| ZDI-19-1045 |
ZDI-CAN-8970 |
Hewlett Packard Enterprise |
CVE-2020-7143 |
8.8 |
2020-01-29 |
2021-03-02 |
Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-1044 |
ZDI-CAN-8971 |
Hewlett Packard Enterprise |
CVE-2020-7142 |
8.8 |
2020-01-29 |
2021-03-02 |
Hewlett Packard Enterprise Intelligent Management Center eventInfo_content Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-1043 |
ZDI-CAN-8967 |
Hewlett Packard Enterprise |
CVE-2020-24652 |
8.8 |
2020-01-29 |
2021-03-02 |
Hewlett Packard Enterprise Intelligent Management Center addVsiInterfaceInfo Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-1042 |
ZDI-CAN-8968 |
Hewlett Packard Enterprise |
CVE-2020-7141 |
8.8 |
2020-01-29 |
2021-03-02 |
Hewlett Packard Enterprise Intelligent Management Center addDeviceToView Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-1041 |
ZDI-CAN-8965 |
Hewlett Packard Enterprise |
CVE-2020-24630 |
8.8 |
2020-01-29 |
2021-03-02 |
Hewlett Packard Enterprise Intelligent Management Center operatorOnlineList_content Privilege Escalation Vulnerability |
| ZDI-19-1040 |
ZDI-CAN-8964 |
Hewlett Packard Enterprise |
CVE-2020-24651 |
8.8 |
2020-01-29 |
2021-03-02 |
Hewlett Packard Enterprise Intelligent Management Center SyslogTempletSelectWin Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-1039 |
ZDI-CAN-8963 |
Hewlett Packard Enterprise |
CVE-2020-24650 |
8.8 |
2020-01-29 |
2021-03-02 |
Hewlett Packard Enterprise Intelligent Management Center legend Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-1038 |
ZDI-CAN-8943 |
Hewlett Packard Enterprise |
CVE-2020-24629 |
9.8 |
2020-01-29 |
2021-03-02 |
Hewlett Packard Enterprise Intelligent Management Center UrlAccessController Authentication Bypass Vulnerability |
| ZDI-19-1037 |
ZDI-CAN-8935 |
Hewlett Packard Enterprise |
CVE-2020-24646 |
9.8 |
2020-01-29 |
2021-03-02 |
Hewlett Packard Enterprise Intelligent Management Center tftpserver Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-1036 |
ZDI-CAN-8928 |
Hewlett Packard Enterprise |
CVE-2020-24648 |
8.8 |
2020-01-29 |
2021-06-29 |
Hewlett Packard Enterprise Intelligent Management Center AccessMgrServlet className Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-19-1035 |
ZDI-CAN-9302 |
Tencent |
CVE-2019-17151 |
4.3 |
2019-12-31 |
2020-01-08 |
Tencent WeChat name Field Unsafe Redirection Vulnerability |
| ZDI-19-1034 |
ZDI-CAN-9123 |
WECON |
CVE-2019-18236 |
7.8 |
2019-12-30 |
|
(0Day) WECON PLC Editor PLCDataCeter Port Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-1033 |
ZDI-CAN-9122 |
WECON |
CVE-2019-18236 |
7.8 |
2019-12-30 |
|
(0Day) WECON PLC Editor PLCDataCeter PortPath Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-1032 |
ZDI-CAN-8927 |
WECON |
CVE-2018-14810 |
7.8 |
2019-12-30 |
2021-12-03 |
(0Day) WECON PIStudio HSC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-1031 |
ZDI-CAN-8458 |
D-Link |
CVE-2019-17146 |
8.8 |
2019-12-23 |
|
D-Link DCS-960L HNAP SOAPAction Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-1030 |
ZDI-CAN-8921 |
Docker |
CVE-2019-17150 |
7.8 |
2019-12-20 |
|
Docker docker-credential-secretservice Double Free Privilege Escalation Vulnerability |
| ZDI-19-1029 |
ZDI-CAN-8920 |
Docker |
CVE-2019-17149 |
7.8 |
2019-12-20 |
|
Docker docker-credential-helpers Double Free Privilege Escalation Vulnerability |
| ZDI-19-1028 |
ZDI-CAN-8685 |
Parallels |
CVE-2019-17148 |
7.8 |
2019-12-20 |
|
Parallels Desktop Command Injection Privilege Escalation Vulnerability |
| ZDI-19-1027 |
ZDI-CAN-8806 |
Apple |
CVE-2019-8850 |
3.3 |
2019-12-20 |
2019-12-20 |
Apple macOS AudioToolbox MP4 Parsing Integer Overflow Information Disclosure Vulnerability |
| ZDI-19-1026 |
ZDI-CAN-8767 |
Apple |
CVE-2019-8835 |
8.8 |
2019-12-19 |
|
Apple macOS apfs Use-After-Free Privilege Escalation Vulnerability |
| ZDI-19-1025 |
ZDI-CAN-9391 |
Trend Micro |
CVE-2019-19693 |
7.1 |
2019-12-19 |
|
Trend Micro Maximum Security Link Resolution Information Disclosure And Denial-of-Service Vulnerability |
| ZDI-19-1024 |
ZDI-CAN-8823 |
Oracle |
CVE-2019-2904 |
9.8 |
2019-12-19 |
2021-06-29 |
Oracle ADF Faces Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-19-1023 |
ZDI-CAN-9278 |
Microsoft |
|
7.5 |
2019-12-17 |
|
(0Day) Microsoft Windows WebDAV Path Parsing Command Injection Remote Code Execution Vulnerability |
| ZDI-19-1022 |
ZDI-CAN-8608 |
Apple |
|
5.0 |
2019-12-17 |
|
Apple Safari commitPropertyChange Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-1021 |
ZDI-CAN-9489 |
Advantech |
CVE-2019-18257 |
9.8 |
2019-12-13 |
|
Advantech DiagAnywhere FOLDER_REMOVE Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-1020 |
ZDI-CAN-9488 |
Advantech |
CVE-2019-18257 |
9.8 |
2019-12-13 |
|
Advantech DiagAnywhere SET_CURR_DIR Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-1019 |
ZDI-CAN-9485 |
Advantech |
CVE-2019-18257 |
9.8 |
2019-12-13 |
|
Advantech DiagAnywhere FILE_CREATE Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-1018 |
ZDI-CAN-9487 |
Advantech |
CVE-2019-18257 |
9.8 |
2019-12-13 |
|
Advantech DiagAnywhere FILE_OPEN_RO Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-1017 |
ZDI-CAN-9486 |
Advantech |
CVE-2019-18257 |
9.8 |
2019-12-13 |
|
Advantech DiagAnywhere FOLDER_CREATE Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-1016 |
ZDI-CAN-9385 |
Microsoft |
CVE-2019-1408 |
8.8 |
2019-12-13 |
|
Microsoft Windows GreSetMagicColors Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-19-1015 |
ZDI-CAN-8456 |
WECON |
CVE-2019-18236 |
7.8 |
2019-12-12 |
|
(0Day) WECON PLC Editor WCP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-1014 |
ZDI-CAN-8671 |
NETGEAR |
|
5.7 |
2019-12-12 |
|
(0Day) NETGEAR AC1200 mini_httpd Cleartext Transmission of Sensitive Information Information Disclosure Vulnerability |
| ZDI-19-1013 |
ZDI-CAN-8824 |
Microsoft |
|
5.5 |
2019-12-12 |
|
(0Day) Microsoft Windows Kernel Type 1 Font Processing Stack Exhaustion Denial-of-Service Vulnerability |
| ZDI-19-1012 |
ZDI-CAN-7607 |
Linux |
|
5.5 |
2019-12-12 |
|
(0Day) Linux Kernel proc stat Improper Access Control Information Disclosure Vulnerability |
| ZDI-19-1011 |
ZDI-CAN-8615 |
NETGEAR |
|
4.4 |
2019-12-12 |
|
(0Day) NETGEAR AC1200 mini_httpd Password Storage Information Disclosure Vulnerability |
| ZDI-19-1010 |
ZDI-CAN-7883 |
Advantech |
|
9.8 |
2019-12-12 |
|
(0Day) Advantech WebAccess Node BwOpcBs Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-1009 |
ZDI-CAN-8613 |
Apple |
CVE-2019-8798 |
6.5 |
2019-12-11 |
|
Apple macOS fseventsd Uninitialized Buffer Information Disclosure Vulnerability |
| ZDI-19-1008 |
ZDI-CAN-9363 |
Microsoft |
CVE-2019-1465 |
3.3 |
2019-12-11 |
|
Microsoft Windows EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-1007 |
ZDI-CAN-9344 |
Microsoft |
CVE-2019-1466 |
3.3 |
2019-12-11 |
|
Microsoft Windows EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-1006 |
ZDI-CAN-9339 |
Microsoft |
CVE-2019-1462 |
7.8 |
2019-12-11 |
|
Microsoft PowerPoint PPT File Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-1005 |
ZDI-CAN-9320 |
Microsoft |
CVE-2019-1483 |
7.0 |
2019-12-11 |
|
Microsoft Windows AppX Deployment Service Hard Link Escalation of Privilege Vulnerability |
| ZDI-19-1004 |
ZDI-CAN-9075 |
Microsoft |
CVE-2019-1468 |
7.8 |
2019-12-11 |
|
Microsoft Windows Font Subsetting Library Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-1003 |
ZDI-CAN-8186 |
Microsoft |
CVE-2019-1481 |
4.3 |
2019-12-11 |
|
Microsoft Windows Media Player Color Conversion Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-1002 |
ZDI-CAN-8029 |
Microsoft |
CVE-2019-1480 |
4.3 |
2019-12-11 |
|
Microsoft Windows Media Player Color Transform Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-1001 |
ZDI-CAN-9237 |
Adobe |
CVE-2019-8257 |
7.8 |
2019-12-10 |
|
Adobe Acrobat Pro DC XFA Form Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-1000 |
ZDI-CAN-8624 |
Rockwell Automation |
CVE-2019-13510 |
7.8 |
2019-12-09 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-999 |
ZDI-CAN-8623 |
Rockwell Automation |
CVE-2019-13510 |
7.8 |
2019-12-09 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-998 |
ZDI-CAN-8600 |
Rockwell Automation |
CVE-2019-13510 |
7.8 |
2019-12-09 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-997 |
ZDI-CAN-9313 |
Omron |
CVE-2019-18251 |
8.8 |
2019-12-09 |
|
OMRON CX-Supervisor Vulnerable Third-Party Component Remote Code Execution Vulnerability |
| ZDI-19-996 |
ZDI-CAN-8929 |
Dell |
CVE-2019-18580 |
9.8 |
2019-11-26 |
|
Dell EMC Storage Monitoring and Reporting Java RMI Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-19-995 |
ZDI-CAN-8585 |
Apple |
CVE-2019-8831 |
3.3 |
2019-11-26 |
|
Apple macOS UIFoundation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-994 |
ZDI-CAN-8683 |
Rockwell Automation |
CVE-2019-13510 |
7.8 |
2019-11-26 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-993 |
ZDI-CAN-8682 |
Rockwell Automation |
CVE-2019-13527 |
7.8 |
2019-11-26 |
|
Rockwell Automation Arena Simulation DOE File Parsing Uninitialized Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-992 |
ZDI-CAN-8457 |
TP-Link |
CVE-2019-17147 |
8.8 |
2019-11-26 |
|
TP-LINK TL-WR841N Web Service http_parser_main Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-991 |
ZDI-CAN-8097 |
Phoenix Contact |
CVE-2019-16675 |
7.8 |
2019-11-26 |
|
Phoenix Contact Automationworx MWT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-990 |
ZDI-CAN-9477 |
Symantec |
CVE-2019-18372 |
5.3 |
2019-11-14 |
2021-01-05 |
Symantec Endpoint Protection Manager OpenSSL Privilege Escalation Vulnerability |
| ZDI-19-989 |
ZDI-CAN-9303 |
Symantec |
CVE-2019-12759 |
7.8 |
2019-11-14 |
|
Symantec Endpoint Protection Manager LuComServer stDisScriptEngine Privilege Escalation Vulnerability |
| ZDI-19-988 |
ZDI-CAN-8933 |
VMware |
CVE-2019-5541 |
8.2 |
2019-11-13 |
|
VMware Workstation e1000 Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-19-987 |
ZDI-CAN-9393 |
Microsoft |
CVE-2019-1380 |
7.0 |
2019-11-13 |
|
Microsoft Windows splwow64 Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-19-986 |
ZDI-CAN-9373 |
Microsoft |
CVE-2019-1456 |
8.6 |
2019-11-13 |
|
Microsoft Windows Kernel Type 1 Font Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-985 |
ZDI-CAN-9365 |
Microsoft |
CVE-2019-1441 |
7.8 |
2019-11-13 |
|
Microsoft Windows EMF Parsing Integer Truncation Remote Code Execution Vulnerability |
| ZDI-19-984 |
ZDI-CAN-9311 |
Microsoft |
CVE-2019-1394 |
8.8 |
2019-11-13 |
|
Microsoft Windows vMatchAPal Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-19-983 |
ZDI-CAN-9291 |
Microsoft |
CVE-2019-1393 |
8.8 |
2019-11-13 |
|
Microsoft Windows ptransMatchAPal Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-19-982 |
ZDI-CAN-9118 |
Microsoft |
CVE-2019-1396 |
8.8 |
2019-11-13 |
|
Microsoft Windows CreateXlateObject Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-19-981 |
ZDI-CAN-9110 |
Microsoft |
CVE-2019-1395 |
8.8 |
2019-11-13 |
|
Microsoft Windows CreateXlateObject Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-19-980 |
ZDI-CAN-9265 |
Microsoft |
CVE-2019-1412 |
8.4 |
2019-11-13 |
|
Microsoft Windows Kernel Type 1 Font Processing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-979 |
ZDI-CAN-9162 |
Microsoft |
CVE-2019-1385 |
6.1 |
2019-11-13 |
|
Microsoft Windows AppX Deployment Service Hard Link Denial-of-Service Vulnerability |
| ZDI-19-978 |
ZDI-CAN-9156 |
Microsoft |
CVE-2019-1423 |
7.8 |
2019-11-13 |
|
Microsoft Windows InstallService Hard Link Privilege Escalation Vulnerability |
| ZDI-19-977 |
ZDI-CAN-9238 |
Microsoft |
CVE-2019-1419 |
8.6 |
2019-11-13 |
|
Microsoft Windows Kernel Type 1 Font Processing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-976 |
ZDI-CAN-9100 |
Microsoft |
CVE-2019-1408 |
8.8 |
2019-11-13 |
|
Microsoft Windows ulGetNearestIndexFromColorref Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-19-975 |
ZDI-CAN-9022 |
Microsoft |
CVE-2019-1388 |
7.8 |
2019-11-13 |
|
Microsoft Windows UAC Unsafe Interaction Privilege Escalation Vulnerability |
| ZDI-19-974 |
ZDI-CAN-8057 |
Microsoft |
CVE-2019-1432 |
3.3 |
2019-11-13 |
|
Microsoft Windows DirectWrite Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-973 |
ZDI-CAN-8053 |
Microsoft |
CVE-2019-1411 |
3.3 |
2019-11-13 |
|
Microsoft Windows DirectWrite Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-972 |
ZDI-CAN-8945 |
Microsoft |
CVE-2019-1422 |
5.3 |
2019-11-13 |
|
Microsoft Windows IP Helper Service Hard Link Denial-of-Service Vulnerability |
| ZDI-19-971 |
ZDI-CAN-8932 |
Fuji Electric |
CVE-2019-18240 |
7.8 |
2019-11-11 |
|
Fuji Electric V-Server VPR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-970 |
ZDI-CAN-8931 |
Fuji Electric |
CVE-2019-18240 |
7.8 |
2019-11-11 |
|
Fuji Electric V-Server VPR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-969 |
ZDI-CAN-8904 |
Fuji Electric |
CVE-2019-18240 |
7.8 |
2019-11-11 |
|
Fuji Electric V-Server VPR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-968 |
ZDI-CAN-8848 |
Fuji Electric |
CVE-2019-18240 |
7.8 |
2019-11-11 |
|
Fuji Electric V-Server VPR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-967 |
ZDI-CAN-8844 |
Fuji Electric |
CVE-2019-18240 |
7.8 |
2019-11-11 |
|
Fuji Electric V-Server VPR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-966 |
ZDI-CAN-9359 |
Microsoft |
CVE-2019-1362 |
8.8 |
2019-11-11 |
|
Microsoft Windows vResetSurfacePalette Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-19-965 |
ZDI-CAN-8674 |
Oracle |
CVE-2019-2867 |
8.2 |
2019-11-11 |
|
Oracle VirtualBox shader_get_registers_used Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-19-964 |
ZDI-CAN-8673 |
Oracle |
CVE-2019-2867 |
8.2 |
2019-11-11 |
|
Oracle VirtualBox Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-19-963 |
ZDI-CAN-8418 |
Oracle |
CVE-2019-2867 |
8.2 |
2019-11-11 |
|
Oracle VirtualBox Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-19-962 |
ZDI-CAN-8851 |
Apple |
CVE-2019-8748 |
7.8 |
2019-11-06 |
|
Apple macOS AMDRadeonX4000_AMDSIGLContext Untrusted Pointer Dereference Privilege Escalation Vulnerability |
| ZDI-19-961 |
ZDI-CAN-8160 |
Apple |
|
7.8 |
2019-11-01 |
|
Apple macOS AudioToolbox Interleave Out-of-Bounds Write Remote Code Execute Vulnerability |
| ZDI-19-960 |
ZDI-CAN-8891 |
Advantech |
CVE-2019-13547 |
9.8 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM NodeRed Server Missing Authentication Remote Code Execution Vulnerability |
| ZDI-19-959 |
ZDI-CAN-9229 |
Advantech |
CVE-2019-18227 |
7.5 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM RecoveryMgmt checkSN XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-19-958 |
ZDI-CAN-9101 |
Advantech |
CVE-2019-13551 |
9.8 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM UpgradeMgmt Directory Traversal Remote Code Execution Vulnerability |
| ZDI-19-957 |
ZDI-CAN-9145 |
Advantech |
CVE-2019-18229 |
6.5 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM SQLMgmt insertData SQL Injection Information Disclosure Vulnerability |
| ZDI-19-956 |
ZDI-CAN-9144 |
Advantech |
CVE-2019-18229 |
6.5 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM SQLMgmt CreateTable SQL Injection Information Disclosure Vulnerability |
| ZDI-19-955 |
ZDI-CAN-9143 |
Advantech |
CVE-2019-18229 |
5.5 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM SQLMgmt getTableInfo SQL Injection Information Disclosure Vulnerability |
| ZDI-19-954 |
ZDI-CAN-9098 |
Advantech |
CVE-2019-18227 |
7.5 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM AccountMgmt registerAccount XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-19-953 |
ZDI-CAN-9097 |
Advantech |
CVE-2019-18227 |
7.5 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM AccountMgmt activateAccount XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-19-952 |
ZDI-CAN-9146 |
Advantech |
CVE-2019-18229 |
6.5 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM SQLMgmt updateData SQL Injection Information Disclosure Vulnerability |
| ZDI-19-951 |
ZDI-CAN-9147 |
Advantech |
CVE-2019-18229 |
6.5 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM SQLMgmt delData SQL Injection Information Disclosure Vulnerability |
| ZDI-19-950 |
ZDI-CAN-9173 |
Advantech |
CVE-2019-13551 |
8.8 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM UpgradeMgmt upload_ota Directory Traversal Remote Code Execution Vulnerability |
| ZDI-19-949 |
ZDI-CAN-9174 |
Advantech |
CVE-2019-18229 |
6.5 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM PowerMgmt fuzzySearch SQL Injection Information Disclosure Vulnerability |
| ZDI-19-948 |
ZDI-CAN-9177 |
Advantech |
CVE-2019-18229 |
6.5 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM RecoveryMgmt fuzzySearch SQL Injection Information Disclosure Vulnerability |
| ZDI-19-947 |
ZDI-CAN-9095 |
Advantech |
CVE-2019-18227 |
7.5 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM AccountMgmt fuzzySearch XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-19-946 |
ZDI-CAN-9096 |
Advantech |
CVE-2019-18227 |
7.5 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM AccountMgmt LoginForJWT XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-19-945 |
ZDI-CAN-9086 |
Advantech |
CVE-2019-18227 |
7.5 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM WechatSignin wechattokenlogin XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-19-944 |
ZDI-CAN-9094 |
Advantech |
CVE-2019-18227 |
7.5 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM RecoveryMgmt ActionCommd_ota XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-19-943 |
ZDI-CAN-9231 |
Advantech |
CVE-2019-18227 |
7.5 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM RecoveryMgmt groupFuzzSearch XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-19-942 |
ZDI-CAN-9230 |
Advantech |
CVE-2019-18227 |
7.5 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM RecoveryMgmt checkSchName XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-19-941 |
ZDI-CAN-9226 |
Advantech |
CVE-2019-13551 |
7.5 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM RMSWatchDog distributer Directory Traversal Information Disclosure Vulnerability |
| ZDI-19-940 |
ZDI-CAN-9190 |
Advantech |
CVE-2019-18229 |
6.5 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM ProtectionMgmt fuzzySearch SQL Injection Information Disclosure Vulnerability |
| ZDI-19-939 |
ZDI-CAN-9213 |
Advantech |
CVE-2019-18227 |
7.5 |
2019-11-01 |
2019-11-14 |
Advantech WISE-PaaS/RMM AccountMgmt forgotPwd XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-19-938 |
ZDI-CAN-9191 |
Advantech |
CVE-2019-18229 |
6.5 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM DeviceMgmt fuzzySearch SQL Injection Information Disclosure Vulnerability |
| ZDI-19-937 |
ZDI-CAN-9148 |
Advantech |
CVE-2019-18229 |
6.5 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM SQLMgmt qryData SQL Injection Information Disclosure Vulnerability |
| ZDI-19-936 |
ZDI-CAN-9232 |
Advantech |
CVE-2019-18227 |
7.5 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM RecoveryMgmt addRecoverySch XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-19-935 |
ZDI-CAN-8892 |
Advantech |
CVE-2019-13551 |
9.8 |
2019-11-01 |
|
Advantech WISE-PaaS/RMM upload2eMap Directory Traversal Remote Code Execution Vulnerability |
| ZDI-19-934 |
ZDI-CAN-8828 |
Apple |
CVE-2019-8755, CVE-2019-8758 |
7.8 |
2019-10-31 |
|
Apple macOS AppleIntelCFLGraphicsFramebuffer.kext Untrusted Pointer Dereference Privilege Escalation Vulnerability |
| ZDI-19-933 |
ZDI-CAN-8882 |
Jenkins |
CVE-2019-10443 |
3.3 |
2019-10-30 |
|
Jenkins iceScrum Cleartext Storage of Credentials Information Disclosure Vulnerability |
| ZDI-19-932 |
ZDI-CAN-8873 |
Jenkins |
CVE-2019-10440 |
3.3 |
2019-10-30 |
|
Jenkins NeoLoad Cleartext Storage of Credentials Information Disclosure Vulnerability |
| ZDI-19-931 |
ZDI-CAN-8919 |
Jenkins |
|
3.3 |
2019-10-30 |
|
(0Day) Jenkins Delphix Cleartext Storage of Credentials Information Disclosure Vulnerability |
| ZDI-19-930 |
ZDI-CAN-8889 |
Jenkins |
|
3.3 |
2019-10-30 |
|
(0Day) Jenkins View26 Test-Reporting Cleartext Storage of Credentials Information Disclosure Vulnerability |
| ZDI-19-929 |
ZDI-CAN-8885 |
Jenkins |
|
3.3 |
2019-10-30 |
|
(0Day) Jenkins SOASTA CloudTest Cleartext Storage of Credentials Information Disclosure Vulnerability |
| ZDI-19-928 |
ZDI-CAN-8880 |
Jenkins |
|
3.3 |
2019-10-30 |
|
(0Day) Jenkins ElasticBox CI Cleartext Storage of Credentials Information Disclosure Vulnerability |
| ZDI-19-927 |
ZDI-CAN-8879 |
Jenkins |
|
3.3 |
2019-10-30 |
|
(0Day) Jenkins Fortify on Demand Uploader Cleartext Storage of Credentials Information Disclosure Vulnerability |
| ZDI-19-926 |
ZDI-CAN-8878 |
Jenkins |
|
3.3 |
2019-10-30 |
|
(0Day) Jenkins Extensive Testing Cleartext Storage of Credentials Information Disclosure Vulnerability |
| ZDI-19-925 |
ZDI-CAN-8877 |
Jenkins |
|
3.3 |
2019-10-30 |
|
(0Day) Jenkins Sofy.AI Cleartext Storage of Credentials Information Disclosure Vulnerability |
| ZDI-19-924 |
ZDI-CAN-9381 |
Microsoft |
|
6.5 |
2019-10-30 |
|
(0Day) Microsoft Windows cdrom Driver Memory Corruption Denial-of-Service Vulnerability |
| ZDI-19-923 |
ZDI-CAN-7783 |
Phoenix Contact |
CVE-2019-16675 |
7.8 |
2019-10-29 |
|
Phoenix Contact Automationworx BCP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-19-922 |
ZDI-CAN-7782 |
Phoenix Contact |
CVE-2019-16675 |
7.8 |
2019-10-29 |
|
Phoenix Contact Automationworx BCP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-19-921 |
ZDI-CAN-8378 |
Google |
CVE-2019-13698 |
8.8 |
2019-10-29 |
|
(Pwn2Own) Google Chromium RegExpReplace Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-920 |
ZDI-CAN-8574 |
Apple |
CVE-2019-8735 |
5.0 |
2019-10-25 |
|
Apple Safari FrameDestructionObserver Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-919 |
ZDI-CAN-8093 |
Apple |
CVE-2019-8592 |
7.8 |
2019-10-25 |
|
Apple macOS AudioCodecs Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-918 |
ZDI-CAN-8653 |
Oracle |
CVE-2019-3031 |
6.0 |
2019-10-23 |
|
Oracle VirtualBox VMSVGA Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-917 |
ZDI-CAN-8652 |
Oracle |
CVE-2019-3026 |
6.5 |
2019-10-23 |
|
Oracle VirtualBox VMSVGA Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-916 |
ZDI-CAN-8842 |
Oracle |
CVE-2019-3017 |
8.2 |
2019-10-23 |
|
Oracle VirtualBox shader_record_register_usage Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-19-915 |
ZDI-CAN-9276 |
Foxit |
CVE-2019-17145 |
7.8 |
2019-10-22 |
2019-11-01 |
Foxit PhantomPDF Dwg2Pdf DXF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-914 |
ZDI-CAN-9274 |
Foxit |
CVE-2019-17144 |
7.8 |
2019-10-22 |
|
Foxit PhantomPDF Dwg2Pdf DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-913 |
ZDI-CAN-9273 |
Foxit |
CVE-2019-17143 |
3.3 |
2019-10-22 |
|
Foxit PhantomPDF Dwg2Pdf DWG File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-912 |
ZDI-CAN-9081 |
Foxit |
CVE-2019-17142 |
7.8 |
2019-10-22 |
|
Foxit PhantomPDF ListBox Field Keystroke Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-911 |
ZDI-CAN-9044 |
Foxit |
CVE-2019-17141 |
7.8 |
2019-10-22 |
|
Foxit PhantomPDF Text Field Calculate Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-910 |
ZDI-CAN-9091 |
Foxit |
CVE-2019-17140 |
7.8 |
2019-10-22 |
|
Foxit PhantomPDF Signature Field OnFocus Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-909 |
ZDI-CAN-8692 |
Foxit |
CVE-2019-17139 |
7.8 |
2019-10-22 |
|
Foxit PhantomPDF HTML2PDF HTML Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-908 |
ZDI-CAN-8809 |
Foxit |
CVE-2019-17138 |
3.3 |
2019-10-22 |
|
Foxit Studio Photo JPEG Batch Processing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-907 |
ZDI-CAN-8804 |
Adobe |
CVE-2019-8243 |
3.3 |
2019-10-21 |
2019-11-14 |
Adobe Media Encoder CC MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-906 |
ZDI-CAN-8803 |
Adobe |
CVE-2019-8244 |
3.3 |
2019-10-21 |
2019-11-14 |
Adobe Media Encoder CC MPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-905 |
ZDI-CAN-8802 |
Adobe |
CVE-2019-8241 |
3.3 |
2019-10-21 |
2019-11-14 |
Adobe Media Encoder MOV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-904 |
ZDI-CAN-8785 |
Adobe |
CVE-2019-8242 |
3.3 |
2019-10-21 |
2019-11-14 |
Adobe Media Encoder MOV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-903 |
ZDI-CAN-8445 |
Horner Automation |
CVE-2019-13545 |
7.8 |
2019-10-18 |
|
Horner Automation Cscape CSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-902 |
ZDI-CAN-8444 |
Horner Automation |
CVE-2019-13541 |
7.8 |
2019-10-18 |
|
Horner Automation Cscape CSP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-19-901 |
ZDI-CAN-9374 |
Adobe |
CVE-2019-8225 |
7.8 |
2019-10-15 |
|
Adobe Acrobat Reader DC XFA Form Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-900 |
ZDI-CAN-9317 |
Adobe |
CVE-2019-8224 |
7.8 |
2019-10-15 |
|
Adobe Acrobat Reader DC XFA closeDoc Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-899 |
ZDI-CAN-9331 |
Adobe |
CVE-2019-8223 |
7.8 |
2019-10-15 |
2021-06-29 |
Adobe Acrobat Pro DC XFA closeDoc Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-898 |
ZDI-CAN-9362 |
Adobe |
CVE-2019-8166 |
7.8 |
2019-10-15 |
|
Adobe Acrobat Pro DC DWF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-897 |
ZDI-CAN-9330 |
Adobe |
CVE-2019-8219 |
7.8 |
2019-10-15 |
|
Adobe Acrobat Pro DC XFA Form Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-896 |
ZDI-CAN-9329 |
Adobe |
CVE-2019-8217 |
7.8 |
2019-10-15 |
|
Adobe Acrobat Reader DC XFA template Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-895 |
ZDI-CAN-9316 |
Adobe |
CVE-2019-8210 |
7.8 |
2019-10-15 |
|
Adobe Acrobat Reader DC XFA instanceManager Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-894 |
ZDI-CAN-9295 |
Adobe |
CVE-2019-8208 |
7.8 |
2019-10-15 |
|
Adobe Acrobat Reader DC XFA Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-893 |
ZDI-CAN-9327 |
Adobe |
CVE-2019-8209 |
7.8 |
2019-10-15 |
2021-06-29 |
Adobe Acrobat Reader DC XFA template Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-892 |
ZDI-CAN-8937 |
Adobe |
CVE-2019-8204 |
7.8 |
2019-10-15 |
|
Adobe Acrobat Reader DC AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-891 |
ZDI-CAN-9293 |
Adobe |
CVE-2019-8203 |
7.8 |
2019-10-15 |
|
Adobe Acrobat Reader DC XFA Form Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-890 |
ZDI-CAN-8793 |
Adobe |
CVE-2019-8192 |
7.8 |
2019-10-15 |
|
Adobe Acrobat Pro DC XFA Form Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-889 |
ZDI-CAN-9153 |
Adobe |
CVE-2019-8191 |
7.8 |
2019-10-15 |
|
Adobe Acrobat Pro DC DWT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-888 |
ZDI-CAN-9154 |
Adobe |
CVE-2019-8165 |
7.8 |
2019-10-15 |
|
Adobe Acrobat Pro DC DXF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-19-887 |
ZDI-CAN-9155 |
Adobe |
CVE-2019-8190 |
3.3 |
2019-10-15 |
|
Adobe Acrobat Pro DC DXF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-886 |
ZDI-CAN-9261 |
Adobe |
CVE-2019-8163 |
3.3 |
2019-10-15 |
|
Adobe Acrobat Pro DC DST File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-885 |
ZDI-CAN-9262 |
Adobe |
CVE-2019-8189 |
3.3 |
2019-10-15 |
|
Adobe Acrobat Pro DC DXF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-884 |
ZDI-CAN-9263 |
Adobe |
CVE-2019-8188 |
3.3 |
2019-10-15 |
|
Adobe Acrobat Pro DC DWG File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-883 |
ZDI-CAN-9264 |
Adobe |
CVE-2019-8187 |
3.3 |
2019-10-15 |
|
Adobe Acrobat Pro DC DWG File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-882 |
ZDI-CAN-8816 |
Adobe |
CVE-2019-8181 |
7.8 |
2019-10-15 |
|
Adobe Acrobat Pro DC DST File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-881 |
ZDI-CAN-8817 |
Adobe |
CVE-2019-8180 |
7.8 |
2019-10-15 |
|
Adobe Acrobat Pro DC DST File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-880 |
ZDI-CAN-8819 |
Adobe |
CVE-2019-8179 |
7.8 |
2019-10-15 |
|
Adobe Acrobat Pro DC DST File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-879 |
ZDI-CAN-8820 |
Adobe |
CVE-2019-8178 |
7.8 |
2019-10-15 |
|
Adobe Acrobat Pro DC DST File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-878 |
ZDI-CAN-8854 |
Adobe |
CVE-2019-8177 |
7.8 |
2019-10-15 |
|
Adobe Acrobat Pro DC XFA calculate Event Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-877 |
ZDI-CAN-8765 |
Adobe |
CVE-2019-8176 |
7.8 |
2019-10-15 |
|
Adobe Acrobat Pro DC XFA validate Event Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-876 |
ZDI-CAN-8732 |
Adobe |
CVE-2019-8064 |
3.3 |
2019-10-15 |
|
Adobe Acrobat Pro DC XFA presence Element Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-875 |
ZDI-CAN-8818 |
Adobe |
CVE-2019-8175 |
7.8 |
2019-10-15 |
|
Adobe Acrobat Pro DC DST File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-874 |
ZDI-CAN-8689 |
Adobe |
CVE-2019-8174 |
7.8 |
2019-10-15 |
2020-07-14 |
Adobe Acrobat Pro DC RestorePlugInFrame Memory Corruption Remote Code Execution Vulnerability |
| ZDI-19-873 |
ZDI-CAN-8781 |
Adobe |
CVE-2019-8173 |
3.3 |
2019-10-15 |
|
Adobe Acrobat Pro DC Distiller PostScript JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-872 |
ZDI-CAN-8678 |
Adobe |
CVE-2019-8172 |
3.3 |
2019-10-15 |
|
Adobe Acrobat Pro DC DST File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-871 |
ZDI-CAN-8744 |
Adobe |
CVE-2019-8171 |
7.8 |
2019-10-15 |
|
Adobe Acrobat Pro DC PostScript CharString Directory NULL Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-870 |
ZDI-CAN-8681 |
Adobe |
CVE-2019-8170 |
7.8 |
2019-10-15 |
|
Adobe Acrobat Pro DC PostScript File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-869 |
ZDI-CAN-8926 |
Microsoft |
CVE-2019-1362 |
8.8 |
2019-10-10 |
|
Microsoft Windows CreateSurfacePal Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-19-868 |
ZDI-CAN-8852 |
Microsoft |
CVE-2019-1362 |
8.8 |
2019-10-10 |
|
Microsoft Windows CreateSurfacePal Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-19-867 |
ZDI-CAN-8746 |
Microsoft |
CVE-2019-1361 |
4.3 |
2019-10-10 |
|
Microsoft Windows user32 Cursor Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-866 |
ZDI-CAN-8616 |
NETGEAR |
CVE-2019-17137 |
9.4 |
2019-10-10 |
2020-01-06 |
NETGEAR AC1200 mini_httpd Poison Null Byte Authentication Bypass Vulnerability |
| ZDI-19-865 |
ZDI-CAN-8739 |
Apple |
CVE-2019-8707 |
8.8 |
2019-10-08 |
|
Apple WebKit HashTable Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-864 |
ZDI-CAN-8668 |
Apple |
CVE-2019-8707 |
8.8 |
2019-10-08 |
|
Apple WebKit CSSAnimation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-863 |
ZDI-CAN-8588 |
Apple |
CVE-2019-8745 |
7.8 |
2019-10-08 |
|
Apple macOS CFFromShiftJISLen Out-Of-Bounds Read Remote Code Execution |
| ZDI-19-862 |
ZDI-CAN-8833 |
Jenkins |
CVE-2019-10433 |
5.3 |
2019-10-04 |
|
Jenkins dingding-notifications Cleartext Storage of Credentials Information Disclosure Vulnerability |
| ZDI-19-861 |
ZDI-CAN-8776 |
Foxit |
CVE-2019-17136 |
7.8 |
2019-10-04 |
|
Foxit PhantomPDF Dwg2Pdf DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-860 |
ZDI-CAN-8775 |
Foxit |
CVE-2019-17135 |
7.8 |
2019-10-04 |
|
Foxit PhantomPDF Dwg2Pdf DXF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-19-859 |
ZDI-CAN-8774 |
Foxit |
CVE-2019-13334 |
7.8 |
2019-10-04 |
|
Foxit PhantomPDF Dwg2Pdf DXF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-19-858 |
ZDI-CAN-8773 |
Foxit |
CVE-2019-13333 |
7.8 |
2019-10-04 |
|
Foxit PhantomPDF Dwg2Pdf DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-857 |
ZDI-CAN-8719 |
Apple |
CVE-2019-8539 |
4.7 |
2019-10-04 |
|
Apple macOS diskmanagementd Uninitialized Buffer Information Disclosure Vulnerability |
| ZDI-19-856 |
ZDI-CAN-8584 |
Apple |
CVE-2019-8657 |
3.3 |
2019-10-04 |
|
Apple macOS parseText1Fast Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-855 |
ZDI-CAN-9149 |
Foxit |
CVE-2019-13332 |
7.8 |
2019-10-01 |
|
Foxit Reader XFA Form Template Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-854 |
ZDI-CAN-8838 |
Foxit |
CVE-2019-13331 |
7.8 |
2019-10-01 |
|
Foxit Reader JPG File ConvertToPDF Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-853 |
ZDI-CAN-8742 |
Foxit |
CVE-2019-13330 |
7.8 |
2019-10-01 |
|
Foxit Reader JPG File ConvertToPDF Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-852 |
ZDI-CAN-8695 |
Foxit |
CVE-2019-13329 |
7.8 |
2019-10-01 |
|
Foxit Reader TIF File ConvertToPDF Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-851 |
ZDI-CAN-8913 |
Foxit |
CVE-2019-13328 |
7.8 |
2019-10-01 |
|
Foxit Reader AcroForm Field Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-850 |
ZDI-CAN-8888 |
Foxit |
CVE-2019-13327 |
7.8 |
2019-10-01 |
|
Foxit Reader AcroForm Field Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-849 |
ZDI-CAN-8864 |
Foxit |
CVE-2019-13326 |
7.8 |
2019-10-01 |
|
Foxit Reader AcroForm Field Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-848 |
ZDI-CAN-9312 |
Microsoft |
|
6.1 |
2019-09-24 |
|
(0Day) Microsoft Windows Storage Service Link Resolution Denial-of-Service Vulnerability |
| ZDI-19-847 |
ZDI-CAN-9272 |
Advantech |
CVE-2019-13556 |
9.8 |
2019-09-17 |
|
Advantech WebAccess Node bwrunrpt Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-846 |
ZDI-CAN-9271 |
Advantech |
CVE-2019-13552 |
5.3 |
2019-09-17 |
|
Advantech WebAccess Node BwDlgpUp Arbitrary File Deletion Vulnerability |
| ZDI-19-845 |
ZDI-CAN-9270 |
Advantech |
CVE-2019-13552 |
5.3 |
2019-09-17 |
|
Advantech WebAccess Node bwgetval Arbitrary File Deletion Vulnerability |
| ZDI-19-844 |
ZDI-CAN-9269 |
Advantech |
CVE-2019-13552 |
9.8 |
2019-09-17 |
|
Advantech WebAccess Node bwrunmie Command Injection Remote Code Execution Vulnerability |
| ZDI-19-843 |
ZDI-CAN-9236 |
Advantech |
CVE-2019-13556 |
9.8 |
2019-09-17 |
|
Advantech WebAccess Node cnvlgxtag Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-842 |
ZDI-CAN-8922 |
Foxit |
CVE-2019-13325 |
7.8 |
2019-09-17 |
|
Foxit Studio Photo EPS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-841 |
ZDI-CAN-8782 |
Foxit |
CVE-2019-13324 |
7.8 |
2019-09-17 |
|
Foxit Studio Photo TIFF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-840 |
ZDI-CAN-8783 |
Foxit |
CVE-2019-13323 |
7.8 |
2019-09-17 |
|
Foxit Studio Photo TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-839 |
ZDI-CAN-8874 |
Jenkins |
CVE-2019-10378 |
3.3 |
2019-09-17 |
|
Jenkins testlink Cleartext Storage of Credentials Information Disclosure Vulnerability |
| ZDI-19-838 |
ZDI-CAN-8893 |
Jenkins |
CVE-2019-10350 |
3.3 |
2019-09-17 |
|
Jenkins Port Allocator Cleartext Storage of Credentials Information Disclosure Vulnerability |
| ZDI-19-837 |
ZDI-CAN-8884 |
Jenkins |
CVE-2019-10348 |
3.3 |
2019-09-17 |
|
Jenkins Gogs Cleartext Storage of Credentials Information Disclosure Vulnerability |
| ZDI-19-836 |
ZDI-CAN-8883 |
Jenkins |
CVE-2019-10351 |
3.3 |
2019-09-17 |
|
Jenkins Caliper CI Cleartext Storage of Credentials Information Disclosure Vulnerability |
| ZDI-19-835 |
ZDI-CAN-8881 |
Jenkins |
CVE-2019-10361 |
3.3 |
2019-09-17 |
|
Jenkins Maven Release Cleartext Storage of Credentials Information Disclosure Vulnerability |
| ZDI-19-834 |
ZDI-CAN-8876 |
Jenkins |
CVE-2019-10385 |
3.3 |
2019-09-17 |
|
Jenkins eggPlant Cleartext Storage of Credentials Information Disclosure Vulnerability |
| ZDI-19-833 |
ZDI-CAN-8875 |
Jenkins |
CVE-2019-10366 |
3.3 |
2019-09-17 |
|
Jenkins Skytap Cloud CI Cleartext Storage of Credentials Information Disclosure Vulnerability |
| ZDI-19-832 |
ZDI-CAN-8091 |
Apple |
CVE-2019-8585 |
5.3 |
2019-09-17 |
|
QuickTime get_by_tree Memory Corruption Information Disclosure Vulnerability |
| ZDI-19-831 |
ZDI-CAN-8849 |
Microsoft |
CVE-2019-1208 |
8.8 |
2019-09-12 |
|
Microsoft Windows VBScript Array Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-830 |
ZDI-CAN-8560 |
Delta Industrial Automation |
CVE-2019-13544 |
7.8 |
2019-09-11 |
|
Delta Industrial Automation TPEditor TPE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-829 |
ZDI-CAN-8558 |
Delta Industrial Automation |
CVE-2019-13544 |
7.8 |
2019-09-11 |
|
Delta Industrial Automation TPEditor TPE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-828 |
ZDI-CAN-8563 |
Delta Industrial Automation |
CVE-2019-13536 |
7.8 |
2019-09-11 |
|
Delta Industrial Automation TPEditor TPE File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-827 |
ZDI-CAN-8561 |
Delta Industrial Automation |
CVE-2019-13536 |
7.8 |
2019-09-11 |
|
Delta Industrial Automation TPEditor TPE File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-826 |
ZDI-CAN-8559 |
Delta Industrial Automation |
CVE-2019-13536 |
7.8 |
2019-09-11 |
|
Delta Industrial Automation TPEditor TPE File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-825 |
ZDI-CAN-8556 |
Delta Industrial Automation |
CVE-2019-13536 |
7.8 |
2019-09-11 |
|
Delta Industrial Automation TPEditor TPE File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-824 |
ZDI-CAN-8557 |
Delta Industrial Automation |
CVE-2019-13540 |
7.8 |
2019-09-11 |
|
Delta Industrial Automation TPEditor TPE File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-823 |
ZDI-CAN-8770 |
Delta Industrial Automation |
CVE-2019-13540 |
7.8 |
2019-09-11 |
|
Delta Industrial Automation TPEditor TPE File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-822 |
ZDI-CAN-8752 |
Microsoft |
CVE-2019-1283 |
3.3 |
2019-09-11 |
|
Microsoft Windows gdi32 Icon Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-821 |
ZDI-CAN-8747 |
Microsoft |
CVE-2019-1283 |
3.3 |
2019-09-11 |
|
Microsoft Windows user32 Cursor Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-820 |
ZDI-CAN-8590 |
Fuji Electric |
CVE-2019-13520 |
7.8 |
2019-09-11 |
|
Fuji Electric Alpha5 WPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-819 |
ZDI-CAN-9066 |
Apple |
CVE-2019-8692 |
5.6 |
2019-09-10 |
|
Apple macOS AMDRadeonX4000 Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-818 |
ZDI-CAN-9079 |
Adobe |
CVE-2019-8070 |
8.8 |
2019-09-10 |
|
Adobe Flash Player PSDK Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-817 |
ZDI-CAN-8853 |
Adobe |
CVE-2019-8069 |
8.8 |
2019-09-10 |
|
Adobe Flash Player navigateToURL Same-Origin Policy Bypass Remote Code Execution Vulnerability |
| ZDI-19-816 |
ZDI-CAN-9120 |
Microsoft |
CVE-2019-1306 |
8.3 |
2019-09-10 |
|
Microsoft Azure DevOps Server Markdown Indexing Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-19-815 |
ZDI-CAN-8811 |
Microsoft |
CVE-2019-1297 |
7.0 |
2019-09-10 |
|
Microsoft Excel XLS File Label Record Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-814 |
ZDI-CAN-8204 |
Microsoft |
CVE-2019-1295 |
7.2 |
2019-09-10 |
|
Microsoft SharePoint Business Data Connectivity Service Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-19-813 |
ZDI-CAN-8161 |
Microsoft |
CVE-2019-1296 |
7.2 |
2019-09-10 |
|
Microsoft SharePoint Business Data Connectivity Service Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-19-812 |
ZDI-CAN-8159 |
Microsoft |
CVE-2019-1257 |
8.8 |
2019-09-10 |
|
Microsoft SharePoint Business Data Connectivity Service Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-19-811 |
ZDI-CAN-8729 |
Microsoft |
CVE-2019-1252 |
3.1 |
2019-09-10 |
2023-06-22 |
Microsoft Windows EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-810 |
ZDI-CAN-8711 |
Microsoft |
CVE-2019-1248 |
7.0 |
2019-09-10 |
|
Microsoft Windows JET Database Engine Integer Underflow Remote Code Execution Vulnerability |
| ZDI-19-809 |
ZDI-CAN-8701 |
Microsoft |
CVE-2019-1246 |
7.0 |
2019-09-10 |
|
Microsoft Windows JET Database Engine Integer Underflow Remote Code Execution Vulnerability |
| ZDI-19-808 |
ZDI-CAN-8664 |
Microsoft |
CVE-2019-1251 |
3.3 |
2019-09-10 |
|
Microsoft Windows gdi32full Font Parsing Integer Overflow Information Disclosure Vulnerability |
| ZDI-19-807 |
ZDI-CAN-8597 |
Microsoft |
CVE-2019-1241 |
7.0 |
2019-09-10 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-806 |
ZDI-CAN-8595 |
Microsoft |
CVE-2019-1249 |
7.0 |
2019-09-10 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-805 |
ZDI-CAN-8529 |
Microsoft |
CVE-2019-1242 |
7.0 |
2019-09-10 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-804 |
ZDI-CAN-8488 |
Microsoft |
CVE-2019-1243 |
7.0 |
2019-09-10 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-803 |
ZDI-CAN-8602 |
Microsoft |
CVE-2019-1253 |
6.1 |
2019-09-10 |
|
Microsoft Windows AppX Deployment Service Junction Arbitrary File Deletion Vulnerability |
| ZDI-19-802 |
ZDI-CAN-8175 |
Rockwell Automation |
CVE-2019-13519 |
7.8 |
2019-09-09 |
|
Rockwell Automation Arena Simulation DOE File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-801 |
ZDI-CAN-8062 |
Rockwell Automation |
CVE-2019-13510 |
7.8 |
2019-09-09 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-800 |
ZDI-CAN-8174 |
Rockwell Automation |
CVE-2019-13510 |
7.8 |
2019-09-09 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-799 |
ZDI-CAN-8134 |
Rockwell Automation |
CVE-2019-13521 |
7.8 |
2019-09-09 |
|
Rockwell Automation Arena Simulation DOE File Insufficient UI Warning Remote Code Execution Vulnerability |
| ZDI-19-798 |
ZDI-CAN-8566 |
Fuji Electric |
CVE-2019-13520 |
7.8 |
2019-09-05 |
|
Fuji Electric Alpha5 SDP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-797 |
ZDI-CAN-8310 |
Red Lion |
CVE-2019-10996 |
3.3 |
2019-09-05 |
|
Red Lion Crimson CD31 File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-796 |
ZDI-CAN-8307 |
Red Lion |
CVE-2019-10978 |
3.3 |
2019-09-05 |
|
Red Lion Crimson CD31 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-795 |
ZDI-CAN-8302 |
Red Lion |
CVE-2019-10978 |
3.3 |
2019-09-05 |
|
Red Lion Crimson CD31 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-794 |
ZDI-CAN-8300 |
Red Lion |
CVE-2019-10978 |
3.3 |
2019-09-05 |
|
Red Lion Crimson CD31 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-793 |
ZDI-CAN-8301 |
Red Lion |
CVE-2019-10978 |
7.8 |
2019-09-05 |
|
Red Lion Crimson CD31 File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-19-792 |
ZDI-CAN-8305 |
Red Lion |
CVE-2019-10978 |
3.3 |
2019-09-05 |
|
Red Lion Crimson CD31 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-791 |
ZDI-CAN-8245 |
Red Lion |
CVE-2019-10984 |
7.8 |
2019-09-05 |
2021-06-29 |
Red Lion Crimson CD3 File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-790 |
ZDI-CAN-7650 |
Red Lion |
CVE-2019-10978 |
3.3 |
2019-09-05 |
|
Red Lion Crimson CD31 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-789 |
ZDI-CAN-7586 |
Red Lion |
CVE-2019-10984 |
7.8 |
2019-09-05 |
|
Red Lion Crimson CD31 File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-788 |
ZDI-CAN-7645 |
Red Lion |
CVE-2019-10996 |
7.8 |
2019-09-05 |
|
Red Lion Crimson CD31 File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-787 |
ZDI-CAN-8179 |
Red Lion |
CVE-2019-10996 |
7.8 |
2019-09-05 |
2021-06-29 |
Red Lion Crimson CD3 File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-786 |
ZDI-CAN-8168 |
Red Lion |
CVE-2019-10984 |
7.8 |
2019-09-05 |
2021-06-29 |
Red Lion Crimson CD3 File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-19-785 |
ZDI-CAN-8188 |
Red Lion |
CVE-2019-10990 |
6.5 |
2019-09-05 |
2021-06-29 |
Red Lion Crimson Hard-coded Cryptographic Key Information Disclosure Vulnerability |
| ZDI-19-784 |
ZDI-CAN-8167 |
Red Lion |
CVE-2019-10978 |
7.8 |
2019-09-05 |
2021-06-29 |
Red Lion Crimson CD3 Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-783 |
ZDI-CAN-7653 |
Red Lion |
CVE-2019-10996 |
7.8 |
2019-09-05 |
|
Red Lion Crimson CD31 File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-782 |
ZDI-CAN-8375 |
Mozilla |
CVE-2019-9812 |
5.5 |
2019-09-05 |
|
(Pwn2Own) Mozilla Firefox sync Universal Cross-Site Scripting Sandbox Escape Vulnerability |
| ZDI-19-781 |
ZDI-CAN-8748 |
Microsoft |
CVE-2019-1283 |
4.3 |
2019-09-04 |
2019-09-06 |
(0Day) Microsoft Windows user32 Cursor Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-780 |
ZDI-CAN-8316 |
Google |
CVE-2019-10565 |
7.8 |
2019-09-04 |
2020-03-13 |
(0Day) Google Android v4l2 Double Free Privilege Escalation Vulnerability |
| ZDI-19-779 |
ZDI-CAN-8521 |
Adobe |
CVE-2019-7989 |
7.8 |
2019-08-27 |
|
Adobe Photoshop JSX File ExtendScript Folder.rename Insufficient UI Warning Remote Code Execution Vulnerability |
| ZDI-19-778 |
ZDI-CAN-8519 |
Adobe |
CVE-2019-7989 |
5.5 |
2019-08-27 |
|
Adobe Photoshop JSX File ExtendScript Folder.remove Insufficient UI Warning Denial-of-Service Vulnerability |
| ZDI-19-777 |
ZDI-CAN-8505 |
Adobe |
CVE-2019-7989 |
7.8 |
2019-08-27 |
|
Adobe Photoshop JSX File ExtendScript File.copy Insufficient UI Warning Remote Code Execution Vulnerability |
| ZDI-19-776 |
ZDI-CAN-8504 |
Adobe |
CVE-2019-7989 |
5.5 |
2019-08-27 |
|
Adobe Photoshop JSX File ExtendScript File.remove Insufficient UI Warning Denial-of-Service Vulnerability |
| ZDI-19-775 |
ZDI-CAN-8503 |
Adobe |
CVE-2019-7989 |
5.5 |
2019-08-27 |
|
Adobe Photoshop JSX File ExtendScript File.readch Insufficient UI Warning Information Disclosure Vulnerability |
| ZDI-19-774 |
ZDI-CAN-8502 |
Adobe |
CVE-2019-7989 |
7.8 |
2019-08-27 |
|
Adobe Photoshop JSX File ExtendScript File.rename Insufficient UI Warning Remote Code Execution Vulnerability |
| ZDI-19-773 |
ZDI-CAN-8501 |
Adobe |
CVE-2019-7989 |
5.5 |
2019-08-27 |
|
Adobe Photoshop JSX File ExtendScript File.read Insufficient UI Warning Information Disclosure Vulnerability |
| ZDI-19-772 |
ZDI-CAN-8500 |
Adobe |
CVE-2019-7989 |
5.5 |
2019-08-27 |
|
Adobe Photoshop JSX File ExtendScript File.readln Insufficient UI Warning Information Disclosure Vulnerability |
| ZDI-19-771 |
ZDI-CAN-8499 |
Adobe |
CVE-2019-7989 |
7.8 |
2019-08-27 |
|
Adobe Photoshop JSX File ExtendScript File.writeln Insufficient UI Warning Remote Code Execution Vulnerability |
| ZDI-19-770 |
ZDI-CAN-8498 |
Adobe |
CVE-2019-7989 |
7.8 |
2019-08-27 |
|
Adobe Photoshop JSX File ExtendScript File.write Insufficient UI Warning Remote Code Execution Vulnerability |
| ZDI-19-769 |
ZDI-CAN-8497 |
Adobe |
CVE-2019-7989 |
7.8 |
2019-08-27 |
|
Adobe Photoshop JSX File ExtendScript File.execute Insufficient UI Warning Remote Code Execution Vulnerability |
| ZDI-19-768 |
ZDI-CAN-8496 |
Adobe |
CVE-2019-7989 |
7.8 |
2019-08-27 |
|
Adobe Photoshop JSX File ExtendScript app.system Insufficient UI Warning Remote Code Execution Vulnerability |
| ZDI-19-767 |
ZDI-CAN-8438 |
Apple |
CVE-2019-8681 |
5.0 |
2019-08-27 |
|
Apple Safari InlineBox Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-766 |
ZDI-CAN-8360 |
Apple |
CVE-2019-8604 |
9.3 |
2019-08-27 |
|
Apple macOS securityd Heap-based Buffer Overflow Sandbox Escape Vulnerability |
| ZDI-19-765 |
ZDI-CAN-8359 |
Apple |
CVE-2019-8601 |
8.8 |
2019-08-27 |
|
Apple Safari Integer Overflow Remote Code Execution Vulnerability |
| ZDI-19-764 |
ZDI-CAN-8246 |
WECON |
CVE-2019-6537 |
7.8 |
2019-08-21 |
2019-09-17 |
(0Day) WECON LeviStudioU ShortMessage_Module SMtext Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-763 |
ZDI-CAN-8772 |
Fuji Electric |
CVE-2019-13520 |
7.8 |
2019-08-19 |
|
Fuji Electric Alpha5 SDP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-762 |
ZDI-CAN-8756 |
Fuji Electric |
CVE-2019-13520 |
7.8 |
2019-08-19 |
|
Fuji Electric Alpha5 SDP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-761 |
ZDI-CAN-8568 |
Fuji Electric |
CVE-2019-13520 |
7.8 |
2019-08-19 |
|
Fuji Electric Alpha5 PLD File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-760 |
ZDI-CAN-8800 |
Adobe |
CVE-2019-8058 |
3.3 |
2019-08-19 |
|
Adobe Acrobat Pro DC AcroForm fillColor Property Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-759 |
ZDI-CAN-8798 |
Adobe |
CVE-2019-8057 |
7.8 |
2019-08-19 |
|
Adobe Acrobat Pro DC AcroForm textSize Property Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-758 |
ZDI-CAN-8797 |
Adobe |
CVE-2019-8056 |
3.3 |
2019-08-19 |
|
Adobe Acrobat Pro DC AcroForm strokeColor Property Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-757 |
ZDI-CAN-8795 |
Adobe |
CVE-2019-8059 |
3.3 |
2019-08-19 |
|
Adobe Acrobat Pro DC AcroForm lineWidth Property Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-756 |
ZDI-CAN-8799 |
Adobe |
CVE-2019-8053 |
3.3 |
2019-08-19 |
|
Adobe Acrobat Pro DC AcroForm submitName Property Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-755 |
ZDI-CAN-8796 |
Adobe |
CVE-2019-8054 |
3.3 |
2019-08-19 |
|
Adobe Acrobat Pro DC AcroForm rect Property Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-754 |
ZDI-CAN-8794 |
Adobe |
CVE-2019-8051 |
3.3 |
2019-08-19 |
|
Adobe Acrobat Pro DC AcroForm userName Property Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-753 |
ZDI-CAN-8788 |
Adobe |
CVE-2019-8052 |
3.3 |
2019-08-19 |
|
Adobe Acrobat Pro DC JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-752 |
ZDI-CAN-8694 |
Adobe |
CVE-2019-8040 |
7.8 |
2019-08-19 |
|
Adobe Acrobat Pro DC JPEG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-751 |
ZDI-CAN-8651 |
Adobe |
CVE-2019-8039 |
7.8 |
2019-08-19 |
|
Adobe Acrobat Pro DC AcroForm value Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-750 |
ZDI-CAN-8650 |
Adobe |
CVE-2019-8038 |
7.8 |
2019-08-19 |
|
Adobe Acrobat Pro DC AcroForm Field Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-749 |
ZDI-CAN-8684 |
Adobe |
CVE-2019-8037 |
3.3 |
2019-08-19 |
|
Adobe Acrobat Pro DC AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-748 |
ZDI-CAN-8483 |
Adobe |
CVE-2019-8035 |
3.3 |
2019-08-19 |
|
Adobe Acrobat Reader DC XFA aliasNode Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-747 |
ZDI-CAN-8755 |
Adobe |
CVE-2019-8033 |
7.8 |
2019-08-19 |
|
Adobe Acrobat Pro DC AcroForm setFocus Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-746 |
ZDI-CAN-8546 |
Adobe |
CVE-2019-8034 |
7.8 |
2019-08-19 |
|
Adobe Acrobat Reader DC XFA ready Event Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-745 |
ZDI-CAN-8763 |
Adobe |
CVE-2019-8027 |
4.5 |
2019-08-19 |
|
Adobe Acrobat Reader DC Protected View Text Copy Out-Of-Bounds Access Remote Code Execution Vulnerability |
| ZDI-19-744 |
ZDI-CAN-8621 |
Adobe |
CVE-2019-8019 |
7.0 |
2019-08-19 |
|
Adobe Acrobat Pro DC PostScript executive Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-743 |
ZDI-CAN-8699 |
Adobe |
CVE-2019-7994 |
7.8 |
2019-08-19 |
|
Adobe Photoshop PostScript load Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-742 |
ZDI-CAN-8697 |
Adobe |
CVE-2019-7995 |
7.8 |
2019-08-19 |
|
Adobe Photoshop PostScript blend Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-741 |
ZDI-CAN-8571 |
Adobe |
CVE-2019-7996 |
7.8 |
2019-08-19 |
|
Adobe Photoshop PostScript load Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-740 |
ZDI-CAN-8698 |
Adobe |
CVE-2019-7988 |
7.8 |
2019-08-19 |
|
Adobe Photoshop PostScript callothersubr Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-739 |
ZDI-CAN-8522 |
Adobe |
CVE-2019-7989 |
7.8 |
2019-08-19 |
|
Adobe Photoshop JSX File ExtendScript Folder.execute Insufficient UI Warning Remote Code Execution Vulnerability |
| ZDI-19-738 |
ZDI-CAN-8555 |
Adobe |
CVE-2019-7976 |
7.8 |
2019-08-19 |
|
Adobe Photoshop PostScript drop Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-737 |
ZDI-CAN-8554 |
Adobe |
CVE-2019-7977 |
2.5 |
2019-08-19 |
|
Adobe Photoshop PostScript callothersubr Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-736 |
ZDI-CAN-8549 |
Adobe |
CVE-2019-7978 |
7.8 |
2019-08-19 |
|
Adobe Photoshop PostScript put Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-735 |
ZDI-CAN-8540 |
Adobe |
CVE-2019-7979 |
7.8 |
2019-08-19 |
|
Adobe Photoshop PostScript callothersubr Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-734 |
ZDI-CAN-8520 |
Adobe |
CVE-2019-7980 |
7.8 |
2019-08-19 |
|
Adobe Photoshop PostScript sbw Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-733 |
ZDI-CAN-8516 |
Adobe |
CVE-2019-7981 |
2.5 |
2019-08-19 |
|
Adobe Photoshop PostScript hsbw Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-732 |
ZDI-CAN-8490 |
Adobe |
CVE-2019-7982 |
7.8 |
2019-08-19 |
|
Adobe Photoshop PostScript put Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-731 |
ZDI-CAN-8482 |
Adobe |
CVE-2019-7983 |
7.8 |
2019-08-19 |
|
Adobe Photoshop PostScript put Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-730 |
ZDI-CAN-8481 |
Adobe |
CVE-2019-7984 |
7.8 |
2019-08-19 |
|
Adobe Photoshop PostScript put Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-729 |
ZDI-CAN-8480 |
Adobe |
CVE-2019-7985 |
7.8 |
2019-08-19 |
|
Adobe Photoshop PostScript load Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-728 |
ZDI-CAN-8479 |
Adobe |
CVE-2019-7986 |
7.8 |
2019-08-19 |
|
Adobe Photoshop PostScript File Font Parsing Charstring store Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-727 |
ZDI-CAN-8475 |
Adobe |
CVE-2019-7987 |
4.7 |
2019-08-19 |
|
Adobe Photoshop PostScript File Font Parsing Charstring index Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-726 |
ZDI-CAN-8442 |
Adobe |
CVE-2019-8013 |
7.8 |
2019-08-19 |
|
Adobe Acrobat Reader DC XFA Form Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-725 |
ZDI-CAN-8342 |
Adobe |
CVE-2019-8014 |
7.8 |
2019-08-19 |
|
Adobe Acrobat Pro DC AcroForm Bitmap File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-724 |
ZDI-CAN-7863 |
Adobe |
CVE-2019-8008 |
7.8 |
2019-08-19 |
|
Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-723 |
ZDI-CAN-8609 |
Microsoft |
CVE-2019-0988 |
7.5 |
2019-08-16 |
|
Microsoft Windows jscript9 RegExp.input Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-722 |
ZDI-CAN-8282 |
Delta Industrial Automation |
CVE-2019-13513 |
7.8 |
2019-08-16 |
|
Delta Industrial Automation DOPSoft DPA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-721 |
ZDI-CAN-8254 |
Delta Industrial Automation |
CVE-2019-13513 |
7.8 |
2019-08-16 |
|
Delta Industrial Automation DOPSoft DPA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-720 |
ZDI-CAN-8253 |
Delta Industrial Automation |
CVE-2019-13513 |
7.8 |
2019-08-16 |
|
Delta Industrial Automation DOPSoft DPA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-719 |
ZDI-CAN-8252 |
Delta Industrial Automation |
CVE-2019-13513 |
7.8 |
2019-08-16 |
|
Delta Industrial Automation DOPSoft DPA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-718 |
ZDI-CAN-8251 |
Delta Industrial Automation |
CVE-2019-13513 |
7.8 |
2019-08-16 |
|
Delta Industrial Automation DOPSoft DPA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-717 |
ZDI-CAN-8250 |
Delta Industrial Automation |
CVE-2019-13514 |
7.8 |
2019-08-16 |
|
Delta Industrial Automation DOPSoft DPA File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-716 |
ZDI-CAN-8313 |
Microsoft |
|
3.3 |
2019-08-13 |
|
Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-715 |
ZDI-CAN-8599 |
Microsoft |
CVE-2019-1201 |
7.0 |
2019-08-13 |
|
Microsoft Word DOC File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-714 |
ZDI-CAN-8353 |
Microsoft |
CVE-2019-1158 |
3.3 |
2019-08-13 |
2023-06-22 |
Microsoft Windows gdiplus EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-713 |
ZDI-CAN-8351 |
Microsoft |
CVE-2019-1157 |
7.0 |
2019-08-13 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-712 |
ZDI-CAN-8131 |
Microsoft |
CVE-2019-1156 |
2.5 |
2019-08-13 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-711 |
ZDI-CAN-8121 |
Microsoft |
CVE-2019-1155 |
7.0 |
2019-08-13 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-710 |
ZDI-CAN-8494 |
Microsoft |
CVE-2019-1187 |
4.3 |
2019-08-13 |
|
Microsoft Windows XmlLite XML space Attribute Denial-Of-Service Vulnerability |
| ZDI-19-709 |
ZDI-CAN-8422 |
Microsoft |
CVE-2019-1169 |
7.1 |
2019-08-13 |
|
Microsoft Windows xxxMNDragOver Null Pointer Dereference Information Disclosure Vulnerability |
| ZDI-19-708 |
ZDI-CAN-7792 |
Microsoft |
CVE-2019-1145 |
7.8 |
2019-08-13 |
|
Microsoft Windows Font Subsetting Library Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-707 |
ZDI-CAN-7790 |
Microsoft |
CVE-2019-1144 |
7.8 |
2019-08-13 |
|
Microsoft Windows Font Subsetting Library Double Free Remote Code Execution Vulnerability |
| ZDI-19-706 |
ZDI-CAN-7715 |
Microsoft |
CVE-2019-1184 |
8.8 |
2019-08-13 |
|
Microsoft Windows CoreShellCOMServerRegistrar Improper Access Control Privilege Escalation Vulnerability |
| ZDI-19-705 |
ZDI-CAN-7793 |
Microsoft |
CVE-2019-1148 |
3.3 |
2019-08-13 |
|
Microsoft Windows Font Subsetting Library Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-704 |
ZDI-CAN-7671 |
Microsoft |
CVE-2019-1143 |
4.3 |
2019-08-13 |
|
Microsoft Windows EMF Graphic Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-703 |
ZDI-CAN-8278 |
Microsoft |
CVE-2019-1146 |
7.0 |
2019-08-13 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-702 |
ZDI-CAN-8277 |
Microsoft |
CVE-2019-1147 |
7.0 |
2019-08-13 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-701 |
ZDI-CAN-8028 |
EZAutomation |
|
7.8 |
2019-08-12 |
|
(0Day) EZAutomation EZPLC EZC File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-19-700 |
ZDI-CAN-7890 |
EZAutomation |
|
7.8 |
2019-08-12 |
|
(0Day) EZAutomation EZTouch Editor EZP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-699 |
ZDI-CAN-8096 |
Rockwell Automation |
CVE-2019-13510 |
7.8 |
2019-08-08 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-698 |
ZDI-CAN-8060 |
Rockwell Automation |
CVE-2019-13510 |
7.8 |
2019-08-08 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-697 |
ZDI-CAN-8017 |
Rockwell Automation |
CVE-2019-13510 |
7.8 |
2019-08-08 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-696 |
ZDI-CAN-8015 |
Rockwell Automation |
CVE-2019-13510 |
7.8 |
2019-08-08 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-695 |
ZDI-CAN-8014 |
Rockwell Automation |
CVE-2019-13511 |
3.3 |
2019-08-08 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-694 |
ZDI-CAN-8013 |
Rockwell Automation |
CVE-2019-13510 |
7.8 |
2019-08-08 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-693 |
ZDI-CAN-8016 |
Rockwell Automation |
CVE-2019-13510 |
7.8 |
2019-08-08 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-692 |
ZDI-CAN-8012 |
Rockwell Automation |
CVE-2019-13510 |
7.8 |
2019-08-08 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-691 |
ZDI-CAN-7805 |
Advantech |
CVE-2019-10961 |
7.8 |
2019-08-05 |
|
Advantech WebAccess HMI Designer MCR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-690 |
ZDI-CAN-7921 |
Fuji Electric |
CVE-2019-13512 |
3.3 |
2019-08-05 |
|
Fuji Electric FRENIC Loader FN1 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-689 |
ZDI-CAN-8200 |
LAquis |
CVE-2019-10980 |
7.8 |
2019-08-05 |
|
LAquis SCADA LQS File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-688 |
ZDI-CAN-8198 |
LAquis |
CVE-2019-10994 |
2.5 |
2019-08-05 |
|
LAquis SCADA LQS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-687 |
ZDI-CAN-8476 |
SolarWinds |
|
7.8 |
2019-08-05 |
|
(0Day) SolarWinds Orion Network Performance Monitor ExecuteExternalProgram Privilege Escalation Vulnerability |
| ZDI-19-686 |
ZDI-CAN-8536 |
Apple |
CVE-2019-8692 |
4.7 |
2019-07-24 |
|
Apple macOS AMDRadeonX4000_AMDAccelResource initialize Out-Of-Bounds Read Privilege Escalation Vulnerability |
| ZDI-19-685 |
ZDI-CAN-8320 |
Apple |
CVE-2019-8697 |
8.8 |
2019-07-24 |
|
Apple macOS diskmanagementd Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-19-684 |
ZDI-CAN-8439 |
Apple |
CVE-2019-8681 |
5.0 |
2019-07-24 |
|
Apple Safari InlineFlowBox Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-683 |
ZDI-CAN-8489 |
Apple |
CVE-2019-8658 |
4.3 |
2019-07-24 |
|
Apple Safari operationPutByValOptimize Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-682 |
ZDI-CAN-8532 |
Apple |
CVE-2019-8691 |
4.7 |
2019-07-24 |
|
Apple macOS AMDRadeonX4000_AMDSIGLContext RsrcAndXorByteFlag Out-Of-Bounds Read Privilege Escalation Vulnerability |
| ZDI-19-681 |
ZDI-CAN-8627 |
Apple |
CVE-2019-8644 |
5.0 |
2019-07-24 |
|
Apple Safari CSSFontFace Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-680 |
ZDI-CAN-8530 |
Apple |
CVE-2019-8695 |
3.3 |
2019-07-24 |
|
Apple macOS Grapher Memory Corruption Information Disclosure Vulnerability |
| ZDI-19-679 |
ZDI-CAN-8542 |
Apple |
CVE-2019-8669 |
5.0 |
2019-07-24 |
|
Apple Safari bind Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-678 |
ZDI-CAN-8582 |
Apple |
CVE-2019-8657 |
3.3 |
2019-07-24 |
|
Apple macOS parseSummaryInfo Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-677 |
ZDI-CAN-7864 |
Apple |
CVE-2019-8686 |
5.0 |
2019-07-24 |
|
Apple Safari FloatingObjects Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-676 |
ZDI-CAN-8291 |
Apple |
CVE-2019-8582 |
3.3 |
2019-07-24 |
|
Apple macOS CoreText Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-675 |
ZDI-CAN-8648 |
Delta Industrial Automation |
CVE-2019-10992 |
3.3 |
2019-07-22 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-674 |
ZDI-CAN-8634 |
Delta Industrial Automation |
CVE-2019-10992 |
3.3 |
2019-07-22 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-673 |
ZDI-CAN-8633 |
Delta Industrial Automation |
CVE-2019-10982 |
7.8 |
2019-07-22 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-672 |
ZDI-CAN-8629 |
Delta Industrial Automation |
CVE-2019-10982 |
7.8 |
2019-07-22 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-671 |
ZDI-CAN-8284 |
Schneider Electric |
CVE-2019-6827 |
7.0 |
2019-07-22 |
|
Schneider Electric IGSS MDB Database BaseUnits UnitIdx Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-670 |
ZDI-CAN-7959 |
Microsoft |
|
3.3 |
2019-07-22 |
|
(0Day) Microsoft Windows ole32 OleCreateFontIndirectExt Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-669 |
ZDI-CAN-8092 |
Apple |
CVE-2019-8592 |
3.3 |
2019-07-22 |
|
Apple macOS AudioCodecs Memory Corruption Information Disclosure Vulnerability |
| ZDI-19-668 |
ZDI-CAN-8572 |
Oracle |
CVE-2019-2859 |
8.8 |
2019-07-22 |
|
(Pwn2Own) Oracle VirtualBox vusbUrbSubmitCtrl Use-After-Free Privilege Escalation Vulnerability |
| ZDI-19-667 |
ZDI-CAN-8417 |
Oracle |
CVE-2019-2866 |
8.2 |
2019-07-22 |
|
Oracle VirtualBox WINED3DSIH_TEX Opcode Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-19-666 |
ZDI-CAN-8410 |
Oracle |
CVE-2019-2867 |
8.2 |
2019-07-22 |
|
Oracle VirtualBox vertexshader_set_limits Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-19-665 |
ZDI-CAN-8317 |
Oracle |
CVE-2019-2865 |
7.5 |
2019-07-22 |
|
Oracle VirtualBox vmsvga3dSetTransform Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-19-664 |
ZDI-CAN-8467 |
Oracle |
CVE-2019-2864 |
7.5 |
2019-07-22 |
|
Oracle VirtualBox vmsvga3dSetRenderState Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-19-663 |
ZDI-CAN-8666 |
Oracle |
CVE-2019-2827 |
8.8 |
2019-07-22 |
2019-07-22 |
Oracle WebLogic DeploymentService Directory Traversal Remote Code Execution Vulnerability |
| ZDI-19-662 |
ZDI-CAN-7226 |
Oracle |
CVE-2019-2799 |
7.8 |
2019-07-22 |
|
Oracle Database ODBC Driver Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-661 |
ZDI-CAN-7159 |
Oracle |
CVE-2019-2863 |
6.5 |
2019-07-22 |
|
Oracle VirtualBox cr_unpackData Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-660 |
ZDI-CAN-7483 |
Xiaomi |
CVE-2019-13322 |
7.5 |
2019-07-12 |
2020-02-10 |
(Pwn2Own) Xiaomi Browser miui.share APK Download Remote Code Execution Vulnerability |
| ZDI-19-659 |
ZDI-CAN-7467 |
Xiaomi |
CVE-2019-13321 |
5.5 |
2019-07-12 |
2020-02-10 |
(Pwn2Own) Xiaomi Browser Captive Portal WebView Authorization Bypass Vulnerability |
| ZDI-19-658 |
ZDI-CAN-7895 |
Schneider Electric |
CVE-2019-6822 |
7.8 |
2019-07-10 |
|
Schneider Electric Zelio Soft 2 ZM2 File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-657 |
ZDI-CAN-8374 |
Mozilla |
CVE-2019-9811 |
5.6 |
2019-07-10 |
|
Mozilla Firefox Language Pack XUL Injection Sandbox Escape Vulnerability |
| ZDI-19-656 |
ZDI-CAN-7875 |
Adobe |
CVE-2019-7963 |
3.3 |
2019-07-10 |
|
Adobe Bridge CC SVG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-655 |
ZDI-CAN-8524 |
Microsoft |
CVE-2019-1112 |
2.5 |
2019-07-10 |
|
Microsoft Excel Filename Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-654 |
ZDI-CAN-8332 |
Microsoft |
CVE-2019-1093 |
3.3 |
2019-07-10 |
|
Microsoft Windows DirectWrite Integer Underflow Information Disclosure Vulnerability |
| ZDI-19-653 |
ZDI-CAN-8034 |
Microsoft |
CVE-2019-1093 |
3.3 |
2019-07-10 |
|
Microsoft Windows gdiplus Font Parsing Integer Overflow Information Disclosure Vulnerability |
| ZDI-19-652 |
ZDI-CAN-8197 |
Microsoft |
CVE-2019-1094 |
3.3 |
2019-07-10 |
|
Microsoft Windows gdiplus ConvertToEMFPlus Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-651 |
ZDI-CAN-8190 |
Microsoft |
CVE-2019-1095 |
3.3 |
2019-07-10 |
|
Microsoft Windows DirectWrite Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-650 |
ZDI-CAN-8202 |
Microsoft |
CVE-2019-1101 |
5.5 |
2019-07-10 |
2023-09-05 |
Microsoft Windows gdiplus EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-649 |
ZDI-CAN-8112 |
Microsoft |
CVE-2019-1102 |
3.3 |
2019-07-10 |
2023-06-22 |
Microsoft Windows gdiplus EMF Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-648 |
ZDI-CAN-8058 |
Microsoft |
CVE-2019-1116 |
3.3 |
2019-07-10 |
|
Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-647 |
ZDI-CAN-8055 |
Microsoft |
CVE-2019-1097 |
3.3 |
2019-07-10 |
|
Microsoft Windows DirectWrite Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-646 |
ZDI-CAN-8050 |
Microsoft |
CVE-2019-1098 |
7.8 |
2019-07-10 |
|
Microsoft Windows gdiplus Font Parsing Integer Underflow Remote Code Execution Vulnerability |
| ZDI-19-645 |
ZDI-CAN-8037 |
Microsoft |
CVE-2019-1099 |
3.3 |
2019-07-10 |
|
Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-644 |
ZDI-CAN-8036 |
Microsoft |
CVE-2019-1100 |
3.3 |
2019-07-10 |
|
Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-643 |
ZDI-CAN-7749 |
Microsoft |
CVE-2019-1110 |
7.8 |
2019-07-10 |
|
Microsoft Office Excel Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-642 |
ZDI-CAN-7605 |
Microsoft |
CVE-2019-1111 |
7.8 |
2019-07-10 |
|
Microsoft Office Excel OLE Object Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-641 |
ZDI-CAN-6191 |
Microsoft |
CVE-2019-0948 |
2.6 |
2019-07-10 |
2019-07-10 |
Microsoft Windows Event Viewer XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-19-640 |
ZDI-CAN-7860 |
Google |
CVE-2019-9353 |
8.0 |
2019-07-08 |
2019-08-29 |
Google Android Bluetooth hci_len Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-639 |
ZDI-CAN-7855 |
Microsoft |
CVE-2019-0920 |
5.0 |
2019-07-08 |
|
Microsoft Windows ADODB Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-638 |
ZDI-CAN-7854 |
Microsoft |
CVE-2019-0920 |
5.0 |
2019-07-08 |
|
Microsoft Windows ADODB Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-637 |
ZDI-CAN-8814 |
Foxit |
CVE-2019-13320 |
7.8 |
2019-07-05 |
|
Foxit Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-636 |
ZDI-CAN-8669 |
Foxit |
CVE-2019-13319 |
7.8 |
2019-07-05 |
|
Foxit Reader XFA Form Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-635 |
ZDI-CAN-8544 |
Foxit |
CVE-2019-13318 |
5.5 |
2019-07-05 |
|
Foxit Reader Format String Information Disclosure Vulnerability |
| ZDI-19-634 |
ZDI-CAN-8759 |
Foxit |
CVE-2019-13317 |
7.8 |
2019-07-05 |
|
Foxit PhantomPDF Button Calculate Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-633 |
ZDI-CAN-8757 |
Foxit |
CVE-2019-13316 |
7.8 |
2019-07-05 |
|
Foxit PhantomPDF Button Calculate Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-632 |
ZDI-CAN-8656 |
Foxit |
CVE-2019-13315 |
7.8 |
2019-07-05 |
|
Foxit Reader Text removeField Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-631 |
ZDI-CAN-8801 |
Foxit |
CVE-2019-6776 |
7.8 |
2019-07-05 |
|
Foxit PhantomPDF addWatermarkFromText Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-630 |
ZDI-CAN-8491 |
Foxit |
CVE-2019-6775 |
7.8 |
2019-07-05 |
|
Foxit Reader AcroForm exportValues Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-629 |
ZDI-CAN-8295 |
Foxit |
CVE-2019-6774 |
7.8 |
2019-07-05 |
|
Foxit Reader AcroForm deleteItemAt Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-628 |
ZDI-CAN-8018 |
Adobe |
CVE-2019-7804 |
7.8 |
2019-07-05 |
|
Adobe Acrobat Pro DC JPEG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-627 |
ZDI-CAN-7853 |
Microsoft |
CVE-2019-0920 |
5.0 |
2019-07-04 |
|
Microsoft Windows ADODB Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-626 |
ZDI-CAN-7755 |
Microsoft |
CVE-2019-0920 |
5.0 |
2019-07-04 |
|
Microsoft Windows ADODB Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-625 |
ZDI-CAN-7754 |
Microsoft |
CVE-2019-0920 |
5.0 |
2019-07-04 |
|
Microsoft Windows ADODB Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-624 |
ZDI-CAN-7868 |
Microsoft |
CVE-2019-0906 |
7.0 |
2019-07-02 |
|
Microsoft Windows JET Database Engine Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-19-623 |
ZDI-CAN-8119 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
2024-01-19 |
Advantech WebAccess viewsrv SQLGetData Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-622 |
ZDI-CAN-8194 |
Advantech |
CVE-2019-10985 |
7.5 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv Arbitrary File Deletion Vulnerability |
| ZDI-19-621 |
ZDI-CAN-8193 |
Advantech |
CVE-2019-10983 |
5.3 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-620 |
ZDI-CAN-8191 |
Advantech |
CVE-2019-10991 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Client bwclient Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-619 |
ZDI-CAN-8189 |
Advantech |
CVE-2019-10991 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node bwmail Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-618 |
ZDI-CAN-8152 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv SQLNumParams Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-617 |
ZDI-CAN-8151 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv rewind Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-616 |
ZDI-CAN-8150 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv SQLFreeConnect Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-615 |
ZDI-CAN-8148 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv SQLFreeEnv Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-614 |
ZDI-CAN-8147 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv SQLDisconnect Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-613 |
ZDI-CAN-8146 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv findClose Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-612 |
ZDI-CAN-8145 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv SQLParamData Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-611 |
ZDI-CAN-8144 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv SQLExecDirect Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-610 |
ZDI-CAN-8143 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv SQLFetch Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-609 |
ZDI-CAN-8142 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv SQLSetConnectOption Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-608 |
ZDI-CAN-8141 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv SQLCancel Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-607 |
ZDI-CAN-8140 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv fClose Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-606 |
ZDI-CAN-8139 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv ftell Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-605 |
ZDI-CAN-8138 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv SQLConnect Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-604 |
ZDI-CAN-8137 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv fileno Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-603 |
ZDI-CAN-8136 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv fWrite Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-602 |
ZDI-CAN-8135 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv SQLNumResultCols Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-601 |
ZDI-CAN-8133 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv SQLAllocConnect Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-600 |
ZDI-CAN-8130 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv SQLDescribeParam Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-599 |
ZDI-CAN-8129 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv SQLFreeStmt Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-598 |
ZDI-CAN-8128 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv SQLPrepare Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-597 |
ZDI-CAN-8127 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv SQLSetParam Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-596 |
ZDI-CAN-8126 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv SQLAllocStmt Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-595 |
ZDI-CAN-8118 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv SQLSetStmtAttr Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-594 |
ZDI-CAN-8117 |
Advantech |
CVE-2019-10991 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node bwscrp Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-593 |
ZDI-CAN-8116 |
Advantech |
CVE-2019-10993 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node viewsrv SQLExecute Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-592 |
ZDI-CAN-7906 |
Advantech |
CVE-2019-10991 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Client bwwebv Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-591 |
ZDI-CAN-8068 |
Advantech |
CVE-2019-10989 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node BwPAlarm Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-590 |
ZDI-CAN-8067 |
Advantech |
CVE-2019-10989 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node BwPAlarm CreateMonitoredItemEx Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-589 |
ZDI-CAN-8064 |
Advantech |
CVE-2019-10991 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node BwPAlarm GetProjectIdByName Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-588 |
ZDI-CAN-8063 |
Advantech |
CVE-2019-10991 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node BwPAlarm Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-587 |
ZDI-CAN-7952 |
Advantech |
CVE-2019-10987 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node webvrpcs viewsrv Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-586 |
ZDI-CAN-7951 |
Advantech |
CVE-2019-10991 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node webvrpcs viewsrv Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-585 |
ZDI-CAN-7911 |
Advantech |
CVE-2019-6550 |
9.8 |
2019-07-02 |
|
Advantech WebAccess Node makensis Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-584 |
ZDI-CAN-7438 |
Advantech |
CVE-2019-10987 |
8.8 |
2019-07-02 |
|
Advantech WebAccess Node bwdraw Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-583 |
ZDI-CAN-6995 |
Alibaba |
|
4.5 |
2019-06-27 |
|
(0Day) Alibaba Alipay URL Scheme Handling Vulnerability |
| ZDI-19-582 |
ZDI-CAN-8630 |
Apache |
CVE-2019-10072 |
5.3 |
2019-06-21 |
|
Apache Tomcat reserveWindowSize Denial-Of-Service Vulnerability |
| ZDI-19-581 |
ZDI-CAN-8331 |
Microsoft |
CVE-2017-8533 |
3.3 |
2019-06-20 |
|
Microsoft Windows DirectWrite Integer Overflow Information Disclosure Vulnerability |
| ZDI-19-580 |
ZDI-CAN-8038 |
Microsoft |
CVE-2019-1013 |
3.3 |
2019-06-20 |
|
Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-579 |
ZDI-CAN-7781 |
Phoenix Contact |
CVE-2019-12869 |
3.3 |
2019-06-20 |
|
Phoenix Contact Automationworx BCP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-578 |
ZDI-CAN-7780 |
Phoenix Contact |
CVE-2019-12871 |
7.8 |
2019-06-20 |
|
Phoenix Contact Automationworx BCP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-577 |
ZDI-CAN-7786 |
Phoenix Contact |
CVE-2019-12871 |
7.8 |
2019-06-20 |
|
Phoenix Contact Automationworx BCP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-576 |
ZDI-CAN-7785 |
Phoenix Contact |
CVE-2019-12871 |
7.8 |
2019-06-20 |
|
Phoenix Contact Automationworx BCP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-575 |
ZDI-CAN-7784 |
Phoenix Contact |
CVE-2019-12870 |
7.8 |
2019-06-20 |
|
Phoenix Contact Automationworx BCP File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-19-574 |
ZDI-CAN-8686 |
Electronic Arts |
CVE-2019-12828 |
8.8 |
2019-06-17 |
2019-09-10 |
Electronic Arts Origin URI Handler Remote Command Execution Vulnerability |
| ZDI-19-573 |
ZDI-CAN-8094 |
Microsoft |
CVE-2019-1013 |
3.3 |
2019-06-17 |
|
Microsoft Windows gdiplus Font Parsing Uninitialized Pointer Information Disclosure Vulnerability |
| ZDI-19-572 |
ZDI-CAN-8531 |
Microsoft |
CVE-2019-1035 |
4.5 |
2019-06-14 |
|
Microsoft Word Table Out-Of-Bounds Access Remote Code Execution Vulnerability |
| ZDI-19-571 |
ZDI-CAN-8371 |
Microsoft |
CVE-2019-1065 |
7.8 |
2019-06-14 |
|
Microsoft Windows DirectComposition PropertySet Race Condition Privilege Escalation Vulnerability |
| ZDI-19-570 |
ZDI-CAN-7850 |
Panasonic |
CVE-2019-6532 |
7.8 |
2019-06-13 |
|
Panasonic Control FPWIN PRO Project File Parsing sc_obj Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-569 |
ZDI-CAN-8288 |
Apple |
CVE-2019-8519 |
7.1 |
2019-06-13 |
|
Apple macOS AMDRadeonX4000_AMDAccelResource Integer Overflow Information Disclosure Vulnerability |
| ZDI-19-568 |
ZDI-CAN-7851 |
Panasonic |
CVE-2019-6532 |
7.8 |
2019-06-13 |
|
Panasonic Control FPWIN Pro Project File Parsing sc_obj Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-567 |
ZDI-CAN-7852 |
Panasonic |
CVE-2019-6530 |
7.8 |
2019-06-13 |
|
Panasonic Control FPWIN PRO Project File Parsing sc_app Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-566 |
ZDI-CAN-7849 |
Panasonic |
CVE-2019-6532 |
7.8 |
2019-06-13 |
|
Panasonic Control FPWIN PRO Project File Parsing us_plcfg Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-565 |
ZDI-CAN-7848 |
Panasonic |
CVE-2019-6530 |
7.8 |
2019-06-13 |
|
Panasonic Control FPWIN PRO Project File Parsing ctreestd Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-564 |
ZDI-CAN-8453 |
Adobe |
CVE-2019-7845 |
7.5 |
2019-06-11 |
|
Adobe Flash Player LocalConnection Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-563 |
ZDI-CAN-8045 |
Microsoft |
CVE-2019-1016 |
3.3 |
2019-06-11 |
|
Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-562 |
ZDI-CAN-8340 |
Microsoft |
CVE-2019-1034 |
3.3 |
2019-06-11 |
|
Microsoft Word DOCX Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-561 |
ZDI-CAN-8056 |
Microsoft |
CVE-2019-1049 |
3.3 |
2019-06-11 |
|
Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-560 |
ZDI-CAN-8369 |
Microsoft |
CVE-2019-1041 |
7.8 |
2019-06-11 |
2019-06-14 |
(Pwn2Own) Microsoft Windows DirectComposition PropertySet Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-19-559 |
ZDI-CAN-8049 |
Microsoft |
CVE-2019-1046 |
3.3 |
2019-06-11 |
|
Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-558 |
ZDI-CAN-8054 |
Microsoft |
CVE-2019-1015 |
3.3 |
2019-06-11 |
|
Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-557 |
ZDI-CAN-8225 |
Microsoft |
CVE-2019-1012 |
3.1 |
2019-06-11 |
|
Microsoft Windows EMF Graphic Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-556 |
ZDI-CAN-8051 |
Microsoft |
CVE-2019-1046 |
3.3 |
2019-06-11 |
2019-06-14 |
Microsoft Windows DirectWrite Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-555 |
ZDI-CAN-8227 |
Microsoft |
CVE-2019-1010 |
3.3 |
2019-06-11 |
|
Microsoft Windows gdiplus EMR_CREATEDIBPATTERNBRUSHPT Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-554 |
ZDI-CAN-8052 |
Microsoft |
CVE-2019-1050 |
3.3 |
2019-06-11 |
|
Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-553 |
ZDI-CAN-8048 |
Microsoft |
CVE-2019-1011 |
3.3 |
2019-06-11 |
|
Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-552 |
ZDI-CAN-8032 |
Microsoft |
CVE-2019-1048 |
3.3 |
2019-06-11 |
|
Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-551 |
ZDI-CAN-8033 |
Microsoft |
CVE-2019-1009 |
3.3 |
2019-06-11 |
|
Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-550 |
ZDI-CAN-8040 |
Microsoft |
CVE-2019-1049 |
3.3 |
2019-06-11 |
|
Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-549 |
ZDI-CAN-8041 |
Microsoft |
CVE-2019-1011 |
3.3 |
2019-06-11 |
|
Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-548 |
ZDI-CAN-8046 |
Microsoft |
CVE-2019-1047 |
3.3 |
2019-06-11 |
|
Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-547 |
ZDI-CAN-8047 |
Microsoft |
CVE-2019-0977 |
3.3 |
2019-06-11 |
|
Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-546 |
ZDI-CAN-8039 |
Microsoft |
CVE-2019-1016 |
3.3 |
2019-06-11 |
|
Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-545 |
ZDI-CAN-8031 |
Microsoft |
CVE-2019-0968 |
3.3 |
2019-06-11 |
|
Microsoft Windows gdiplus Font Parsing Off-By-One Information Disclosure Vulnerability |
| ZDI-19-544 |
ZDI-CAN-7957 |
Microsoft |
CVE-2019-0908 |
7.0 |
2019-06-11 |
|
Microsoft Windows Jet Database Engine Integer Underflow Remote Code Execution Vulnerability |
| ZDI-19-543 |
ZDI-CAN-8345 |
Apple |
CVE-2019-8635 |
7.0 |
2019-06-07 |
|
Apple macOS AMDRadeonX4000_AMDSIGLContext Double Free Privilege Escalation Vulnerability |
| ZDI-19-542 |
ZDI-CAN-8108 |
Apple |
CVE-2019-8585 |
3.3 |
2019-06-07 |
|
Apple macOS ACGetNewAU Memory Corruption Information Disclosure Vulnerability |
| ZDI-19-541 |
ZDI-CAN-8367 |
Apple |
CVE-2019-8606 |
7.0 |
2019-05-30 |
|
Apple macOS kextutil Race Condition Privilege Escalation Vulnerability |
| ZDI-19-540 |
ZDI-CAN-8366 |
Apple |
CVE-2019-8603 |
8.8 |
2019-05-30 |
|
Apple Safari cfAttributedStringUnserialize Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-539 |
ZDI-CAN-8547 |
Apple |
CVE-2019-8635 |
7.0 |
2019-05-30 |
|
Apple macOS AMDRadeonX4000_AMDSIGLContext discard_StretchTex2Tex Double Free Privilege Escalation Vulnerability |
| ZDI-19-538 |
ZDI-CAN-8356 |
Apple |
CVE-2019-8616 |
7.8 |
2019-05-30 |
|
Apple macOS IOAccelSharedUserClient2 Untrusted Pointer Dereference Privilege Escalation Vulnerability |
| ZDI-19-537 |
ZDI-CAN-7970 |
Apple |
CVE-2019-8610 |
5.0 |
2019-05-30 |
|
Apple Safari FontFace Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-536 |
ZDI-CAN-8106 |
Apple |
CVE-2019-8587 |
5.0 |
2019-05-30 |
|
Apple Safari HTMLFormElement Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-19-535 |
ZDI-CAN-8004 |
Apple |
CVE-2019-6237 |
5.0 |
2019-05-30 |
|
Apple Safari createRenderers Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-534 |
ZDI-CAN-7730 |
Apple |
CVE-2019-8571 |
5.6 |
2019-05-30 |
|
Apple Safari WebDataListSuggestionPicker Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-533 |
ZDI-CAN-7643 |
Apple |
CVE-2019-8608 |
5.0 |
2019-05-30 |
|
Apple Safari RenderBlockFlow Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-532 |
ZDI-CAN-7731 |
Apple |
CVE-2019-8597 |
4.3 |
2019-05-30 |
|
Apple Safari RenderInline Type Confusion Information Disclosure Vulnerability |
| ZDI-19-531 |
ZDI-CAN-7555 |
Apple |
CVE-2019-8595 |
7.5 |
2019-05-30 |
|
Apple Safari ContextMenu Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-530 |
ZDI-CAN-7611 |
Apple |
CVE-2019-8584 |
5.0 |
2019-05-30 |
|
Apple Safari RootInlineBox Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-529 |
ZDI-CAN-7600 |
Apple |
CVE-2019-8615 |
4.3 |
2019-05-30 |
|
Apple Safari BreakingContext Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-528 |
ZDI-CAN-6943 |
Hewlett Packard Enterprise |
CVE-2019-11956 |
8.8 |
2019-05-30 |
2021-03-02 |
Hewlett Packard Enterprise Intelligent Management Center ByteMessageResource transformEntity Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-19-527 |
ZDI-CAN-6906 |
Hewlett Packard Enterprise |
CVE-2019-11985 |
8.8 |
2019-05-30 |
2021-03-02 |
Hewlett Packard Enterprise Intelligent Management Center choosePerfView Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-526 |
ZDI-CAN-6888 |
Hewlett Packard Enterprise |
CVE-2019-11955 |
8.8 |
2019-05-30 |
2021-03-02 |
Hewlett Packard Enterprise Intelligent Management Center devSoftSel Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-525 |
ZDI-CAN-6887 |
Hewlett Packard Enterprise |
CVE-2019-11954 |
8.8 |
2019-05-30 |
2021-03-02 |
Hewlett Packard Enterprise Intelligent Management Center operationSelect Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-524 |
ZDI-CAN-6878 |
Hewlett Packard Enterprise |
CVE-2019-11948 |
8.8 |
2019-05-30 |
2021-03-02 |
Hewlett Packard Enterprise Intelligent Management Center ifViewSelectPage Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-523 |
ZDI-CAN-6877 |
Hewlett Packard Enterprise |
CVE-2019-11953 |
8.8 |
2019-05-30 |
2021-03-02 |
Hewlett Packard Enterprise Intelligent Management Center smsRulesDownload Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-522 |
ZDI-CAN-6874 |
Hewlett Packard Enterprise |
CVE-2019-11952 |
8.8 |
2019-05-30 |
2021-03-02 |
Hewlett Packard Enterprise Intelligent Management Center faultTrapGroupSelect Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-521 |
ZDI-CAN-6873 |
Hewlett Packard Enterprise |
CVE-2019-11951 |
8.8 |
2019-05-30 |
2021-03-02 |
Hewlett Packard Enterprise Intelligent Management Center faultEventSelectFact Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-520 |
ZDI-CAN-6804 |
Hewlett Packard Enterprise |
CVE-2019-11950 |
8.8 |
2019-05-30 |
2021-03-02 |
Hewlett Packard Enterprise Intelligent Management Center WebSocket Shape3DWebSocketServlet Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-519 |
ZDI-CAN-6761 |
Hewlett Packard Enterprise |
CVE-2019-11949 |
8.8 |
2019-05-30 |
2021-03-02 |
Hewlett Packard Enterprise Intelligent Management Center powershellConfigContent Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-518 |
ZDI-CAN-6760 |
Hewlett Packard Enterprise |
CVE-2019-5370 |
8.8 |
2019-05-30 |
2021-03-02 |
Hewlett Packard Enterprise Intelligent Management Center ictExpertCSVDownload Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-517 |
ZDI-CAN-8030 |
Fuji Electric |
CVE-2019-10975 |
3.3 |
2019-05-29 |
|
Fuji Electric Alpha7 PC Loader A7P File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-516 |
ZDI-CAN-7804 |
VMware |
CVE-2019-5515 |
7.8 |
2019-05-29 |
|
VMware Workstation e1000 Memory Corruption Privilege Escalation Vulnerability |
| ZDI-19-515 |
ZDI-CAN-7381 |
Samsung |
CVE-2019-6744 |
4.3 |
2019-05-29 |
|
Samsung Knox Secure Folder Lock Screen Bypass Vulnerability |
| ZDI-19-514 |
ZDI-CAN-8437 |
Adobe |
CVE-2019-7830 |
7.8 |
2019-05-15 |
|
Adobe Acrobat Pro DC JavaScript Annotation Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-513 |
ZDI-CAN-8421 |
Adobe |
CVE-2019-7827 |
7.0 |
2019-05-15 |
|
Adobe Acrobat Pro DC imageDistiller Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-512 |
ZDI-CAN-8419 |
Adobe |
CVE-2019-7828 |
7.0 |
2019-05-15 |
|
Adobe Acrobat Pro DC ASCII85Decode Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-511 |
ZDI-CAN-8411 |
Adobe |
CVE-2019-7829 |
7.8 |
2019-05-15 |
|
Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-510 |
ZDI-CAN-8348 |
Adobe |
CVE-2019-7826 |
7.8 |
2019-05-15 |
|
Adobe Acrobat Pro DC XFA Template Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-509 |
ZDI-CAN-8266 |
Adobe |
CVE-2019-7825 |
7.8 |
2019-05-15 |
|
Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-508 |
ZDI-CAN-8104 |
Adobe |
CVE-2019-7824 |
7.0 |
2019-05-15 |
|
Adobe Acrobat Pro DC JOBOPTIONS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-507 |
ZDI-CAN-8341 |
Adobe |
CVE-2019-7823 |
3.3 |
2019-05-15 |
|
Adobe Acrobat Reader DC EScript Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-506 |
ZDI-CAN-8268 |
Adobe |
CVE-2019-7821 |
3.3 |
2019-05-15 |
|
Adobe Acrobat Pro DC JPEG File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-505 |
ZDI-CAN-8265 |
Adobe |
CVE-2019-7822 |
7.8 |
2019-05-15 |
|
Adobe Acrobat Pro DC Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-504 |
ZDI-CAN-8293 |
Adobe |
CVE-2019-7820 |
7.8 |
2019-05-15 |
|
Adobe Acrobat Pro DC XFA Template Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-503 |
ZDI-CAN-8228 |
Adobe |
CVE-2019-7818 |
7.8 |
2019-05-15 |
|
Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-502 |
ZDI-CAN-7939 |
Adobe |
CVE-2019-7817 |
7.8 |
2019-05-15 |
|
Adobe Acrobat Pro DC JavaScript Annotations Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-501 |
ZDI-CAN-7858 |
Adobe |
CVE-2019-7814 |
7.8 |
2019-05-15 |
|
Adobe Acrobat Pro DC XFA Form Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-500 |
ZDI-CAN-8180 |
Adobe |
CVE-2019-7809 |
3.3 |
2019-05-15 |
2020-08-18 |
Adobe Acrobat Reader DC removeField Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-499 |
ZDI-CAN-8021 |
Adobe |
CVE-2019-7810 |
3.3 |
2019-05-15 |
|
Adobe Acrobat Pro DC JPEG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-498 |
ZDI-CAN-8279 |
Adobe |
CVE-2019-7837 |
7.5 |
2019-05-15 |
|
Adobe Flash Player PSDK Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-497 |
ZDI-CAN-8203 |
Adobe |
CVE-2019-7798 |
7.8 |
2019-05-15 |
|
Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-496 |
ZDI-CAN-8125 |
Adobe |
CVE-2019-7796 |
7.8 |
2019-05-15 |
|
Adobe Acrobat Pro DC HTML2PDF HTML Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-495 |
ZDI-CAN-8084 |
Adobe |
CVE-2019-7799 |
3.3 |
2019-05-15 |
|
Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-494 |
ZDI-CAN-8081 |
Adobe |
CVE-2019-7800 |
7.8 |
2019-05-15 |
|
Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-493 |
ZDI-CAN-8019 |
Adobe |
CVE-2019-7803 |
3.3 |
2019-05-15 |
|
Adobe Acrobat Pro DC JPEG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-492 |
ZDI-CAN-8002 |
Adobe |
CVE-2019-7801 |
3.3 |
2019-05-15 |
|
Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-491 |
ZDI-CAN-8000 |
Adobe |
CVE-2019-7802 |
3.3 |
2019-05-15 |
|
Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-490 |
ZDI-CAN-7787 |
Adobe |
CVE-2019-7797 |
7.8 |
2019-05-15 |
|
Adobe Acrobat Pro DC XFA PDEContent Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-489 |
ZDI-CAN-8224 |
Adobe |
CVE-2019-7794 |
3.3 |
2019-05-15 |
2019-05-30 |
Adobe Acrobat Pro DC ImageConversion JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-488 |
ZDI-CAN-7971 |
Adobe |
CVE-2019-7785 |
3.3 |
2019-05-15 |
|
Adobe Acrobat Pro DC PostScript colorimage Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-487 |
ZDI-CAN-7964 |
Adobe |
CVE-2019-7786 |
7.8 |
2019-05-15 |
|
Adobe Acrobat Pro DC PostScript File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-486 |
ZDI-CAN-7896 |
Adobe |
CVE-2019-7787 |
3.3 |
2019-05-15 |
|
Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-485 |
ZDI-CAN-7938 |
Adobe |
CVE-2019-7145 |
3.3 |
2019-05-15 |
|
Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-484 |
ZDI-CAN-7917 |
Adobe |
CVE-2019-7760 |
7.8 |
2019-05-15 |
|
Adobe Acrobat Pro DC AcroForm XFA removeInstance Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-483 |
ZDI-CAN-7684 |
Adobe |
CVE-2019-7759 |
7.8 |
2019-05-15 |
|
Adobe Acrobat Pro DC AcroForm XFA Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-482 |
ZDI-CAN-7680 |
Adobe |
CVE-2019-7758 |
5.5 |
2019-05-15 |
|
Adobe Acrobat Pro DC HTML2PDF HTML Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-481 |
ZDI-CAN-7748 |
Adobe |
CVE-2019-7144 |
3.3 |
2019-05-15 |
|
Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-480 |
ZDI-CAN-7676 |
Adobe |
CVE-2019-7143 |
7.8 |
2019-05-15 |
|
Adobe Acrobat Pro DC Font Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-19-479 |
ZDI-CAN-7775 |
Adobe |
CVE-2019-7140 |
3.3 |
2019-05-15 |
|
Adobe Acrobat Pro DC PostScript JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-478 |
ZDI-CAN-7774 |
Adobe |
CVE-2019-7141 |
3.3 |
2019-05-15 |
|
Adobe Acrobat Pro DC PostScript JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-477 |
ZDI-CAN-7779 |
Adobe |
CVE-2019-7842 |
7.8 |
2019-05-15 |
|
Adobe MediaEncoder CC TIF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-476 |
ZDI-CAN-7778 |
Adobe |
CVE-2019-7844 |
3.3 |
2019-05-15 |
|
Adobe MediaEncoder CC PNG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-475 |
ZDI-CAN-8423 |
Microsoft |
CVE-2019-0953 |
7.7 |
2019-05-15 |
|
Microsoft Windows Mail HTML Line Breaking Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-474 |
ZDI-CAN-8281 |
Microsoft |
CVE-2019-0890 |
7.0 |
2019-05-15 |
|
Microsoft Windows JET Database Engine Integer Underflow Remote Code Execution Vulnerability |
| ZDI-19-473 |
ZDI-CAN-7969 |
Microsoft |
CVE-2019-0885 |
7.0 |
2019-05-15 |
|
Microsoft Windows ole32 BMP Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-472 |
ZDI-CAN-8173 |
Microsoft |
CVE-2019-0961 |
3.3 |
2019-05-15 |
|
Microsoft Windows gdiplus EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-471 |
ZDI-CAN-8377 |
Microsoft |
CVE-2019-0938 |
8.4 |
2019-05-15 |
|
Microsoft Edge DownloadOperation Sandbox Escape Vulnerability |
| ZDI-19-470 |
ZDI-CAN-8376 |
Microsoft |
CVE-2019-0940 |
7.5 |
2019-05-15 |
|
Microsoft Edge CDXImageRenderTarget Double Free Remote Code Execution Vulnerability |
| ZDI-19-469 |
ZDI-CAN-8370 |
Microsoft |
CVE-2019-0937 |
8.8 |
2019-05-15 |
|
Microsoft Chakra Exception Handling Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-468 |
ZDI-CAN-7932 |
Microsoft |
CVE-2019-0897 |
7.0 |
2019-05-15 |
|
Microsoft Windows Jet Database Engine Sign Extension Remote Code Execution Vulnerability |
| ZDI-19-467 |
ZDI-CAN-7869 |
Microsoft |
CVE-2019-0895 |
7.0 |
2019-05-15 |
|
Microsoft Windows Jet Database Engine Sign Extension Remote Code Execution Vulnerability |
| ZDI-19-466 |
ZDI-CAN-7867 |
Microsoft |
CVE-2019-0896 |
7.0 |
2019-05-15 |
|
Microsoft Windows Jet Database Engine Sign Extension Remote Code Execution Vulnerability |
| ZDI-19-465 |
ZDI-CAN-7866 |
Microsoft |
CVE-2019-0894 |
7.0 |
2019-05-15 |
|
Microsoft Windows JET Database Engine Integer Underflow Remote Code Execution Vulnerability |
| ZDI-19-464 |
ZDI-CAN-7833 |
Microsoft |
CVE-2019-0902 |
7.0 |
2019-05-15 |
|
Microsoft Windows JET Database Engine Buffer Underflow Remote Code Execution Vulnerability |
| ZDI-19-463 |
ZDI-CAN-7839 |
Microsoft |
CVE-2019-0891 |
7.0 |
2019-05-15 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-462 |
ZDI-CAN-7789 |
Microsoft |
CVE-2019-0758 |
3.3 |
2019-05-15 |
|
Microsoft Windows Font Subsetting Library Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-461 |
ZDI-CAN-7788 |
Microsoft |
CVE-2019-0903 |
7.8 |
2019-05-15 |
|
Microsoft Windows Font Subsetting Library Integer Overflow Remote Code Execution Vulnerability |
| ZDI-19-460 |
ZDI-CAN-7670 |
Microsoft |
CVE-2019-0882 |
3.3 |
2019-05-15 |
|
Microsoft Office PowerPoint gdiplus ConvertToEmfPlus Untrusted Pointer Dereference Information Disclosure Vulnerability |
| ZDI-19-459 |
ZDI-CAN-6932 |
Hewlett Packard Enterprise |
CVE-2019-11946 |
6.5 |
2019-05-09 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center Standard ImcLoginMgrImpl Hard-coded Cryptographic Key Credentials Disclosure Vulnerability |
| ZDI-19-458 |
ZDI-CAN-7033 |
Hewlett Packard Enterprise |
CVE-2019-11947 |
8.8 |
2019-05-09 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center dbman Use of Hard-coded Credentials Remote Code Execution Vulnerability |
| ZDI-19-457 |
ZDI-CAN-6807 |
Hewlett Packard Enterprise |
CVE-2019-11944 |
9.8 |
2019-05-09 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center AMF3 Externalizable Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-19-456 |
ZDI-CAN-6885 |
Hewlett Packard Enterprise |
CVE-2019-11945 |
9.8 |
2019-05-09 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center AccessMgrServlet className Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-19-455 |
ZDI-CAN-6911 |
Hewlett Packard Enterprise |
CVE-2019-11942 |
8.8 |
2019-05-09 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center TopoMsgServlet Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-454 |
ZDI-CAN-6757 |
Hewlett Packard Enterprise |
CVE-2019-11943 |
8.8 |
2019-05-09 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center soapConfigContent Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-453 |
ZDI-CAN-6755 |
Hewlett Packard Enterprise |
CVE-2019-5370 |
8.8 |
2019-05-09 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center ictExpertCSVDownload Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-452 |
ZDI-CAN-6857 |
Hewlett Packard Enterprise |
CVE-2019-11941 |
8.8 |
2019-05-09 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center iccSelectDevType Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-451 |
ZDI-CAN-8264 |
Adobe |
CVE-2019-7127 |
3.3 |
2019-05-09 |
|
Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-450 |
ZDI-CAN-7641 |
WECON |
CVE-2018-14810 |
7.8 |
2019-05-02 |
2021-12-03 |
(0Day) Wecon PIStudio HSC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-449 |
ZDI-CAN-7635 |
WECON |
CVE-2018-14810 |
8.4 |
2019-05-02 |
2021-12-03 |
(0Day) Wecon PIStudio HSC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-448 |
ZDI-CAN-7816 |
Microsoft |
|
8.1 |
2019-04-30 |
2019-11-01 |
(0Day) Microsoft Visual Studio asm Memory Corruption Remote Code Execution Vulnerability |
| ZDI-19-447 |
ZDI-CAN-8272 |
Foxit |
CVE-2019-6773 |
3.3 |
2019-04-29 |
|
Foxit Reader AcroForm richValue Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-446 |
ZDI-CAN-8231 |
Foxit |
CVE-2019-6772 |
3.3 |
2019-04-29 |
|
Foxit Reader AcroForm removeField Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-445 |
ZDI-CAN-8230 |
Foxit |
CVE-2019-6771 |
3.3 |
2019-04-29 |
|
Foxit Reader AcroForm value Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-444 |
ZDI-CAN-8229 |
Foxit |
CVE-2019-6770 |
3.3 |
2019-04-29 |
|
Foxit Reader AcroForm resetForm Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-443 |
ZDI-CAN-8165 |
Foxit |
CVE-2019-6769 |
7.8 |
2019-04-29 |
|
Foxit Reader AcroForm removeField Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-442 |
ZDI-CAN-8164 |
Foxit |
CVE-2019-6768 |
7.0 |
2019-04-29 |
|
Foxit Reader AcroForm removeField Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-441 |
ZDI-CAN-8163 |
Foxit |
CVE-2019-6767 |
7.0 |
2019-04-29 |
|
Foxit Reader AcroForm removeField Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-440 |
ZDI-CAN-8162 |
Foxit |
CVE-2019-6766 |
3.3 |
2019-04-29 |
|
Foxit Reader AcroForm removeField Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-439 |
ZDI-CAN-8170 |
Foxit |
CVE-2019-6765 |
7.8 |
2019-04-29 |
|
Foxit PhantomPDF HTML2PDF HTML Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-438 |
ZDI-CAN-7972 |
Foxit |
CVE-2019-6764 |
7.8 |
2019-04-29 |
|
Foxit Reader XFA Template Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-437 |
ZDI-CAN-7874 |
Foxit |
CVE-2019-6763 |
7.8 |
2019-04-29 |
|
Foxit Reader FoxitReaderCtl ToggleFormsDesign Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-436 |
ZDI-CAN-7844 |
Foxit |
CVE-2019-6762 |
7.8 |
2019-04-29 |
|
Foxit PhantomPDF blink_core HTML Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-435 |
ZDI-CAN-7777 |
Foxit |
CVE-2019-6761 |
7.8 |
2019-04-29 |
|
Foxit Reader XFA CXFA_FFDocView Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-434 |
ZDI-CAN-7694 |
Foxit |
CVE-2019-6760 |
7.8 |
2019-04-29 |
|
Foxit Reader ConvertToPDF JPG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-433 |
ZDI-CAN-7614 |
Foxit |
CVE-2019-6759 |
7.8 |
2019-04-29 |
|
Foxit Reader ConvertToPDF BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-432 |
ZDI-CAN-7701 |
Foxit |
CVE-2019-6758 |
3.3 |
2019-04-29 |
|
Foxit Reader ConvertToPDF JPG File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-431 |
ZDI-CAN-7696 |
Foxit |
CVE-2019-6757 |
7.8 |
2019-04-29 |
|
Foxit Reader ConvertToPDF JPG File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-430 |
ZDI-CAN-7769 |
Foxit |
CVE-2019-6756 |
3.3 |
2019-04-29 |
|
Foxit PhantomPDF net HTML File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-429 |
ZDI-CAN-7613 |
Foxit |
CVE-2019-6755 |
7.8 |
2019-04-29 |
|
Foxit Reader ConvertToPDF BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-428 |
ZDI-CAN-7407 |
Foxit |
CVE-2019-6754 |
7.3 |
2019-04-29 |
|
Foxit Reader localFileStorage Directory Traversal Remote Code Execution Vulnerability |
| ZDI-19-427 |
ZDI-CAN-7561 |
Foxit |
CVE-2019-6753 |
3.3 |
2019-04-29 |
|
Foxit Reader XFA Stuff Integer Overflow Information Disclosure Vulnerability |
| ZDI-19-426 |
ZDI-CAN-7620 |
Foxit |
CVE-2019-6752 |
3.3 |
2019-04-29 |
|
Foxit PhantomPDF HTML2PDF HTML Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-425 |
ZDI-CAN-8363 |
Oracle |
CVE-2019-2722 |
6.7 |
2019-04-29 |
2021-06-29 |
(Pwn2Own) Oracle VirtualBox e1000 Integer Overflow Privilege Escalation Vulnerability |
| ZDI-19-424 |
ZDI-CAN-8362 |
Oracle |
CVE-2019-2723 |
6.7 |
2019-04-29 |
2019-06-14 |
(Pwn2Own) Oracle VirtualBox e1000 Race Condition Privilege Escalation Vulnerability |
| ZDI-19-423 |
ZDI-CAN-8361 |
Oracle |
CVE-2019-2723 |
4.4 |
2019-04-29 |
2019-06-14 |
(Pwn2Own) Oracle VirtualBox OHCI Integer Overflow Information Disclosure Vulnerability |
| ZDI-19-422 |
ZDI-CAN-7344 |
Apple |
CVE-2019-8534 |
8.8 |
2019-04-29 |
|
Apple macOS apfs Volume Use-After-Free Privilege Escalation Vulnerability |
| ZDI-19-421 |
ZDI-CAN-8372 |
VMware |
CVE-2019-5518 |
7.8 |
2019-04-17 |
2019-06-14 |
(Pwn2Own) VMware Workstation UHCI Out-Of-Bounds Access Privilege Escalation Vulnerability |
| ZDI-19-420 |
ZDI-CAN-8364 |
VMware |
CVE-2019-5519 |
7.8 |
2019-04-17 |
2019-06-14 |
(Pwn2Own) VMware Workstation UHCI Race Condition Privilege Escalation Vulnerability |
| ZDI-19-419 |
ZDI-CAN-8061 |
Delta Industrial Automation |
CVE-2019-10949 |
3.3 |
2019-04-17 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-418 |
ZDI-CAN-8059 |
Delta Industrial Automation |
CVE-2019-10949 |
3.3 |
2019-04-17 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-417 |
ZDI-CAN-7946 |
Delta Industrial Automation |
CVE-2019-10947 |
7.8 |
2019-04-17 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing wKPFStringLen Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-416 |
ZDI-CAN-7962 |
Delta Industrial Automation |
CVE-2019-10949 |
3.3 |
2019-04-17 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-415 |
ZDI-CAN-7961 |
Delta Electronics |
CVE-2019-10949 |
3.3 |
2019-04-17 |
2024-01-19 |
Delta Industrial Automation CNCSoft ScreenEditor DPB Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-414 |
ZDI-CAN-7960 |
Delta Electronics |
CVE-2019-10949 |
3.3 |
2019-04-17 |
2024-01-19 |
Delta Industrial Automation CNCSoft ScreenEditor DPB Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-413 |
ZDI-CAN-7947 |
Delta Industrial Automation |
CVE-2019-10949 |
3.3 |
2019-04-17 |
|
Delta Industrial Automation CNCSoft ScreenEditor wMessageLen Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-412 |
ZDI-CAN-7945 |
Delta Industrial Automation |
CVE-2019-10949 |
3.3 |
2019-04-17 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing GCodePatternLen Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-411 |
ZDI-CAN-7827 |
Delta Industrial Automation |
CVE-2019-10949 |
3.3 |
2019-04-17 |
|
Delta Industrial Automation CNCSoftScreenEditor DPB File Parsing wMessageLen Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-410 |
ZDI-CAN-7823 |
Delta Industrial Automation |
CVE-2019-10947 |
7.8 |
2019-04-17 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing PanelName Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-409 |
ZDI-CAN-7815 |
Delta Industrial Automation |
CVE-2019-10949 |
3.3 |
2019-04-17 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing wTextLen Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-408 |
ZDI-CAN-7831 |
Delta Industrial Automation |
CVE-2019-10951 |
7.8 |
2019-04-17 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing wLanguageNameLen Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-407 |
ZDI-CAN-7826 |
Delta Industrial Automation |
CVE-2019-10949 |
3.3 |
2019-04-17 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing GCodePatternLen Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-406 |
ZDI-CAN-7814 |
Delta Industrial Automation |
CVE-2019-10949 |
3.3 |
2019-04-17 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing DescwTextLen Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-405 |
ZDI-CAN-7813 |
Delta Industrial Automation |
CVE-2019-10951 |
7.8 |
2019-04-17 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing wTextLen Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-404 |
ZDI-CAN-7812 |
Delta Industrial Automation |
CVE-2019-10947 |
7.8 |
2019-04-17 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing wKPFStringLen Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-403 |
ZDI-CAN-7811 |
Delta Industrial Automation |
CVE-2019-10947 |
7.8 |
2019-04-17 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing wMessageLen Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-402 |
ZDI-CAN-7810 |
Delta Industrial Automation |
CVE-2019-10947 |
7.8 |
2019-04-17 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing wFontTextLen Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-401 |
ZDI-CAN-7809 |
Delta Industrial Automation |
CVE-2019-10947 |
7.8 |
2019-04-17 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing wMessageLen Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-400 |
ZDI-CAN-7808 |
Delta Industrial Automation |
CVE-2019-10947 |
7.8 |
2019-04-17 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing wMessageLen Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-399 |
ZDI-CAN-7807 |
Delta Industrial Automation |
CVE-2019-10947 |
7.8 |
2019-04-17 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing wTextLen Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-398 |
ZDI-CAN-7999 |
Oracle |
CVE-2019-2574 |
6.5 |
2019-04-17 |
|
Oracle VirtualBox crServerDispatchGetVertexAttribdvARB Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-397 |
ZDI-CAN-7992 |
Oracle |
CVE-2019-2574 |
6.5 |
2019-04-17 |
|
Oracle VirtualBox crServerDispatchGetTexParameteriv Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-396 |
ZDI-CAN-7990 |
Oracle |
CVE-2019-2574 |
6.5 |
2019-04-17 |
|
Oracle VirtualBox crServerDispatchGetTexGeniv Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-395 |
ZDI-CAN-7986 |
Oracle |
CVE-2019-2574 |
6.5 |
2019-04-17 |
|
Oracle VirtualBox crServerDispatchGetMaterialfv Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-394 |
ZDI-CAN-7985 |
Oracle |
CVE-2019-2574 |
6.5 |
2019-04-17 |
|
Oracle VirtualBox crServerDispatchGetLightfv Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-393 |
ZDI-CAN-7980 |
Oracle |
CVE-2019-2574 |
6.5 |
2019-04-17 |
|
Oracle VirtualBox crServerDispatchGetCombinerOutputParameterivNV Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-392 |
ZDI-CAN-7893 |
Oracle |
CVE-2019-2574 |
6.5 |
2019-04-17 |
|
Oracle VirtualBox crServerDispatchGetFinalCombinerInputParameterivNV Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-19-391 |
ZDI-CAN-7997 |
Oracle |
CVE-2019-2574 |
6.5 |
2019-04-17 |
|
Oracle VirtualBox crServerDispatchGetVertexAttribdvNV Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-390 |
ZDI-CAN-7978 |
Oracle |
CVE-2019-2574 |
6.5 |
2019-04-17 |
|
Oracle VirtualBox crServerDispatchGetCombinerOutputParameterfvNV Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-389 |
ZDI-CAN-7979 |
Oracle |
CVE-2019-2574 |
6.5 |
2019-04-17 |
|
Oracle VirtualBox crServerDispatchGetCombinerStageParameterfvNV Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-388 |
ZDI-CAN-8276 |
Oracle |
CVE-2019-2574 |
6.5 |
2019-04-17 |
|
Oracle VirtualBox crServerDispatchGetTexEnvfv Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-387 |
ZDI-CAN-7987 |
Oracle |
CVE-2019-2574 |
6.5 |
2019-04-17 |
|
Oracle VirtualBox crServerDispatchGetProgramParameterfvNV Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-386 |
ZDI-CAN-7982 |
Oracle |
CVE-2019-2574 |
6.5 |
2019-04-17 |
|
Oracle VirtualBox crServerDispatchGetLightiv Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-385 |
ZDI-CAN-7984 |
Oracle |
CVE-2019-2574 |
6.5 |
2019-04-17 |
|
Oracle VirtualBox crServerDispatchGetMaterialiv Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-384 |
ZDI-CAN-7994 |
Oracle |
CVE-2019-2574 |
6.5 |
2019-04-17 |
|
Oracle VirtualBox crServerDispatchGetVertexAttribivNV Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-383 |
ZDI-CAN-7996 |
Oracle |
CVE-2019-2574 |
6.5 |
2019-04-17 |
|
Oracle VirtualBox crServerDispatchGetVertexAttribfvNV Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-382 |
ZDI-CAN-7991 |
Oracle |
CVE-2019-2574 |
6.5 |
2019-04-17 |
|
Oracle VirtualBox crServerDispatchGetTexParameterfv Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-381 |
ZDI-CAN-7988 |
Oracle |
CVE-2019-2574 |
6.5 |
2019-04-17 |
|
Oracle VirtualBox crServerDispatchGetProgramParameterdvNV Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-380 |
ZDI-CAN-7995 |
Oracle |
CVE-2019-2574 |
6.5 |
2019-04-17 |
|
Oracle VirtualBox crServerDispatchGetVertexAttribfvARB Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-379 |
ZDI-CAN-7993 |
Oracle |
CVE-2019-2574 |
6.5 |
2019-04-17 |
|
Oracle VirtualBox crServerDispatchGetVertexAttribivARB Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-378 |
ZDI-CAN-7892 |
Oracle |
CVE-2019-2690 |
7.8 |
2019-04-17 |
|
Oracle VirtualBox crUnpackExtendShaderSource Integer Overflow Privilege Escalation Vulnerability |
| ZDI-19-377 |
ZDI-CAN-7363 |
Oracle |
CVE-2019-2657 |
7.8 |
2019-04-17 |
|
Oracle VirtualBox CRClientPointer Use-After-Free Privilege Escalation Vulnerability |
| ZDI-19-376 |
ZDI-CAN-7364 |
Oracle |
CVE-2019-2656 |
7.8 |
2019-04-17 |
|
Oracle VirtualBox crStateCopyTexImage2D Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-19-375 |
ZDI-CAN-7632 |
Foxit |
CVE-2019-6751 |
7.8 |
2019-04-17 |
|
Foxit Studio Photo JPG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-374 |
ZDI-CAN-7639 |
Foxit |
CVE-2019-6750 |
7.8 |
2019-04-17 |
|
Foxit Studio Photo EZI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-373 |
ZDI-CAN-7638 |
Foxit |
CVE-2019-6749 |
7.8 |
2019-04-17 |
|
Foxit Studio Photo EZIX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-372 |
ZDI-CAN-7637 |
Foxit |
CVE-2019-6748 |
7.8 |
2019-04-17 |
|
Foxit Studio Photo EZI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-371 |
ZDI-CAN-7636 |
Foxit |
CVE-2019-6747 |
7.8 |
2019-04-17 |
|
Foxit Studio Photo EZI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-370 |
ZDI-CAN-7634 |
Foxit |
CVE-2019-6746 |
3.3 |
2019-04-17 |
|
Foxit Studio Photo TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-369 |
ZDI-CAN-7195 |
VMware |
CVE-2019-5520 |
2.8 |
2019-04-17 |
|
VMware Workstation Shader Bytecode Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-368 |
ZDI-CAN-7478 |
Xiaomi |
CVE-2018-6064 |
8.8 |
2019-04-17 |
2019-06-14 |
(Pwn2Own) Xiaomi Mi6 V8 CollectValuesOrEntriesImpl Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-367 |
ZDI-CAN-7482 |
Xiaomi |
CVE-2018-6065 |
7.5 |
2019-04-15 |
2019-06-14 |
(Pwn2Own) Xiaomi Mi6 Browser CalculateInstanceSizeHelper Integer Overflow Remote Code Execution Vulnerability |
| ZDI-19-366 |
ZDI-CAN-7466 |
Xiaomi |
CVE-2019-6743 |
7.8 |
2019-04-15 |
2019-06-14 |
(Pwn2Own) Xiaomi Mi6 Browser WebAssembly.Instance Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-365 |
ZDI-CAN-8373 |
Mozilla |
CVE-2019-9813 |
8.8 |
2019-04-15 |
2019-06-14 |
(Pwn2Own) Mozilla Firefox IonMonkey Optimizer Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-364 |
ZDI-CAN-8368 |
Mozilla |
CVE-2019-9810 |
8.8 |
2019-04-15 |
2019-06-14 |
(Pwn2Own) Mozilla Firefox Array.slice Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-363 |
ZDI-CAN-8330 |
Microsoft |
CVE-2019-0853 |
7.8 |
2019-04-15 |
|
Microsoft Windows EMF File Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-19-362 |
ZDI-CAN-8329 |
Microsoft |
CVE-2019-0853 |
7.8 |
2019-04-15 |
|
Microsoft Windows EMF File Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-19-361 |
ZDI-CAN-8155 |
Microsoft |
CVE-2019-0810 |
8.8 |
2019-04-15 |
|
Microsoft Chakra Object Reoptimization Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-360 |
ZDI-CAN-7753 |
Microsoft |
CVE-2019-0841 |
7.3 |
2019-04-15 |
|
Microsoft Windows AppX Deployment Service Hard Link Privilege Escalation Vulnerability |
| ZDI-19-359 |
ZDI-CAN-7757 |
Microsoft |
CVE-2019-0752 |
8.8 |
2019-04-15 |
2019-11-01 |
Microsoft Internet Explorer Property Put Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-358 |
ZDI-CAN-7707 |
Microsoft |
CVE-2019-0801 |
4.2 |
2019-04-15 |
|
Microsoft Office Protocol Handler Directory Traversal File Creation Vulnerability |
| ZDI-19-357 |
ZDI-CAN-8280 |
Adobe |
CVE-2019-7108 |
3.1 |
2019-04-15 |
|
Adobe Flash Player Filter Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-356 |
ZDI-CAN-7886 |
Adobe |
CVE-2019-7138 |
5.5 |
2019-04-15 |
|
Adobe Bridge CC MOV File Parsing Our-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-355 |
ZDI-CAN-7766 |
Adobe |
CVE-2019-7137 |
5.5 |
2019-04-15 |
|
Adobe Bridge CC PDF File Parsing Unexpected Sign Extension Information Disclosure Vulnerability |
| ZDI-19-354 |
ZDI-CAN-7765 |
Adobe |
CVE-2019-7136 |
5.5 |
2019-04-15 |
|
Adobe Bridge CC PDF File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-353 |
ZDI-CAN-7743 |
Adobe |
CVE-2019-7135 |
5.5 |
2019-04-15 |
|
Adobe Bridge CC TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-352 |
ZDI-CAN-7965 |
Adobe |
CVE-2019-7127 |
3.3 |
2019-04-15 |
|
Adobe Acrobat Pro DC PostScript Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-351 |
ZDI-CAN-7585 |
Adobe |
CVE-2019-7134 |
5.5 |
2019-04-15 |
|
Adobe Bridge CC PNG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-350 |
ZDI-CAN-7747 |
Adobe |
CVE-2019-7111 |
7.8 |
2019-04-15 |
|
Adobe Acrobat Pro DC JOBOPTIONS CalCMYKProfile Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-349 |
ZDI-CAN-7746 |
Adobe |
CVE-2019-7109 |
3.3 |
2019-04-15 |
|
Adobe Acrobat Pro DC JOBOPTIONS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-348 |
ZDI-CAN-7745 |
Adobe |
CVE-2019-7110 |
3.3 |
2019-04-15 |
|
Adobe Acrobat Pro DC JOBOPTIONS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-347 |
ZDI-CAN-7767 |
Adobe |
CVE-2019-7133 |
3.3 |
2019-04-15 |
|
Adobe Bridge CC AdobePSL TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-346 |
ZDI-CAN-7763 |
Adobe |
CVE-2019-7132 |
7.8 |
2019-04-15 |
|
Adobe Bridge CC AdobePSL TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-345 |
ZDI-CAN-7596 |
Adobe |
CVE-2019-7130 |
7.8 |
2019-04-15 |
|
Adobe Bridge CC PCX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-344 |
ZDI-CAN-6609 |
Omron |
CVE-2019-6556 |
7.8 |
2019-04-15 |
|
OMRON CX-One CX-Programmer CXP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-343 |
ZDI-CAN-7017 |
Hewlett Packard Enterprise |
CVE-2019-5389 |
8.8 |
2019-04-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-342 |
ZDI-CAN-7016 |
Hewlett Packard Enterprise |
CVE-2019-5388 |
8.8 |
2019-04-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-341 |
ZDI-CAN-6754 |
Hewlett Packard Enterprise |
CVE-2019-5387 |
8.8 |
2019-04-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center navigationTo Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-340 |
ZDI-CAN-6756 |
Hewlett Packard Enterprise |
CVE-2019-5380 |
8.8 |
2019-04-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center selViewNavContent Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-339 |
ZDI-CAN-6875 |
Hewlett Packard Enterprise |
CVE-2019-5381 |
8.8 |
2019-04-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center faultStatChooseFaultType Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-338 |
ZDI-CAN-6876 |
Hewlett Packard Enterprise |
CVE-2019-5382 |
8.8 |
2019-04-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center faultFlashEventSelectFact Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-337 |
ZDI-CAN-6880 |
Hewlett Packard Enterprise |
CVE-2019-5383 |
8.8 |
2019-04-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center wmiConfigContent Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-336 |
ZDI-CAN-6886 |
Hewlett Packard Enterprise |
CVE-2019-5384 |
8.8 |
2019-04-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center iccSelectDymicParam Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-335 |
ZDI-CAN-6889 |
Hewlett Packard Enterprise |
CVE-2019-5385 |
8.8 |
2019-04-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center perfSelectTask Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-334 |
ZDI-CAN-6908 |
Hewlett Packard Enterprise |
CVE-2019-5386 |
8.8 |
2019-04-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center viewBatchTaskResultDetailFact Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-333 |
ZDI-CAN-8205 |
Microsoft |
CVE-2019-0774 |
3.3 |
2019-04-04 |
|
Microsoft Windows gdiplus EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-332 |
ZDI-CAN-7817 |
Microsoft |
CVE-2019-0667 |
7.5 |
2019-04-04 |
|
Microsoft Windows VBScript Array Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-19-331 |
ZDI-CAN-7908 |
Advantech |
CVE-2019-6554 |
7.5 |
2019-04-02 |
|
Advantech WebAccess Node UninstallWA Improper Access Control Denial-of-Service Vulnerability |
| ZDI-19-330 |
ZDI-CAN-7930 |
Advantech |
CVE-2019-6550 |
9.8 |
2019-04-02 |
|
Advantech WebAccess Client upandpr scanf Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-329 |
ZDI-CAN-7924 |
Advantech |
CVE-2019-6550 |
9.8 |
2019-04-02 |
|
Advantech WebAccess Client upandpr sprintf Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-328 |
ZDI-CAN-7882 |
Advantech |
CVE-2019-6550 |
9.8 |
2019-04-02 |
|
Advantech WebAccess Node bwthinfl Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-327 |
ZDI-CAN-7881 |
Advantech |
CVE-2019-6550 |
9.8 |
2019-04-02 |
|
Advantech WebAccess Node BwOpcImg Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-326 |
ZDI-CAN-7928 |
Advantech |
CVE-2019-6552 |
9.8 |
2019-04-02 |
|
Advantech WebAccess Node bwrunmie Command Injection Remote Code Execution Vulnerability |
| ZDI-19-325 |
ZDI-CAN-7927 |
Advantech |
CVE-2019-6550 |
9.8 |
2019-04-02 |
|
Advantech WebAccess Client bwsound2 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-324 |
ZDI-CAN-7926 |
Advantech |
CVE-2019-6552 |
9.8 |
2019-04-02 |
|
Advantech WebAccess Client bwrunmie Command Injection Remote Code Execution Vulnerability |
| ZDI-19-323 |
ZDI-CAN-7925 |
Advantech |
CVE-2019-6550 |
9.8 |
2019-04-02 |
|
Advantech WebAccess Client bwsound Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-322 |
ZDI-CAN-7914 |
Advantech |
CVE-2019-6550 |
9.8 |
2019-04-02 |
|
Advantech WebAccess Client BwNodeIP Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-321 |
ZDI-CAN-7920 |
Advantech |
CVE-2019-6550 |
9.8 |
2019-04-02 |
|
Advantech WebAccess Node bwthinfl Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-320 |
ZDI-CAN-7913 |
Advantech |
CVE-2019-6550 |
9.8 |
2019-04-02 |
|
Advantech WebAccess Node bwmakdir Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-319 |
ZDI-CAN-7912 |
Advantech |
CVE-2019-6550 |
9.8 |
2019-04-02 |
|
Advantech WebAccess Node BWSyncDb Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-318 |
ZDI-CAN-7910 |
Advantech |
CVE-2019-6550 |
9.8 |
2019-04-02 |
|
Advantech WebAccess Node BwSyncLg Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-317 |
ZDI-CAN-7905 |
Advantech |
CVE-2019-6550 |
9.8 |
2019-04-02 |
|
Advantech WebAccess Client bwwebd Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-316 |
ZDI-CAN-7904 |
Advantech |
CVE-2019-6550 |
9.8 |
2019-04-02 |
|
Advantech WebAccess Client bwprtscr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-315 |
ZDI-CAN-7903 |
Advantech |
CVE-2019-6550 |
9.8 |
2019-04-02 |
|
Advantech WebAccess Client BwCLRptw Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-314 |
ZDI-CAN-7902 |
Advantech |
CVE-2019-6550 |
9.8 |
2019-04-02 |
|
Advantech WebAccess Node bwrunrpt Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-313 |
ZDI-CAN-7901 |
Advantech |
CVE-2019-6550 |
9.8 |
2019-04-02 |
|
Advantech WebAccess Node BwFreRPT Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-312 |
ZDI-CAN-7900 |
Advantech |
CVE-2019-6550 |
9.8 |
2019-04-02 |
|
Advantech WebAccess Node bwstmps Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-311 |
ZDI-CAN-7899 |
Advantech |
CVE-2019-6550 |
9.8 |
2019-04-02 |
|
Advantech WebAccess Node bwstwww Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-310 |
ZDI-CAN-7898 |
Advantech |
CVE-2019-6550 |
9.8 |
2019-04-02 |
|
Advantech WebAccess Node BwRPswd Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-309 |
ZDI-CAN-7885 |
Advantech |
CVE-2019-6550 |
9.8 |
2019-04-02 |
|
Advantech WebAccess Node giffconv Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-308 |
ZDI-CAN-7884 |
Advantech |
CVE-2019-6550 |
9.8 |
2019-04-02 |
|
Advantech WebAccess Node jpegconv Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-307 |
ZDI-CAN-7374 |
LAquis |
CVE-2019-6536 |
7.8 |
2019-04-02 |
|
LAquis SCADA ELS Users.name Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-306 |
ZDI-CAN-7450 |
VMware |
CVE-2019-5515 |
5.3 |
2019-04-02 |
|
VMware Workstation e1000 Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-19-305 |
ZDI-CAN-7654 |
Jaspersoft |
CVE-2018-18815 |
6.2 |
2019-04-02 |
|
Jaspersoft JasperReports Server DiagnosticDataCipherer Hard-coded Cryptographic Key Information Disclosure Vulnerability |
| ZDI-19-304 |
ZDI-CAN-7458 |
Adobe |
CVE-2019-7131 |
7.8 |
2019-04-02 |
|
Adobe Acrobat Pro DC PostScript File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-303 |
ZDI-CAN-6881 |
Hewlett Packard Enterprise |
|
8.8 |
2019-03-28 |
2019-05-30 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center mediaForAction Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-302 |
ZDI-CAN-6869 |
Hewlett Packard Enterprise |
CVE-2019-5378 |
8.8 |
2019-03-28 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center userSelectPagingContent Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-301 |
ZDI-CAN-6862 |
Hewlett Packard Enterprise |
CVE-2019-5377 |
8.8 |
2019-03-28 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center sshConfig Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-300 |
ZDI-CAN-6914 |
Hewlett Packard Enterprise |
CVE-2019-5376 |
8.8 |
2019-03-28 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center TopoMsgServlet Java Reflection Remote Code Execution Vulnerability |
| ZDI-19-299 |
ZDI-CAN-6855 |
Hewlett Packard Enterprise |
CVE-2019-5375 |
8.8 |
2019-03-28 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center ictExpertDownload Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-298 |
ZDI-CAN-6858 |
Hewlett Packard Enterprise |
CVE-2019-5379 |
8.8 |
2019-03-28 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center deploySelectSoftware Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-297 |
ZDI-CAN-6854 |
Hewlett Packard Enterprise |
CVE-2019-5374 |
8.8 |
2019-03-28 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center operatorGroupTreeSelectContent Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-296 |
ZDI-CAN-6864 |
Hewlett Packard Enterprise |
CVE-2019-5373 |
8.8 |
2019-03-28 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center customTemplateSelect Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-295 |
ZDI-CAN-6884 |
Hewlett Packard Enterprise |
CVE-2019-5372 |
8.8 |
2019-03-28 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center iccSelectRules Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-294 |
ZDI-CAN-6910 |
Hewlett Packard Enterprise |
CVE-2019-5371 |
8.8 |
2019-03-28 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center addDeviceToView Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-293 |
ZDI-CAN-7909 |
Advantech |
|
9.8 |
2019-03-28 |
|
Advantech WebAccess Node tv_enua Improper Access Control Remote Code Execution Vulnerability |
| ZDI-19-292 |
ZDI-CAN-7907 |
Advantech |
|
9.8 |
2019-03-28 |
|
Advantech WebAccess Node spchapi Improper Access Control Remote Code Execution Vulnerability |
| ZDI-19-291 |
ZDI-CAN-7246 |
Drupal |
CVE-2019-6341 |
6.1 |
2019-03-26 |
|
Drupal File file_create_filename Persistent Cross-Site Scripting Vulnerability |
| ZDI-19-290 |
ZDI-CAN-7889 |
Apple |
CVE-2019-8529 |
7.8 |
2019-03-26 |
|
Apple macOS SCSITaskUserClient Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-19-289 |
ZDI-CAN-7604 |
Apple |
CVE-2019-8519 |
5.5 |
2019-03-26 |
|
Apple macOS AMDRadeonX4000 Out-Of-Bounds Read Privilege Escalation Vulnerability |
| ZDI-19-288 |
ZDI-CAN-7865 |
Apple |
CVE-2019-8524 |
7.5 |
2019-03-26 |
|
Apple Safari GraphicsContext Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-287 |
ZDI-CAN-7442 |
Apple |
CVE-2019-8517 |
4.3 |
2019-03-26 |
|
Apple macOS StreamFlatFont Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-286 |
ZDI-CAN-7756 |
Microsoft |
CVE-2019-0784 |
4.5 |
2019-03-26 |
|
Microsoft Windows ADODB Integer Overflow Remote Code Execution Vulnerability |
| ZDI-19-285 |
ZDI-CAN-7484 |
Xiaomi |
|
8.8 |
2019-03-15 |
2020-01-15 |
(0Day) (Pwn2Own) Xiaomi Mi6 Browser market.install apkPath Command Injection Remote Code Execution Vulnerability |
| ZDI-19-284 |
ZDI-CAN-7468 |
Xiaomi |
|
5.5 |
2019-03-15 |
2020-01-15 |
(0Day) (Pwn2Own) Xiaomi Mi6 Browser Redirect Improper Authorization Remote Code Execution Vulnerability |
| ZDI-19-283 |
ZDI-CAN-7469 |
Xiaomi |
|
8.0 |
2019-03-15 |
2020-01-15 |
(0Day) (Pwn2Own) Xiaomi Mi6 Browser downloadAndInstallApk Improper Authorization Remote Code Execution Vulnerability |
| ZDI-19-282 |
ZDI-CAN-7471 |
Google |
|
5.9 |
2019-03-15 |
2020-01-15 |
(0Day) (Pwn2Own) Google Android Contacts Incorrect Permission Assignment Privilege Escalation Vulnerability |
| ZDI-19-281 |
ZDI-CAN-7470 |
Xiaomi |
|
5.5 |
2019-03-15 |
2020-01-15 |
(0Day) (Pwn2Own) Xiaomi Mi6 Captive Portal Whitelist Bypass Remote Code Execution Vulnerability |
| ZDI-19-280 |
ZDI-CAN-7919 |
Microsoft |
CVE-2019-0746 |
3.1 |
2019-03-12 |
|
Microsoft Chakra lastIndexOf Integer Underflow Information Disclosure Vulnerability |
| ZDI-19-279 |
ZDI-CAN-7551 |
Microsoft |
CVE-2019-0774 |
3.3 |
2019-03-12 |
|
Microsoft Windows SetEnhMetaFileBits Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-278 |
ZDI-CAN-7336 |
Microsoft |
CVE-2019-0617 |
7.0 |
2019-03-12 |
|
Microsoft Windows JET Database Engine Integer Underflow Remote Code Execution Vulnerability |
| ZDI-19-277 |
ZDI-CAN-7739 |
Microsoft |
CVE-2019-0665 |
5.0 |
2019-03-12 |
2019-11-01 |
Microsoft Internet Explorer Attr nodeValue Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-276 |
ZDI-CAN-7597 |
Microsoft |
CVE-2019-0603 |
9.8 |
2019-03-12 |
|
Microsoft Windows Deployment Services TFTP Server Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-275 |
ZDI-CAN-7691 |
Microsoft |
CVE-2019-0665 |
5.0 |
2019-03-12 |
|
Microsoft Internet Explorer event Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-274 |
ZDI-CAN-7690 |
Microsoft |
CVE-2019-0665 |
5.0 |
2019-03-12 |
|
Microsoft Internet Explorer CustomEvent Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-273 |
ZDI-CAN-7371 |
Microsoft |
CVE-2019-0614 |
5.5 |
2019-03-12 |
|
Microsoft Windows gdiplus DoGdiCommentMultiFormats EMR_COMMENT_MULTIFORMATS Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-272 |
ZDI-CAN-7822 |
Microsoft |
CVE-2019-0726 |
5.0 |
2019-03-12 |
2019-04-01 |
Microsoft Windows DHCP Client Integer Underflow Remote Code Execution Vulnerability |
| ZDI-19-271 |
ZDI-CAN-6866 |
Hewlett Packard Enterprise |
CVE-2019-11961 |
8.8 |
2019-03-12 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center templateSelect Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-270 |
ZDI-CAN-6867 |
Hewlett Packard Enterprise |
CVE-2019-5368 |
8.8 |
2019-03-12 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center reportTaskSelect Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-269 |
ZDI-CAN-6863 |
Hewlett Packard Enterprise |
CVE-2019-11962 |
8.8 |
2019-03-12 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center selectUserGroup Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-268 |
ZDI-CAN-6859 |
Hewlett Packard Enterprise |
CVE-2019-11963 |
8.8 |
2019-03-12 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center deploySelectBootrom Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-267 |
ZDI-CAN-6853 |
Hewlett Packard Enterprise |
CVE-2019-11964 |
8.8 |
2019-03-12 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center iccSelectDeviceSeries Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-266 |
ZDI-CAN-6852 |
Hewlett Packard Enterprise |
CVE-2019-11965 |
8.8 |
2019-03-12 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center deviceThresholdConfig Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-265 |
ZDI-CAN-6806 |
Hewlett Packard Enterprise |
CVE-2019-5367 |
9.8 |
2019-03-12 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center MyFaces Static Key ViewState Use of Default Credentials Remote Code Execution Vulnerability |
| ZDI-19-264 |
ZDI-CAN-6759 |
Hewlett Packard Enterprise |
CVE-2019-5370 |
8.8 |
2019-03-12 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center ictExpertCSVDownload Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-263 |
ZDI-CAN-6870 |
Hewlett Packard Enterprise |
CVE-2019-11960 |
8.8 |
2019-03-12 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center select Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-262 |
ZDI-CAN-6871 |
Hewlett Packard Enterprise |
CVE-2019-5369 |
8.8 |
2019-03-12 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center tvxlanLegend Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-261 |
ZDI-CAN-6879 |
Hewlett Packard Enterprise |
CVE-2019-11959 |
8.8 |
2019-03-12 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center thirdPartyPerfSelectTask Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-260 |
ZDI-CAN-6883 |
Hewlett Packard Enterprise |
CVE-2019-11958 |
8.8 |
2019-03-12 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center operatorGroupSelectContent Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-259 |
ZDI-CAN-6753 |
Hewlett Packard Enterprise |
CVE-2019-11966 |
8.8 |
2019-03-12 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center operatorOnlineList_contentOnly Cleartext Storage of Sensitive Information Privilege Escalation Vulnerability |
| ZDI-19-258 |
ZDI-CAN-7584 |
Adobe |
CVE-2019-7094 |
7.0 |
2019-03-12 |
|
Adobe Photoshop GIF Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-19-257 |
ZDI-CAN-7411 |
Advantech |
|
7.8 |
2019-03-07 |
2019-05-30 |
(0Day) Advantech WebAccess Node Product Installation File Access Control Modification Privilege Escalation Vulnerability |
| ZDI-19-256 |
ZDI-CAN-7655 |
Jaspersoft |
CVE-2018-18815 |
7.5 |
2019-03-06 |
|
Jaspersoft JasperReports Server ResourceForwardingServlet URI Improper Access Control Vulnerability |
| ZDI-19-255 |
ZDI-CAN-7477 |
Samsung |
CVE-2019-6742 |
10.0 |
2019-03-05 |
2019-06-14 |
(Pwn2Own) Samsung Galaxy S9 GameServiceReceiver Unsafe Updates Validation Remote Code Execution Vulnerability |
| ZDI-19-254 |
ZDI-CAN-7476 |
Samsung |
CVE-2019-6741 |
6.5 |
2019-03-05 |
2019-06-14 |
(Pwn2Own) Samsung Galaxy S9 Untrusted Site Redirection Remote Code Execution Vulnerability |
| ZDI-19-253 |
ZDI-CAN-7472 |
Samsung |
CVE-2019-6740 |
9.6 |
2019-03-05 |
2019-06-14 |
(Pwn2Own) Samsung Galaxy S9 ASN.1 Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-252 |
ZDI-CAN-7242 |
Unity Technologies |
CVE-2019-9197 |
8.8 |
2019-03-05 |
|
Unity com.unity3d.kharma Protocol Command Injection Remote Code Execution Vulnerability |
| ZDI-19-251 |
ZDI-CAN-7050 |
Hewlett Packard Enterprise |
CVE-2019-5357 |
8.8 |
2019-03-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center FileUploadServlet Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-19-250 |
ZDI-CAN-7049 |
Hewlett Packard Enterprise |
CVE-2019-5356 |
9.8 |
2019-03-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center CommonUtils unzip Directory Traversal Remote Code Execution Vulnerability |
| ZDI-19-249 |
ZDI-CAN-7036 |
Hewlett Packard Enterprise |
CVE-2019-5350 |
8.8 |
2019-03-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center TopoDebugServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-19-248 |
ZDI-CAN-7035 |
Hewlett Packard Enterprise |
CVE-2019-5349 |
8.8 |
2019-03-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center TopoDebugServlet Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-247 |
ZDI-CAN-7034 |
Hewlett Packard Enterprise |
CVE-2019-5362 |
8.8 |
2019-03-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center TopoDebugServlet Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-246 |
ZDI-CAN-7018 |
Hewlett Packard Enterprise |
CVE-2019-5352 |
8.8 |
2019-03-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center GWT perfAddFormServer getAddFormBean Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-245 |
ZDI-CAN-7011 |
Hewlett Packard Enterprise |
CVE-2019-5354 |
8.8 |
2019-03-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center GWT perfInsListServer getInsListBean Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-244 |
ZDI-CAN-7010 |
Hewlett Packard Enterprise |
CVE-2019-5351 |
8.8 |
2019-03-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center GWT deviceservice saveSelectedInterfaces Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-243 |
ZDI-CAN-7009 |
Hewlett Packard Enterprise |
CVE-2019-5348 |
8.8 |
2019-03-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center GWT deviceservice queryCustomCondition Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-242 |
ZDI-CAN-7008 |
Hewlett Packard Enterprise |
CVE-2019-5363 |
8.8 |
2019-03-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center GWT deviceservice saveSelectedDevices Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-241 |
ZDI-CAN-7007 |
Hewlett Packard Enterprise |
CVE-2019-11986 |
8.8 |
2019-03-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center GWT perfSelItemServer getSelItemBean Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-240 |
ZDI-CAN-6907 |
Hewlett Packard Enterprise |
CVE-2019-5358 |
9.8 |
2019-03-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center viewTaskResultDetailFact Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-239 |
ZDI-CAN-6868 |
Hewlett Packard Enterprise |
CVE-2019-5364 |
8.8 |
2019-03-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center quickTemplateSelect Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-238 |
ZDI-CAN-6860 |
Hewlett Packard Enterprise |
CVE-2019-5365 |
8.8 |
2019-03-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center deviceSelect Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-237 |
ZDI-CAN-6882 |
Hewlett Packard Enterprise |
CVE-2019-5366 |
8.8 |
2019-03-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center guiDataDetail Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-236 |
ZDI-CAN-6872 |
Hewlett Packard Enterprise |
CVE-2019-5359 |
8.8 |
2019-03-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center select Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-235 |
ZDI-CAN-6865 |
Hewlett Packard Enterprise |
CVE-2019-5360 |
8.8 |
2019-03-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center perfAddorModDeviceMonitor Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-234 |
ZDI-CAN-6909 |
Hewlett Packard Enterprise |
CVE-2019-5361 |
8.8 |
2019-03-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center faultParasSet Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-233 |
ZDI-CAN-6962 |
Hewlett Packard Enterprise |
CVE-2019-5353 |
8.8 |
2019-03-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center reportpage index Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-232 |
ZDI-CAN-6996 |
Tencent |
|
4.5 |
2019-02-28 |
|
Tencent WeChat URL Scheme Handling Vulnerability |
| ZDI-19-231 |
ZDI-CAN-7838 |
Microsoft |
CVE-2019-0598 |
7.0 |
2019-02-28 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-230 |
ZDI-CAN-7879 |
Advantech |
|
9.8 |
2019-02-28 |
2019-05-30 |
(0Day) Advantech WebAccess Node tv_enua Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-229 |
ZDI-CAN-7878 |
Advantech |
|
9.8 |
2019-02-28 |
2019-05-30 |
(0Day) Advantech WebAccess Node spchapi Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-228 |
ZDI-CAN-7877 |
Microsoft |
|
2.5 |
2019-02-28 |
2019-05-30 |
(0Day) Microsoft Visual Studio settings XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-19-227 |
ZDI-CAN-7615 |
Horner Automation |
CVE-2019-6555 |
7.8 |
2019-02-20 |
|
Horner Automation Cscape CSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-226 |
ZDI-CAN-7616 |
Horner Automation |
CVE-2019-6555 |
7.8 |
2019-02-20 |
|
Horner Automation Cscape CSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-225 |
ZDI-CAN-7772 |
Delta Industrial Automation |
CVE-2019-6547 |
3.3 |
2019-02-20 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-224 |
ZDI-CAN-7385 |
Microsoft |
CVE-2019-0672 |
7.8 |
2019-02-20 |
|
Microsoft Access Database Engine ACECORE Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-223 |
ZDI-CAN-7162 |
Malwarebytes |
CVE-2019-6739 |
8.8 |
2019-02-20 |
2024-02-27 |
Malwarebytes Anti-Malware URI Handler Remote Command Execution Vulnerability |
| ZDI-19-222 |
ZDI-CAN-7313 |
Microsoft |
CVE-2019-0595 |
2.5 |
2019-02-20 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-221 |
ZDI-CAN-7269 |
Microsoft |
CVE-2019-0581 |
7.0 |
2019-02-14 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-220 |
ZDI-CAN-7312 |
Microsoft |
CVE-2019-0596 |
7.0 |
2019-02-14 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-219 |
ZDI-CAN-7432 |
Adobe |
CVE-2019-7090 |
3.1 |
2019-02-12 |
|
Adobe Flash Player ActionScript Vector Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-218 |
ZDI-CAN-7437 |
Adobe |
CVE-2019-7079 |
7.8 |
2019-02-12 |
|
Adobe Acrobat Pro DC PostScript File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-19-217 |
ZDI-CAN-7642 |
Adobe |
CVE-2019-7078 |
7.8 |
2019-02-12 |
|
Adobe Acrobat Pro DC HTML2PDF HTML Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-216 |
ZDI-CAN-7663 |
Adobe |
CVE-2019-7077 |
7.8 |
2019-02-12 |
|
Adobe Acrobat Pro DC HTML2PDF HTML Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-215 |
ZDI-CAN-7710 |
Adobe |
CVE-2019-7072 |
7.8 |
2019-02-12 |
|
Adobe Acrobat Pro DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-214 |
ZDI-CAN-7709 |
Adobe |
CVE-2019-7073 |
3.3 |
2019-02-12 |
|
Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-213 |
ZDI-CAN-7713 |
Adobe |
CVE-2019-7074 |
3.3 |
2019-02-12 |
|
Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-212 |
ZDI-CAN-7712 |
Adobe |
CVE-2019-7075 |
3.3 |
2019-02-12 |
|
Adobe Acrobat Pro DC PostScript File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-211 |
ZDI-CAN-7711 |
Adobe |
CVE-2019-7071 |
3.3 |
2019-02-12 |
|
Adobe Acrobat Pro DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-210 |
ZDI-CAN-7629 |
Adobe |
CVE-2019-7070 |
7.8 |
2019-02-12 |
|
Adobe Acrobat Distiller PostScript File Parsing grestore Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-209 |
ZDI-CAN-7621 |
Adobe |
CVE-2019-7069 |
7.8 |
2019-02-12 |
|
Adobe Acrobat Pro DC Distiller PostScript File Parsing grestore Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-208 |
ZDI-CAN-7535 |
Adobe |
CVE-2019-7049 |
3.3 |
2019-02-12 |
|
Adobe Acrobat Pro DC TTF Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-207 |
ZDI-CAN-7220 |
Adobe |
CVE-2019-7048 |
7.8 |
2019-02-12 |
2020-08-18 |
Adobe Acrobat Reader DC PDEContent Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-206 |
ZDI-CAN-7402 |
Adobe |
CVE-2019-7045 |
3.3 |
2019-02-12 |
|
Adobe Acrobat Pro DC Onix32 ReadBTreeT::FindKeyInLeafPage Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-205 |
ZDI-CAN-7319 |
Adobe |
CVE-2019-7044 |
7.8 |
2019-02-12 |
2020-08-18 |
Adobe Acrobat Pro DC _t_PDDoc Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-204 |
ZDI-CAN-7365 |
Adobe |
CVE-2019-7043 |
7.8 |
2019-02-12 |
|
Adobe Acrobat Pro DC HTML2PDF HTML Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-203 |
ZDI-CAN-7366 |
Adobe |
CVE-2019-7042 |
7.8 |
2019-02-12 |
|
Adobe Acrobat Pro DC HTML2PDF HTML Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-19-202 |
ZDI-CAN-7334 |
Adobe |
CVE-2019-7041 |
2.7 |
2019-02-12 |
|
Adobe Reader DC Name Squatting JavaScript Restrictions Bypass Vulnerability |
| ZDI-19-201 |
ZDI-CAN-7689 |
Microsoft |
CVE-2019-0619 |
3.3 |
2019-02-12 |
|
Microsoft Windows gdiplus DoStretchBlt Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-200 |
ZDI-CAN-7625 |
Microsoft |
CVE-2019-0618 |
3.3 |
2019-02-12 |
|
Microsoft Windows gdi32full CreateDIBitmap Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-199 |
ZDI-CAN-7528 |
Microsoft |
CVE-2019-0674 |
7.8 |
2019-02-12 |
|
Microsoft Access Database Engine ACEEXCL Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-198 |
ZDI-CAN-7404 |
Microsoft |
CVE-2019-0674 |
7.8 |
2019-02-12 |
|
Microsoft Access Database Engine ACEEXCL Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-197 |
ZDI-CAN-7405 |
Microsoft |
CVE-2019-0673 |
7.8 |
2019-02-12 |
|
Microsoft Access Database Engine ACEEXCL Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-196 |
ZDI-CAN-7560 |
Microsoft |
CVE-2019-0615 |
3.3 |
2019-02-12 |
2023-06-22 |
Microsoft Windows EMF File Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-195 |
ZDI-CAN-7575 |
Microsoft |
CVE-2019-0619 |
3.3 |
2019-02-12 |
|
Microsoft Windows CreateDIBitmap Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-194 |
ZDI-CAN-7525 |
Microsoft |
CVE-2019-0618 |
7.8 |
2019-02-12 |
|
Microsoft Windows gdiplus DoRotatedStretchBlt Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-193 |
ZDI-CAN-7335 |
Microsoft |
CVE-2019-0625 |
7.0 |
2019-02-12 |
|
Microsoft Windows JET Database Engine Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-19-192 |
ZDI-CAN-7396 |
Microsoft |
CVE-2019-0671 |
7.8 |
2019-02-12 |
|
Microsoft Access Database Engine ACEEXCL Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-191 |
ZDI-CAN-7412 |
Microsoft |
CVE-2019-0616 |
3.3 |
2019-02-12 |
|
Microsoft Windows gdiplus DoExtTextOut Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-190 |
ZDI-CAN-7415 |
Microsoft |
CVE-2019-0602 |
3.3 |
2019-02-12 |
|
Microsoft Windows gdiplus bHandleExtCreateFont Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-189 |
ZDI-CAN-7380 |
Microsoft |
CVE-2019-0601 |
6.6 |
2019-02-12 |
|
Microsoft HID Driver Out-of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-188 |
ZDI-CAN-7379 |
Microsoft |
CVE-2019-0600 |
7.1 |
2019-02-12 |
|
Microsoft HID Driver Numeric Truncation Information Disclosure Vulnerability |
| ZDI-19-187 |
ZDI-CAN-7337 |
Microsoft |
CVE-2019-0615 |
3.3 |
2019-02-12 |
2023-06-22 |
Microsoft Windows EMF File Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-186 |
ZDI-CAN-7315 |
Microsoft |
CVE-2019-0599 |
7.0 |
2019-02-12 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-185 |
ZDI-CAN-7321 |
Microsoft |
CVE-2019-0597 |
7.0 |
2019-02-12 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Access Remote Code Execution Vulnerability |
| ZDI-19-184 |
ZDI-CAN-7323 |
Microsoft |
CVE-2019-0598 |
7.0 |
2019-02-12 |
|
Microsoft Windows JET Database Engine Memory Corruption Remote Code Execution Vulnerability |
| ZDI-19-183 |
ZDI-CAN-7318 |
Microsoft |
CVE-2019-0596 |
7.0 |
2019-02-12 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-182 |
ZDI-CAN-7317 |
Microsoft |
CVE-2019-0595 |
7.0 |
2019-02-12 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-181 |
ZDI-CAN-7262 |
Microsoft |
CVE-2019-0604 |
9.8 |
2019-02-12 |
2019-12-18 |
Microsoft SharePoint EntityInstanceIdEncoder Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-19-180 |
ZDI-CAN-7261 |
Microsoft |
CVE-2019-0594 |
7.2 |
2019-02-12 |
|
Microsoft SharePoint BDC Import Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-19-179 |
ZDI-CAN-7153 |
Microsoft |
CVE-2019-0593 |
5.0 |
2019-02-12 |
|
Microsoft Chakra JavaScript Loop Type Confusion Vulnerability |
| ZDI-19-178 |
ZDI-CAN-6495 |
Cisco |
|
4.3 |
2019-02-11 |
2019-03-27 |
Cisco WebEx Recorder and Player asplayback Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-177 |
ZDI-CAN-6496 |
Cisco |
|
4.3 |
2019-02-11 |
2019-03-27 |
Cisco WebEx Recorder and Player asplayback Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-176 |
ZDI-CAN-6698 |
Omron |
CVE-2018-19017 |
7.8 |
2019-02-08 |
|
OMRON CX-Supervisor SCS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-175 |
ZDI-CAN-6686 |
Omron |
CVE-2018-19019 |
7.8 |
2019-02-08 |
|
OMRON CX-Supervisor SCS File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-174 |
ZDI-CAN-6717 |
Omron |
CVE-2018-19018 |
7.8 |
2019-02-08 |
|
OMRON CX-Supervisor SCS File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-19-173 |
ZDI-CAN-7464 |
Omron |
CVE-2018-19020 |
3.3 |
2019-02-08 |
|
OMRON CX-Supervisor SCS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-172 |
ZDI-CAN-6764 |
Hewlett Packard Enterprise |
CVE-2019-5346 |
8.8 |
2019-02-05 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center faultInfo_content Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-171 |
ZDI-CAN-6763 |
Hewlett Packard Enterprise |
CVE-2019-5344 |
8.8 |
2019-02-05 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-170 |
ZDI-CAN-6762 |
Hewlett Packard Enterprise |
CVE-2019-5345 |
8.8 |
2019-02-05 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center eventInfo_content Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-169 |
ZDI-CAN-6769 |
Hewlett Packard Enterprise |
CVE-2019-5347 |
9.8 |
2019-02-05 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center UrlAccessController Authentication Bypass Vulnerability |
| ZDI-19-168 |
ZDI-CAN-6861 |
Hewlett Packard Enterprise |
CVE-2019-5343 |
8.8 |
2019-02-05 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center compareFilesResult Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-167 |
ZDI-CAN-6768 |
Hewlett Packard Enterprise |
CVE-2019-5342 |
8.8 |
2019-02-05 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center legend Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-166 |
ZDI-CAN-6767 |
Hewlett Packard Enterprise |
CVE-2019-5341 |
8.8 |
2019-02-05 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center SyslogTempletSelectWin Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-165 |
ZDI-CAN-6766 |
Hewlett Packard Enterprise |
CVE-2019-5340 |
8.8 |
2019-02-05 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center actionSelectContent Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-164 |
ZDI-CAN-6765 |
Hewlett Packard Enterprise |
CVE-2019-5339 |
8.8 |
2019-02-05 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center devGroupSelect Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-163 |
ZDI-CAN-6758 |
Hewlett Packard Enterprise |
CVE-2019-5338 |
8.8 |
2019-02-05 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center addVsiInterfaceInfo Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-162 |
ZDI-CAN-6856 |
Hewlett Packard Enterprise |
CVE-2018-7124 |
9.8 |
2019-02-05 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-161 |
ZDI-CAN-6805 |
Hewlett Packard Enterprise |
CVE-2018-7125 |
6.3 |
2019-02-05 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center PrimeFaces Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-19-160 |
ZDI-CAN-7045 |
Cisco |
CVE-2019-1639 |
7.0 |
2019-01-29 |
|
Cisco WebEx Network Recording Player ARF File Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-159 |
ZDI-CAN-7250 |
Bitdefender |
CVE-2019-6738 |
8.8 |
2019-01-29 |
|
Bitdefender SafePay launch Remote Code Execution Vulnerability |
| ZDI-19-158 |
ZDI-CAN-7247 |
Bitdefender |
CVE-2019-6737 |
8.8 |
2019-01-29 |
|
Bitdefender SafePay openFile Arbitrary File Write Remote Code Execution Vulnerability |
| ZDI-19-157 |
ZDI-CAN-7234 |
Bitdefender |
CVE-2019-6736 |
8.8 |
2019-01-29 |
|
Bitdefender SafePay exec Command Injection Remote Code Execution Vulnerability |
| ZDI-19-156 |
ZDI-CAN-7030 |
WECON |
CVE-2019-6537 |
7.8 |
2019-01-29 |
2019-05-30 |
(0Day) Wecon LeviStudioU SysParameter InstallmentSet InstallmentTrigAddOpen Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-155 |
ZDI-CAN-7029 |
WECON |
CVE-2019-6537 |
7.8 |
2019-01-29 |
2019-05-30 |
(0Day) Wecon LeviStudioU SysParameter ComSet CheckBit Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-154 |
ZDI-CAN-7028 |
WECON |
CVE-2019-6537 |
7.8 |
2019-01-29 |
2019-05-30 |
(0Day) Wecon LeviStudioU SysParameter ComSet NETIPaddr Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-153 |
ZDI-CAN-7027 |
WECON |
CVE-2019-6537 |
7.8 |
2019-01-29 |
2019-05-30 |
(0Day) Wecon LeviStudioU SysParameter ComSet BaudRate Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-152 |
ZDI-CAN-7026 |
WECON |
CVE-2019-6537 |
7.8 |
2019-01-29 |
2019-05-30 |
(0Day) Wecon LeviStudioU SysParameter InstallmentSet InstallmentTrigAddClose Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-151 |
ZDI-CAN-7025 |
WECON |
CVE-2019-6537 |
7.8 |
2019-01-29 |
2019-05-30 |
(0Day) Wecon LeviStudioU SysParameter ComSet DataLength Stack-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-150 |
ZDI-CAN-6811 |
WECON |
CVE-2019-6539 |
7.8 |
2019-01-29 |
2019-05-30 |
(0Day) Wecon LeviStudioU addresslib PLC Type Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-149 |
ZDI-CAN-6516 |
WECON |
CVE-2019-6539 |
7.8 |
2019-01-29 |
2019-05-30 |
(0Day) Wecon LeviStudioU screendata Desc FigureFile Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-148 |
ZDI-CAN-6649 |
WECON |
CVE-2019-6541 |
7.8 |
2019-01-29 |
2019-05-30 |
(0Day) Wecon LeviStudioU fontlib Memory Corruption Remote Code Execution Vulnerability |
| ZDI-19-147 |
ZDI-CAN-6554 |
WECON |
CVE-2019-6539 |
7.8 |
2019-01-29 |
2019-05-30 |
(0Day) Wecon LeviStudioU addresslib PLC Driver Heap-Based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-146 |
ZDI-CAN-6493 |
Wecon |
CVE-2019-6539 |
9.3 |
2019-01-29 |
2019-02-12 |
(0Day) Wecon LeviStudioU screendata LaIndexID/TextContent Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-145 |
ZDI-CAN-6347 |
Wecon |
CVE-2019-6537 |
6.8 |
2019-01-29 |
2019-02-12 |
(0Day) Wecon LeviStudioU DataLogTool Edit Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-144 |
ZDI-CAN-6346 |
Wecon |
CVE-2019-6537 |
6.8 |
2019-01-29 |
2019-02-12 |
(0Day) Wecon LeviStudioU DataLogTool INI Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-143 |
ZDI-CAN-6345 |
Wecon |
CVE-2019-6537 |
6.8 |
2019-01-29 |
2019-02-12 |
(0Day) Wecon LeviStudioU DataLogTool History Curve Set Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-19-142 |
ZDI-CAN-7601 |
Foxit |
CVE-2019-6727 |
3.3 |
2019-01-25 |
|
Foxit Reader XFA removeInstance Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-141 |
ZDI-CAN-7355 |
Foxit |
CVE-2019-6735 |
3.3 |
2019-01-25 |
|
Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-140 |
ZDI-CAN-7452 |
Foxit |
CVE-2019-6734 |
3.3 |
2019-01-25 |
|
Foxit PhantomPDF setInterval Use-After-Free Information Disclosure Vulnerability |
| ZDI-19-139 |
ZDI-CAN-7576 |
Foxit |
CVE-2019-6733 |
3.3 |
2019-01-25 |
|
Foxit PhantomPDF PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-138 |
ZDI-CAN-7453 |
Foxit |
CVE-2019-6732 |
3.3 |
2019-01-25 |
|
Foxit PhantomPDF AFParseDateEx Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-137 |
ZDI-CAN-7369 |
Foxit |
CVE-2019-6731 |
7.8 |
2019-01-25 |
|
Foxit PhantomPDF HTML2PDF HTML Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-136 |
ZDI-CAN-7368 |
Foxit |
CVE-2019-6730 |
7.8 |
2019-01-25 |
|
Foxit Reader popUpMenu Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-135 |
ZDI-CAN-7423 |
Foxit |
CVE-2019-6729 |
7.8 |
2019-01-25 |
|
Foxit Reader PDF Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-134 |
ZDI-CAN-7353 |
Foxit |
CVE-2019-6728 |
3.3 |
2019-01-25 |
|
Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-133 |
ZDI-CAN-7347 |
Foxit |
CVE-2019-6727 |
7.8 |
2019-01-25 |
|
Foxit Reader XFA remerge Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-132 |
ZDI-CAN-7593 |
Foxit |
CVE-2019-5005 |
7.8 |
2019-01-25 |
2020-05-08 |
Foxit Reader ConvertToPDF TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-131 |
ZDI-CAN-7479 |
Apple |
CVE-2019-6216 |
7.3 |
2019-01-25 |
2019-06-14 |
(Pwn2Own) Apple Safari Global RegExp JIT Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-130 |
ZDI-CAN-7232 |
Drupal |
CVE-2019-6339 |
6.8 |
2019-01-25 |
|
Drupal Phar File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-19-129 |
ZDI-CAN-7160 |
Cisco |
CVE-2019-1636 |
8.8 |
2019-01-25 |
|
Cisco Webex Teams Cisco Spark URI Handler Remote Command Execution Vulnerability |
| ZDI-19-128 |
ZDI-CAN-7043 |
Cisco |
CVE-2019-1638 |
7.8 |
2019-01-25 |
|
Cisco WebEx Network Recording Player ARF File Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-127 |
ZDI-CAN-7481 |
Apple |
CVE-2019-6211 |
6.3 |
2019-01-25 |
|
Apple Safari RTCPeerConnection Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-126 |
ZDI-CAN-7480 |
Apple |
CVE-2019-6202 |
7.0 |
2019-01-24 |
2019-06-14 |
(Pwn2Own) Apple iOS mediaserverd cypc Out-Of-Bounds Access Privilege Escalation Vulnerability |
| ZDI-19-125 |
ZDI-CAN-7474 |
Apple |
CVE-2019-6221 |
7.8 |
2019-01-24 |
2019-06-14 |
(Pwn2Own) Apple iOS mediaserverd crte Out-Of-Bounds Access Privilege Escalation Vulnerability |
| ZDI-19-124 |
ZDI-CAN-7473 |
Apple |
CVE-2019-6217 |
6.3 |
2019-01-24 |
2019-06-14 |
(Pwn2Own) Apple Safari RegExp JIT Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-123 |
ZDI-CAN-7204 |
Apple |
CVE-2019-6234 |
8.8 |
2019-01-25 |
|
Apple Safari CSSFontFace Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-122 |
ZDI-CAN-7205 |
Apple |
CVE-2019-6233 |
8.8 |
2019-01-25 |
|
Apple Safari RenderBlockFlow Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-121 |
ZDI-CAN-7591 |
Microsoft |
|
7.8 |
2019-01-22 |
2019-05-30 |
(0Day) Microsoft Windows contact File Insufficient UI Warning Remote Code Execution Vulnerability |
| ZDI-19-120 |
ZDI-CAN-6587 |
Omron |
CVE-2018-19027 |
7.8 |
2019-01-24 |
|
OMRON CX-One CX-Protocol CObject Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-119 |
ZDI-CAN-6715 |
Omron |
CVE-2018-19019 |
7.8 |
2019-01-19 |
|
OMRON CX-Supervisor SCS File Parsing CStringData Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-118 |
ZDI-CAN-6719 |
Omron |
CVE-2018-19017 |
7.0 |
2019-01-19 |
|
OMRON CX-Supervisor SCS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-117 |
ZDI-CAN-6694 |
Omron |
CVE-2018-19017 |
7.0 |
2019-01-19 |
|
OMRON CX-Supervisor scs File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-116 |
ZDI-CAN-6695 |
Omron |
CVE-2018-19017 |
7.8 |
2019-01-19 |
|
OMRON CX-Supervisor SCS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-115 |
ZDI-CAN-6689 |
Omron |
CVE-2018-19017 |
7.8 |
2019-01-19 |
|
OMRON CX-Supervisor SCS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-114 |
ZDI-CAN-6688 |
Omron |
CVE-2018-19017 |
7.8 |
2019-01-19 |
|
OMRON CX-Supervisor SCS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-113 |
ZDI-CAN-6696 |
Omron |
CVE-2018-19017 |
7.8 |
2019-01-19 |
|
OMRON CX-Supervisor SCS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-112 |
ZDI-CAN-6693 |
Omron |
CVE-2018-19017 |
7.8 |
2019-01-19 |
|
OMRON CX-Supervisor SCS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-111 |
ZDI-CAN-6643 |
Omron |
CVE-2018-19015 |
7.8 |
2019-01-19 |
|
OMRON CX-Supervisor sr3 File Parsing MoveFile Arbitrary File Creation Vulnerability |
| ZDI-19-110 |
ZDI-CAN-6644 |
Omron |
CVE-2018-19015 |
7.8 |
2019-01-19 |
|
OMRON CX-Supervisor sr3 File Parsing CopyFile Arbitrary File Creation Vulnerability |
| ZDI-19-109 |
ZDI-CAN-6641 |
Omron |
CVE-2018-19015 |
7.8 |
2019-01-19 |
|
OMRON CX-Supervisor sr3 File Parsing ExecuteJScriptFile Command Injection Remote Code Execution Vulnerability |
| ZDI-19-108 |
ZDI-CAN-6642 |
Omron |
CVE-2018-19015 |
7.8 |
2019-01-19 |
|
OMRON CX-Supervisor sr3 File Parsing ExecuteVBScriptFile Command Injection Remote Code Execution Vulnerability |
| ZDI-19-107 |
ZDI-CAN-6638 |
Omron |
CVE-2018-19015 |
7.8 |
2019-01-19 |
|
OMRON CX-Supervisor sr3 File Parsing ViewReport Command Injection Remote Code Execution Vulnerability |
| ZDI-19-106 |
ZDI-CAN-6636 |
Omron |
CVE-2018-19015 |
7.8 |
2019-01-19 |
|
OMRON CX-Supervisor sr3 File Parsing GenerateReport API File Write Remote Code Execution Vulnerability |
| ZDI-19-105 |
ZDI-CAN-6646 |
Omron |
CVE-2018-19013 |
6.1 |
2019-01-19 |
|
OMRON CX-Supervisor sr3 File Parsing DeleteFile Arbitrary File Deletion Vulnerability |
| ZDI-19-104 |
ZDI-CAN-6637 |
Omron |
CVE-2018-19015 |
7.8 |
2019-01-19 |
|
OMRON CX-Supervisor sr3 File Parsing EditFile API Remote Code Execution Vulnerability |
| ZDI-19-103 |
ZDI-CAN-6639 |
Omron |
CVE-2018-19015 |
7.8 |
2019-01-19 |
|
OMRON CX-Supervisor sr3 File Parsing WriteMessage Arbitrary File Creation Vulnerability |
| ZDI-19-102 |
ZDI-CAN-6662 |
Omron |
CVE-2018-19013 |
6.1 |
2019-01-19 |
|
OMRON CX-Supervisor sr3 File Parsing UploadPLCProgram API Arbitrary File Deletion Vulnerability |
| ZDI-19-101 |
ZDI-CAN-6647 |
Omron |
CVE-2018-19015 |
7.8 |
2019-01-19 |
|
OMRON CX-Supervisor sr3 File Parsing RunApplication API Command Injection Remote Code Execution Vulnerability |
| ZDI-19-100 |
ZDI-CAN-6645 |
Omron |
CVE-2018-19011 |
7.8 |
2019-01-19 |
|
OMRON CX-Supervisor sr3 Code Injection Remote Code Execution Vulnerability |
| ZDI-19-099 |
ZDI-CAN-7114 |
LAquis |
CVE-2018-19004 |
3.3 |
2019-01-19 |
|
LAquis SCADA LQS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-098 |
ZDI-CAN-7113 |
LAquis |
CVE-2018-19004 |
3.3 |
2019-01-19 |
|
LAquis SCADA LQS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-097 |
ZDI-CAN-7110 |
LAquis |
CVE-2018-19002 |
7.8 |
2019-01-19 |
|
LAquis SCADA LQS File Parsing Improper Control of Generation of Code Remote Code Execution Vulnerability |
| ZDI-19-096 |
ZDI-CAN-6681 |
LAquis SCADA |
CVE-2018-18988 |
7.5 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report File BlockWrite Arbitrary File Creation Vulnerability |
| ZDI-19-095 |
ZDI-CAN-6680 |
LAquis SCADA |
CVE-2018-18988 |
5.0 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report File Open Path Traversal Information Disclosure Vulnerability |
| ZDI-19-094 |
ZDI-CAN-6679 |
LAquis SCADA |
CVE-2018-18988 |
5.0 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report TextFile Read Directory Traversal Information Disclosure Vulnerability |
| ZDI-19-093 |
ZDI-CAN-6678 |
LAquis SCADA |
CVE-2018-18988 |
5.0 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report File Open Path Traversal Information Disclosure Vulnerability |
| ZDI-19-092 |
ZDI-CAN-6629 |
LAquis SCADA |
CVE-2018-18988 |
7.5 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report Ini WriteNumber Arbitrary File Creation Vulnerability |
| ZDI-19-091 |
ZDI-CAN-6628 |
LAquis SCADA |
CVE-2018-18988 |
7.5 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report AddComboFile Arbitrary File Creation Vulnerability |
| ZDI-19-090 |
ZDI-CAN-6627 |
LAquis SCADA |
CVE-2018-18988 |
7.5 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report TextFile Append Arbitrary File Creation Vulnerability |
| ZDI-19-089 |
ZDI-CAN-6626 |
LAquis SCADA |
CVE-2018-18988 |
5.0 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report MemoryReadLong Untrusted Pointer Dereference Information Disclosure Vulnerability |
| ZDI-19-088 |
ZDI-CAN-6625 |
LAquis SCADA |
CVE-2018-18988 |
5.0 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report MemoryReadByte Untrusted Pointer Dereference Information Disclosure Vulnerability |
| ZDI-19-087 |
ZDI-CAN-6624 |
LAquis SCADA |
CVE-2018-18988 |
5.0 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report MemoryReadDouble Untrusted Pointer Dereference Information Disclosure Vulnerability |
| ZDI-19-086 |
ZDI-CAN-6623 |
LAquis SCADA |
CVE-2018-18988 |
5.0 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report MemoryReadWord Untrusted Pointer Dereference Information Disclosure Vulnerability |
| ZDI-19-085 |
ZDI-CAN-6622 |
LAquis SCADA |
CVE-2018-18988 |
7.5 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report Memory ReAlloc Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-084 |
ZDI-CAN-6621 |
LAquis SCADA |
CVE-2018-18988 |
5.0 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report Memory Byte Untrusted Pointer Dereference Information Disclosure Vulnerability |
| ZDI-19-083 |
ZDI-CAN-6620 |
LAquis SCADA |
CVE-2018-18988 |
7.5 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report MemoryWriteWord Memory Corruption Remote Code Execution Vulnerability |
| ZDI-19-082 |
ZDI-CAN-6578 |
LAquis SCADA |
CVE-2018-18988 |
7.5 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report MemoryWriteLong Memory Corruption Remote Code Execution Vulnerability |
| ZDI-19-081 |
ZDI-CAN-6577 |
LAquis SCADA |
CVE-2018-18988 |
7.5 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report MemoryWriteDouble Memory Corruption Remote Code Execution Vulnerability |
| ZDI-19-080 |
ZDI-CAN-6576 |
LAquis SCADA |
CVE-2018-18988 |
7.5 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report File Write Arbitrary File Creation Vulnerability |
| ZDI-19-079 |
ZDI-CAN-6575 |
LAquis SCADA |
CVE-2018-18988 |
7.5 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report MemoryWriteByte Memory Corruption Remote Code Execution Vulnerability |
| ZDI-19-078 |
ZDI-CAN-6574 |
LAquis SCADA |
CVE-2018-18988 |
7.5 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report Ini WriteString Arbitrary File Creation Vulnerability |
| ZDI-19-077 |
ZDI-CAN-6573 |
LAquis SCADA |
CVE-2018-18988 |
5.0 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report Memory Integer Untrusted Pointer Dereference Information Disclosure Vulnerability |
| ZDI-19-076 |
ZDI-CAN-6572 |
LAquis SCADA |
CVE-2018-18988 |
5.0 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report Memory Double Untrusted Pointer Dereference Information Disclosure Vulnerability |
| ZDI-19-075 |
ZDI-CAN-6571 |
LAquis SCADA |
CVE-2018-18988 |
7.5 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report Memory Free Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-074 |
ZDI-CAN-6570 |
LAquis SCADA |
CVE-2018-18988 |
5.0 |
2019-01-19 |
2019-01-19 |
LAquis SCADA lgx Report Memory Long Untrusted Pointer Dereference Information Disclosure Vulnerability |
| ZDI-19-073 |
ZDI-CAN-6569 |
LAquis SCADA |
CVE-2018-18988 |
5.0 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report Memory Word Untrusted Pointer Dereference Information Disclosure Vulnerability |
| ZDI-19-072 |
ZDI-CAN-6568 |
LAquis SCADA |
CVE-2018-18988 |
5.0 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report Memory PChar Untrusted Pointer Dereference Information Disclosure Vulnerability |
| ZDI-19-071 |
ZDI-CAN-6492 |
LAquis SCADA |
CVE-2018-18988 |
7.5 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report Edit Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-070 |
ZDI-CAN-6579 |
LAquis SCADA |
CVE-2018-18988 |
7.5 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report TextFile Write Arbitrary File Creation Vulnerability |
| ZDI-19-069 |
ZDI-CAN-6491 |
LAquis SCADA |
CVE-2018-18988 |
7.5 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report ShellExecute Command Injection Remote Code Execution Vulnerability |
| ZDI-19-068 |
ZDI-CAN-7074 |
LAquis SCADA |
CVE-2018-19000 |
5.0 |
2019-01-19 |
2019-01-19 |
LAquis SCADA Web Server URI Parsing Authentication Bypass Vulnerability |
| ZDI-19-067 |
ZDI-CAN-6677 |
LAquis SCADA |
CVE-2018-18998 |
7.5 |
2019-01-19 |
2019-01-19 |
LAquis SCADA Web Server Hardcoded Credentials Authentication Bypass Vulnerability |
| ZDI-19-066 |
ZDI-CAN-6676 |
LAquis SCADA |
CVE-2018-18996 |
7.5 |
2019-01-19 |
2019-01-19 |
LAquis SCADA Web Server relatorionome NOME Command Injection Remote Code Execution Vulnerability |
| ZDI-19-065 |
ZDI-CAN-6675 |
LAquis SCADA |
CVE-2018-18996 |
7.5 |
2019-01-19 |
2019-01-19 |
LAquis SCADA Web Server relatorionome TAG Command Injection Remote Code Execution Vulnerability |
| ZDI-19-064 |
ZDI-CAN-6674 |
LAquis SCADA |
CVE-2018-18996 |
7.5 |
2019-01-19 |
2019-01-19 |
LAquis SCADA Web Server relatorionome TITULO Command Injection Remote Code Execution Vulnerability |
| ZDI-19-063 |
ZDI-CAN-6673 |
LAquis SCADA |
CVE-2018-18992 |
7.5 |
2019-01-19 |
2019-01-19 |
LAquis SCADA Web Server acompanhamentotela TAGALTERE Command Injection Remote Code Execution Vulnerability |
| ZDI-19-062 |
ZDI-CAN-6672 |
LAquis SCADA |
CVE-2018-18992 |
7.5 |
2019-01-19 |
2019-01-19 |
LAquis SCADA Web Server acompanhamentotela PAGINA Command Injection Remote Code Execution Vulnerability |
| ZDI-19-061 |
ZDI-CAN-6671 |
LAquis SCADA |
CVE-2018-18992 |
7.5 |
2019-01-19 |
2019-01-19 |
LAquis SCADA Web Server relatorioindividual TITULO Command Injection Remote Code Execution Vulnerability |
| ZDI-19-060 |
ZDI-CAN-6670 |
LAquis SCADA |
CVE-2018-18994 |
6.8 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LQS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-059 |
ZDI-CAN-6668 |
LAquis SCADA |
CVE-2018-18992 |
7.5 |
2019-01-19 |
2019-01-19 |
LAquis SCADA Web Server relatorioindividual TAG Command Injection Remote Code Execution Vulnerability |
| ZDI-19-058 |
ZDI-CAN-6667 |
LAquis SCADA |
CVE-2018-18990 |
5.0 |
2019-01-19 |
2019-01-19 |
LAquis SCADA Web Server Directory Traversal Information Disclosure Vulnerability |
| ZDI-19-057 |
ZDI-CAN-6490 |
LAquis SCADA |
CVE-2018-18986 |
6.8 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LGX Report Format File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-056 |
ZDI-CAN-6452 |
LAquis SCADA |
CVE-2018-19029 |
6.8 |
2019-01-19 |
2019-01-19 |
LAquis SCADA LQS File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-19-055 |
ZDI-CAN-7210 |
Oracle |
CVE-2019-2526 |
7.8 |
2019-01-17 |
|
Oracle VirtualBox crServerDispatchGetActiveUniform Integer Overflow Privilege Escalation Vulnerability |
| ZDI-19-054 |
ZDI-CAN-6838 |
Microsoft |
CVE-2019-0585 |
7.3 |
2019-01-17 |
|
Microsoft Office Word wwlib Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-053 |
ZDI-CAN-7448 |
Oracle |
CVE-2019-2451 |
6.5 |
2019-01-17 |
|
Oracle VirtualBox crServerDispatchGetMapiv Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-19-052 |
ZDI-CAN-7447 |
Oracle |
CVE-2019-2554 |
6.5 |
2019-01-17 |
|
Oracle VirtualBox crServerDispatchGetMapfv Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-19-051 |
ZDI-CAN-7446 |
Oracle |
CVE-2019-2555 |
5.5 |
2019-01-17 |
|
Oracle VirtualBox crServerDispatchGetMapiv Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-19-050 |
ZDI-CAN-7445 |
Oracle |
CVE-2019-2450 |
6.5 |
2019-01-17 |
|
Oracle VirtualBox crServerDispatchGetMapfv Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-19-049 |
ZDI-CAN-7383 |
Oracle |
CVE-2019-2548 |
7.8 |
2019-01-17 |
|
Oracle VirtualBox crServerDispatchReadPixels Integer Overflow Privilege Escalation Vulnerability |
| ZDI-19-048 |
ZDI-CAN-6964 |
Oracle |
CVE-2019-2448 |
5.5 |
2019-01-17 |
2021-06-29 |
Oracle VirtualBox crUnpackExtendGetUniformLocation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-047 |
ZDI-CAN-6963 |
Oracle |
CVE-2019-2525 |
5.5 |
2019-01-17 |
2021-06-29 |
Oracle VirtualBox crUnpackExtendGetAttribLocation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-046 |
ZDI-CAN-6904 |
Oracle |
CVE-2019-2446 |
5.5 |
2019-01-17 |
2021-06-29 |
Oracle VirtualBox svcGetBuffer Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-19-045 |
ZDI-CAN-7330 |
Oracle |
CVE-2019-2525 |
5.6 |
2019-01-17 |
|
Oracle VirtualBox crUnpackExtendGetAttribLocation Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-044 |
ZDI-CAN-7209 |
Oracle |
CVE-2019-2524 |
8.8 |
2019-01-17 |
|
Oracle VirtualBox crServerDispatchGetActiveAttrib Integer Overflow Privilege Escalation Vulnerability |
| ZDI-19-043 |
ZDI-CAN-6986 |
Oracle |
CVE-2019-2523 |
7.8 |
2019-01-17 |
|
Oracle VirtualBox crStateDeleteQueriesARB Untrusted Pointer Dereference Privilege Escalation Vulnerability |
| ZDI-19-042 |
ZDI-CAN-6985 |
Oracle |
CVE-2019-2520 |
7.8 |
2019-01-17 |
|
Oracle VirtualBox crStateDeleteRenderbuffersEXT Untrusted Pointer Dereference Privilege Escalation Vulnerability |
| ZDI-19-041 |
ZDI-CAN-6983 |
Oracle |
CVE-2019-2522 |
7.8 |
2019-01-17 |
|
Oracle VirtualBox crStateDeleteFramebuffersEXT Untrusted Pointer Dereference Privilege Escalation Vulnerability |
| ZDI-19-040 |
ZDI-CAN-6980 |
Oracle |
CVE-2019-2521 |
7.8 |
2019-01-17 |
|
Oracle VirtualBox crStateDeleteBuffersARB Untrusted Pointer Dereference Privilege Escalation Vulnerability |
| ZDI-19-039 |
ZDI-CAN-7592 |
Oracle |
CVE-2018-3147 |
3.3 |
2019-01-17 |
|
Oracle Outside In vsxl5 GelFrame Record Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-19-038 |
ZDI-CAN-7328 |
Oracle |
CVE-2019-2500 |
8.2 |
2019-01-17 |
|
Oracle VirtualBox crServerMuralVisibleRegion Integer Overflow Privilege Escalation Vulnerability |
| ZDI-19-037 |
ZDI-CAN-7327 |
Oracle |
CVE-2019-2501 |
3.8 |
2019-01-16 |
|
Oracle VirtualBox crServerDispatchGetMapdv Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-19-036 |
ZDI-CAN-7200 |
Oracle |
CVE-2019-2504 |
3.8 |
2019-01-16 |
|
Oracle VirtualBox crServerDispatchGetTexEnvfv Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-19-035 |
ZDI-CAN-7199 |
Oracle |
CVE-2019-2505 |
3.8 |
2019-01-16 |
|
Oracle VirtualBox crServerDispatchGetMapdv Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-19-034 |
ZDI-CAN-7198 |
Oracle |
CVE-2019-2506 |
3.8 |
2019-01-16 |
|
Oracle VirtualBox crServerDispatchGetTexEnviv Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-19-033 |
ZDI-CAN-7151 |
Oracle |
CVE-2019-2449 |
5.9 |
2019-01-16 |
|
Oracle Java jnlp Protocol Directory Traversal Arbitrary File Deletion Vulnerability |
| ZDI-19-032 |
ZDI-CAN-7120 |
Schneider Electric |
CVE-2018-7836 |
7.2 |
2019-01-16 |
|
Schneider Electric IIoT Monitor UpgradeMgmt upload Directory Traversal Remote Code Execution Vulnerability |
| ZDI-19-031 |
ZDI-CAN-7119 |
Schneider Electric |
CVE-2018-7839 |
6.2 |
2019-01-16 |
|
Schneider Electric IIoT Monitor Hard-coded Cryptographic Key Information Disclosure Vulnerability |
| ZDI-19-030 |
ZDI-CAN-7136 |
Schneider Electric |
CVE-2018-7836 |
9.8 |
2019-01-14 |
|
Schneider Electric IIoT Monitor SettingMgmt upload Directory Traversal Remote Code Execution Vulnerability |
| ZDI-19-029 |
ZDI-CAN-7135 |
Schneider Electric |
CVE-2018-7836 |
9.8 |
2019-01-14 |
|
Schneider Electric IIoT Monitor DeviceMapMgmt upload Directory Traversal Remote Code Execution Vulnerability |
| ZDI-19-028 |
ZDI-CAN-7133 |
Schneider Electric |
CVE-2018-7837 |
7.5 |
2019-01-14 |
|
Schneider Electric IIoT Monitor RuleMgmt addRule XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-19-027 |
ZDI-CAN-7127 |
Schneider Electric |
CVE-2018-7837 |
7.5 |
2019-01-14 |
|
Schneider Electric IIoT Monitor EventMgmt getEvtPeriod XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-19-026 |
ZDI-CAN-7126 |
Schneider Electric |
CVE-2018-7837 |
7.5 |
2019-01-14 |
|
Schneider Electric IIoT Monitor EventMgmt addEvent XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-19-025 |
ZDI-CAN-7125 |
Schneider Electric |
CVE-2018-7837 |
7.5 |
2019-01-14 |
|
Schneider Electric IIoT Monitor AccountMgmt Logout XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-19-024 |
ZDI-CAN-7124 |
Schneider Electric |
CVE-2018-7837 |
7.5 |
2019-01-14 |
|
Schneider Electric IIoT Monitor AccountMgmt forgotPwd XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-19-023 |
ZDI-CAN-7123 |
Schneider Electric |
CVE-2018-7837 |
7.5 |
2019-01-14 |
|
Schneider Electric IIoT Monitor AccountMgmt Login XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-19-022 |
ZDI-CAN-7122 |
Schneider Electric |
CVE-2018-7836 |
7.2 |
2019-01-14 |
|
Schneider Electric IIoT Monitor RecoveryMgmt upload Directory Traversal Remote Code Execution Vulnerability |
| ZDI-19-021 |
ZDI-CAN-7121 |
Schneider Electric |
CVE-2018-7836 |
7.2 |
2019-01-14 |
|
Schneider Electric IIoT Monitor ProtectionMgmt upload Directory Traversal Remote Code Execution Vulnerability |
| ZDI-19-020 |
ZDI-CAN-7118 |
Schneider Electric |
CVE-2018-7835 |
7.5 |
2019-01-14 |
|
Schneider Electric IIoT Monitor downloadCSV Directory Traversal Information Disclosure Vulnerability |
| ZDI-19-019 |
ZDI-CAN-6585 |
Omron |
CVE-2018-19027 |
7.8 |
2019-01-14 |
|
OMRON CX-One CX-Protocol CObject Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-018 |
ZDI-CAN-6566 |
Omron |
CVE-2018-19027 |
7.8 |
2019-01-14 |
|
OMRON CX-One CX-Protocol CObject Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-017 |
ZDI-CAN-6565 |
Omron |
CVE-2018-19027 |
7.8 |
2019-01-14 |
|
OMRON CX-One CX-Protocol CObject Type Confusion Remote Code Execution Vulnerability |
| ZDI-19-016 |
ZDI-CAN-7251 |
Microsoft |
|
4.3 |
2019-01-10 |
|
Microsoft Visual Studio wpa Protocol XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-19-015 |
ZDI-CAN-7370 |
Microsoft |
CVE-2019-0546 |
8.1 |
2019-01-10 |
|
Microsoft Visual Studio asm Memory Corruption Remote Code Execution Vulnerability |
| ZDI-19-014 |
ZDI-CAN-7240 |
Microsoft |
CVE-2019-0537 |
2.5 |
2019-01-10 |
|
Microsoft Visual Studio vscontent XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-19-013 |
ZDI-CAN-6920 |
Microsoft |
|
7.8 |
2019-01-10 |
2019-05-30 |
(0Day) Microsoft Windows vcf File Insufficient UI Warning Remote Code Execution Vulnerability |
| ZDI-19-012 |
ZDI-CAN-7316 |
Microsoft |
CVE-2019-0577 |
7.8 |
2019-01-09 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-011 |
ZDI-CAN-7386 |
Microsoft |
CVE-2019-0575 |
7.8 |
2019-01-09 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-19-010 |
ZDI-CAN-7268 |
Microsoft |
CVE-2019-0584 |
7.0 |
2019-01-09 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-009 |
ZDI-CAN-7293 |
Microsoft |
CVE-2019-0583 |
7.0 |
2019-01-09 |
|
Microsoft Windows JET Database Engine Integer Underflow Remote Code Execution Vulnerability |
| ZDI-19-008 |
ZDI-CAN-7267 |
Microsoft |
CVE-2019-0582 |
7.0 |
2019-01-09 |
|
Microsoft Windows JET Database Engine Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-19-007 |
ZDI-CAN-7295 |
Microsoft |
CVE-2019-0581 |
7.0 |
2019-01-09 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-006 |
ZDI-CAN-7271 |
Microsoft |
CVE-2019-0580 |
7.0 |
2019-01-09 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-19-005 |
ZDI-CAN-7099 |
Schneider Electric |
CVE-2018-7817 |
7.8 |
2019-01-09 |
|
Schneider Electric ZelioSoft2 ZM2 File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-004 |
ZDI-CAN-7100 |
Schneider Electric |
CVE-2018-7817 |
7.8 |
2019-01-09 |
|
Schneider Electric ZelioSoft2 ZM2 File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-19-003 |
ZDI-CAN-6182 |
Hetronic |
CVE-2018-19023 |
8.3 |
2019-01-04 |
2019-01-04 |
Hetronic Nova-M Replay Attack Vulnerability |
| ZDI-19-002 |
ZDI-CAN-7229 |
Adobe |
CVE-2018-16018 |
7.7 |
2019-01-04 |
2020-08-18 |
Adobe Acrobat Reader DC JavaScript Read-Only Variables Arbitrary Overwrite Restrictions Bypass Vulnerability |
| ZDI-19-001 |
ZDI-CAN-6656 |
Adobe |
CVE-2018-16011 |
8.2 |
2019-01-04 |
2020-08-18 |
Adobe Acrobat Pro DC Preflight setDefaultLibrary Use-After-Free Remote Code Execution Vulnerability |
