TippingPoint Zero Day Initiative
 

Published Advisories

The following is a list of all publicly disclosed vulnerabilities discovered by TippingPoint Zero Day Initiative researchers. While the affected vendor is working on a patch for these vulnerabilities, TippingPoint customers are protected from exploitation by security filters delivered ahead of public disclosure. TippingPoint customers are additionally protected against 0day vulnerabilities discovered by our own DVLabs researchers. A list of published advisories discovered by TippingPoint's DVLabs research group is available from:

ZDI Advisories: 2017   |   2016   |   2015   |   2014   |   2013   |   2012   |   2011   |   2010   |   2009   |   2008   |   2007   |   2006   |   2005

ZDI-17-212 CVE: Published: 2017-03-29
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration primaryDNS6 Command Injection Remote Code Execution Vulnerability
ZDI-17-211 CVE: Published: 2017-03-29
Trend Micro InterScan Web Security Virtual Appliance VerboseLog Directory Traversal Information Disclosure Vulnerability
ZDI-17-210 CVE: Published: 2017-03-29
Trend Micro InterScan Web Security Virtual Appliance ManageIPConfig setMgmtIPConfig Command Injection Remote Code Execution Vulnerability
ZDI-17-209 CVE: Published: 2017-03-29
Trend Micro InterScan Web Security Virtual Appliance LogSettingHandler doPostMountDevice Command Injection Remote Code Execution Vulnerability
ZDI-17-208 CVE: Published: 2017-03-29
Trend Micro InterScan Web Security Virtual Appliance ManagePatches rollbackPatch Command Injection Remote Code Execution Vulnerability
ZDI-17-207 CVE: Published: 2017-03-29
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration mgmtIPv6Changed Command Injection Remote Code Execution Vulnerability
ZDI-17-206 CVE: Published: 2017-03-29
Trend Micro InterScan Web Security Virtual Appliance ReportHandler DoCmd Command Injection Remote Code Execution Vulnerability
ZDI-17-205 CVE: Published: 2017-03-29
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration manageEth Command Injection Remote Code Execution Vulnerability
ZDI-17-204 CVE: Published: 2017-03-29
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration isDHCP Command Injection Remote Code Execution Vulnerability
ZDI-17-203 CVE: Published: 2017-03-29
Trend Micro InterScan Web Security Virtual Appliance ManageIPConfig setDataIPConfig static IP Information Command Injection Remote Code Execution Vulnerability
ZDI-17-202 CVE: Published: 2017-03-29
Trend Micro InterScan Web Security Virtual Appliance ClusterManagement ChangeNodeSetting Command Injection Remote Code Execution Vulnerability
ZDI-17-201 CVE: Published: 2017-03-29
Trend Micro InterScan Web Security Virtual Appliance config_date_time Command Injection Remote Code Execution Vulnerability
ZDI-17-200 CVE: Published: 2017-03-29
Trend Micro InterScan Web Security Virtual Appliance WmiDCDetector getAdHost Command Injection Remote Code Execution Vulnerability
ZDI-17-199 CVE: Published: 2017-03-29
Trend Micro InterScan Web Security Virtual Appliance LogDelete processRequest method Directory Traversal Denial of Service Vulnerability
ZDI-17-198 CVE: Published: 2017-03-29
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration mgnt_gateway6 Command Injection Remote Code Execution Vulnerability
ZDI-17-197 CVE: Published: 2017-03-29
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration isDHCP6_data Command Injection Remote Code Execution Vulnerability
ZDI-17-196 CVE: Published: 2017-03-29
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration proxyEthChanged Command Injection Remote Code Execution Vulnerability
ZDI-17-195 CVE: Published: 2017-03-29
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration dataIPChanged Command Injection Remote Code Execution Vulnerability
ZDI-17-194 CVE: Published: 2017-03-29
Trend Micro InterScan Web Security Virtual Appliance ManageIPConfig setDataIPConfig DNS Information Command Injection Remote Code Execution Vulnerability
ZDI-17-193 CVE: Published: 2017-03-29
Trend Micro InterScan Web Security Virtual Appliance ManageIPConfig setDataIPConfig DHCP Information Command Injection Remote Code Execution Vulnerability
ZDI-17-192 CVE: CVE-2017-5797 Published: 2017-03-29
Hewlett Packard Enterprise Intelligent Management Center Service Operation Manager Module FileDownloadServlet filePath Information Disclosure Vulnerability
ZDI-17-191 CVE: CVE-2017-2481 Published: 2017-03-28
Apple Safari ElementData Use-After-Free Remote Code Execution Vulnerability
ZDI-17-190 CVE: CVE-2017-2430 Published: 2017-03-28
Apple macOS M4A Parsing Type Confusion Remote Code Execution Vulnerability
ZDI-17-189 CVE: CVE-2017-2462 Published: 2017-03-28
Apple macOS M4A Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-188 CVE: CVE-2017-2432 Published: 2017-03-28
Apple macOS ImageIO JPEG Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-17-187 CVE: Published: 2017-03-22
Trend Micro InterScan Messaging Security Suite DetailReportAction Directory Traversal Information Disclosure Vulnerability
ZDI-17-186 CVE: Published: 2017-03-22
Trend Micro Control Manager CCGIServlet SpecialSpywarePolicyResult SQL Injection Remote Code Execution Vulnerability
ZDI-17-185 CVE: Published: 2017-03-22
Trend Micro Control Manager AdHocQueryExportProcessing SQL Injection Remote Code Execution Vulnerability
ZDI-17-184 CVE: Published: 2017-03-22
Trend Micro Control Manager CCGIServlet IDTB_SV parameters SQL Injection Remote Code Execution Vulnerability
ZDI-17-183 CVE: Published: 2017-03-22
Trend Micro Control Manager CCGIServlet ID_HIDDEN_UG_STR SQL Injection Remote Code Execution Vulnerability
ZDI-17-182 CVE: Published: 2017-03-22
Trend Micro Control Manager cgiCMUIDispatcher ScheduleDownloadSavedEnableList SQL Injection Remote Code Execution Vulnerability
ZDI-17-181 CVE: Published: 2017-03-22
Trend Micro Control Manager CCGIServlet ID_QUERY_COMMAND_TRACKING_ID SQL Injection Remote Code Execution Vulnerability
ZDI-17-180 CVE: Published: 2017-03-22
Trend Micro Control Manager cgiCMUIDispatcher ManualDownloadResult SQL Injection Remote Code Execution Vulnerability
ZDI-17-179 CVE: CVE-2017-3001 Published: 2017-03-21
Adobe Flash MovieClip transform Use-After-Free Remote Code Execution Vulnerability
ZDI-17-178 CVE: CVE-2017-3001 Published: 2017-03-21
Adobe Flash Transform matrix Use-After-Free Remote Code Execution Vulnerability
ZDI-17-177 CVE: CVE-2017-3001 Published: 2017-03-21
Adobe Flash BitmapData Use-After-Free Remote Code Execution Vulnerability
ZDI-17-176 CVE: CVE-2017-3001 Published: 2017-03-21
Adobe Flash Sound loadSound Use-After-Free Remote Code Execution Vulnerability
ZDI-17-175 CVE: CVE-2017-3001 Published: 2017-03-21
Adobe Flash TextFormat getTextExtent Use-After-Free Remote Code Execution Vulnerability
ZDI-17-174 CVE: CVE-2017-3001 Published: 2017-03-21
Adobe Flash AS2 RemoveClip Opcode Use-After-Free Remote Code Execution Vulnerability
ZDI-17-173 CVE: CVE-2017-0067 Published: 2017-03-21
Microsoft Edge JavaScript Parsing Uninitialized Pointer Remote Code Execution Vulnerability
ZDI-17-172 CVE: CVE-2017-0015 Published: 2017-03-21
Microsoft Windows JavaScript Spread Operator Uninitialized Memory Information Disclosure Vulnerability
ZDI-17-171 CVE: CVE-2017-0032 Published: 2017-03-21
Microsoft Windows JavaScript Spread Operator Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-170 CVE: CVE-2017-0094 Published: 2017-03-21
Microsoft Windows JavaScript Proxy Setter Type Confusion Remote Code Execution Vulnerability
ZDI-17-169 CVE: CVE-2017-0018 Published: 2017-03-21
Microsoft Internet Explorer CHtmTag Use-After-Free Remote Code Execution Vulnerability
ZDI-17-168 CVE: CVE-2017-0047 Published: 2017-03-21
Microsoft Windows DrawIconEx Buffer Overflow Privilege Escalation Vulnerability
ZDI-17-167 CVE: CVE-2017-0011 Published: 2017-03-21
Microsoft Edge CTransitionValues Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-166 CVE: CVE-2017-5790 Published: 2017-03-11
Hewlett Packard Enterprise Intelligent Management Center accessMgrServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-17-165 CVE: CVE-2017-5795 Published: 2017-03-11
Hewlett Packard Enterprise Intelligent Management Center FileDownloadServlet fileName Directory Traversal Information Disclosure Vulnerability
ZDI-17-164 CVE: CVE-2017-5794 Published: 2017-03-11
Hewlett Packard Enterprise Intelligent Management Center FileUploadServlet Directory Traversal Remote Code Execution Vulnerability
ZDI-17-163 CVE: CVE-2017-5793 Published: 2017-03-11
Hewlett Packard Enterprise Intelligent Management Center CommonUtils Directory Traversal Remote Code Execution Vulnerability
ZDI-17-162 CVE: CVE-2017-5792 Published: 2017-03-11
Hewlett Packard Enterprise Intelligent Management Center RMI Registry Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-17-161 CVE: CVE-2017-5791 Published: 2017-03-11
Hewlett Packard Enterprise Intelligent Management Center UrlAccessController Filter Authentication Bypass Vulnerability
ZDI-17-160 CVE: CVE-2017-5789 Published: 2017-03-09
Hewlett Packard Enterprise LoadRunner libxdrutil mxdr_string Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-159 CVE: Published: 2017-03-09
Trend Micro Deep Discovery Email Inspector download_pdf Command Injection Remote Code Execution Vulnerability
ZDI-17-158 CVE: Published: 2017-03-09
Trend Micro Deep Discovery Email Inspector write_new_html_with_svg Directory Traversal Remote Code Execution Vulnerability
ZDI-17-157 CVE: Published: 2017-03-09
Trend Micro Deep Discovery Email Inspector network_dump Command Injection Remote Code Execution Vulnerability
ZDI-17-156 CVE: Published: 2017-03-09
Trend Micro Deep Discovery Email Inspector get_filesize Command Injection Remote Code Execution Vulnerability
ZDI-17-155 CVE: Published: 2017-03-09
Trend Micro Deep Discovery Email Inspector firewall_setting Command Injection Remote Code Execution Vulnerability
ZDI-17-154 CVE: Published: 2017-03-09
Trend Micro Deep Discovery Email Inspector reboot_after_hotfix Denial of Service Vulnerability
ZDI-17-153 CVE: Published: 2017-03-09
Trend Micro Deep Discovery Email Inspector screenshot Command Injection Remote Code Execution Vulnerability
ZDI-17-152 CVE: Published: 2017-03-09
Trend Micro Deep Discovery Email Inspector ajax_checklicense_AC Command Injection Remote Code Execution Vulnerability
ZDI-17-151 CVE: Published: 2017-03-09
Trend Micro Deep Discovery Email Inspector db_export Command Injection Remote Code Execution Vulnerability
ZDI-17-150 CVE: Published: 2017-03-09
Foxit Reader Field buttonGetIcon Use-After-Free Remote Code Execution Vulnerability
ZDI-17-149 CVE: Published: 2017-03-09
Foxit Reader ePub Parsing Use-After-Free Remote Code Execution Vulnerability
ZDI-17-148 CVE: Published: 2017-03-09
Foxit Reader openDoc Use-After-Free Remote Code Execution Vulnerability
ZDI-17-147 CVE: Published: 2017-03-09
Foxit Reader Field deleteItemAt Use-After-Free Remote Code Execution Vulnerability
ZDI-17-146 CVE: Published: 2017-03-09
Foxit Reader PDB Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-17-145 CVE: Published: 2017-03-09
Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-144 CVE: Published: 2017-03-09
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-143 CVE: Published: 2017-03-09
Foxit Reader execMenuItem Use-After-Free Remote Code Execution Vulnerability
ZDI-17-142 CVE: Published: 2017-03-09
Foxit Reader execMenuItem Use-After-Free Remote Code Execution Vulnerability
ZDI-17-141 CVE: Published: 2017-03-09
Foxit Reader execMenuItem Use-After-Free Remote Code Execution Vulnerability
ZDI-17-140 CVE: Published: 2017-03-09
Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-139 CVE: Published: 2017-03-09
Foxit Reader ePub Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-17-138 CVE: Published: 2017-03-09
Foxit Reader XFA Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-17-137 CVE: Published: 2017-03-09
Foxit Reader Pattern Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-17-136 CVE: Published: 2017-03-09
Foxit Reader Xref Use-After-Free Remote Code Execution Vulnerability
ZDI-17-135 CVE: Published: 2017-03-09
Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-134 CVE: Published: 2017-03-09
Foxit Reader Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-133 CVE: Published: 2017-03-09
Foxit Reader ConvertToPDF TIFF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-132 CVE: Published: 2017-03-01
Trend Micro SafeSync for Enterprise displayName_get SQL Injection Information Disclosure Vulnerability
ZDI-17-131 CVE: Published: 2017-03-01
Trend Micro SafeSync for Enterprise count_ad_members SQL Injection Information Disclosure Vulnerability
ZDI-17-130 CVE: Published: 2017-03-01
Trend Micro SafeSync for Enterprise restartService Command Injection Remote Code Execution Vulnerability
ZDI-17-129 CVE: Published: 2017-03-01
Trend Micro SafeSync for Enterprise rollback Command Injection Remote Code Execution Vulnerability
ZDI-17-128 CVE: Published: 2017-03-01
Trend Micro SafeSync for Enterprise get_device_info SQL Injection Information Disclosure Vulnerability
ZDI-17-127 CVE: Published: 2017-03-01
Trend Micro SafeSync for Enterprise get_replacement Command Injection Remote Code Execution Vulnerability
ZDI-17-126 CVE: Published: 2017-03-01
Trend Micro SafeSync for Enterprise license Command Injection Remote Code Execution Vulnerability
ZDI-17-125 CVE: Published: 2017-03-01
Trend Micro SafeSync for Enterprise get_nic_device SQL Injection Information Disclosure Vulnerability
ZDI-17-124 CVE: Published: 2017-03-01
Trend Micro SafeSync for Enterprise reconnect_nfs_device Command Injection Remote Code Execution Vulnerability
ZDI-17-123 CVE: Published: 2017-03-01
Trend Micro SafeSync for Enterprise reconnect_iscsi_device Command Injection Remote Code Execution Vulnerability
ZDI-17-122 CVE: Published: 2017-03-01
Trend Micro SafeSync for Enterprise reconnect_local_device Command Injection Remote Code Execution Vulnerability
ZDI-17-121 CVE: Published: 2017-03-01
Trend Micro SafeSync for Enterprise mount_local_device Command Injection Remote Code Execution Vulnerability
ZDI-17-120 CVE: Published: 2017-03-01
Trend Micro SafeSync for Enterprise mount_iscsi_device Command Injection Remote Code Execution Vulnerability
ZDI-17-119 CVE: Published: 2017-03-01
Trend Micro SafeSync for Enterprise replace_local_disk Command Injection Remote Code Execution Vulnerability
ZDI-17-118 CVE: Published: 2017-03-01
Trend Micro SafeSync for Enterprise dead_local_device Command Injection Remote Code Execution Vulnerability
ZDI-17-117 CVE: Published: 2017-03-01
Trend Micro SafeSync for Enterprise dead_iscsi_device Command Injection Remote Code Execution Vulnerability
ZDI-17-116 CVE: Published: 2017-03-01
Trend Micro SafeSync for Enterprise discovery_iscsi_device Command Injection Remote Code Execution Vulnerability
ZDI-17-115 CVE: Published: 2017-03-01
Trend Micro SafeSync for Enterprise save_local_config Command Injection Remote Code Execution Vulnerability
ZDI-17-114 CVE: Published: 2017-03-01
Trend Micro SafeSync for Enterprise save_iscsi_config Command Injection Remote Code Execution Vulnerability
ZDI-17-113 CVE: Published: 2017-03-01
Trend Micro SafeSync for Enterprise check_nfs_server_status Command Injection Remote Code Execution Vulnerability
ZDI-17-112 CVE: CVE-2017-5177 Published: 2017-02-28
VIPA Automation WinPLC7 recv Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-111 CVE: CVE-2017-2939 Published: 2017-02-16
Adobe Acrobat Reader DC Memory Corruption Remote Code Execution Vulnerability
ZDI-17-110 CVE: CVE-2017-2994 Published: 2017-02-14
Adobe Flash Player MediaPlayer Out-Of-Bounds Access Remote Code Execution Vulnerability
ZDI-17-109 CVE: CVE-2017-2995 Published: 2017-02-14
Adobe Flash Player MessageChannel Type Confusion Remote Code Execution Vulnerability
ZDI-17-108 CVE: CVE-2017-2976 Published: 2017-02-14
Adobe Digital Editions PDF Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-107 CVE: CVE-2017-2975 Published: 2017-02-14
Adobe Digital Editions PDF Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-106 CVE: CVE-2017-2974 Published: 2017-02-14
Adobe Digital Editions PDF Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-105 CVE: CVE-2017-2981 Published: 2017-02-14
Adobe Digital Editions PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-104 CVE: CVE-2017-2978 Published: 2017-02-14
Adobe Digital Editions PDF Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-103 CVE: CVE-2017-2979 Published: 2017-02-14
Adobe Digital Editions FlateDecode Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-102 CVE: CVE-2017-2977 Published: 2017-02-14
Adobe Digital Editions FlateDecode Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-101 CVE: Published: 2017-02-07
Trend Micro Control Manager cgiRedAlertStatusTracking SQL Injection Remote Code Execution Vulnerability
ZDI-17-100 CVE: Published: 2017-02-07
Trend Micro Control Manager CCGIServlet NotificationMethodResult SQL Injection Remote Code Execution Vulnerability
ZDI-17-099 CVE: Published: 2017-02-07
Trend Micro Control Manager AdHocQuery_Result XML External Entity Processing Information Disclosure Vulnerability
ZDI-17-098 CVE: Published: 2017-02-07
Trend Micro Control Manager CCGIServlet CnCContactAlertResult SQL Injection Remote Code Execution Vulnerability
ZDI-17-097 CVE: Published: 2017-02-07
Trend Micro Control Manager CCGIServlet HighRiskDetectionResult SQL Injection Remote Code Execution Vulnerability
ZDI-17-096 CVE: Published: 2017-02-07
Trend Micro Control Manager CCGIServlet DLPIncidentStatusChangeResult SQL Injection Remote Code Execution Vulnerability
ZDI-17-095 CVE: Published: 2017-02-07
Trend Micro Control Manager CCGIServlet StealthProgramFoundResult SQL Injection Remote Code Execution Vulnerability
ZDI-17-094 CVE: Published: 2017-02-07
Trend Micro Control Manager CCGIServlet SHA1DenyDetectionResult SQL Injection Remote Code Execution Vulnerability
ZDI-17-093 CVE: Published: 2017-02-07
Trend Micro Control Manager CCGIServlet CorrelatedIncidentResult SQL Injection Remote Code Execution Vulnerability
ZDI-17-092 CVE: Published: 2017-02-07
Trend Micro Control Manager CCGIServlet DLPIncidentScheduleSummaryResult SQL Injection Remote Code Execution Vulnerability
ZDI-17-091 CVE: Published: 2017-02-07
Trend Micro Control Manager CCGIServlet VirtualAnalysisDetectionResult SQL Injection Remote Code Execution Vulnerability
ZDI-17-090 CVE: Published: 2017-02-07
Trend Micro Control Manager CCGIServlet KnownAttackDetectionResult SQL Injection Remote Code Execution Vulnerability
ZDI-17-089 CVE: Published: 2017-02-07
Trend Micro Control Manager CCGIServlet SuspiciousThreat parameters SQL Injection Remote Code Execution Vulnerability
ZDI-17-088 CVE: Published: 2017-02-07
Trend Micro Control Manager CCGIServlet ID_HIDDEN_RED_ALERT_TASK_ID SQL Injection Remote Code Execution Vulnerability
ZDI-17-087 CVE: Published: 2017-02-07
Trend Micro Control Manager CCGIServlet EmailMessageDetected parameters SQL Injection Remote Code Execution Vulnerability
ZDI-17-086 CVE: Published: 2017-02-07
Trend Micro Control Manager CCGIServlet CnC parameters SQL Injection Remote Code Execution Vulnerability
ZDI-17-085 CVE: Published: 2017-02-07
Trend Micro Control Manager CCGIServlet ThreatSentToWatchlistResult SQL Injection Remote Code Execution Vulnerability
ZDI-17-084 CVE: Published: 2017-02-07
Trend Micro Control Manager ProductTree_TreeManagement1 XML External Entity Processing Information Disclosure Vulnerability
ZDI-17-083 CVE: Published: 2017-02-07
Trend Micro Control Manager ProductTree_Table XML External Entity Processing Information Disclosure Vulnerability
ZDI-17-082 CVE: Published: 2017-02-07
Trend Micro Control Manager CCGIServlet IDTB_ Parameters SQL Injection Remote Code Execution Vulnerability
ZDI-17-081 CVE: Published: 2017-02-07
Trend Micro Control Manager CCGIServlet IDTB_GroupName SQL Injection Remote Code Execution Vulnerability
ZDI-17-080 CVE: Published: 2017-02-07
Trend Micro Control Manager TreeUserControl_process_tree_event XML External Entity Processing Information Disclosure Vulnerability
ZDI-17-079 CVE: Published: 2017-02-07
Trend Micro Control Manager ProductTree XML External Entity Processing Information Disclosure Vulnerability
ZDI-17-078 CVE: Published: 2017-02-07
Trend Micro Control Manager CCGIServlet IDCB_SuspiciousThreat SQL Injection Remote Code Execution Vulnerability
ZDI-17-077 CVE: Published: 2017-02-07
Trend Micro Control Manager ProductTree_RightWindow XML External Entity Processing Information Disclosure Vulnerability
ZDI-17-076 CVE: Published: 2017-02-07
Trend Micro Control Manager ProductTree_LeftWindow XML External Entity Processing Information Disclosure Vulnerability
ZDI-17-075 CVE: Published: 2017-02-07
Trend Micro Control Manager DeploymentPlan_Event_Handler XML External Entity Processing Information Disclosure Vulnerability
ZDI-17-074 CVE: Published: 2017-02-07
Trend Micro Control Manager ProgressReportCGI SQL Injection Authentication Bypass Vulnerability
ZDI-17-073 CVE: Published: 2017-02-07
Trend Micro Control Manager cgiCMUIDispatcher Login Token SQL Injection Remote Code Execution Vulnerability
ZDI-17-072 CVE: Published: 2017-02-07
Trend Micro Control Manager dlp_policy Directory Traversal Remote Code Execution Vulnerability
ZDI-17-071 CVE: Published: 2017-02-07
Trend Micro Control Manager dlp_policy Directory Traversal Remote Code Execution Vulnerability
ZDI-17-070 CVE: Published: 2017-02-07
Trend Micro Control Manager dlp_policy Directory Traversal Remote Code Execution Vulnerability
ZDI-17-069 CVE: Published: 2017-02-07
Trend Micro Control Manager modDLPViolationCnt_drildown Directory Traversal Remote Code Execution Vulnerability
ZDI-17-068 CVE: Published: 2017-02-07
Trend Micro Control Manager modDLPViolationCnt_drildown Directory Traversal Remote Code Execution Vulnerability
ZDI-17-067 CVE: Published: 2017-02-07
Trend Micro Control Manager modDLPViolationCnt_drildown Directory Traversal Remote Code Execution Vulnerability
ZDI-17-066 CVE: Published: 2017-02-07
Trend Micro Control Manager modDLPTemplateMatch_drildown Directory Traversal Remote Code Execution Vulnerability
ZDI-17-065 CVE: Published: 2017-02-07
Trend Micro Control Manager modDLPTemplateMatch_drildown Directory Traversal Remote Code Execution Vulnerability
ZDI-17-064 CVE: Published: 2017-02-07
Trend Micro Control Manager modDLPTemplateMatch_drildown Directory Traversal Remote Code Execution Vulnerability
ZDI-17-063 CVE: Published: 2017-02-07
Trend Micro Control Manager importFile Directory Traversal Remote Code Execution Vulnerability
ZDI-17-062 CVE: Published: 2017-02-07
Trend Micro Control Manager download Directory Traversal Information Disclosure Vulnerability
ZDI-17-061 CVE: Published: 2017-02-07
Trend Micro Control Manager download Directory Traversal Information Disclosure Vulnerability
ZDI-17-060 CVE: Published: 2017-02-07
Trend Micro Control Manager importFile Directory Traversal Remote Code Execution Vulnerability
ZDI-17-059 CVE: CVE-2016-8341 Published: 2017-02-07
Ecava IntegraXor getdata param SQL Injection Remote Code Execution Vulnerability
ZDI-17-058 CVE: CVE-2016-8341 Published: 2017-02-07
Ecava IntegraXor getdata name SQL Injection Remote Code Execution Vulnerability
ZDI-17-057 CVE: CVE-2017-3289 Published: 2017-01-24
Oracle Java Uninitialized Memory Remote Code Execution Vulnerability
ZDI-17-056 CVE: CVE-2017-3272 Published: 2017-01-24
Oracle Java AtomicReferenceFieldUpdater Type Confusion Remote Code Execution Vulnerability
ZDI-17-055 CVE: CVE-2017-3248 Published: 2017-01-24
Oracle WebLogic RMI Registry UnicastRef Object Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-17-054 CVE: CVE-2017-2354 Published: 2017-01-24
Apple Safari SearchInputType Type Confusion Remote Code Execution Vulnerability
ZDI-17-053 CVE: CVE-2016-2123 Published: 2017-01-20
Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-052 CVE: CVE-2016-8207 Published: 2017-01-20
Brocade Network Advisor CliMonitorReportServlet Directory Traversal Information Disclosure Vulnerability
ZDI-17-051 CVE: CVE-2016-8206 Published: 2017-01-20
Brocade Network Advisor SoftwareImageUpload Directory Traversal Arbitrary File Deletion Vulnerability
ZDI-17-050 CVE: CVE-2016-8205 Published: 2017-01-20
Brocade Network Advisor DashboardFileReceiveServlet Directory Traversal Remote Code Execution Vulnerability
ZDI-17-049 CVE: CVE-2016-8204 Published: 2017-01-20
Brocade Network Advisor FileReceiveServlet Directory Traversal Remote Code Execution Vulnerability
ZDI-17-048 CVE: Published: 2017-01-20
Bitdefender Internet Security NSIS Entries Integer Overflow Remote Code Execution Vulnerability
ZDI-17-047 CVE: Published: 2017-01-20
Bitdefender Internet Security NSIS Pages Integer Overflow Remote Code Execution Vulnerability
ZDI-17-046 CVE: Published: 2017-01-20
Bitdefender Internet Security SIS Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-17-045 CVE: CVE-2017-2970 Published: 2017-01-20
Adobe Reader DC XSLT apply-templates Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-044 CVE: CVE-2016-6814 Published: 2017-01-20
Apache Groovy MethodClosure Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-17-043 CVE: CVE-2017-5154, CVE-2017-5152 Published: 2017-01-12
Advantech WebAccess updateTemplate SQL Injection Information Disclosure Vulnerability
ZDI-17-042 CVE: Published: 2017-01-11
Foxit PhantomPDF ConvertToPDF TIFF Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-17-041 CVE: Published: 2017-01-11
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-17-040 CVE: Published: 2017-01-11
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-039 CVE: Published: 2017-01-11
Foxit PhantomPDF ConvertToPDF JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-038 CVE: Published: 2017-01-11
Foxit Reader setInterval Use-After-Free Remote Code Execution Vulnerability
ZDI-17-037 CVE: Published: 2017-01-11
Foxit Reader Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-036 CVE: Published: 2017-01-11
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-035 CVE: Published: 2017-01-11
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-17-034 CVE: Published: 2017-01-11
Foxit Reader alert Use-After-Free Remote Code Execution Vulnerability
ZDI-17-033 CVE: Published: 2017-01-11
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-032 CVE: Published: 2017-01-11
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-17-031 CVE: CVE-2017-2967 Published: 2017-01-10
Adobe Reader DC XFA template Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-17-030 CVE: CVE-2017-2966 Published: 2017-01-10
Adobe Acrobat Pro DC ImageConversion TIFF Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-029 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT call-template Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-028 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT element Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-027 CVE: CVE-2017-2963 Published: 2017-01-10
Adobe Acrobat Pro DC ImageConversion TIFF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-026 CVE: CVE-2017-2962 Published: 2017-01-10
Adobe Reader DC XSLT lang Type Confusion Remote Code Execution Vulnerability
ZDI-17-025 CVE: CVE-2017-2961 Published: 2017-01-10
Acrobat Reader DC XFA Field Font Size Use-After-Free Remote Code Execution Vulnerability
ZDI-17-024 CVE: CVE-2017-2960 Published: 2017-01-10
Adobe Acrobat Pro DC ImageConversion JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-023 CVE: CVE-2017-2959 Published: 2017-01-10
Adobe Acrobat Pro DC ImageConversion JPEG Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-022 CVE: CVE-2017-2951 Published: 2017-01-10
Adobe Reader DC XFA hyphenation Use-After-Free Remote Code Execution Vulnerability
ZDI-17-021 CVE: CVE-2017-2950 Published: 2017-01-10
Adobe Reader DC XFA Layout Use-After-Free Remote Code Execution Vulnerability
ZDI-17-020 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT decimal-format Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-019 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT namespace-alias Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-018 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT processing-instruction Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-017 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT function-available Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-016 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT sort Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-015 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT key Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-014 CVE: CVE-2017-2964 Published: 2017-01-10
Adobe Acrobat Pro DC ImageConversion JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-013 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT key Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-012 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT attribute Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-011 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT attribute-set Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-010 CVE: CVE-2017-2965 Published: 2017-01-10
Adobe Acrobat Pro DC ImageConversion TIFF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-17-009 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT format-number Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-008 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT output Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-007 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT variable Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-006 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT system-property Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-005 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT element-available Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-004 CVE: CVE-2017-2946 Published: 2017-01-10
Adobe Reader DC JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-003 CVE: CVE-2017-2946 Published: 2017-01-10
Adobe Reader DC JPEG2000 Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-002 CVE: CVE-2017-2941 Published: 2017-01-10
Adobe Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-001 CVE: CVE-2016-8519 Published: 2017-01-10
Hewlett Packard Enterprise Operations Orchestration Backwards Compatibility Deserialization of Untrusted Data Remote Code Execution Vulnerability