZDI-22-494 |
ZDI-CAN-15754 |
Microsoft |
CVE-2022-24510 |
7.8 |
March 9, 2022 |
|
Microsoft Office Visio EMF EMR_COMMENT_EMFPLUS Type Confusion Remote Code Execution Vulnerability |
| ZDI-22-493 |
ZDI-CAN-16030 |
Microsoft |
CVE-2022-23299 |
8.8 |
March 9, 2022 |
|
Microsoft Windows win32kfull PDEV Use-After-Free Local Privilege Escalation Vulnerability |
| ZDI-22-492 |
ZDI-CAN-14446 |
Ecava |
|
3.3 |
March 9, 2022 |
March 29, 2022 |
(0Day) Ecava IntegraXor Inkscape EMF File Parsing Out-Of-Bound Read Information Disclosure Vulnerability |
| ZDI-22-491 |
ZDI-CAN-14445 |
Ecava |
|
7.8 |
March 9, 2022 |
March 29, 2022 |
(0Day) Ecava IntegraXor Inkscape EMF File Parsing Out-Of-Bound Write Remote Code Execution Vulnerability |
| ZDI-22-490 |
ZDI-CAN-14444 |
Ecava |
|
7.8 |
March 9, 2022 |
March 29, 2022 |
(0Day) Ecava IntegraXor Inkscape WMF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-489 |
ZDI-CAN-14384 |
Ecava |
|
3.3 |
March 9, 2022 |
March 29, 2022 |
(0Day) Ecava IntegraXor Inkscape EMF File Parsing Uninitialized Pointer Information Disclosure Vulnerability |
| ZDI-22-488 |
ZDI-CAN-14383 |
Ecava |
|
3.3 |
March 9, 2022 |
March 29, 2022 |
(0Day) Ecava IntegraXor Inkscape EMF File Parsing Uninitialized Pointer Information Disclosure Vulnerability |
| ZDI-22-487 |
ZDI-CAN-14382 |
Ecava |
|
3.3 |
March 9, 2022 |
March 29, 2022 |
(0Day) Ecava IntegraXor Inkscape EMF File Parsing Out-Of-Bound Read Information Disclosure Vulnerability |
| ZDI-22-486 |
ZDI-CAN-14381 |
Ecava |
|
3.3 |
March 9, 2022 |
March 29, 2022 |
(0Day) Ecava IntegraXor Inkscape EMF File Parsing Out-Of-Bound Read Information Disclosure Vulnerability |
| ZDI-22-485 |
ZDI-CAN-14275 |
Ecava |
|
3.3 |
March 9, 2022 |
March 29, 2022 |
(0Day) Ecava IntegraXor Inkscape PCX File Parsing Out-Of-Bound Read Information Disclosure Vulnerability |
| ZDI-22-484 |
ZDI-CAN-15206 |
Bitdefender |
CVE-2021-4199 |
7.8 |
March 9, 2022 |
|
Bitdefender Total Security Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-483 |
ZDI-CAN-15197 |
Bitdefender |
CVE-2021-4198 |
6.1 |
March 9, 2022 |
|
Bitdefender Total Security Link Following Denial-of-Service Vulnerability |
| ZDI-22-482 |
ZDI-CAN-15560 |
Autodesk |
CVE-2021-27036 |
7.8 |
March 7, 2022 |
July 14, 2022 |
Autodesk AutoCAD TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-481 |
ZDI-CAN-15561 |
Autodesk |
CVE-2021-27035 |
3.3 |
March 7, 2022 |
|
Autodesk AutoCAD TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-480 |
ZDI-CAN-15562 |
Autodesk |
CVE-2021-27035 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD PCX File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-479 |
ZDI-CAN-15563 |
Autodesk |
CVE-2021-27036 |
7.8 |
March 7, 2022 |
July 14, 2022 |
Autodesk AutoCAD PICT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-478 |
ZDI-CAN-15565 |
Autodesk |
CVE-2021-27041 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-477 |
ZDI-CAN-15566 |
Autodesk |
CVE-2022-25789 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD DWFX File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-476 |
ZDI-CAN-15567 |
Autodesk |
CVE-2022-25792 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD DWF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-475 |
ZDI-CAN-15568 |
Autodesk |
CVE-2022-25790 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-474 |
ZDI-CAN-15569 |
Autodesk |
CVE-2021-40160 |
7.8 |
March 7, 2022 |
July 14, 2022 |
Autodesk AutoCAD PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-473 |
ZDI-CAN-15570 |
Autodesk |
CVE-2021-27040 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-472 |
ZDI-CAN-15576 |
Autodesk |
CVE-2022-25795 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD PDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-471 |
ZDI-CAN-15577 |
Autodesk |
CVE-2022-25789 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD 3DS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-470 |
ZDI-CAN-15578 |
Autodesk |
CVE-2021-27043 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-469 |
ZDI-CAN-15579 |
Autodesk |
CVE-2022-25795 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD PDF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-468 |
ZDI-CAN-15614 |
Autodesk |
CVE-2022-25795 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD PDF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-467 |
ZDI-CAN-15615 |
Autodesk |
CVE-2022-25795 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD PDF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-22-466 |
ZDI-CAN-15616 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-465 |
ZDI-CAN-15552 |
Autodesk |
CVE-2022-25789 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD DWF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-464 |
ZDI-CAN-15553 |
Autodesk |
CVE-2022-25791 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD DWF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-463 |
ZDI-CAN-15554 |
Autodesk |
CVE-2022-25790 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-462 |
ZDI-CAN-15555 |
Autodesk |
CVE-2021-27036 |
3.3 |
March 7, 2022 |
|
Autodesk AutoCAD PICT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-461 |
ZDI-CAN-15556 |
Autodesk |
CVE-2022-25789 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD PICT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-460 |
ZDI-CAN-15557 |
Autodesk |
CVE-2022-25792 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD PICT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-459 |
ZDI-CAN-15558 |
Autodesk |
CVE-2021-27037 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD TIF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-458 |
ZDI-CAN-15559 |
Autodesk |
CVE-2021-27036 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD PICT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-457 |
ZDI-CAN-15273 |
Autodesk |
CVE-2021-27036 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-456 |
ZDI-CAN-15298 |
Autodesk |
CVE-2021-27036 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-455 |
ZDI-CAN-15618 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-454 |
ZDI-CAN-15619 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-453 |
ZDI-CAN-15620 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-452 |
ZDI-CAN-15617 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-451 |
ZDI-CAN-15622 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-450 |
ZDI-CAN-15621 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-449 |
ZDI-CAN-15623 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-448 |
ZDI-CAN-15657 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-447 |
ZDI-CAN-15656 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-446 |
ZDI-CAN-15625 |
Autodesk |
CVE-2021-27042 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-445 |
ZDI-CAN-15661 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-444 |
ZDI-CAN-15659 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-443 |
ZDI-CAN-15660 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-442 |
ZDI-CAN-15658 |
Autodesk |
CVE-2022-25788 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-441 |
ZDI-CAN-15624 |
Autodesk |
CVE-2021-40158 |
7.8 |
March 7, 2022 |
|
Autodesk AutoCAD JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-440 |
ZDI-CAN-14854 |
Fatek Automation |
CVE-2022-23985 |
7.8 |
March 7, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-439 |
ZDI-CAN-14858 |
Fatek Automation |
CVE-2022-21209 |
7.8 |
March 7, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-438 |
ZDI-CAN-14855 |
Fatek Automation |
CVE-2022-23985 |
7.8 |
March 7, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-437 |
ZDI-CAN-14852 |
Fatek Automation |
CVE-2022-23985 |
7.8 |
March 7, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-436 |
ZDI-CAN-14853 |
Fatek Automation |
CVE-2022-21209 |
7.8 |
March 7, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-435 |
ZDI-CAN-14591 |
Fatek Automation |
CVE-2022-21209 |
7.8 |
March 7, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-434 |
ZDI-CAN-14802 |
Fatek Automation |
CVE-2022-23985 |
7.8 |
March 7, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-433 |
ZDI-CAN-14800 |
Fatek Automation |
CVE-2022-23985 |
7.8 |
March 7, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-432 |
ZDI-CAN-14797 |
Fatek Automation |
CVE-2022-23985 |
7.8 |
March 7, 2022 |
|
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-431 |
ZDI-CAN-14233 |
Kaspersky |
CVE-2021-35053 |
6.1 |
March 3, 2022 |
March 4, 2022 |
Kaspersky Total Security Link Following Denial-of-Service Vulnerability |
| ZDI-22-430 |
ZDI-CAN-15141 |
Adobe |
CVE-2021-42734 |
3.3 |
March 2, 2022 |
|
Adobe Photoshop TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-429 |
ZDI-CAN-15246 |
Adobe |
CVE-2021-39865 |
3.3 |
March 2, 2022 |
|
Adobe FrameMaker TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-428 |
ZDI-CAN-14533 |
Microsoft |
|
5.3 |
March 1, 2022 |
|
(0Day) Microsoft Visual Studio Link Following Denial-of-Service Vulnerability |
| ZDI-22-427 |
ZDI-CAN-14534 |
Microsoft |
|
5.3 |
March 1, 2022 |
|
(0Day) Microsoft Visual Studio Link Following Denial-of-Service Vulnerability |
| ZDI-22-426 |
ZDI-CAN-14528 |
Microsoft |
|
6.1 |
March 1, 2022 |
|
(0Day) Microsoft .NET Link Following Denial-of-Service Vulnerability |
| ZDI-22-425 |
ZDI-CAN-14586 |
Microsoft |
|
5.3 |
March 1, 2022 |
|
(0Day) Microsoft Visual Studio Link Following Denial-of-Service Vulnerability |
| ZDI-22-424 |
ZDI-CAN-15581 |
Delta Industrial Automation |
|
7.5 |
March 1, 2022 |
March 30, 2022 |
(0Day) Delta Industrial Automation DIAEnergie AM_Handler SQL Injection Information Disclosure Vulnerability |
| ZDI-22-423 |
ZDI-CAN-15580 |
Delta Industrial Automation |
|
9.8 |
March 1, 2022 |
March 30, 2022 |
(0Day) Delta Industrial Automation DIAEnergie HandlerPage_KID Arbitrary File Upload Remote Code Execution Vulnerability |
| ZDI-22-422 |
ZDI-CAN-15202 |
Delta Industrial Automation |
CVE-2022-1404 |
7.8 |
March 1, 2022 |
May 10, 2022 |
(0Day) Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-421 |
ZDI-CAN-15201 |
Delta Industrial Automation |
CVE-2022-1404 |
3.3 |
March 1, 2022 |
May 10, 2022 |
(0Day) Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-420 |
ZDI-CAN-15946 |
Cisco |
CVE-2022-20702 |
7.0 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 utility-ping-request Insecure Temporary File Local Privilege Escalation Vulnerability |
| ZDI-22-419 |
ZDI-CAN-15940 |
Cisco |
CVE-2022-20707 |
7.8 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 JSON RPC file-copy Command Injection Local Privilege Escalation Vulnerability |
| ZDI-22-418 |
ZDI-CAN-15774 |
Cisco |
CVE-2022-20706 |
9.8 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 Plug and Play Command Injection Remote Code Execution Vulnerability |
| ZDI-22-417 |
ZDI-CAN-15893 |
Cisco |
CVE-2022-20708 |
6.8 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 update-clients Command Injection Remote Code Execution Vulnerability |
| ZDI-22-416 |
ZDI-CAN-15892 |
Cisco |
CVE-2022-20709, CVE-2022-20711 |
6.3 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 NGINX Missing Authentication Information Disclosure Vulnerability |
| ZDI-22-415 |
ZDI-CAN-15848 |
Cisco |
CVE-2022-20705 |
6.5 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 NGINX Improper Authentication Unrestricted File Upload Vulnerability |
| ZDI-22-414 |
ZDI-CAN-15784 |
Cisco |
CVE-2022-20699 |
9.8 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 SSLVPN Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-413 |
ZDI-CAN-15810 |
Cisco |
CVE-2022-20703, CVE-2022-20704 |
7.1 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 Firmware Update Improper Certificate Validation Remote Code Execution Vulnerability |
| ZDI-22-412 |
ZDI-CAN-15886 |
Cisco |
CVE-2022-20701 |
7.8 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 confd_cli Unnecessary Privileges Local Privilege Escalation Vulnerability |
| ZDI-22-411 |
ZDI-CAN-15883 |
Cisco |
CVE-2022-20707 |
4.3 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 upload.cgi JSON Command Injection Privilege Escalation Vulnerability |
| ZDI-22-410 |
ZDI-CAN-15882 |
Cisco |
CVE-2022-20705 |
8.8 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 upload.cgi sessionid Improper Input Validation Authentication Bypass Vulnerability |
| ZDI-22-409 |
ZDI-CAN-15610 |
Cisco |
CVE-2022-20705, CVE-2022-20707 |
8.8 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 NGINX sessionid Directory Traversal Authentication Bypass Vulnerability |
| ZDI-22-408 |
ZDI-CAN-15611 |
Cisco |
CVE-2022-20703 |
8.8 |
Feb. 22, 2022 |
|
(Pwn2Own) Cisco RV340 Firmware Update Missing Integrity Check Remote Code Execution Vulnerability |
| ZDI-22-407 |
ZDI-CAN-13993 |
TP-Link |
CVE-2022-0650 |
6.8 |
Feb. 22, 2022 |
|
TP-Link TL-WR940N httpd newBridgessid Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-406 |
ZDI-CAN-13992 |
TP-Link |
CVE-2022-24973 |
6.8 |
Feb. 22, 2022 |
|
TP-Link TL-WR940N httpd ssid1 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-405 |
ZDI-CAN-13911 |
TP-Link |
CVE-2022-24972 |
6.5 |
Feb. 22, 2022 |
|
TP-Link TL-WR940N httpd Improper Access Control Information Disclosure Vulnerability |
| ZDI-22-404 |
ZDI-CAN-14724 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing Trend Tag WordAddr1 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-403 |
ZDI-CAN-14723 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing XY Tag WordAddr4 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-402 |
ZDI-CAN-14721 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing Trend Tag WordAddr2 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-401 |
ZDI-CAN-14713 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing Alarm Tag WordAddr9 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-400 |
ZDI-CAN-14711 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing Alarm Tag WordAddr9 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-399 |
ZDI-CAN-14710 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing Extra Tag WordAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-398 |
ZDI-CAN-14709 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing Alarm Tag bitaddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-397 |
ZDI-CAN-14707 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing Extra Tag bitaddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-396 |
ZDI-CAN-14706 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing Alarm Tag WordAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-395 |
ZDI-CAN-14705 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing Disc Tag WordAddr4 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-394 |
ZDI-CAN-14704 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing Disc Tag WordAddr3 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-393 |
ZDI-CAN-14703 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP FIle Parsing Disc Tag WordAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-392 |
ZDI-CAN-14702 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing Disc Tag WordAddr1 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-391 |
ZDI-CAN-14701 |
WECON |
|
7.8 |
Feb. 22, 2022 |
|
(0Day) WECON LeviStudioU UMP File Parsing Disc Tag WordAddr2 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-390 |
ZDI-CAN-14700 |
WECON |
|
7.8 |
Feb. 22, 2022 |
Feb. 22, 2022 |
(0Day) WECON LeviStudioU UMP File Parsing Trend Tag WordAddr4 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-389 |
ZDI-CAN-13990 |
Fuji Electric |
CVE-2022-21228 |
7.8 |
Feb. 22, 2022 |
March 23, 2022 |
(0Day) Fuji Electric Alpha5 Servo Operator C5P File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-388 |
ZDI-CAN-13938 |
Fuji Electric |
CVE-2022-21202 |
3.3 |
March 23, 2022 |
March 23, 2022 |
(0Day) Fuji Electric Alpha5 Servo Operator C5P File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-387 |
ZDI-CAN-13876 |
Fuji Electric |
CVE-2022-21168 |
3.3 |
Feb. 22, 2022 |
March 23, 2022 |
(0Day) Fuji Electric Alpha5 C5V File Parsing Uninitialized Pointer Information Disclosure Vulnerability |
| ZDI-22-386 |
ZDI-CAN-14969 |
Parallels |
CVE-2021-34987 |
8.2 |
Feb. 18, 2022 |
|
Parallels Desktop HDAudio Buffer Overflow Local Privilege Escalation Vulnerability |
| ZDI-22-385 |
ZDI-CAN-13932 |
Parallels |
CVE-2021-34986 |
7.8 |
Feb. 18, 2022 |
|
Parallels Desktop Service Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-22-384 |
ZDI-CAN-15731 |
Microsoft |
CVE-2022-21988 |
7.0 |
Feb. 18, 2022 |
|
Microsoft Office Visio EMF EMR_DELETEOBJECT Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-383 |
ZDI-CAN-15585 |
Microsoft |
CVE-2022-22716 |
2.5 |
Feb. 18, 2022 |
|
Microsoft Office Excel XLS File Parsing Untrusted Pointer Dereference Information Disclosure Vulnerability |
| ZDI-22-382 |
ZDI-CAN-15982 |
Lexmark |
CVE-2021-44738 |
8.8 |
Feb. 18, 2022 |
|
Lexmark MC3224i PostScript Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-381 |
ZDI-CAN-14886 |
Microsoft |
|
6.5 |
Feb. 18, 2022 |
|
Microsoft Outlook for Mac Hyperlink UI Misrepresentation Vulnerability |
| ZDI-22-380 |
ZDI-CAN-15916 |
Samsung |
|
4.6 |
Feb. 18, 2022 |
|
(Pwn2Own) Samsung Galaxy S21 Improper Error Handling Remote Code Execution Vulnerability |
| ZDI-22-379 |
ZDI-CAN-15871 |
Samsung |
|
8.8 |
Feb. 18, 2022 |
|
(Pwn2Own) Samsung Galaxy S21 Open Redirect Remote Code Execution Vulnerability |
| ZDI-22-378 |
ZDI-CAN-14059 |
ICONICS |
CVE-2021-27040 |
3.3 |
Feb. 18, 2022 |
|
ICONICS GENESIS64 DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-377 |
ZDI-CAN-13835 |
Apple |
CVE-2021-30771 |
7.8 |
Feb. 16, 2022 |
|
Apple macOS libFontParser TTF Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-376 |
ZDI-CAN-15254 |
Adobe |
CVE-2022-23200 |
7.8 |
Feb. 16, 2022 |
|
Adobe After Effects 3GP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-375 |
ZDI-CAN-13664 |
SolarWinds |
CVE-2021-35244 |
8.8 |
Feb. 16, 2022 |
|
SolarWinds Orion Platform Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-22-374 |
ZDI-CAN-14204 |
Omron |
CVE-2022-21137 |
7.8 |
Feb. 16, 2022 |
|
Omron CX-One FLN File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-373 |
ZDI-CAN-14038 |
Omron |
CVE-2022-21137 |
7.8 |
Feb. 16, 2022 |
|
Omron CX-One SDD File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-372 |
ZDI-CAN-15047 |
Trend Micro |
CVE-2022-24678 |
5.3 |
Feb. 16, 2022 |
|
Trend Micro Apex One Security Agent Resource Exhaustion Denial-of-Service Vulnerability |
| ZDI-22-371 |
ZDI-CAN-14998 |
Trend Micro |
CVE-2022-24671 |
7.8 |
Feb. 16, 2022 |
|
Trend Micro Antivirus for Mac Link Following Privilege Escalation Vulnerability |
| ZDI-22-370 |
ZDI-CAN-14926 |
Trend Micro |
CVE-2022-24679 |
7.8 |
Feb. 16, 2022 |
|
Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-369 |
ZDI-CAN-14815 |
Trend Micro |
CVE-2022-24680 |
7.8 |
Feb. 16, 2022 |
|
Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability |
| ZDI-22-368 |
ZDI-CAN-16192 |
MariaDB |
CVE-2022-24048 |
7.0 |
Feb. 16, 2022 |
|
MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-22-367 |
ZDI-CAN-16190 |
MariaDB |
CVE-2022-24052 |
7.0 |
Feb. 16, 2022 |
|
MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-22-366 |
ZDI-CAN-16209 |
MariaDB |
CVE-2022-24052 |
7.0 |
Feb. 16, 2022 |
|
MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-22-365 |
ZDI-CAN-16208 |
MariaDB |
CVE-2022-24051 |
7.0 |
Feb. 16, 2022 |
|
MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability |
| ZDI-22-364 |
ZDI-CAN-16207 |
MariaDB |
CVE-2022-24050 |
7.0 |
Feb. 16, 2022 |
|
MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vulnerability |
| ZDI-22-363 |
ZDI-CAN-16191 |
MariaDB |
CVE-2022-24048 |
7.0 |
Feb. 16, 2022 |
|
MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-22-362 |
ZDI-CAN-14621 |
Linux |
CVE-2022-1043 |
8.8 |
Feb. 16, 2022 |
July 21, 2022 |
Linux Kernel io_uring Use-After-Free Privilege Escalation Vulnerability |
| ZDI-22-361 |
ZDI-CAN-15639 |
Apple |
CVE-2022-22579 |
3.3 |
Feb. 16, 2022 |
|
Apple macOS ModelIO STL File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-360 |
ZDI-CAN-15320 |
Apple |
CVE-2021-30995 |
7.8 |
Feb. 16, 2022 |
|
Apple macOS fclonefileat Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-22-359 |
ZDI-CAN-15199 |
Apple |
CVE-2021-30939 |
3.3 |
Feb. 16, 2022 |
|
Apple macOS ImageIO DDS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-358 |
ZDI-CAN-15171 |
Apple |
CVE-2021-30979 |
7.8 |
Feb. 16, 2022 |
|
Apple macOS ModelIO ABC File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-357 |
ZDI-CAN-14385 |
Apple |
CVE-2021-30919 |
7.8 |
Feb. 16, 2022 |
|
Apple macOS CoreGraphics PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-356 |
ZDI-CAN-14515 |
Apple |
CVE-2021-30928 |
3.3 |
Feb. 16, 2022 |
|
Apple macOS CoreGraphics PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-355 |
ZDI-CAN-14040 |
Apple |
CVE-2021-30832 |
7.8 |
Feb. 16, 2022 |
|
Apple macOS CVMServer Use-After-Free Privilege Escalation Vulnerability |
| ZDI-22-354 |
ZDI-CAN-13804 |
Apple |
CVE-2021-30825 |
3.3 |
Feb. 16, 2022 |
|
Apple macOS CoreML MLMODEL File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-353 |
ZDI-CAN-13806 |
Apple |
CVE-2021-30785 |
7.8 |
Feb. 16, 2022 |
|
Apple macOS ImageIO PICT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-352 |
ZDI-CAN-16027 |
Microsoft |
CVE-2022-22005 |
8.8 |
Feb. 15, 2022 |
|
Microsoft SharePoint Chart Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-351 |
ZDI-CAN-16187 |
Foxit |
CVE-2022-24908 |
7.8 |
Feb. 15, 2022 |
|
Foxit PDF Reader JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-350 |
ZDI-CAN-16186 |
Foxit |
CVE-2022-24907 |
7.8 |
Feb. 15, 2022 |
|
Foxit PDF Reader JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-349 |
ZDI-CAN-15859 |
Western Digital |
CVE-2022-22994 |
8.8 |
Feb. 15, 2022 |
|
(Pwn2Own) Western Digital My Cloud Pro Series PR4100 ConnectivityService Insufficient Verification of Data Authenticity Remote Code Execution Vulnerability |
| ZDI-22-348 |
ZDI-CAN-15889 |
Western Digital |
CVE-2022-22993 |
8.0 |
Feb. 15, 2022 |
|
(Pwn2Own) Western Digital MyCloud PR4100 cgi_api Server-Side Request Forgery Privilege Escalation Vulnerability |
| ZDI-22-347 |
ZDI-CAN-15888 |
Western Digital |
CVE-2022-22990 |
6.3 |
Feb. 15, 2022 |
|
(Pwn2Own) Western Digital MyCloud PR4100 nasAdmin Authentication Bypass Vulnerability |
| ZDI-22-346 |
ZDI-CAN-15804 |
Western Digital |
|
8.8 |
Feb. 15, 2022 |
|
(Pwn2Own) Western Digital MyCloud PR4100 samba Configuration Remote Code Execution Vulnerability |
| ZDI-22-345 |
ZDI-CAN-14408 |
WECON |
|
7.8 |
Feb. 15, 2022 |
Feb. 17, 2022 |
(0Day) WECON LeviStudioU UMP File Parsing XY Tag WordAddr10 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-344 |
ZDI-CAN-14410 |
WECON |
|
7.8 |
Feb. 15, 2022 |
Feb. 17, 2022 |
(0Day) WECON LeviStudioU UMP File Parsing Trend Tag WordAddr8 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-343 |
ZDI-CAN-15245 |
Adobe |
CVE-2022-23200 |
3.3 |
Feb. 15, 2022 |
|
Adobe FrameMaker PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-342 |
ZDI-CAN-15277 |
Adobe |
CVE-2022-23204 |
3.3 |
Feb. 15, 2022 |
|
Adobe Premiere Rush JPEG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-341 |
ZDI-CAN-14619 |
DevExpress |
CVE-2021-36483 |
8.8 |
Feb. 15, 2022 |
March 10, 2022 |
DevExpress SafeBinaryFormatter Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-22-340 |
ZDI-CAN-15112 |
Siemens |
CVE-2021-44018 |
7.8 |
Feb. 15, 2022 |
|
Siemens JT2Go PAR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-339 |
ZDI-CAN-15113 |
Siemens |
CVE-2021-38405 |
3.3 |
Feb. 15, 2022 |
|
Siemens JT2Go PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-338 |
ZDI-CAN-15110 |
Siemens |
CVE-2021-44016 |
7.8 |
Feb. 15, 2022 |
|
Siemens JT2Go PAR File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-337 |
ZDI-CAN-15108 |
Siemens |
CVE-2021-38405 |
3.3 |
Feb. 15, 2022 |
|
Siemens JT2Go PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-336 |
ZDI-CAN-15106 |
Siemens |
CVE-2021-38405 |
7.8 |
Feb. 15, 2022 |
|
Siemens JT2Go PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-335 |
ZDI-CAN-15053 |
Siemens |
CVE-2021-44000 |
7.8 |
Feb. 15, 2022 |
|
Siemens JT2Go PAR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-334 |
ZDI-CAN-15107 |
Siemens |
CVE-2021-43336 |
7.8 |
Feb. 15, 2022 |
|
Siemens JT2Go DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-333 |
ZDI-CAN-15820 |
Lexmark |
CVE-2021-44737 |
8.8 |
Feb. 15, 2022 |
|
(Pwn2Own) Lexmark MC3224i PJL Exposed Dangerous Function Remote Code Execution Vulnerability |
| ZDI-22-332 |
ZDI-CAN-15844 |
Lexmark |
CVE-2021-44734 |
8.8 |
Feb. 15, 2022 |
|
(Pwn2Own) Lexmark MC3224i Web Configuration File Code Injection Remote Code Execution Vulnerability |
| ZDI-22-331 |
ZDI-CAN-15800 |
Lexmark |
CVE-2021-44736 |
9.6 |
Feb. 15, 2022 |
|
(Pwn2Own) Lexmark MC3224i Unprotected API Remote Code Execution Vulnerability |
| ZDI-22-330 |
ZDI-CAN-15894 |
Lexmark |
CVE-2021-44735 |
5.5 |
Feb. 15, 2022 |
|
(Pwn2Own) Lexmark MC3224i Command Injection Remote Code Execution Vulnerability |
| ZDI-22-329 |
ZDI-CAN-15895 |
Lexmark |
CVE-2021-44735 |
7.8 |
Feb. 15, 2022 |
|
(Pwn2Own) Lexmark MC3224i setuid Local Privilege Escalation Vulnerability |
| ZDI-22-328 |
ZDI-CAN-15924 |
Lexmark |
CVE-2021-44738 |
8.8 |
Feb. 15, 2022 |
|
(Pwn2Own) Lexmark MC3224i PostScript Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-327 |
ZDI-CAN-15925 |
Lexmark |
CVE-2021-44738 |
7.1 |
Feb. 15, 2022 |
|
(Pwn2Own) Lexmark MC3224i pagemaker Insufficient Session Expiration Local Privilege Escalation Vulnerability |
| ZDI-22-326 |
ZDI-CAN-15927 |
Lexmark |
CVE-2021-44735 |
7.8 |
Feb. 15, 2022 |
|
(Pwn2Own) Lexmark MC3224i setuid Local Privilege Escalation Vulnerability |
| ZDI-22-325 |
ZDI-CAN-15198 |
Schneider Electric |
CVE-2022-24313 |
9.8 |
Feb. 11, 2022 |
Feb. 16, 2022 |
Schneider Electric IGSS IGSSDataServer Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-324 |
ZDI-CAN-15193 |
Schneider Electric |
CVE-2022-24317 |
5.3 |
Feb. 11, 2022 |
Feb. 16, 2022 |
Schneider Electric IGSS Missing Authentication Information Disclosure Vulnerability |
| ZDI-22-323 |
ZDI-CAN-15119 |
Schneider Electric |
CVE-2022-24316 |
5.3 |
Feb. 11, 2022 |
Feb. 16, 2022 |
Schneider Electric IGSS IGSSdataServer Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-22-322 |
ZDI-CAN-15118 |
Schneider Electric |
CVE-2022-24315 |
7.5 |
Feb. 11, 2022 |
Feb. 16, 2022 |
Schneider Electric IGSS Out-Of-Bounds Read Denial-of-Service Vulnerability |
| ZDI-22-321 |
ZDI-CAN-14943 |
Schneider Electric |
CVE-2022-24312 |
9.8 |
Feb. 11, 2022 |
Feb. 16, 2022 |
Schneider Electric IGSS IGSSdataServer Directory Traversal Remote Code Execution Vulnerability |
| ZDI-22-320 |
ZDI-CAN-14942 |
Schneider Electric |
CVE-2022-24311 |
9.8 |
Feb. 11, 2022 |
Feb. 16, 2022 |
Schneider Electric IGSS IGSSdataServer Directory Traversal Remote Code Execution Vulnerability |
| ZDI-22-319 |
ZDI-CAN-15812 |
Foxit |
CVE-2022-24971 |
7.8 |
Feb. 11, 2022 |
|
Foxit PDF Reader JPEG2000 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-318 |
ZDI-CAN-16193 |
MariaDB |
CVE-2022-24051 |
7.0 |
Feb. 11, 2022 |
|
MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability |
| ZDI-22-317 |
ZDI-CAN-15296 |
Microsoft |
CVE-2022-22002 |
6.1 |
Feb. 11, 2022 |
|
Microsoft Windows User Profile Picture Link Following Denial-of-Service Vulnerability |
| ZDI-22-316 |
ZDI-CAN-15302 |
Siemens |
CVE-2021-46161 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-315 |
ZDI-CAN-15286 |
Siemens |
CVE-2021-46160 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-314 |
ZDI-CAN-15050 |
Siemens |
CVE-2021-46159 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-313 |
ZDI-CAN-15602 |
Siemens |
CVE-2021-46158 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-312 |
ZDI-CAN-15289 |
Siemens |
CVE-2021-46158 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-311 |
ZDI-CAN-15085 |
Siemens |
CVE-2021-46158 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-310 |
ZDI-CAN-14757 |
Siemens |
CVE-2021-46157 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-309 |
ZDI-CAN-14684 |
Siemens |
CVE-2021-46156 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-308 |
ZDI-CAN-15593 |
Siemens |
CVE-2021-46155 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-307 |
ZDI-CAN-15303 |
Siemens |
CVE-2021-46155 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-306 |
ZDI-CAN-15283 |
Siemens |
CVE-2021-46155 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-305 |
ZDI-CAN-14683 |
Siemens |
CVE-2021-46155 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-304 |
ZDI-CAN-15304 |
Siemens |
CVE-2021-46154 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-303 |
ZDI-CAN-15084 |
Siemens |
CVE-2021-46154 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-302 |
ZDI-CAN-14679 |
Siemens |
CVE-2021-46154 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-22-301 |
ZDI-CAN-14646 |
Siemens |
CVE-2021-46154 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-300 |
ZDI-CAN-15599 |
Siemens |
CVE-2021-46153 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-299 |
ZDI-CAN-15589 |
Siemens |
CVE-2021-46153 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-298 |
ZDI-CAN-15305 |
Siemens |
CVE-2021-46153 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-297 |
ZDI-CAN-14645 |
Siemens |
CVE-2021-46153 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-296 |
ZDI-CAN-15183 |
Siemens |
CVE-2021-46152 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-295 |
ZDI-CAN-14755 |
Siemens |
CVE-2021-46152 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-22-294 |
ZDI-CAN-14644 |
Siemens |
CVE-2021-46152 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-22-293 |
ZDI-CAN-14643 |
Siemens |
CVE-2021-46152 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-22-292 |
ZDI-CAN-14754 |
Siemens |
CVE-2021-46151 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-291 |
ZDI-CAN-15082 |
Siemens |
CVE-2021-46151 |
7.8 |
Feb. 11, 2022 |
|
Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-290 |
ZDI-CAN-14618 |
BMC |
CVE-2022-24047 |
5.3 |
Feb. 10, 2022 |
Feb. 11, 2022 |
BMC Track-It! HTTP Module Improper Access Control Authentication Bypass Vulnerability |
| ZDI-22-289 |
ZDI-CAN-15668 |
Autodesk |
CVE-2021-40159 |
7.8 |
Feb. 10, 2022 |
|
Autodesk Inventor JT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-288 |
ZDI-CAN-15667 |
Autodesk |
CVE-2021-40158 |
7.8 |
Feb. 10, 2022 |
|
Autodesk Inventor JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-287 |
ZDI-CAN-15666 |
Autodesk |
CVE-2021-40158 |
7.8 |
Feb. 10, 2022 |
|
Autodesk Inventor JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-286 |
ZDI-CAN-15665 |
Autodesk |
CVE-2021-40158 |
7.8 |
Feb. 10, 2022 |
|
Autodesk Inventor JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-285 |
ZDI-CAN-15664 |
Autodesk |
CVE-2021-40158 |
7.8 |
Feb. 10, 2022 |
|
Autodesk Inventor JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-284 |
ZDI-CAN-15670 |
Autodesk |
CVE-2021-40158 |
7.8 |
Feb. 10, 2022 |
|
Autodesk Inventor JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-283 |
ZDI-CAN-15669 |
Autodesk |
CVE-2021-40158 |
7.8 |
Feb. 10, 2022 |
|
Autodesk Inventor JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-282 |
ZDI-CAN-15671 |
Autodesk |
CVE-2021-40159 |
7.8 |
Feb. 10, 2022 |
|
Autodesk Inventor JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-281 |
ZDI-CAN-15675 |
Autodesk |
CVE-2021-40158 |
7.8 |
Feb. 10, 2022 |
|
Autodesk Inventor JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-280 |
ZDI-CAN-16087 |
Foxit |
CVE-2022-24369 |
7.8 |
Feb. 10, 2022 |
Feb. 18, 2022 |
Foxit PDF Reader JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-279 |
ZDI-CAN-16115 |
Foxit |
CVE-2022-24368 |
3.3 |
Feb. 10, 2022 |
Feb. 18, 2022 |
Foxit PDF Reader Doc Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-278 |
ZDI-CAN-15877 |
Foxit |
CVE-2022-24367 |
7.8 |
Feb. 10, 2022 |
Feb. 18, 2022 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-277 |
ZDI-CAN-15853 |
Foxit |
CVE-2022-24366 |
7.8 |
Feb. 10, 2022 |
Feb. 18, 2022 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-276 |
ZDI-CAN-15852 |
Foxit |
CVE-2022-24365 |
7.8 |
Feb. 10, 2022 |
Feb. 18, 2022 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-275 |
ZDI-CAN-15851 |
Foxit |
CVE-2022-24364 |
7.8 |
Feb. 10, 2022 |
Feb. 18, 2022 |
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-274 |
ZDI-CAN-15861 |
Foxit |
CVE-2022-24363 |
7.8 |
Feb. 10, 2022 |
Feb. 18, 2022 |
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-273 |
ZDI-CAN-15987 |
Foxit |
CVE-2022-24362 |
7.8 |
Feb. 10, 2022 |
Feb. 18, 2022 |
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-272 |
ZDI-CAN-15811 |
Foxit |
CVE-2022-24361 |
7.8 |
Feb. 10, 2022 |
Feb. 18, 2022 |
Foxit PDF Reader JPG2000 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-271 |
ZDI-CAN-15744 |
Foxit |
CVE-2022-24360 |
7.8 |
Feb. 10, 2022 |
Feb. 18, 2022 |
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-270 |
ZDI-CAN-15702 |
Foxit |
CVE-2022-24359 |
7.8 |
Feb. 10, 2022 |
Feb. 18, 2022 |
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-269 |
ZDI-CAN-15703 |
Foxit |
CVE-2022-24358 |
7.8 |
Feb. 10, 2022 |
|
Foxit PDF Reader Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-268 |
ZDI-CAN-15743 |
Foxit |
CVE-2022-24357 |
7.8 |
Feb. 10, 2022 |
|
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-267 |
ZDI-CAN-14848 |
Foxit |
CVE-2022-24356 |
7.8 |
Feb. 10, 2022 |
|
Foxit PDF Reader OnMouseExit Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-266 |
ZDI-CAN-14819 |
Foxit |
CVE-2022-24370 |
3.3 |
Feb. 10, 2022 |
|
Foxit PDF Reader XFA Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-265 |
ZDI-CAN-13910 |
TP-Link |
CVE-2022-24355 |
8.8 |
Feb. 10, 2022 |
|
TP-Link TL-WR940N httpd httpRpmFs Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-264 |
ZDI-CAN-15835 |
TP-Link |
CVE-2022-24354 |
8.8 |
Feb. 10, 2022 |
|
TP-Link AC1750 NetUSB Integer Overflow Remote Code Execution Vulnerability |
| ZDI-22-263 |
ZDI-CAN-15769 |
TP-Link |
CVE-2022-24353 |
8.8 |
Feb. 10, 2022 |
|
(Pwn2Own) TP-Link AC1750 NetUSB Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-262 |
ZDI-CAN-15773 |
TP-Link |
CVE-2022-24352 |
8.8 |
Feb. 10, 2022 |
|
(Pwn2Own) TP-Link AC1750 NetUSB Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-261 |
ZDI-CAN-15798 |
Sonos |
CVE-2022-24049 |
9.8 |
Feb. 10, 2022 |
Feb. 14, 2022 |
(Pwn2Own) Sonos One Speaker ALAC Frame Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-260 |
ZDI-CAN-15828 |
Sonos |
CVE-2022-24046 |
9.8 |
Feb. 10, 2022 |
Feb. 14, 2022 |
(Pwn2Own) Sonos One Speaker Integer Underflow Remote Code Execution Vulnerability |
| ZDI-22-259 |
ZDI-CAN-12966 |
Advantech |
CVE-2021-38389 |
9.8 |
Feb. 2, 2022 |
|
Advantech WebAccess IOCTL 0x1138B Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-258 |
ZDI-CAN-12944 |
Advantech |
CVE-2021-33023 |
9.8 |
Feb. 2, 2022 |
|
Advantech WebAccess IOCTL 0x2722 Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-257 |
ZDI-CAN-12942 |
Advantech |
CVE-2021-33023 |
9.8 |
Feb. 2, 2022 |
|
Advantech WebAccess IOCTL 0x2722 Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-256 |
ZDI-CAN-15161 |
Sante |
CVE-2022-24064 |
7.8 |
Feb. 2, 2022 |
|
Sante DICOM Viewer Pro J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-255 |
ZDI-CAN-15105 |
Sante |
CVE-2022-24063 |
7.8 |
Feb. 2, 2022 |
|
Sante DICOM Viewer Pro JP2 File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-254 |
ZDI-CAN-15104 |
Sante |
CVE-2022-24062 |
7.8 |
Feb. 2, 2022 |
|
Sante DICOM Viewer Pro JP2 File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-253 |
ZDI-CAN-15100 |
Sante |
CVE-2022-24061 |
3.3 |
Feb. 2, 2022 |
|
Sante DICOM Viewer Pro DCM File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-22-252 |
ZDI-CAN-15099 |
Sante |
CVE-2022-24060 |
3.3 |
Feb. 2, 2022 |
|
Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-251 |
ZDI-CAN-15098 |
Sante |
CVE-2022-24059 |
7.8 |
Feb. 2, 2022 |
|
Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-250 |
ZDI-CAN-15095 |
Sante |
CVE-2022-24058 |
7.8 |
Feb. 2, 2022 |
|
Sante DICOM Viewer Pro J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-249 |
ZDI-CAN-15077 |
Sante |
CVE-2022-24057 |
7.8 |
Feb. 2, 2022 |
|
Sante DICOM Viewer Pro J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-248 |
ZDI-CAN-15076 |
Sante |
CVE-2022-24056 |
7.8 |
Feb. 2, 2022 |
|
Sante DICOM Viewer Pro J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-247 |
ZDI-CAN-14972 |
Sante |
CVE-2022-24055 |
3.3 |
Feb. 2, 2022 |
|
Sante DICOM Viewer Pro GIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-246 |
ZDI-CAN-15846 |
Samba |
CVE-2021-44142 |
9.8 |
Feb. 1, 2022 |
Feb. 1, 2022 |
(Pwn2Own) Samba fruit_pwrite Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-245 |
ZDI-CAN-15833 |
Samba |
CVE-2021-44142 |
5.3 |
Feb. 1, 2022 |
Feb. 1, 2022 |
(Pwn2Own) Samba fruit_pread Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-244 |
ZDI-CAN-16156 |
Samba |
CVE-2021-44142 |
9.8 |
Feb. 1, 2022 |
|
Samba AppleDouble Entry Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-243 |
ZDI-CAN-15631 |
Bentley |
CVE-2021-46656 |
7.8 |
Jan. 31, 2022 |
|
Bentley View JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-242 |
ZDI-CAN-15630 |
Bentley |
CVE-2021-46655 |
7.8 |
Jan. 31, 2022 |
|
Bentley View JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-241 |
ZDI-CAN-15540 |
Bentley |
CVE-2021-46654 |
3.3 |
Jan. 31, 2022 |
|
Bentley View DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-240 |
ZDI-CAN-15539 |
Bentley |
CVE-2021-46653 |
7.8 |
Jan. 31, 2022 |
|
Bentley View BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-239 |
ZDI-CAN-15538 |
Bentley |
CVE-2021-46652 |
7.8 |
Jan. 31, 2022 |
|
Bentley View DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-238 |
ZDI-CAN-15537 |
Bentley |
CVE-2021-46651 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-237 |
ZDI-CAN-15536 |
Bentley |
CVE-2021-46650 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-236 |
ZDI-CAN-15535 |
Bentley |
CVE-2021-46649 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-235 |
ZDI-CAN-15534 |
Bentley |
CVE-2021-46648 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-234 |
ZDI-CAN-15533 |
Bentley |
CVE-2021-46647 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-233 |
ZDI-CAN-15532 |
Bentley |
CVE-2021-46646 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-232 |
ZDI-CAN-15531 |
Bentley |
CVE-2021-46645 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-231 |
ZDI-CAN-15530 |
Bentley |
CVE-2021-46644 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-230 |
ZDI-CAN-15515 |
Bentley |
CVE-2021-46643 |
7.8 |
Jan. 31, 2022 |
|
Bentley View DGN File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-229 |
ZDI-CAN-15514 |
Bentley |
CVE-2021-46642 |
3.3 |
Jan. 31, 2022 |
|
Bentley View DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-228 |
ZDI-CAN-15513 |
Bentley |
CVE-2021-46641 |
7.8 |
Jan. 31, 2022 |
|
Bentley View DGN File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-227 |
ZDI-CAN-15512 |
Bentley |
CVE-2021-46640 |
7.8 |
Jan. 31, 2022 |
|
Bentley View DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-226 |
ZDI-CAN-15511 |
Bentley |
CVE-2021-46639 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-225 |
ZDI-CAN-15510 |
Bentley |
CVE-2021-46638 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-224 |
ZDI-CAN-15509 |
Bentley |
CVE-2021-46637 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-223 |
ZDI-CAN-15508 |
Bentley |
CVE-2021-46636 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-222 |
ZDI-CAN-15507 |
Bentley |
CVE-2021-46635 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-221 |
ZDI-CAN-15464 |
Bentley |
CVE-2021-46634 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-220 |
ZDI-CAN-15463 |
Bentley |
CVE-2021-46633 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT PDF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-219 |
ZDI-CAN-15462 |
Bentley |
CVE-2021-46632 |
3.3 |
Jan. 31, 2022 |
|
Bentley View JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-218 |
ZDI-CAN-15461 |
Bentley |
CVE-2021-46631 |
7.8 |
Jan. 31, 2022 |
|
Bentley View TIF File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-22-217 |
ZDI-CAN-15460 |
Bentley |
CVE-2021-46630 |
3.3 |
Jan. 31, 2022 |
|
Bentley View FBX File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-216 |
ZDI-CAN-15459 |
Bentley |
CVE-2021-46629 |
3.3 |
Jan. 31, 2022 |
|
Bentley View BMP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-215 |
ZDI-CAN-15458 |
Bentley |
CVE-2021-46628 |
3.3 |
Jan. 31, 2022 |
|
Bentley View BMP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-214 |
ZDI-CAN-15457 |
Bentley |
CVE-2021-46627 |
7.8 |
Jan. 31, 2022 |
|
Bentley View DXF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-213 |
ZDI-CAN-15456 |
Bentley |
CVE-2021-46626 |
7.8 |
Jan. 31, 2022 |
|
Bentley View J2K File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-212 |
ZDI-CAN-15455 |
Bentley |
CVE-2021-46625 |
7.8 |
Jan. 31, 2022 |
|
Bentley View JT File Parsing Double Free Remote Code Execution Vulnerability |
| ZDI-22-211 |
ZDI-CAN-15454 |
Bentley |
CVE-2021-46624 |
3.3 |
Jan. 31, 2022 |
|
Bentley View DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-210 |
ZDI-CAN-15453 |
Bentley |
CVE-2021-46623 |
3.3 |
Jan. 31, 2022 |
|
Bentley View 3DS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-209 |
ZDI-CAN-15416 |
Bentley |
CVE-2021-46622 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT J2K File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-208 |
ZDI-CAN-15415 |
Bentley |
CVE-2021-46621 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Double Free Remote Code Execution Vulnerability |
| ZDI-22-207 |
ZDI-CAN-15414 |
Bentley |
CVE-2021-46620 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT FBX File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-206 |
ZDI-CAN-15413 |
Bentley |
CVE-2021-46619 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-205 |
ZDI-CAN-15412 |
Bentley |
CVE-2021-46618 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT PNG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-204 |
ZDI-CAN-15411 |
Bentley |
CVE-2021-46617 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT TIF File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-22-203 |
ZDI-CAN-15410 |
Bentley |
CVE-2021-46616 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT BMP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-202 |
ZDI-CAN-15409 |
Bentley |
CVE-2021-46615 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT BMP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-201 |
ZDI-CAN-15408 |
Bentley |
CVE-2021-46614 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT J2K File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-200 |
ZDI-CAN-15407 |
Bentley |
CVE-2021-46613 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DXF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-199 |
ZDI-CAN-15406 |
Bentley |
CVE-2021-46612 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-198 |
ZDI-CAN-15405 |
Bentley |
CVE-2021-46611 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-197 |
ZDI-CAN-15404 |
Bentley |
CVE-2021-46610 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-196 |
ZDI-CAN-15403 |
Bentley |
CVE-2021-46609 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT PDF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-195 |
ZDI-CAN-15402 |
Bentley |
CVE-2021-46608 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-194 |
ZDI-CAN-15401 |
Bentley |
CVE-2021-46607 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT 3DS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-193 |
ZDI-CAN-15400 |
Bentley |
CVE-2021-46606 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-192 |
ZDI-CAN-15399 |
Bentley |
CVE-2021-46605 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-191 |
ZDI-CAN-15398 |
Bentley |
CVE-2021-46604 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT PNG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-190 |
ZDI-CAN-15397 |
Bentley |
CVE-2021-46603 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT J2K File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-189 |
ZDI-CAN-15396 |
Bentley |
CVE-2021-46602 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT 3DS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-188 |
ZDI-CAN-15395 |
Bentley |
CVE-2021-46601 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-187 |
ZDI-CAN-15394 |
Bentley |
CVE-2021-46600 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-186 |
ZDI-CAN-15393 |
Bentley |
CVE-2021-46599 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-185 |
ZDI-CAN-15392 |
Bentley |
CVE-2021-46598 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-22-184 |
ZDI-CAN-15391 |
Bentley |
CVE-2021-46597 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-183 |
ZDI-CAN-15390 |
Bentley |
CVE-2021-46596 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT OBJ File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-182 |
ZDI-CAN-15389 |
Bentley |
CVE-2021-46595 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT 3DS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-181 |
ZDI-CAN-15388 |
Bentley |
CVE-2021-46594 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-180 |
ZDI-CAN-15387 |
Bentley |
CVE-2021-46593 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-179 |
ZDI-CAN-15386 |
Bentley |
CVE-2021-46592 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT 3DS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-178 |
ZDI-CAN-15385 |
Bentley |
CVE-2021-46591 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-177 |
ZDI-CAN-15384 |
Bentley |
CVE-2021-46590 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-176 |
ZDI-CAN-15383 |
Bentley |
CVE-2021-46589 |
3.3 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-175 |
ZDI-CAN-15382 |
Bentley |
CVE-2021-46588 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-174 |
ZDI-CAN-15381 |
Bentley |
CVE-2021-46587 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT 3DS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-173 |
ZDI-CAN-15380 |
Bentley |
CVE-2021-46586 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT 3DS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-172 |
ZDI-CAN-15379 |
Bentley |
CVE-2021-46585 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-171 |
ZDI-CAN-15378 |
Bentley |
CVE-2021-46584 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-170 |
ZDI-CAN-15377 |
Bentley |
CVE-2021-46583 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-169 |
ZDI-CAN-15376 |
Bentley |
CVE-2021-46582 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JP2 File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-168 |
ZDI-CAN-15375 |
Bentley |
CVE-2021-46581 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-167 |
ZDI-CAN-15374 |
Bentley |
CVE-2021-46580 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-166 |
ZDI-CAN-15373 |
Bentley |
CVE-2021-46579 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-165 |
ZDI-CAN-15372 |
Bentley |
CVE-2021-46578 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-164 |
ZDI-CAN-15371 |
Bentley |
CVE-2021-46577 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-163 |
ZDI-CAN-15370 |
Bentley |
CVE-2021-46576 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-162 |
ZDI-CAN-15369 |
Bentley |
CVE-2021-46575 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT DGN File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-161 |
ZDI-CAN-15368 |
Bentley |
CVE-2021-46574 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-160 |
ZDI-CAN-15367 |
Bentley |
CVE-2021-46573 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-159 |
ZDI-CAN-15366 |
Bentley |
CVE-2021-46572 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-158 |
ZDI-CAN-15365 |
Bentley |
CVE-2021-46571 |
7.8 |
Jan. 31, 2022 |
|
Bentley View JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-157 |
ZDI-CAN-15364 |
Bentley |
CVE-2021-46570 |
7.8 |
Jan. 31, 2022 |
|
Bentley View JT File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-22-156 |
ZDI-CAN-15031 |
Bentley |
CVE-2021-46569 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-155 |
ZDI-CAN-15030 |
Bentley |
CVE-2021-46568 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-154 |
ZDI-CAN-15028 |
Bentley |
CVE-2021-46567 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-153 |
ZDI-CAN-15027 |
Bentley |
CVE-2021-46566 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-22-152 |
ZDI-CAN-15024 |
Bentley |
CVE-2021-46565 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-151 |
ZDI-CAN-15023 |
Bentley |
CVE-2021-46564 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-22-150 |
ZDI-CAN-14990 |
Bentley |
CVE-2021-46563 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-149 |
ZDI-CAN-14987 |
Bentley |
CVE-2021-46562 |
7.8 |
Jan. 31, 2022 |
|
Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-22-148 |
ZDI-CAN-14162 |
ESET |
CVE-2021-37852 |
7.0 |
Jan. 31, 2022 |
|
ESET Endpoint Antivirus Unnecessary Privileges Local Privilege Escalation Vulnerability |
| ZDI-22-147 |
ZDI-CAN-13856 |
Trend Micro |
CVE-2022-23805 |
3.3 |
Jan. 31, 2022 |
|
Trend Micro Worry-Free Business Security Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-146 |
ZDI-CAN-14433 |
Esri |
CVE-2021-29117 |
7.8 |
Jan. 31, 2022 |
|
Esri ArcReader PMF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-22-145 |
ZDI-CAN-14439 |
Esri |
CVE-2021-29118 |
3.3 |
Jan. 31, 2022 |
|
Esri ArcReader PMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-144 |
ZDI-CAN-14267 |
Esri |
CVE-2021-29112 |
3.3 |
Jan. 31, 2022 |
|
Esri ArcReader PMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-143 |
ZDI-CAN-13801 |
Bitdefender |
CVE-2021-3641 |
6.1 |
Jan. 27, 2022 |
|
Bitdefender GravityZone Link Following Denial-of-Service Vulnerability |
| ZDI-22-142 |
ZDI-CAN-14722 |
WECON |
CVE-2021-23138 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU UMP File Parsing Trend Tag WordAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-141 |
ZDI-CAN-14720 |
WECON |
CVE-2021-23138 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU UMP File Parsing Trend Tag WordAddr3 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-140 |
ZDI-CAN-14719 |
WECON |
CVE-2021-23138 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU UMP File Parsing XY Tag WordAddr3 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-139 |
ZDI-CAN-14718 |
WECON |
CVE-2021-23138 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU UMP File Parsing XY Tag WordAddr2 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-138 |
ZDI-CAN-14717 |
WECON |
CVE-2021-23138 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU UMP File Parsing XY Tag WordAddr1 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-137 |
ZDI-CAN-14582 |
WECON |
CVE-2021-23138 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU XML File Parsing Add Tag DigitCount Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-136 |
ZDI-CAN-14581 |
WECON |
CVE-2021-23138 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU XML File Parsing BitAddr Tag ContralAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-135 |
ZDI-CAN-14580 |
WECON |
CVE-2021-23138 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU XML File Parsing Add Tag DstAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-134 |
ZDI-CAN-14579 |
WECON |
CVE-2021-23138 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU XML File Parsing BitAddr Tag ContralAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-133 |
ZDI-CAN-14578 |
WECON |
CVE-2021-23138 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU UMP FIle Parsing HmiSet Tag Type Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-132 |
ZDI-CAN-14584 |
WECON |
CVE-2021-23157 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU UMP File Parsing ScreenInfo Tag ScrnFile Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-131 |
ZDI-CAN-14577 |
WECON |
CVE-2021-23138 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU XML File Parsing Add Tag PLCAddr1 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-130 |
ZDI-CAN-14576 |
WECON |
CVE-2021-23157 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU UMP File Parsing ScreenInfo Tag ScrnName Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-129 |
ZDI-CAN-14575 |
WECON |
CVE-2021-23138 |
7.8 |
Jan. 27, 2022 |
|
WECON LeviStudioU UMP File Parsing BaseSet Tag BgOnOffBitAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-128 |
ZDI-CAN-16026 |
Oracle |
CVE-2022-21394 |
6.5 |
Jan. 21, 2022 |
|
Oracle VirtualBox TFTP Server Directory Traversal Information Disclosure Vulnerability |
| ZDI-22-127 |
ZDI-CAN-16120 |
Oracle |
CVE-2022-21380 |
6.5 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability |
| ZDI-22-126 |
ZDI-CAN-15121 |
Oracle |
CVE-2022-21356 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-125 |
ZDI-CAN-15122 |
Oracle |
CVE-2022-21357 |
6.5 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability |
| ZDI-22-124 |
ZDI-CAN-15120 |
Oracle |
CVE-2022-21355 |
6.5 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-22-123 |
ZDI-CAN-15063 |
Oracle |
CVE-2022-21346 |
7.5 |
Jan. 21, 2022 |
|
Oracle Business Intelligence ReportTemplateService XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-22-122 |
ZDI-CAN-14524 |
Oracle |
CVE-2022-21337 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-121 |
ZDI-CAN-14523 |
Oracle |
CVE-2022-21336 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-120 |
ZDI-CAN-14522 |
Oracle |
CVE-2022-21335 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-119 |
ZDI-CAN-14521 |
Oracle |
CVE-2022-21334 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-118 |
ZDI-CAN-14520 |
Oracle |
CVE-2022-21333 |
6.5 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability |
| ZDI-22-117 |
ZDI-CAN-14509 |
Oracle |
CVE-2022-21332 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-22-116 |
ZDI-CAN-14507 |
Oracle |
CVE-2022-21331 |
6.5 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability |
| ZDI-22-115 |
ZDI-CAN-14506 |
Oracle |
CVE-2022-21330 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-22-114 |
ZDI-CAN-14505 |
Oracle |
CVE-2022-21329 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-22-113 |
ZDI-CAN-14504 |
Oracle |
CVE-2022-21328 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-22-112 |
ZDI-CAN-14503 |
Oracle |
CVE-2022-21327 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-22-111 |
ZDI-CAN-14502 |
Oracle |
CVE-2022-21326 |
9.8 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-22-110 |
ZDI-CAN-14501 |
Oracle |
CVE-2022-21325 |
6.5 |
Jan. 21, 2022 |
|
Oracle MySQL Cluster Data Node Improper Validation of Array Index Information Disclosure Vulnerability |
