<![CDATA[ZDI: Published Advisories]]>

<![CDATA[ZDI: Published Advisories]]> http://www.zerodayinitiative.com/advisories/published/ Wed, 13 May 2026 05:12:06 -0500 Trend Micro, all rights reserved en <![CDATA[ZDI-17-1017: Huawei Mate 9 Pro Mali Double Free Privilege Escalation Vulnerability]]> ZDI-CAN-5337 http://www.zerodayinitiative.com/advisories/ZDI-17-1017/ Fri, 08 Jun 2018 00:00:00 -0500 <![CDATA[ZDI-17-1016: Microsoft Chakra Typed Array JIT Optimization Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-5321 http://www.zerodayinitiative.com/advisories/ZDI-17-1016/ Mon, 16 Apr 2018 00:00:00 -0500 <![CDATA[ZDI-17-1015: Microsoft Windows JavaScript Typed Array JIT Optimization Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-5215 http://www.zerodayinitiative.com/advisories/ZDI-17-1015/ Fri, 23 Mar 2018 00:00:00 -0500 <![CDATA[ZDI-17-1014: Microsoft Windows Font Embedding Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-5315 http://www.zerodayinitiative.com/advisories/ZDI-17-1014/ Wed, 07 Mar 2018 00:00:00 -0600 <![CDATA[ZDI-17-1013: Adobe Acrobat Pro DC ImageConversion EMF BMP Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-5154 http://www.zerodayinitiative.com/advisories/ZDI-17-1013/ Wed, 07 Mar 2018 00:00:00 -0600 <![CDATA[ZDI-17-1012: Adobe Acrobat Pro DC ImageConversion EMF JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-5148 http://www.zerodayinitiative.com/advisories/ZDI-17-1012/ Tue, 06 Mar 2018 00:00:00 -0600 <![CDATA[ZDI-17-1011: Adobe Acrobat Pro DC ImageConversion EMF GIF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-5146 http://www.zerodayinitiative.com/advisories/ZDI-17-1011/ Tue, 06 Mar 2018 00:00:00 -0600 <![CDATA[ZDI-17-1010: Microsoft Windows Font Embedding Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-5317 http://www.zerodayinitiative.com/advisories/ZDI-17-1010/ Tue, 06 Mar 2018 00:00:00 -0600 <![CDATA[ZDI-17-1009: Symantec Messaging Gateway Export Servlet snmpFileName Directory Traversal Information Disclosure Vulnerability]]> ZDI-CAN-4755 http://www.zerodayinitiative.com/advisories/ZDI-17-1009/ Wed, 20 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-1008: QNAP QTS Web change_password Stack-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-5280 http://www.zerodayinitiative.com/advisories/ZDI-17-1008/ Wed, 20 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-1007: QNAP QTS Web sysinfoReq Stack-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-5279 http://www.zerodayinitiative.com/advisories/ZDI-17-1007/ Wed, 20 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-1006: QNAP QTS Web change_password Stack-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-5278 http://www.zerodayinitiative.com/advisories/ZDI-17-1006/ Wed, 20 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-1005: QNAP QTS authLogin Host Stack-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-5263 http://www.zerodayinitiative.com/advisories/ZDI-17-1005/ Wed, 20 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-1004: QNAP QTS authLogin Stack-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-5262 http://www.zerodayinitiative.com/advisories/ZDI-17-1004/ Wed, 20 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-1003: QNAP QTS Web devRequest Stack-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-5209 http://www.zerodayinitiative.com/advisories/ZDI-17-1003/ Wed, 20 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-1002: QNAP QTS NASFTPD USER Stack-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-5208 http://www.zerodayinitiative.com/advisories/ZDI-17-1002/ Wed, 20 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-1001: WECON LeviStudio PLC Driver Heap-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-5085 http://www.zerodayinitiative.com/advisories/ZDI-17-1001/ Wed, 20 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-1000: Ecava IntegraXor Report getdata name SQL Injection Information Disclosure Vulnerability]]> ZDI-CAN-5386 http://www.zerodayinitiative.com/advisories/ZDI-17-1000/ Wed, 20 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-999: Ecava IntegraXor Report batchlist SQL Injection Information Disclosure Vulnerability]]> ZDI-CAN-5385 http://www.zerodayinitiative.com/advisories/ZDI-17-999/ Wed, 20 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-998: Adobe Flash Player BitmapData hitTest Out-Of-Bounds Access Remote Code Execution Vulnerability]]> ZDI-CAN-5139 http://www.zerodayinitiative.com/advisories/ZDI-17-998/ Wed, 20 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-997: Adobe Flash LocaleID determinePreferredLocales Out-Of-Bounds Read Remote Code Execution Vulnerability]]> ZDI-CAN-5075 http://www.zerodayinitiative.com/advisories/ZDI-17-997/ Wed, 20 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-996: Adobe Flash NetworkConfiguration addCustomHeader Out-Of-Bounds Read Remote Code Execution Vulnerability]]> ZDI-CAN-5074 http://www.zerodayinitiative.com/advisories/ZDI-17-996/ Wed, 20 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-995: Quest NetVault Backup Server Process Manager Service NVBUJobHistory Get Method SQL Injection Remote Code Execution Vulnerability]]> ZDI-CAN-4906 http://www.zerodayinitiative.com/advisories/ZDI-17-995/ Fri, 15 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-994: Quest NetVault Backup Server Process Manager Service NVBUJobDefinitions Get Method SQL Injection Remote Code Execution Vulnerability]]> ZDI-CAN-4316 http://www.zerodayinitiative.com/advisories/ZDI-17-994/ Tue, 02 Jan 2018 00:00:00 -0600 <![CDATA[ZDI-17-993: Quest NetVault Backup Server Process Manager Service NVBUBackup TimeRange Method SQL Injection Remote Code Execution Vulnerability]]> ZDI-CAN-4294 http://www.zerodayinitiative.com/advisories/ZDI-17-993/ Fri, 15 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-992: Quest NetVault Backup Server Process Manager Service NVBUBackup JobList Method SQL Injection Remote Code Execution Vulnerability]]> ZDI-CAN-4292 http://www.zerodayinitiative.com/advisories/ZDI-17-992/ Fri, 15 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-991: Quest NetVault Backup Server Process Manager Service NVBUBackup PluginList Method SQL Injection Remote Code Execution Vulnerability]]> ZDI-CAN-4289 http://www.zerodayinitiative.com/advisories/ZDI-17-991/ Fri, 15 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-990: Quest NetVault Backup Server Process Manager Service NVBUBackup ClientList Method SQL Injection Remote Code Execution Vulnerability]]> ZDI-CAN-4287 http://www.zerodayinitiative.com/advisories/ZDI-17-990/ Fri, 15 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-989: Quest NetVault Backup Server Process Manager Service NVBUBackupOptionSet Get Method SQL Injection Remote Code Execution Vulnerability]]> ZDI-CAN-4286 http://www.zerodayinitiative.com/advisories/ZDI-17-989/ Fri, 15 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-988: Quest NetVault Backup Server Process Manager Service NVBUBackup Count Method SQL Injection Remote Code Execution Vulnerability]]> ZDI-CAN-4238 http://www.zerodayinitiative.com/advisories/ZDI-17-988/ Fri, 15 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-987: Quest NetVault Backup Server Process Manager Service NVBUSourceDeviceSet Get Method SQL Injection Remote Code Execution Vulnerability]]> ZDI-CAN-4237 http://www.zerodayinitiative.com/advisories/ZDI-17-987/ Fri, 15 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-986: Quest NetVault Backup Server Process Manager Service NVBUSelectionSet Get Method SQL Injection Remote Code Execution Vulnerability]]> ZDI-CAN-4232 http://www.zerodayinitiative.com/advisories/ZDI-17-986/ Fri, 15 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-985: Quest NetVault Backup Server Process Manager Service NVBUJobCountHistory Get Method SQL Injection Remote Code Execution Vulnerability]]> ZDI-CAN-4231 http://www.zerodayinitiative.com/advisories/ZDI-17-985/ Fri, 15 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-984: Quest NetVault Backup Server Process Manager Service NVBUTransferHistory Get Method SQL Injection Remote Code Execution Vulnerability]]> ZDI-CAN-4230 http://www.zerodayinitiative.com/advisories/ZDI-17-984/ Fri, 15 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-983: Quest NetVault Backup Server Process Manager Service NVBUPolicy Get Method SQL Injection Remote Code Execution Vulnerability]]> ZDI-CAN-4229 http://www.zerodayinitiative.com/advisories/ZDI-17-983/ Fri, 15 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-982: Quest NetVault Backup Server Process Manager Service NVBUPhaseStatus Acknowledge Method SQL Injection Remote Code Execution Vulnerability]]> ZDI-CAN-4228 http://www.zerodayinitiative.com/advisories/ZDI-17-982/ Fri, 15 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-981: Quest NetVault Backup Server Process Manager Service NVBUPhaseStatus GetPlugins Method SQL Injection Remote Code Execution Vulnerability]]> ZDI-CAN-4227 http://www.zerodayinitiative.com/advisories/ZDI-17-981/ Fri, 15 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-980: Quest NetVault Backup Server Process Manager Service NVBUPhaseStatus Count Method SQL Injection Remote Code Execution Vulnerability]]> ZDI-CAN-4226 http://www.zerodayinitiative.com/advisories/ZDI-17-980/ Fri, 15 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-979: Quest NetVault Backup Server Process Manager Service NVBUPhaseStatus Get Method SQL Injection Remote Code Execution Vulnerability]]> ZDI-CAN-4225 http://www.zerodayinitiative.com/advisories/ZDI-17-979/ Fri, 15 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-978: Quest NetVault Backup Server Process Manager Service NVBUBackupTargetSet Get Method SQL Injection Remote Code Execution Vulnerability]]> ZDI-CAN-4224 http://www.zerodayinitiative.com/advisories/ZDI-17-978/ Fri, 15 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-977: Quest NetVault Backup Server Process Manager Service NVBUScheduleSet Get Method SQL Injection Remote Code Execution Vulnerability]]> ZDI-CAN-4235 http://www.zerodayinitiative.com/advisories/ZDI-17-977/ Fri, 15 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-976: Quest NetVault Backup Server Process Manager Service NVBUBackupSegment Get Method SQL Injection Remote Code Execution Vulnerability]]> ZDI-CAN-4234 http://www.zerodayinitiative.com/advisories/ZDI-17-976/ Fri, 15 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-975: Quest NetVault Backup Server Process Manager Service NVBUBackup Get Method SQL Injection Remote Code Execution Vulnerability]]> ZDI-CAN-4233 http://www.zerodayinitiative.com/advisories/ZDI-17-975/ Fri, 15 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-974: Quest NetVault Backup Server Process Manager Service NVBUEventHistory Get Method SQL Injection Remote Code Execution Vulnerability]]> ZDI-CAN-4223 http://www.zerodayinitiative.com/advisories/ZDI-17-974/ Fri, 15 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-973: (0Day) Linksys WVBR0 User-Agent Command Injection Remote Code Execution Vulnerability]]> ZDI-CAN-4892 http://www.zerodayinitiative.com/advisories/ZDI-17-973/ Mon, 18 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-972: Trend Micro Mobile Security for Enterprise clt_report_sms_status Uninitialized Pointer Information Disclosure Vulnerability]]> ZDI-CAN-4789 http://www.zerodayinitiative.com/advisories/ZDI-17-972/ Wed, 13 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-971: NetGain Systems Enterprise Manager _3d.add_005f3d_005fview_005fdo_jsp Directory Traversal Remote Code Execution Vulnerability]]> ZDI-CAN-5197 http://www.zerodayinitiative.com/advisories/ZDI-17-971/ Wed, 13 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-970: NetGain Systems Enterprise Manager db.save_005fattrs_jsp id Directory Traversal Arbitrary File Overwrite Vulnerability]]> ZDI-CAN-5196 http://www.zerodayinitiative.com/advisories/ZDI-17-970/ Wed, 13 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-969: NetGain Systems Enterprise Manager deviceReport.deviceReport_005fexport_005fdo_jsp filename Directory Traversal Arbitrary File Overwrite Vulnerability]]> ZDI-CAN-5195 http://www.zerodayinitiative.com/advisories/ZDI-17-969/ Wed, 13 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-968: NetGain Systems Enterprise Manager settings.upload_005ffile_005fdo_jsp filename Directory Traversal Remote Code Execution Vulnerability]]> ZDI-CAN-5194 http://www.zerodayinitiative.com/advisories/ZDI-17-968/ Wed, 13 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-967: NetGain Systems Enterprise Manager tools.exec_jsp command Command Injection Remote Code Execution Vulnerability]]> ZDI-CAN-5193 http://www.zerodayinitiative.com/advisories/ZDI-17-967/ Wed, 13 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-966: NetGain Systems Enterprise Manager service.service_005ffailures_jsp filename Directory Traversal Arbitrary File Overwrite Vulnerability]]> ZDI-CAN-5192 http://www.zerodayinitiative.com/advisories/ZDI-17-966/ Wed, 13 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-965: NetGain Systems Enterprise Manager network.traffic_005freport_jsp filename Directory Traversal Arbitrary File Overwrite Vulnerability]]> ZDI-CAN-5191 http://www.zerodayinitiative.com/advisories/ZDI-17-965/ Wed, 13 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-964: NetGain Systems Enterprise Manager misc.sample_jsp type Directory Traversal Arbitrary File Deletion Vulnerability]]> ZDI-CAN-5190 http://www.zerodayinitiative.com/advisories/ZDI-17-964/ Wed, 13 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-963: NetGain Systems Enterprise Manager snmpwalk.snmpwalk_005fdo_jsp ip Directory Traversal Remote Code Execution Vulnerability]]> ZDI-CAN-5138 http://www.zerodayinitiative.com/advisories/ZDI-17-963/ Wed, 13 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-962: NetGain Systems Enterprise Manager TFtpServer Filename Directory Traversal Remote Code Execution Vulnerability]]> ZDI-CAN-5137 http://www.zerodayinitiative.com/advisories/ZDI-17-962/ Wed, 13 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-961: NetGain Systems Enterprise Manager designer.script_005fsamples_jsp type Directory Traversal Information Disclosure Vulnerability]]> ZDI-CAN-5119 http://www.zerodayinitiative.com/advisories/ZDI-17-961/ Wed, 13 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-960: NetGain Systems Enterprise Manager reports.export_005fdownload_jsp filename Directory Traversal Information Disclosure Vulnerability]]> ZDI-CAN-5118 http://www.zerodayinitiative.com/advisories/ZDI-17-960/ Wed, 13 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-959: NetGain Systems Enterprise Manager db.save_005fimage_jsp id Unrestricted File Upload Remote Code Execution Vulnerability]]> ZDI-CAN-5117 http://www.zerodayinitiative.com/advisories/ZDI-17-959/ Wed, 13 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-958: NetGain Systems Enterprise Manager restore.del_005fdo_jsp filenames Directory Traversal Denial of Service Vulnerability]]> ZDI-CAN-5104 http://www.zerodayinitiative.com/advisories/ZDI-17-958/ Wed, 13 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-957: NetGain Systems Enterprise Manager common.download_jsp filename Directory Traversal Information Disclosure Vulnerability]]> ZDI-CAN-5103 http://www.zerodayinitiative.com/advisories/ZDI-17-957/ Wed, 13 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-956: NetGain Systems Enterprise Manager restore.download_005fdo_jsp Directory Traversal Information Disclosure Vulnerability]]> ZDI-CAN-5100 http://www.zerodayinitiative.com/advisories/ZDI-17-956/ Wed, 13 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-955: NetGain Systems Enterprise Manager MainFilter doFilter Authentication Bypass Vulnerability]]> ZDI-CAN-5099 http://www.zerodayinitiative.com/advisories/ZDI-17-955/ Wed, 13 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-954: Netgain Systems Enterprise Manager script_test Command Injection Remote Code Execution Vulnerability]]> ZDI-CAN-5080 http://www.zerodayinitiative.com/advisories/ZDI-17-954/ Wed, 13 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-953: NetGain Enterprise Manager RMI Registry Deserialization of Untrusted Data Remote Code Execution Vulnerability]]> ZDI-CAN-4753 http://www.zerodayinitiative.com/advisories/ZDI-17-953/ Wed, 13 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-952: NetGain Enterprise Manager upload_save_do Remote Upload Remote Code Execution Vulnerability]]> ZDI-CAN-4751 http://www.zerodayinitiative.com/advisories/ZDI-17-952/ Wed, 13 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-951: NetGain Enterprise Manager download Arbitrary File Download Vulnerability]]> ZDI-CAN-4750 http://www.zerodayinitiative.com/advisories/ZDI-17-951/ Wed, 13 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-950: NetGain Enterprise Manager exec Command Injection Remote Code Execution Vulnerability]]> ZDI-CAN-4749 http://www.zerodayinitiative.com/advisories/ZDI-17-950/ Wed, 13 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-949: NetGain Enterprise Manager heapdumps Remote Download Information Disclosure Vulnerability]]> ZDI-CAN-4718 http://www.zerodayinitiative.com/advisories/ZDI-17-949/ Wed, 13 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-948: Microsoft Windows JavaScript Array JIT Optimization Type Confusion Remote Code Execution Vulnerability]]> ZDI-CAN-5242 http://www.zerodayinitiative.com/advisories/ZDI-17-948/ Tue, 12 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-947: Microsoft Windows VBScript VT_BSTR Use-After-Free Information Disclosure Vulnerability]]> ZDI-CAN-5243 http://www.zerodayinitiative.com/advisories/ZDI-17-947/ Tue, 12 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-946: Microsoft Windows VBScript VT_BSTR Use-After-Free Information Disclosure Vulnerability]]> ZDI-CAN-5111 http://www.zerodayinitiative.com/advisories/ZDI-17-946/ Tue, 12 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-945: Microsoft Windows VBScript Join Function Use-After-Free Information Disclosure Vulnerability]]> ZDI-CAN-5110 http://www.zerodayinitiative.com/advisories/ZDI-17-945/ Tue, 12 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-944: Bitdefender Internet Security Emulator 0x102 Out-Of-Bounds Write Remote Code Execution Vulnerability]]> ZDI-CAN-5116 http://www.zerodayinitiative.com/advisories/ZDI-17-944/ Tue, 12 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-943: Bitdefender Internet Security Emulator 0x10A Integer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-5102 http://www.zerodayinitiative.com/advisories/ZDI-17-943/ Tue, 12 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-942: Bitdefender Internet Security Themida Emulator Integer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-5101 http://www.zerodayinitiative.com/advisories/ZDI-17-942/ Tue, 12 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-941: Adobe Acrobat Pro DC ImageConversion EMF EMR_ALPHABLEND Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-5203 http://www.zerodayinitiative.com/advisories/ZDI-17-941/ Wed, 10 Jan 2018 00:00:00 -0600 <![CDATA[ZDI-17-940: Advantech WebAccess webvrpcs drawsrv Untrusted Pointer Dereference Remote Code Execution Vulnerability]]> ZDI-CAN-4951 http://www.zerodayinitiative.com/advisories/ZDI-17-940/ Wed, 06 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-939: Advantech WebAccess webvrpcs drawsrv Untrusted Pointer Dereference Remote Code Execution Vulnerability]]> ZDI-CAN-4950 http://www.zerodayinitiative.com/advisories/ZDI-17-939/ Wed, 06 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-938: Advantech WebAccess webvrpcs ViewDll1 Stack-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-4949 http://www.zerodayinitiative.com/advisories/ZDI-17-938/ Wed, 06 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-937: Cisco WebEx Recorder and Player WRF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-4986 http://www.zerodayinitiative.com/advisories/ZDI-17-937/ Wed, 06 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-936: Cisco WebEx Recorder and Player WRF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-4988 http://www.zerodayinitiative.com/advisories/ZDI-17-936/ Wed, 06 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-935: Cisco WebEx Recorder and Player WRF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-4989 http://www.zerodayinitiative.com/advisories/ZDI-17-935/ Wed, 06 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-934: Cisco WebEx Recorder and Player WRF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-4990 http://www.zerodayinitiative.com/advisories/ZDI-17-934/ Wed, 06 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-933: Cisco WebEx Network Recording Player Command Injection Remote Code Execution Vulnerability]]> ZDI-CAN-5041 http://www.zerodayinitiative.com/advisories/ZDI-17-933/ Wed, 06 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-932: Cisco WebEx ARF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-5009 http://www.zerodayinitiative.com/advisories/ZDI-17-932/ Wed, 06 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-931: Cisco WebEx Recorder and Player WRF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-4987 http://www.zerodayinitiative.com/advisories/ZDI-17-931/ Wed, 06 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-930: Cisco WebEx ARF File Parsing Uninitialized Memory Remote Code Execution Vulnerability]]> ZDI-CAN-4914 http://www.zerodayinitiative.com/advisories/ZDI-17-930/ Wed, 06 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-929: Microsoft Office Excel XLS File Parsing Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-5320 http://www.zerodayinitiative.com/advisories/ZDI-17-929/ Wed, 06 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-928: Microsoft Chakra asm.js ArrayBuffer Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-5114 http://www.zerodayinitiative.com/advisories/ZDI-17-928/ Wed, 06 Dec 2017 00:00:00 -0600 <![CDATA[ZDI-17-927: Adobe Acrobat Pro DC iframe Same Origin Policy Bypass Information Disclosure Vulnerability]]> ZDI-CAN-4756 http://www.zerodayinitiative.com/advisories/ZDI-17-927/ Tue, 21 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-926: Adobe Photoshop JPEG2000 Use-After-Free Information Disclosure Vulnerability]]> ZDI-CAN-4891 http://www.zerodayinitiative.com/advisories/ZDI-17-926/ Mon, 20 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-925: Apple macOS nsurlstoraged Integer Overflow Privilege Escalation Vulnerability]]> ZDI-CAN-4927 http://www.zerodayinitiative.com/advisories/ZDI-17-925/ Mon, 20 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-924: Apple macOS nsurlstoraged Heap-based Buffer Overflow Privilege Escalation Vulnerability]]> ZDI-CAN-4908 http://www.zerodayinitiative.com/advisories/ZDI-17-924/ Mon, 20 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-923: systemd Network Name Resolution Manager NSEC Resource Record Pseudo-Types Denial of Service Vulnerability]]> ZDI-CAN-5076 http://www.zerodayinitiative.com/advisories/ZDI-17-923/ Mon, 20 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-922: ThinPrint TPView JPEG2000 Parsing Out-Of-Bounds Write Privilege Escalation Vulnerability]]> ZDI-CAN-4856 http://www.zerodayinitiative.com/advisories/ZDI-17-922/ Mon, 20 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-921: VMware Workstation NAT IP Fragment Reassembly Heap-based Buffer Overflow Privilege Escalation Vulnerability]]> ZDI-CAN-4909 http://www.zerodayinitiative.com/advisories/ZDI-17-921/ Tue, 21 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-920: Apple Safari Node Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-5096 http://www.zerodayinitiative.com/advisories/ZDI-17-920/ Mon, 20 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-919: EMC Unisphere For VMAX vApp Manager ORBServlet Remote Credential Creation Information Disclosure Vulnerability]]> ZDI-CAN-5070 http://www.zerodayinitiative.com/advisories/ZDI-17-919/ Mon, 20 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-918: Cisco Prime Network Analysis Module graph sfile Parameter Directory Traversal Arbitrary File Deletion Vulnerability]]> ZDI-CAN-4918 http://www.zerodayinitiative.com/advisories/ZDI-17-918/ Mon, 20 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-917: Microsoft Windows EngLockSurface Time-Of-Check Time-Of-Use Race Condition Information Disclosure Vulnerability]]> ZDI-CAN-5131 http://www.zerodayinitiative.com/advisories/ZDI-17-917/ Mon, 20 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-916: Microsoft Windows VBScript Join Function Integer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-5112 http://www.zerodayinitiative.com/advisories/ZDI-17-916/ Mon, 20 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-915: Microsoft Office Excel Workbook Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-5105 http://www.zerodayinitiative.com/advisories/ZDI-17-915/ Mon, 20 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-914: Microsoft Windows JavaScript Array Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-5077 http://www.zerodayinitiative.com/advisories/ZDI-17-914/ Mon, 20 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-913: Microsoft Chakra Spread Operator Stack-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-4912 http://www.zerodayinitiative.com/advisories/ZDI-17-913/ Mon, 20 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-912: Microsoft Chakra Regular Expression Integer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-5198 http://www.zerodayinitiative.com/advisories/ZDI-17-912/ Mon, 20 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-911: Microsoft Windows win32k Menu Use-After-Free Privilege Escalation Vulnerability]]> ZDI-CAN-5086 http://www.zerodayinitiative.com/advisories/ZDI-17-911/ Mon, 20 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-910: Adobe Reader DC JPEG2000 QCC Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-5221 http://www.zerodayinitiative.com/advisories/ZDI-17-910/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-909: Adobe Reader DC JPEG2000 ihdr Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-5220 http://www.zerodayinitiative.com/advisories/ZDI-17-909/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-908: Adobe Acrobat Pro DC ImageConversion EMF EMR_COMMENT Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-5219 http://www.zerodayinitiative.com/advisories/ZDI-17-908/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-907: Adobe Acrobat Pro DC ImageConversion EMF EmfPlusObject Heap-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-5218 http://www.zerodayinitiative.com/advisories/ZDI-17-907/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-906: Adobe Acrobat Pro DC ImageConversion EMF EmfPlusDrawBeziers Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-5202 http://www.zerodayinitiative.com/advisories/ZDI-17-906/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-905: Adobe Acrobat Pro DC XPS TIFF Rational Data Parsing Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-5039 http://www.zerodayinitiative.com/advisories/ZDI-17-905/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-904: Adobe Acrobat Pro DC XPS TIFF PhotometricInterpretation Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability]]> ZDI-CAN-5036 http://www.zerodayinitiative.com/advisories/ZDI-17-904/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-903: Adobe Acrobat Pro DC XPS TIFF dir Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability]]> ZDI-CAN-5040 http://www.zerodayinitiative.com/advisories/ZDI-17-903/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-902: Adobe Acrobat Pro DC XPS JPEG APP13 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-5034 http://www.zerodayinitiative.com/advisories/ZDI-17-902/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-901: Adobe Acrobat Pro DC XPS PNG tEXT Parsing Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-5037 http://www.zerodayinitiative.com/advisories/ZDI-17-901/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-900: Adobe Acrobat Pro DC XPS JPEG APP2 Parsing Heap-based Buffer Overflow Vulnerability]]> ZDI-CAN-5038 http://www.zerodayinitiative.com/advisories/ZDI-17-900/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-899: Adobe Reader DC JPEG2000 Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-4972 http://www.zerodayinitiative.com/advisories/ZDI-17-899/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-898: Foxit Reader removeField Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-5296 http://www.zerodayinitiative.com/advisories/ZDI-17-898/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-897: Foxit Reader addAnnot Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-5295 http://www.zerodayinitiative.com/advisories/ZDI-17-897/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-896: Foxit Reader App response Use-After-Free Remote Code Execution Vulnerability ]]> ZDI-CAN-5294 http://www.zerodayinitiative.com/advisories/ZDI-17-896/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-895: Foxit Reader util printf Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-5290 http://www.zerodayinitiative.com/advisories/ZDI-17-895/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-894: Foxit Reader XFA datasets Use-After-Free Remote Code Execution Vulnerability ]]> ZDI-CAN-5289 http://www.zerodayinitiative.com/advisories/ZDI-17-894/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-893: Foxit Reader clearItems Type Confusion Remote Code Execution Vulnerability]]> ZDI-CAN-5288 http://www.zerodayinitiative.com/advisories/ZDI-17-893/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-892: Foxit Reader Document author Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-5282 http://www.zerodayinitiative.com/advisories/ZDI-17-892/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-891: Foxit Reader XFA ImageField Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-5281 http://www.zerodayinitiative.com/advisories/ZDI-17-891/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-890: Foxit Reader JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-5244 http://www.zerodayinitiative.com/advisories/ZDI-17-890/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-889: Foxit Reader XFA picture Type Confusion Remote Code Execution Vulnerability]]> ZDI-CAN-5216 http://www.zerodayinitiative.com/advisories/ZDI-17-889/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-888: Foxit Reader Field alignment Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-5094 http://www.zerodayinitiative.com/advisories/ZDI-17-888/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-887: Foxit Reader XFA field element Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-5092 http://www.zerodayinitiative.com/advisories/ZDI-17-887/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-886: Foxit Reader XFA bind Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-5091 http://www.zerodayinitiative.com/advisories/ZDI-17-886/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-885: Foxit Reader Image Filter Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-5079 http://www.zerodayinitiative.com/advisories/ZDI-17-885/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-884: Foxit Reader LZWDecode filter Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-5078 http://www.zerodayinitiative.com/advisories/ZDI-17-884/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-883: Foxit Reader FormCalc closeDoc Type Confusion Remote Code Execution Vulnerability]]> ZDI-CAN-5073 http://www.zerodayinitiative.com/advisories/ZDI-17-883/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-882: Foxit Reader FormCalc app Type Confusion Remote Code Execution Vulnerability]]> ZDI-CAN-5072 http://www.zerodayinitiative.com/advisories/ZDI-17-882/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-881: Foxit Reader XFA Layout pageSpan Type Confusion Remote Code Execution Vulnerability]]> ZDI-CAN-5029 http://www.zerodayinitiative.com/advisories/ZDI-17-881/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-880: Foxit Reader Annotations modDate Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-5028 http://www.zerodayinitiative.com/advisories/ZDI-17-880/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-879: Foxit Reader XFA Layout page Type Confusion Remote Code Execution Vulnerability]]> ZDI-CAN-5027 http://www.zerodayinitiative.com/advisories/ZDI-17-879/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-878: Foxit Reader FileAttachment Annotations style Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-5026 http://www.zerodayinitiative.com/advisories/ZDI-17-878/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-877: Foxit Reader Text Annotations style Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-5025 http://www.zerodayinitiative.com/advisories/ZDI-17-877/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-876: Foxit Reader Caret Annotations style Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-5024 http://www.zerodayinitiative.com/advisories/ZDI-17-876/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-875: Foxit Reader Circle Annotations author Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-5023 http://www.zerodayinitiative.com/advisories/ZDI-17-875/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-874: Foxit Reader XFAScriptObject setFocus Type Confusion Remote Code Execution Vulnerability]]> ZDI-CAN-5022 http://www.zerodayinitiative.com/advisories/ZDI-17-874/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-873: Foxit Reader XFAScriptObject openList Type Confusion Remote Code Execution Vulnerability]]> ZDI-CAN-5021 http://www.zerodayinitiative.com/advisories/ZDI-17-873/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-872: Foxit Reader XFA Layout w Type Confusion Remote Code Execution Vulnerability]]> ZDI-CAN-5020 http://www.zerodayinitiative.com/advisories/ZDI-17-872/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-871: Foxit Reader XFA Nodes append Type Confusion Remote Code Execution Vulnerability]]> ZDI-CAN-5019 http://www.zerodayinitiative.com/advisories/ZDI-17-871/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-870: Foxit Reader XFA Nodes formNodes Type Confusion Remote Code Execution Vulnerability]]> ZDI-CAN-5018 http://www.zerodayinitiative.com/advisories/ZDI-17-870/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-869: Foxit Reader XFAScriptObject remove Type Confusion Remote Code Execution Vulnerability]]> ZDI-CAN-5017 http://www.zerodayinitiative.com/advisories/ZDI-17-869/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-868: Foxit Reader XFAScriptObject insert Type Confusion Remote Code Execution Vulnerability]]> ZDI-CAN-5016 http://www.zerodayinitiative.com/advisories/ZDI-17-868/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-867: Foxit Reader XFA Signature Object signer Type Confusion Remote Code Execution Vulnerability]]> ZDI-CAN-5015 http://www.zerodayinitiative.com/advisories/ZDI-17-867/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-866: Foxit Reader JPEG2000 SIZ marker xOsiz Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-5014 http://www.zerodayinitiative.com/advisories/ZDI-17-866/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-865: Foxit Reader JPEG2000 SIZ marker xTsiz Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-5013 http://www.zerodayinitiative.com/advisories/ZDI-17-865/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-864: Foxit Reader JPEG2000 SOT tile index Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-5012 http://www.zerodayinitiative.com/advisories/ZDI-17-864/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-863: Foxit Reader JPEG2000 cdef channel number Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-5011 http://www.zerodayinitiative.com/advisories/ZDI-17-863/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-862: Foxit Reader JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-4982 http://www.zerodayinitiative.com/advisories/ZDI-17-862/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-861: Foxit Reader Link setAction Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-4981 http://www.zerodayinitiative.com/advisories/ZDI-17-861/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-860: Foxit Reader Field value Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-4980 http://www.zerodayinitiative.com/advisories/ZDI-17-860/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-859: Foxit Reader Annotations arrowEnd Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-4979 http://www.zerodayinitiative.com/advisories/ZDI-17-859/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-858: Foxit Reader JPEG2000 SOT marker tile index Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-4978 http://www.zerodayinitiative.com/advisories/ZDI-17-858/ Tue, 14 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-857: Foxit Reader JPEG2000 SIZ marker yTsiz Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-4977 http://www.zerodayinitiative.com/advisories/ZDI-17-857/ Wed, 29 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-856: Foxit Reader JPEG2000 SOT marker Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-4976 http://www.zerodayinitiative.com/advisories/ZDI-17-856/ Wed, 29 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-855: Hewlett Packard Enterprise Intelligent Management Center perfAccessMgrServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability]]> ZDI-CAN-4810 http://www.zerodayinitiative.com/advisories/ZDI-17-855/ Mon, 06 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-854: Hewlett Packard Enterprise Intelligent Management Center TopoReqServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability]]> ZDI-CAN-4811 http://www.zerodayinitiative.com/advisories/ZDI-17-854/ Mon, 06 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-853: Hewlett Packard Enterprise Intelligent Management Center TopoBroadcastServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability]]> ZDI-CAN-4812 http://www.zerodayinitiative.com/advisories/ZDI-17-853/ Mon, 06 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-852: Hewlett Packard Enterprise Intelligent Management Center TopoDebugServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability]]> ZDI-CAN-4813 http://www.zerodayinitiative.com/advisories/ZDI-17-852/ Mon, 06 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-851: Hewlett Packard Enterprise Intelligent Management Center AccessMgrServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability]]> ZDI-CAN-4814 http://www.zerodayinitiative.com/advisories/ZDI-17-851/ Mon, 06 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-850: Hewlett Packard Enterprise Intelligent Management Center TopoMsgServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability]]> ZDI-CAN-4815 http://www.zerodayinitiative.com/advisories/ZDI-17-850/ Mon, 06 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-849: Hewlett Packard Enterprise Intelligent Management Center flexFileUpload Directory Traversal Remote Code Execution Vulnerability]]> ZDI-CAN-4758 http://www.zerodayinitiative.com/advisories/ZDI-17-849/ Mon, 06 Nov 2017 00:00:00 -0600 <![CDATA[ZDI-17-848: Microsoft Chakra asm.js ArrayBuffer Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-5115 http://www.zerodayinitiative.com/advisories/ZDI-17-848/ Wed, 11 Oct 2017 00:00:00 -0500 <![CDATA[ZDI-17-847: Microsoft Office Excel xls File Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-4948 http://www.zerodayinitiative.com/advisories/ZDI-17-847/ Wed, 11 Oct 2017 00:00:00 -0500 <![CDATA[ZDI-17-846: Microsoft Windows DNSAPI NSEC3_RecordRead Heap-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-5207 http://www.zerodayinitiative.com/advisories/ZDI-17-846/ Tue, 10 Oct 2017 00:00:00 -0500 <![CDATA[ZDI-17-845: Microsoft Windows Submenu Use-After-Free Privilege Escalation Vulnerability]]> ZDI-CAN-5199 http://www.zerodayinitiative.com/advisories/ZDI-17-845/ Tue, 10 Oct 2017 00:00:00 -0500 <![CDATA[ZDI-17-844: Microsoft Chakra Array JIT Optimization Type Confusion Remote Code Execution Vulnerability]]> ZDI-CAN-5084 http://www.zerodayinitiative.com/advisories/ZDI-17-844/ Tue, 10 Oct 2017 00:00:00 -0500 <![CDATA[ZDI-17-843: Microsoft Windows SMB Out-Of-Bounds Read Denial of Service Vulnerability]]> ZDI-CAN-5069 http://www.zerodayinitiative.com/advisories/ZDI-17-843/ Tue, 10 Oct 2017 00:00:00 -0500 <![CDATA[ZDI-17-842: Microsoft Edge substringData Use-After-Free Information Disclosure Vulnerability]]> ZDI-CAN-5059 http://www.zerodayinitiative.com/advisories/ZDI-17-842/ Tue, 10 Oct 2017 00:00:00 -0500 <![CDATA[ZDI-17-841: Microsoft Windows Font Embedding Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-4967 http://www.zerodayinitiative.com/advisories/ZDI-17-841/ Tue, 10 Oct 2017 00:00:00 -0500 <![CDATA[ZDI-17-840: Microsoft Windows XLS File Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-4702 http://www.zerodayinitiative.com/advisories/ZDI-17-840/ Tue, 10 Oct 2017 00:00:00 -0500 <![CDATA[ZDI-17-839: Microsoft Windows XLS File Heap-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-4669 http://www.zerodayinitiative.com/advisories/ZDI-17-839/ Tue, 10 Oct 2017 00:00:00 -0500 <![CDATA[ZDI-17-838: (0Day) Microsoft Windows WAV File Uninitialized Pointer Denial of Service Vulnerability]]> ZDI-CAN-5130 http://www.zerodayinitiative.com/advisories/ZDI-17-838/ Fri, 06 Oct 2017 00:00:00 -0500 <![CDATA[ZDI-17-837: Cisco License Manager Server ReportCSV Directory Traversal Information Disclosure Vulnerability]]> ZDI-CAN-4635 http://www.zerodayinitiative.com/advisories/ZDI-17-837/ Wed, 04 Oct 2017 00:00:00 -0500 <![CDATA[ZDI-17-836: Hewlett Packard Enterprise Intelligent Management Center dbman Opcode 10012 Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-4896 http://www.zerodayinitiative.com/advisories/ZDI-17-836/ Tue, 03 Oct 2017 00:00:00 -0500 <![CDATA[ZDI-17-835: Hewlett Packard Enterprise Intelligent Management Center mibFileServlet Directory Traversal Denial of Service Vulnerability]]> ZDI-CAN-4809 http://www.zerodayinitiative.com/advisories/ZDI-17-835/ Tue, 03 Oct 2017 00:00:00 -0500 <![CDATA[ZDI-17-834: Hewlett Packard Enterprise Intelligent Management Center mibFileServlet Directory Traversal Denial of Service Vulnerability]]> ZDI-CAN-4808 http://www.zerodayinitiative.com/advisories/ZDI-17-834/ Tue, 03 Oct 2017 00:00:00 -0500 <![CDATA[ZDI-17-833: Hewlett Packard Enterprise Intelligent Management Center WebDMServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability]]> ZDI-CAN-4761 http://www.zerodayinitiative.com/advisories/ZDI-17-833/ Tue, 03 Oct 2017 00:00:00 -0500 <![CDATA[ZDI-17-832: Hewlett Packard Enterprise Intelligent Management Center WebDMDebugServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability]]> ZDI-CAN-4760 http://www.zerodayinitiative.com/advisories/ZDI-17-832/ Tue, 03 Oct 2017 00:00:00 -0500 <![CDATA[ZDI-17-831: Hewlett Packard Enterprise Intelligent Management Center MibBrowserTopoFilterServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability]]> ZDI-CAN-4759 http://www.zerodayinitiative.com/advisories/ZDI-17-831/ Tue, 03 Oct 2017 00:00:00 -0500 <![CDATA[ZDI-17-830: Hewlett Packard Enterprise Intelligent Management Center mibFileServlet Directory Traversal Remote Code Execution Vulnerability]]> ZDI-CAN-4837 http://www.zerodayinitiative.com/advisories/ZDI-17-830/ Tue, 03 Oct 2017 00:00:00 -0500 <![CDATA[ZDI-17-829: Trend Micro OfficeScan tmwfp Memory Corruption Privilege Escalation Vulnerability]]> ZDI-CAN-5071 http://www.zerodayinitiative.com/advisories/ZDI-17-829/ Wed, 27 Sep 2017 00:00:00 -0500 <![CDATA[ZDI-17-828: Trend Micro OfficeScan tmwfp Memory Corruption Privilege Escalation Vulnerability]]> ZDI-CAN-5068 http://www.zerodayinitiative.com/advisories/ZDI-17-828/ Wed, 27 Sep 2017 00:00:00 -0500 <![CDATA[ZDI-17-827: Dell EMC VNX Monitoring and Reporting Scheduler Directory Traversal Remote Code Execution Vulnerability]]> ZDI-CAN-4754 http://www.zerodayinitiative.com/advisories/ZDI-17-827/ Tue, 26 Sep 2017 00:00:00 -0500 <![CDATA[ZDI-17-826: Dell EMC VNX Monitoring and Reporting RMI Registry Deserialization of Untrusted Data Denial of Service Vulnerability]]> ZDI-CAN-4807 http://www.zerodayinitiative.com/advisories/ZDI-17-826/ Tue, 26 Sep 2017 00:00:00 -0500 <![CDATA[ZDI-17-825: Hewlett Packard Enterprise Application Performance Management Staging Data Replicator hpbsmsdr Missing Authentication for Critical Function Remote Code Execution Vulnerability]]> ZDI-CAN-4825 http://www.zerodayinitiative.com/advisories/ZDI-17-825/ Tue, 26 Sep 2017 00:00:00 -0500 <![CDATA[ZDI-17-824: Apple Safari RegExp replace Out-Of-Bounds Access Remote Code Execution Vulnerability]]> ZDI-CAN-4955 http://www.zerodayinitiative.com/advisories/ZDI-17-824/ Tue, 26 Sep 2017 00:00:00 -0500 <![CDATA[ZDI-17-823: Apple Safari JSString Out-Of-Bounds Access Remote Code Execution Vulnerability]]> ZDI-CAN-4771 http://www.zerodayinitiative.com/advisories/ZDI-17-823/ Tue, 26 Sep 2017 00:00:00 -0500 <![CDATA[ZDI-17-822: Apple Safari RenderFlowThread Out-Of-Bounds Access Remote Code Execution Vulnerability]]> ZDI-CAN-4717 http://www.zerodayinitiative.com/advisories/ZDI-17-822/ Tue, 26 Sep 2017 00:00:00 -0500 <![CDATA[ZDI-17-821: Apple Safari String link Integer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-4712 http://www.zerodayinitiative.com/advisories/ZDI-17-821/ Tue, 26 Sep 2017 00:00:00 -0500 <![CDATA[ZDI-17-820: Apple Safari BoundFunction Out-Of-Bounds Access Remote Code Execution Vulnerability]]> ZDI-CAN-4711 http://www.zerodayinitiative.com/advisories/ZDI-17-820/ Tue, 26 Sep 2017 00:00:00 -0500 <![CDATA[ZDI-17-819: (0Day) Eaton ELCSoft SegCmt Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-4553 http://www.zerodayinitiative.com/advisories/ZDI-17-819/ Tue, 26 Sep 2017 00:00:00 -0500 <![CDATA[ZDI-17-818: (0Day) Eaton ELCSoft LAD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability]]> ZDI-CAN-4637 http://www.zerodayinitiative.com/advisories/ZDI-17-818/ Tue, 26 Sep 2017 00:00:00 -0500