<![CDATA[ZDI: Published Advisories]]>

<![CDATA[ZDI: Published Advisories]]> http://www.zerodayinitiative.com/advisories/published/ Sat, 16 May 2026 18:08:28 -0500 Trend Micro, all rights reserved en <![CDATA[ZDI-19-1045: Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet Expression Language Injection Remote Code Execution Vulnerability]]> ZDI-CAN-8970 http://www.zerodayinitiative.com/advisories/ZDI-19-1045/ Wed, 29 Jan 2020 00:00:00 -0600 <![CDATA[ZDI-19-1044: Hewlett Packard Enterprise Intelligent Management Center eventInfo_content Expression Language Injection Remote Code Execution Vulnerability]]> ZDI-CAN-8971 http://www.zerodayinitiative.com/advisories/ZDI-19-1044/ Wed, 29 Jan 2020 00:00:00 -0600 <![CDATA[ZDI-19-1043: Hewlett Packard Enterprise Intelligent Management Center addVsiInterfaceInfo Expression Language Injection Remote Code Execution Vulnerability]]> ZDI-CAN-8967 http://www.zerodayinitiative.com/advisories/ZDI-19-1043/ Wed, 29 Jan 2020 00:00:00 -0600 <![CDATA[ZDI-19-1042: Hewlett Packard Enterprise Intelligent Management Center addDeviceToView Expression Language Injection Remote Code Execution Vulnerability]]> ZDI-CAN-8968 http://www.zerodayinitiative.com/advisories/ZDI-19-1042/ Wed, 29 Jan 2020 00:00:00 -0600 <![CDATA[ZDI-19-1041: Hewlett Packard Enterprise Intelligent Management Center operatorOnlineList_content Privilege Escalation Vulnerability]]> ZDI-CAN-8965 http://www.zerodayinitiative.com/advisories/ZDI-19-1041/ Wed, 29 Jan 2020 00:00:00 -0600 <![CDATA[ZDI-19-1040: Hewlett Packard Enterprise Intelligent Management Center SyslogTempletSelectWin Expression Language Injection Remote Code Execution Vulnerability]]> ZDI-CAN-8964 http://www.zerodayinitiative.com/advisories/ZDI-19-1040/ Wed, 29 Jan 2020 00:00:00 -0600 <![CDATA[ZDI-19-1039: Hewlett Packard Enterprise Intelligent Management Center legend Expression Language Injection Remote Code Execution Vulnerability]]> ZDI-CAN-8963 http://www.zerodayinitiative.com/advisories/ZDI-19-1039/ Wed, 29 Jan 2020 00:00:00 -0600 <![CDATA[ZDI-19-1038: Hewlett Packard Enterprise Intelligent Management Center UrlAccessController Authentication Bypass Vulnerability]]> ZDI-CAN-8943 http://www.zerodayinitiative.com/advisories/ZDI-19-1038/ Wed, 29 Jan 2020 00:00:00 -0600 <![CDATA[ZDI-19-1037: Hewlett Packard Enterprise Intelligent Management Center tftpserver Stack-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-8935 http://www.zerodayinitiative.com/advisories/ZDI-19-1037/ Wed, 29 Jan 2020 00:00:00 -0600 <![CDATA[ZDI-19-1036: Hewlett Packard Enterprise Intelligent Management Center AccessMgrServlet className Deserialization of Untrusted Data Remote Code Execution Vulnerability]]> ZDI-CAN-8928 http://www.zerodayinitiative.com/advisories/ZDI-19-1036/ Wed, 29 Jan 2020 00:00:00 -0600 <![CDATA[ZDI-19-1035: Tencent WeChat name Field Unsafe Redirection Vulnerability]]> ZDI-CAN-9302 http://www.zerodayinitiative.com/advisories/ZDI-19-1035/ Tue, 31 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1034: (0Day) WECON PLC Editor PLCDataCeter Port Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-9123 http://www.zerodayinitiative.com/advisories/ZDI-19-1034/ Mon, 30 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1033: (0Day) WECON PLC Editor PLCDataCeter PortPath Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-9122 http://www.zerodayinitiative.com/advisories/ZDI-19-1033/ Mon, 30 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1032: (0Day) WECON PIStudio HSC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability]]> ZDI-CAN-8927 http://www.zerodayinitiative.com/advisories/ZDI-19-1032/ Mon, 30 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1031: D-Link DCS-960L HNAP SOAPAction Stack-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-8458 http://www.zerodayinitiative.com/advisories/ZDI-19-1031/ Mon, 23 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1030: Docker docker-credential-secretservice Double Free Privilege Escalation Vulnerability]]> ZDI-CAN-8921 http://www.zerodayinitiative.com/advisories/ZDI-19-1030/ Fri, 20 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1029: Docker docker-credential-helpers Double Free Privilege Escalation Vulnerability]]> ZDI-CAN-8920 http://www.zerodayinitiative.com/advisories/ZDI-19-1029/ Fri, 20 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1028: Parallels Desktop Command Injection Privilege Escalation Vulnerability]]> ZDI-CAN-8685 http://www.zerodayinitiative.com/advisories/ZDI-19-1028/ Fri, 20 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1027: Apple macOS AudioToolbox MP4 Parsing Integer Overflow Information Disclosure Vulnerability]]> ZDI-CAN-8806 http://www.zerodayinitiative.com/advisories/ZDI-19-1027/ Fri, 20 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1026: Apple macOS apfs Use-After-Free Privilege Escalation Vulnerability]]> ZDI-CAN-8767 http://www.zerodayinitiative.com/advisories/ZDI-19-1026/ Thu, 19 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1025: Trend Micro Maximum Security Link Resolution Information Disclosure And Denial-of-Service Vulnerability]]> ZDI-CAN-9391 http://www.zerodayinitiative.com/advisories/ZDI-19-1025/ Thu, 19 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1024: Oracle ADF Faces Deserialization of Untrusted Data Remote Code Execution Vulnerability]]> ZDI-CAN-8823 http://www.zerodayinitiative.com/advisories/ZDI-19-1024/ Thu, 19 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1023: (0Day) Microsoft Windows WebDAV Path Parsing Command Injection Remote Code Execution Vulnerability]]> ZDI-CAN-9278 http://www.zerodayinitiative.com/advisories/ZDI-19-1023/ Tue, 17 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1022: Apple Safari commitPropertyChange Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-8608 http://www.zerodayinitiative.com/advisories/ZDI-19-1022/ Tue, 17 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1021: Advantech DiagAnywhere FOLDER_REMOVE Stack-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-9489 http://www.zerodayinitiative.com/advisories/ZDI-19-1021/ Fri, 13 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1020: Advantech DiagAnywhere SET_CURR_DIR Stack-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-9488 http://www.zerodayinitiative.com/advisories/ZDI-19-1020/ Fri, 13 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1019: Advantech DiagAnywhere FILE_CREATE Stack-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-9485 http://www.zerodayinitiative.com/advisories/ZDI-19-1019/ Fri, 13 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1018: Advantech DiagAnywhere FILE_OPEN_RO Stack-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-9487 http://www.zerodayinitiative.com/advisories/ZDI-19-1018/ Fri, 13 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1017: Advantech DiagAnywhere FOLDER_CREATE Stack-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-9486 http://www.zerodayinitiative.com/advisories/ZDI-19-1017/ Fri, 13 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1016: Microsoft Windows GreSetMagicColors Out-Of-Bounds Write Privilege Escalation Vulnerability]]> ZDI-CAN-9385 http://www.zerodayinitiative.com/advisories/ZDI-19-1016/ Fri, 13 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1015: (0Day) WECON PLC Editor WCP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-8456 http://www.zerodayinitiative.com/advisories/ZDI-19-1015/ Thu, 12 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1014: (0Day) NETGEAR AC1200 mini_httpd Cleartext Transmission of Sensitive Information Information Disclosure Vulnerability]]> ZDI-CAN-8671 http://www.zerodayinitiative.com/advisories/ZDI-19-1014/ Thu, 12 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1013: (0Day) Microsoft Windows Kernel Type 1 Font Processing Stack Exhaustion Denial-of-Service Vulnerability]]> ZDI-CAN-8824 http://www.zerodayinitiative.com/advisories/ZDI-19-1013/ Thu, 12 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1012: (0Day) Linux Kernel proc stat Improper Access Control Information Disclosure Vulnerability]]> ZDI-CAN-7607 http://www.zerodayinitiative.com/advisories/ZDI-19-1012/ Thu, 12 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1011: (0Day) NETGEAR AC1200 mini_httpd Password Storage Information Disclosure Vulnerability]]> ZDI-CAN-8615 http://www.zerodayinitiative.com/advisories/ZDI-19-1011/ Thu, 12 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1010: (0Day) Advantech WebAccess Node BwOpcBs Stack-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-7883 http://www.zerodayinitiative.com/advisories/ZDI-19-1010/ Thu, 12 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1009: Apple macOS fseventsd Uninitialized Buffer Information Disclosure Vulnerability]]> ZDI-CAN-8613 http://www.zerodayinitiative.com/advisories/ZDI-19-1009/ Wed, 11 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1008: Microsoft Windows EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-9363 http://www.zerodayinitiative.com/advisories/ZDI-19-1008/ Wed, 11 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1007: Microsoft Windows EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-9344 http://www.zerodayinitiative.com/advisories/ZDI-19-1007/ Wed, 11 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1006: Microsoft PowerPoint PPT File Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-9339 http://www.zerodayinitiative.com/advisories/ZDI-19-1006/ Wed, 11 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1005: Microsoft Windows AppX Deployment Service Hard Link Escalation of Privilege Vulnerability]]> ZDI-CAN-9320 http://www.zerodayinitiative.com/advisories/ZDI-19-1005/ Wed, 11 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1004: Microsoft Windows Font Subsetting Library Out-Of-Bounds Write Remote Code Execution Vulnerability]]> ZDI-CAN-9075 http://www.zerodayinitiative.com/advisories/ZDI-19-1004/ Wed, 11 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1003: Microsoft Windows Media Player Color Conversion Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-8186 http://www.zerodayinitiative.com/advisories/ZDI-19-1003/ Wed, 11 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1002: Microsoft Windows Media Player Color Transform Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-8029 http://www.zerodayinitiative.com/advisories/ZDI-19-1002/ Wed, 11 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1001: Adobe Acrobat Pro DC XFA Form Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-9237 http://www.zerodayinitiative.com/advisories/ZDI-19-1001/ Tue, 10 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-1000: Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-8624 http://www.zerodayinitiative.com/advisories/ZDI-19-1000/ Mon, 09 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-999: Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-8623 http://www.zerodayinitiative.com/advisories/ZDI-19-999/ Mon, 09 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-998: Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-8600 http://www.zerodayinitiative.com/advisories/ZDI-19-998/ Mon, 09 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-997: OMRON CX-Supervisor Vulnerable Third-Party Component Remote Code Execution Vulnerability]]> ZDI-CAN-9313 http://www.zerodayinitiative.com/advisories/ZDI-19-997/ Mon, 09 Dec 2019 00:00:00 -0600 <![CDATA[ZDI-19-996: Dell EMC Storage Monitoring and Reporting Java RMI Deserialization of Untrusted Data Remote Code Execution Vulnerability]]> ZDI-CAN-8929 http://www.zerodayinitiative.com/advisories/ZDI-19-996/ Tue, 26 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-995: Apple macOS UIFoundation Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-8585 http://www.zerodayinitiative.com/advisories/ZDI-19-995/ Tue, 26 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-994: Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-8683 http://www.zerodayinitiative.com/advisories/ZDI-19-994/ Tue, 26 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-993: Rockwell Automation Arena Simulation DOE File Parsing Uninitialized Pointer Dereference Remote Code Execution Vulnerability]]> ZDI-CAN-8682 http://www.zerodayinitiative.com/advisories/ZDI-19-993/ Tue, 26 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-992: TP-LINK TL-WR841N Web Service http_parser_main Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-8457 http://www.zerodayinitiative.com/advisories/ZDI-19-992/ Tue, 26 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-991: Phoenix Contact Automationworx MWT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability]]> ZDI-CAN-8097 http://www.zerodayinitiative.com/advisories/ZDI-19-991/ Tue, 26 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-990: Symantec Endpoint Protection Manager OpenSSL Privilege Escalation Vulnerability]]> ZDI-CAN-9477 http://www.zerodayinitiative.com/advisories/ZDI-19-990/ Thu, 14 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-989: Symantec Endpoint Protection Manager LuComServer stDisScriptEngine Privilege Escalation Vulnerability]]> ZDI-CAN-9303 http://www.zerodayinitiative.com/advisories/ZDI-19-989/ Thu, 14 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-988: VMware Workstation e1000 Out-Of-Bounds Write Privilege Escalation Vulnerability]]> ZDI-CAN-8933 http://www.zerodayinitiative.com/advisories/ZDI-19-988/ Wed, 13 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-987: Microsoft Windows splwow64 Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability]]> ZDI-CAN-9393 http://www.zerodayinitiative.com/advisories/ZDI-19-987/ Wed, 13 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-986: Microsoft Windows Kernel Type 1 Font Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-9373 http://www.zerodayinitiative.com/advisories/ZDI-19-986/ Wed, 13 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-985: Microsoft Windows EMF Parsing Integer Truncation Remote Code Execution Vulnerability]]> ZDI-CAN-9365 http://www.zerodayinitiative.com/advisories/ZDI-19-985/ Wed, 13 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-984: Microsoft Windows vMatchAPal Out-Of-Bounds Write Privilege Escalation Vulnerability]]> ZDI-CAN-9311 http://www.zerodayinitiative.com/advisories/ZDI-19-984/ Wed, 13 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-983: Microsoft Windows ptransMatchAPal Out-Of-Bounds Write Privilege Escalation Vulnerability]]> ZDI-CAN-9291 http://www.zerodayinitiative.com/advisories/ZDI-19-983/ Wed, 13 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-982: Microsoft Windows CreateXlateObject Out-Of-Bounds Write Privilege Escalation Vulnerability]]> ZDI-CAN-9118 http://www.zerodayinitiative.com/advisories/ZDI-19-982/ Wed, 13 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-981: Microsoft Windows CreateXlateObject Out-Of-Bounds Write Privilege Escalation Vulnerability]]> ZDI-CAN-9110 http://www.zerodayinitiative.com/advisories/ZDI-19-981/ Wed, 13 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-980: Microsoft Windows Kernel Type 1 Font Processing Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-9265 http://www.zerodayinitiative.com/advisories/ZDI-19-980/ Wed, 13 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-979: Microsoft Windows AppX Deployment Service Hard Link Denial-of-Service Vulnerability]]> ZDI-CAN-9162 http://www.zerodayinitiative.com/advisories/ZDI-19-979/ Wed, 13 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-978: Microsoft Windows InstallService Hard Link Privilege Escalation Vulnerability]]> ZDI-CAN-9156 http://www.zerodayinitiative.com/advisories/ZDI-19-978/ Wed, 13 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-977: Microsoft Windows Kernel Type 1 Font Processing Out-Of-Bounds Write Remote Code Execution Vulnerability]]> ZDI-CAN-9238 http://www.zerodayinitiative.com/advisories/ZDI-19-977/ Wed, 13 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-976: Microsoft Windows ulGetNearestIndexFromColorref Out-Of-Bounds Write Privilege Escalation Vulnerability]]> ZDI-CAN-9100 http://www.zerodayinitiative.com/advisories/ZDI-19-976/ Wed, 13 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-975: Microsoft Windows UAC Unsafe Interaction Privilege Escalation Vulnerability]]> ZDI-CAN-9022 http://www.zerodayinitiative.com/advisories/ZDI-19-975/ Wed, 13 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-974: Microsoft Windows DirectWrite Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-8057 http://www.zerodayinitiative.com/advisories/ZDI-19-974/ Wed, 13 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-973: Microsoft Windows DirectWrite Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-8053 http://www.zerodayinitiative.com/advisories/ZDI-19-973/ Wed, 13 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-972: Microsoft Windows IP Helper Service Hard Link Denial-of-Service Vulnerability]]> ZDI-CAN-8945 http://www.zerodayinitiative.com/advisories/ZDI-19-972/ Wed, 13 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-971: Fuji Electric V-Server VPR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-8932 http://www.zerodayinitiative.com/advisories/ZDI-19-971/ Mon, 11 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-970: Fuji Electric V-Server VPR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-8931 http://www.zerodayinitiative.com/advisories/ZDI-19-970/ Mon, 11 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-969: Fuji Electric V-Server VPR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-8904 http://www.zerodayinitiative.com/advisories/ZDI-19-969/ Mon, 11 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-968: Fuji Electric V-Server VPR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-8848 http://www.zerodayinitiative.com/advisories/ZDI-19-968/ Mon, 11 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-967: Fuji Electric V-Server VPR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-8844 http://www.zerodayinitiative.com/advisories/ZDI-19-967/ Mon, 11 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-966: Microsoft Windows vResetSurfacePalette Out-Of-Bounds Write Privilege Escalation Vulnerability]]> ZDI-CAN-9359 http://www.zerodayinitiative.com/advisories/ZDI-19-966/ Mon, 11 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-965: Oracle VirtualBox shader_get_registers_used Out-Of-Bounds Write Privilege Escalation Vulnerability]]> ZDI-CAN-8674 http://www.zerodayinitiative.com/advisories/ZDI-19-965/ Mon, 11 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-964: Oracle VirtualBox Out-Of-Bounds Write Privilege Escalation Vulnerability]]> ZDI-CAN-8673 http://www.zerodayinitiative.com/advisories/ZDI-19-964/ Mon, 11 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-963: Oracle VirtualBox Out-Of-Bounds Write Privilege Escalation Vulnerability]]> ZDI-CAN-8418 http://www.zerodayinitiative.com/advisories/ZDI-19-963/ Mon, 11 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-962: Apple macOS AMDRadeonX4000_AMDSIGLContext Untrusted Pointer Dereference Privilege Escalation Vulnerability]]> ZDI-CAN-8851 http://www.zerodayinitiative.com/advisories/ZDI-19-962/ Wed, 06 Nov 2019 00:00:00 -0600 <![CDATA[ZDI-19-961: Apple macOS AudioToolbox Interleave Out-of-Bounds Write Remote Code Execute Vulnerability]]> ZDI-CAN-8160 http://www.zerodayinitiative.com/advisories/ZDI-19-961/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-960: Advantech WISE-PaaS/RMM NodeRed Server Missing Authentication Remote Code Execution Vulnerability]]> ZDI-CAN-8891 http://www.zerodayinitiative.com/advisories/ZDI-19-960/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-959: Advantech WISE-PaaS/RMM RecoveryMgmt checkSN XML External Entity Processing Information Disclosure Vulnerability]]> ZDI-CAN-9229 http://www.zerodayinitiative.com/advisories/ZDI-19-959/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-958: Advantech WISE-PaaS/RMM UpgradeMgmt Directory Traversal Remote Code Execution Vulnerability]]> ZDI-CAN-9101 http://www.zerodayinitiative.com/advisories/ZDI-19-958/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-957: Advantech WISE-PaaS/RMM SQLMgmt insertData SQL Injection Information Disclosure Vulnerability]]> ZDI-CAN-9145 http://www.zerodayinitiative.com/advisories/ZDI-19-957/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-956: Advantech WISE-PaaS/RMM SQLMgmt CreateTable SQL Injection Information Disclosure Vulnerability]]> ZDI-CAN-9144 http://www.zerodayinitiative.com/advisories/ZDI-19-956/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-955: Advantech WISE-PaaS/RMM SQLMgmt getTableInfo SQL Injection Information Disclosure Vulnerability]]> ZDI-CAN-9143 http://www.zerodayinitiative.com/advisories/ZDI-19-955/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-954: Advantech WISE-PaaS/RMM AccountMgmt registerAccount XML External Entity Processing Information Disclosure Vulnerability]]> ZDI-CAN-9098 http://www.zerodayinitiative.com/advisories/ZDI-19-954/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-953: Advantech WISE-PaaS/RMM AccountMgmt activateAccount XML External Entity Processing Information Disclosure Vulnerability]]> ZDI-CAN-9097 http://www.zerodayinitiative.com/advisories/ZDI-19-953/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-952: Advantech WISE-PaaS/RMM SQLMgmt updateData SQL Injection Information Disclosure Vulnerability]]> ZDI-CAN-9146 http://www.zerodayinitiative.com/advisories/ZDI-19-952/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-951: Advantech WISE-PaaS/RMM SQLMgmt delData SQL Injection Information Disclosure Vulnerability]]> ZDI-CAN-9147 http://www.zerodayinitiative.com/advisories/ZDI-19-951/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-950: Advantech WISE-PaaS/RMM UpgradeMgmt upload_ota Directory Traversal Remote Code Execution Vulnerability]]> ZDI-CAN-9173 http://www.zerodayinitiative.com/advisories/ZDI-19-950/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-949: Advantech WISE-PaaS/RMM PowerMgmt fuzzySearch SQL Injection Information Disclosure Vulnerability]]> ZDI-CAN-9174 http://www.zerodayinitiative.com/advisories/ZDI-19-949/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-948: Advantech WISE-PaaS/RMM RecoveryMgmt fuzzySearch SQL Injection Information Disclosure Vulnerability]]> ZDI-CAN-9177 http://www.zerodayinitiative.com/advisories/ZDI-19-948/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-947: Advantech WISE-PaaS/RMM AccountMgmt fuzzySearch XML External Entity Processing Information Disclosure Vulnerability]]> ZDI-CAN-9095 http://www.zerodayinitiative.com/advisories/ZDI-19-947/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-946: Advantech WISE-PaaS/RMM AccountMgmt LoginForJWT XML External Entity Processing Information Disclosure Vulnerability]]> ZDI-CAN-9096 http://www.zerodayinitiative.com/advisories/ZDI-19-946/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-945: Advantech WISE-PaaS/RMM WechatSignin wechattokenlogin XML External Entity Processing Information Disclosure Vulnerability]]> ZDI-CAN-9086 http://www.zerodayinitiative.com/advisories/ZDI-19-945/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-944: Advantech WISE-PaaS/RMM RecoveryMgmt ActionCommd_ota XML External Entity Processing Information Disclosure Vulnerability]]> ZDI-CAN-9094 http://www.zerodayinitiative.com/advisories/ZDI-19-944/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-943: Advantech WISE-PaaS/RMM RecoveryMgmt groupFuzzSearch XML External Entity Processing Information Disclosure Vulnerability]]> ZDI-CAN-9231 http://www.zerodayinitiative.com/advisories/ZDI-19-943/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-942: Advantech WISE-PaaS/RMM RecoveryMgmt checkSchName XML External Entity Processing Information Disclosure Vulnerability]]> ZDI-CAN-9230 http://www.zerodayinitiative.com/advisories/ZDI-19-942/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-941: Advantech WISE-PaaS/RMM RMSWatchDog distributer Directory Traversal Information Disclosure Vulnerability]]> ZDI-CAN-9226 http://www.zerodayinitiative.com/advisories/ZDI-19-941/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-940: Advantech WISE-PaaS/RMM ProtectionMgmt fuzzySearch SQL Injection Information Disclosure Vulnerability]]> ZDI-CAN-9190 http://www.zerodayinitiative.com/advisories/ZDI-19-940/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-939: Advantech WISE-PaaS/RMM AccountMgmt forgotPwd XML External Entity Processing Information Disclosure Vulnerability]]> ZDI-CAN-9213 http://www.zerodayinitiative.com/advisories/ZDI-19-939/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-938: Advantech WISE-PaaS/RMM DeviceMgmt fuzzySearch SQL Injection Information Disclosure Vulnerability]]> ZDI-CAN-9191 http://www.zerodayinitiative.com/advisories/ZDI-19-938/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-937: Advantech WISE-PaaS/RMM SQLMgmt qryData SQL Injection Information Disclosure Vulnerability]]> ZDI-CAN-9148 http://www.zerodayinitiative.com/advisories/ZDI-19-937/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-936: Advantech WISE-PaaS/RMM RecoveryMgmt addRecoverySch XML External Entity Processing Information Disclosure Vulnerability]]> ZDI-CAN-9232 http://www.zerodayinitiative.com/advisories/ZDI-19-936/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-935: Advantech WISE-PaaS/RMM upload2eMap Directory Traversal Remote Code Execution Vulnerability]]> ZDI-CAN-8892 http://www.zerodayinitiative.com/advisories/ZDI-19-935/ Fri, 01 Nov 2019 00:00:00 -0500 <![CDATA[ZDI-19-934: Apple macOS AppleIntelCFLGraphicsFramebuffer.kext Untrusted Pointer Dereference Privilege Escalation Vulnerability]]> ZDI-CAN-8828 http://www.zerodayinitiative.com/advisories/ZDI-19-934/ Thu, 31 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-933: Jenkins iceScrum Cleartext Storage of Credentials Information Disclosure Vulnerability]]> ZDI-CAN-8882 http://www.zerodayinitiative.com/advisories/ZDI-19-933/ Wed, 30 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-932: Jenkins NeoLoad Cleartext Storage of Credentials Information Disclosure Vulnerability]]> ZDI-CAN-8873 http://www.zerodayinitiative.com/advisories/ZDI-19-932/ Wed, 30 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-931: (0Day) Jenkins Delphix Cleartext Storage of Credentials Information Disclosure Vulnerability]]> ZDI-CAN-8919 http://www.zerodayinitiative.com/advisories/ZDI-19-931/ Wed, 30 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-930: (0Day) Jenkins View26 Test-Reporting Cleartext Storage of Credentials Information Disclosure Vulnerability]]> ZDI-CAN-8889 http://www.zerodayinitiative.com/advisories/ZDI-19-930/ Wed, 30 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-929: (0Day) Jenkins SOASTA CloudTest Cleartext Storage of Credentials Information Disclosure Vulnerability]]> ZDI-CAN-8885 http://www.zerodayinitiative.com/advisories/ZDI-19-929/ Wed, 30 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-928: (0Day) Jenkins ElasticBox CI Cleartext Storage of Credentials Information Disclosure Vulnerability]]> ZDI-CAN-8880 http://www.zerodayinitiative.com/advisories/ZDI-19-928/ Wed, 30 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-927: (0Day) Jenkins Fortify on Demand Uploader Cleartext Storage of Credentials Information Disclosure Vulnerability]]> ZDI-CAN-8879 http://www.zerodayinitiative.com/advisories/ZDI-19-927/ Wed, 30 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-926: (0Day) Jenkins Extensive Testing Cleartext Storage of Credentials Information Disclosure Vulnerability]]> ZDI-CAN-8878 http://www.zerodayinitiative.com/advisories/ZDI-19-926/ Wed, 30 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-925: (0Day) Jenkins Sofy.AI Cleartext Storage of Credentials Information Disclosure Vulnerability]]> ZDI-CAN-8877 http://www.zerodayinitiative.com/advisories/ZDI-19-925/ Wed, 30 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-924: (0Day) Microsoft Windows cdrom Driver Memory Corruption Denial-of-Service Vulnerability]]> ZDI-CAN-9381 http://www.zerodayinitiative.com/advisories/ZDI-19-924/ Wed, 30 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-923: Phoenix Contact Automationworx BCP File Parsing Memory Corruption Remote Code Execution Vulnerability]]> ZDI-CAN-7783 http://www.zerodayinitiative.com/advisories/ZDI-19-923/ Tue, 29 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-922: Phoenix Contact Automationworx BCP File Parsing Memory Corruption Remote Code Execution Vulnerability]]> ZDI-CAN-7782 http://www.zerodayinitiative.com/advisories/ZDI-19-922/ Tue, 29 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-921: (Pwn2Own) Google Chromium RegExpReplace Type Confusion Remote Code Execution Vulnerability]]> ZDI-CAN-8378 http://www.zerodayinitiative.com/advisories/ZDI-19-921/ Tue, 29 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-920: Apple Safari FrameDestructionObserver Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-8574 http://www.zerodayinitiative.com/advisories/ZDI-19-920/ Fri, 25 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-919: Apple macOS AudioCodecs Out-Of-Bounds Write Remote Code Execution Vulnerability]]> ZDI-CAN-8093 http://www.zerodayinitiative.com/advisories/ZDI-19-919/ Fri, 25 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-918: Oracle VirtualBox VMSVGA Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-8653 http://www.zerodayinitiative.com/advisories/ZDI-19-918/ Wed, 23 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-917: Oracle VirtualBox VMSVGA Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-8652 http://www.zerodayinitiative.com/advisories/ZDI-19-917/ Wed, 23 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-916: Oracle VirtualBox shader_record_register_usage Out-Of-Bounds Write Privilege Escalation Vulnerability]]> ZDI-CAN-8842 http://www.zerodayinitiative.com/advisories/ZDI-19-916/ Wed, 23 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-915: Foxit PhantomPDF Dwg2Pdf DXF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-9276 http://www.zerodayinitiative.com/advisories/ZDI-19-915/ Tue, 22 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-914: Foxit PhantomPDF Dwg2Pdf DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability]]> ZDI-CAN-9274 http://www.zerodayinitiative.com/advisories/ZDI-19-914/ Tue, 22 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-913: Foxit PhantomPDF Dwg2Pdf DWG File Parsing Use-After-Free Information Disclosure Vulnerability]]> ZDI-CAN-9273 http://www.zerodayinitiative.com/advisories/ZDI-19-913/ Tue, 22 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-912: Foxit PhantomPDF ListBox Field Keystroke Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-9081 http://www.zerodayinitiative.com/advisories/ZDI-19-912/ Tue, 22 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-911: Foxit PhantomPDF Text Field Calculate Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-9044 http://www.zerodayinitiative.com/advisories/ZDI-19-911/ Tue, 22 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-910: Foxit PhantomPDF Signature Field OnFocus Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-9091 http://www.zerodayinitiative.com/advisories/ZDI-19-910/ Tue, 22 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-909: Foxit PhantomPDF HTML2PDF HTML Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability]]> ZDI-CAN-8692 http://www.zerodayinitiative.com/advisories/ZDI-19-909/ Tue, 22 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-908: Foxit Studio Photo JPEG Batch Processing Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-8809 http://www.zerodayinitiative.com/advisories/ZDI-19-908/ Tue, 22 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-907: Adobe Media Encoder CC MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-8804 http://www.zerodayinitiative.com/advisories/ZDI-19-907/ Mon, 21 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-906: Adobe Media Encoder CC MPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-8803 http://www.zerodayinitiative.com/advisories/ZDI-19-906/ Mon, 21 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-905: Adobe Media Encoder MOV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-8802 http://www.zerodayinitiative.com/advisories/ZDI-19-905/ Mon, 21 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-904: Adobe Media Encoder MOV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-8785 http://www.zerodayinitiative.com/advisories/ZDI-19-904/ Mon, 21 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-903: Horner Automation Cscape CSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability]]> ZDI-CAN-8445 http://www.zerodayinitiative.com/advisories/ZDI-19-903/ Fri, 18 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-902: Horner Automation Cscape CSP File Parsing Memory Corruption Remote Code Execution Vulnerability]]> ZDI-CAN-8444 http://www.zerodayinitiative.com/advisories/ZDI-19-902/ Fri, 18 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-901: Adobe Acrobat Reader DC XFA Form Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-9374 http://www.zerodayinitiative.com/advisories/ZDI-19-901/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-900: Adobe Acrobat Reader DC XFA closeDoc Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-9317 http://www.zerodayinitiative.com/advisories/ZDI-19-900/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-899: Adobe Acrobat Pro DC XFA closeDoc Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-9331 http://www.zerodayinitiative.com/advisories/ZDI-19-899/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-898: Adobe Acrobat Pro DC DWF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-9362 http://www.zerodayinitiative.com/advisories/ZDI-19-898/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-897: Adobe Acrobat Pro DC XFA Form Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-9330 http://www.zerodayinitiative.com/advisories/ZDI-19-897/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-896: Adobe Acrobat Reader DC XFA template Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-9329 http://www.zerodayinitiative.com/advisories/ZDI-19-896/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-895: Adobe Acrobat Reader DC XFA instanceManager Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-9316 http://www.zerodayinitiative.com/advisories/ZDI-19-895/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-894: Adobe Acrobat Reader DC XFA Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-9295 http://www.zerodayinitiative.com/advisories/ZDI-19-894/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-893: Adobe Acrobat Reader DC XFA template Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-9327 http://www.zerodayinitiative.com/advisories/ZDI-19-893/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-892: Adobe Acrobat Reader DC AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability]]> ZDI-CAN-8937 http://www.zerodayinitiative.com/advisories/ZDI-19-892/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-891: Adobe Acrobat Reader DC XFA Form Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-9293 http://www.zerodayinitiative.com/advisories/ZDI-19-891/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-890: Adobe Acrobat Pro DC XFA Form Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-8793 http://www.zerodayinitiative.com/advisories/ZDI-19-890/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-889: Adobe Acrobat Pro DC DWT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability]]> ZDI-CAN-9153 http://www.zerodayinitiative.com/advisories/ZDI-19-889/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-888: Adobe Acrobat Pro DC DXF File Parsing Memory Corruption Remote Code Execution Vulnerability]]> ZDI-CAN-9154 http://www.zerodayinitiative.com/advisories/ZDI-19-888/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-887: Adobe Acrobat Pro DC DXF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-9155 http://www.zerodayinitiative.com/advisories/ZDI-19-887/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-886: Adobe Acrobat Pro DC DST File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-9261 http://www.zerodayinitiative.com/advisories/ZDI-19-886/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-885: Adobe Acrobat Pro DC DXF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-9262 http://www.zerodayinitiative.com/advisories/ZDI-19-885/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-884: Adobe Acrobat Pro DC DWG File Parsing Use-After-Free Information Disclosure Vulnerability]]> ZDI-CAN-9263 http://www.zerodayinitiative.com/advisories/ZDI-19-884/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-883: Adobe Acrobat Pro DC DWG File Parsing Use-After-Free Information Disclosure Vulnerability]]> ZDI-CAN-9264 http://www.zerodayinitiative.com/advisories/ZDI-19-883/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-882: Adobe Acrobat Pro DC DST File Parsing Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-8816 http://www.zerodayinitiative.com/advisories/ZDI-19-882/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-881: Adobe Acrobat Pro DC DST File Parsing Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-8817 http://www.zerodayinitiative.com/advisories/ZDI-19-881/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-880: Adobe Acrobat Pro DC DST File Parsing Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-8819 http://www.zerodayinitiative.com/advisories/ZDI-19-880/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-879: Adobe Acrobat Pro DC DST File Parsing Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-8820 http://www.zerodayinitiative.com/advisories/ZDI-19-879/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-878: Adobe Acrobat Pro DC XFA calculate Event Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-8854 http://www.zerodayinitiative.com/advisories/ZDI-19-878/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-877: Adobe Acrobat Pro DC XFA validate Event Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-8765 http://www.zerodayinitiative.com/advisories/ZDI-19-877/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-876: Adobe Acrobat Pro DC XFA presence Element Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-8732 http://www.zerodayinitiative.com/advisories/ZDI-19-876/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-875: Adobe Acrobat Pro DC DST File Parsing Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-8818 http://www.zerodayinitiative.com/advisories/ZDI-19-875/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-874: Adobe Acrobat Pro DC RestorePlugInFrame Memory Corruption Remote Code Execution Vulnerability]]> ZDI-CAN-8689 http://www.zerodayinitiative.com/advisories/ZDI-19-874/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-873: Adobe Acrobat Pro DC Distiller PostScript JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-8781 http://www.zerodayinitiative.com/advisories/ZDI-19-873/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-872: Adobe Acrobat Pro DC DST File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-8678 http://www.zerodayinitiative.com/advisories/ZDI-19-872/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-871: Adobe Acrobat Pro DC PostScript CharString Directory NULL Pointer Dereference Remote Code Execution Vulnerability]]> ZDI-CAN-8744 http://www.zerodayinitiative.com/advisories/ZDI-19-871/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-870: Adobe Acrobat Pro DC PostScript File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-8681 http://www.zerodayinitiative.com/advisories/ZDI-19-870/ Tue, 15 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-869: Microsoft Windows CreateSurfacePal Out-Of-Bounds Write Privilege Escalation Vulnerability]]> ZDI-CAN-8926 http://www.zerodayinitiative.com/advisories/ZDI-19-869/ Thu, 10 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-868: Microsoft Windows CreateSurfacePal Out-Of-Bounds Write Privilege Escalation Vulnerability]]> ZDI-CAN-8852 http://www.zerodayinitiative.com/advisories/ZDI-19-868/ Thu, 10 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-867: Microsoft Windows user32 Cursor Parsing Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-8746 http://www.zerodayinitiative.com/advisories/ZDI-19-867/ Thu, 10 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-866: NETGEAR AC1200 mini_httpd Poison Null Byte Authentication Bypass Vulnerability]]> ZDI-CAN-8616 http://www.zerodayinitiative.com/advisories/ZDI-19-866/ Thu, 10 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-865: Apple WebKit HashTable Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-8739 http://www.zerodayinitiative.com/advisories/ZDI-19-865/ Tue, 08 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-864: Apple WebKit CSSAnimation Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-8668 http://www.zerodayinitiative.com/advisories/ZDI-19-864/ Tue, 08 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-863: Apple macOS CFFromShiftJISLen Out-Of-Bounds Read Remote Code Execution]]> ZDI-CAN-8588 http://www.zerodayinitiative.com/advisories/ZDI-19-863/ Tue, 08 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-862: Jenkins dingding-notifications Cleartext Storage of Credentials Information Disclosure Vulnerability]]> ZDI-CAN-8833 http://www.zerodayinitiative.com/advisories/ZDI-19-862/ Fri, 04 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-861: Foxit PhantomPDF Dwg2Pdf DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability]]> ZDI-CAN-8776 http://www.zerodayinitiative.com/advisories/ZDI-19-861/ Fri, 04 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-860: Foxit PhantomPDF Dwg2Pdf DXF File Parsing Memory Corruption Remote Code Execution Vulnerability]]> ZDI-CAN-8775 http://www.zerodayinitiative.com/advisories/ZDI-19-860/ Fri, 04 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-859: Foxit PhantomPDF Dwg2Pdf DXF File Parsing Memory Corruption Remote Code Execution Vulnerability]]> ZDI-CAN-8774 http://www.zerodayinitiative.com/advisories/ZDI-19-859/ Fri, 04 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-858: Foxit PhantomPDF Dwg2Pdf DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability]]> ZDI-CAN-8773 http://www.zerodayinitiative.com/advisories/ZDI-19-858/ Fri, 04 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-857: Apple macOS diskmanagementd Uninitialized Buffer Information Disclosure Vulnerability]]> ZDI-CAN-8719 http://www.zerodayinitiative.com/advisories/ZDI-19-857/ Fri, 04 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-856: Apple macOS parseText1Fast Out-Of-Bounds Read Information Disclosure Vulnerability]]> ZDI-CAN-8584 http://www.zerodayinitiative.com/advisories/ZDI-19-856/ Fri, 04 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-855: Foxit Reader XFA Form Template Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-9149 http://www.zerodayinitiative.com/advisories/ZDI-19-855/ Tue, 01 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-854: Foxit Reader JPG File ConvertToPDF Out-Of-Bounds Read Remote Code Execution Vulnerability]]> ZDI-CAN-8838 http://www.zerodayinitiative.com/advisories/ZDI-19-854/ Tue, 01 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-853: Foxit Reader JPG File ConvertToPDF Type Confusion Remote Code Execution Vulnerability]]> ZDI-CAN-8742 http://www.zerodayinitiative.com/advisories/ZDI-19-853/ Tue, 01 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-852: Foxit Reader TIF File ConvertToPDF Type Confusion Remote Code Execution Vulnerability]]> ZDI-CAN-8695 http://www.zerodayinitiative.com/advisories/ZDI-19-852/ Tue, 01 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-851: Foxit Reader AcroForm Field Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-8913 http://www.zerodayinitiative.com/advisories/ZDI-19-851/ Tue, 01 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-850: Foxit Reader AcroForm Field Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-8888 http://www.zerodayinitiative.com/advisories/ZDI-19-850/ Tue, 01 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-849: Foxit Reader AcroForm Field Use-After-Free Remote Code Execution Vulnerability]]> ZDI-CAN-8864 http://www.zerodayinitiative.com/advisories/ZDI-19-849/ Tue, 01 Oct 2019 00:00:00 -0500 <![CDATA[ZDI-19-848: (0Day) Microsoft Windows Storage Service Link Resolution Denial-of-Service Vulnerability]]> ZDI-CAN-9312 http://www.zerodayinitiative.com/advisories/ZDI-19-848/ Tue, 24 Sep 2019 00:00:00 -0500 <![CDATA[ZDI-19-847: Advantech WebAccess Node bwrunrpt Stack-based Buffer Overflow Remote Code Execution Vulnerability]]> ZDI-CAN-9272 http://www.zerodayinitiative.com/advisories/ZDI-19-847/ Tue, 17 Sep 2019 00:00:00 -0500 <![CDATA[ZDI-19-846: Advantech WebAccess Node BwDlgpUp Arbitrary File Deletion Vulnerability]]> ZDI-CAN-9271 http://www.zerodayinitiative.com/advisories/ZDI-19-846/ Tue, 17 Sep 2019 00:00:00 -0500