TippingPoint Zero Day Initiative
 

Published Advisories

The following is a list of all publicly disclosed vulnerabilities discovered by TippingPoint Zero Day Initiative researchers. While the affected vendor is working on a patch for these vulnerabilities, TippingPoint customers are protected from exploitation by IPS filters delivered ahead of public disclosure. TippingPoint customers are additionally protected against 0day vulnerabilities discovered by our own DVLabs researchers. A list of published advisories discovered by TippingPoint's DVLabs research group is available from:

ZDI Advisories: 2014   |   2013   |   2012   |   2011   |   2010   |   2009   |   2008   |   2007   |   2006   |   2005

ZDI-14-264 CVE: CVE-2014-4979 Published: 2014-07-23
(0Day) Apple QuickTime 'mvhd' Atom Heap Memory Corruption Remote Code Execution Vulnerability
ZDI-14-263 CVE: Published: 2014-07-23
(0Day) Hewlett-Packard Data Protector Cell Request Service Opcode 1091 Directory Traversal Arbitrary File Write Vulnerability
ZDI-14-262 CVE: Published: 2014-07-23
(0Day) Hewlett-Packard Data Protector Cell Request Service Opcode 305 Directory Traversal Arbitrary File Creation Vulnerability
ZDI-14-261 CVE: CVE-2014-1765 Published: 2014-07-23
Microsoft Internet Explorer CAttrValue Use-After-Free Remote Code Execution Vulnerability
ZDI-14-260 CVE: CVE-2014-1799 Published: 2014-07-23
Microsoft Internet Explorer CMarkupPointer Use-After-Free Remote Code Execution Vulnerability
ZDI-14-259 CVE: CVE-2014-2764 Published: 2014-07-23
Microsoft Internet Explorer CTreeNode Double Free Remote Code Execution Vulnerability
ZDI-14-258 CVE: CVE-2014-2490 Published: 2014-07-18
Oracle Java ResourceBundle Format String Remote Code Execution Vulnerability
ZDI-14-257 CVE: CVE-2014-4249 Published: 2014-07-18
Oracle Business Intelligence Mobile App Designer UIXCacheResourceServlet Information Disclosure Vulnerability
ZDI-14-256 CVE: CVE-2014-2364 Published: 2014-07-18
Advantech WebAccess dvs.ocx ServerResponse Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-255 CVE: CVE-2014-2364 Published: 2014-07-18
Advantech WebAccess dvs.ocx GetColor Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-254 CVE: CVE-2014-2364 Published: 2014-07-18
Advantech WebAccess dvs.ocx AlarmImage Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-253 CVE: CVE-2014-2364 Published: 2014-07-18
Advantech WebAccess dvs.ocx SetColor Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-252 CVE: CVE-2014-2364 Published: 2014-07-18
Advantech WebAccess dvs.ocx CCDParameter Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-251 CVE: CVE-2014-2365 Published: 2014-07-18
Advantech WebAccess Remote Code Execution Vulnerability
ZDI-14-250 CVE: CVE-2014-2366 Published: 2014-07-18
Advantech WebAccess Password Disclosure Vulnerability
ZDI-14-249 CVE: CVE-2014-2367 Published: 2014-07-18
Advantech WebAccess Remote Authentication Bypass Vulnerability
ZDI-14-248 CVE: CVE-2014-2364 Published: 2014-07-18
Advantech WebAccess dvs.ocx IPAddress Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-247 CVE: CVE-2014-2364 Published: 2014-07-18
Advantech WebAccess dvs.ocx SetBaud Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-246 CVE: CVE-2014-2364 Published: 2014-07-18
Advantech WebAccess dvs.ocx GetParameter Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-245 CVE: CVE-2014-2368 Published: 2014-07-18
Advantech WebAccess bwocxrun ActiveX Control Installation Vulnerability
ZDI-14-244 CVE: CVE-2014-2364 Published: 2014-07-18
Advantech WebAccess webdact.ocx NodeName Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-243 CVE: CVE-2014-2364 Published: 2014-07-18
Advantech WebAccess webdact.ocx ProjectName Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-242 CVE: CVE-2014-2364 Published: 2014-07-18
Advantech WebAccess dvs.ocx SetParameter Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-241 CVE: CVE-2014-2364 Published: 2014-07-18
Advantech WebAccess webvact.ocx ProjectName Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-240 CVE: CVE-2014-1371 Published: 2014-07-18
Apple OS X Dock Service Sandbox Escape Vulnerability
ZDI-14-239 CVE: CVE-2014-0117 Published: 2014-07-18
Apache HTTP Server mod_proxy Denial Of Service Vulnerability
ZDI-14-238 CVE: CVE-2014-0308 Published: 2014-07-18
Microsoft Internet Explorer CUListElement Use-After-Free Remote Code Execution Vulnerability
ZDI-14-237 CVE: CVE-2014-1799 Published: 2014-07-18
Microsoft Internet Explorer CView Use-After-Free Remote Code Execution Vulnerability
ZDI-14-236 CVE: CVE-2014-0226 Published: 2014-07-16
Apache httpd mod_status Heap Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-235 CVE: CVE-2014-2622 Published: 2014-07-16
Hewlett-Packard Intelligent Management Center RssServlet Information Disclosure Vulnerability
ZDI-14-234 CVE: CVE-2014-2621 Published: 2014-07-16
Hewlett-Packard Intelligent Management Center IctDownloadServlet Information Disclosure Vulnerability
ZDI-14-233 CVE: CVE-2014-2620 Published: 2014-07-16
Hewlett-Packard Intelligent Management Center FaultDownloadServlet Information Disclosure Vulnerability
ZDI-14-232 CVE: CVE-2014-2619 Published: 2014-07-16
Hewlett-Packard Intelligent Management Center SyslogDownloadServlet Information Disclosure Vulnerability
ZDI-14-231 CVE: CVE-2014-2618 Published: 2014-07-16
Hewlett-Packard Intelligent Management Center BIMS UploadServlet Information Disclosure Vulnerability
ZDI-14-230 CVE: CVE-2014-2617 Published: 2014-07-09
Hewlett-Packard Universal CMDB Default Credentials Remote Code Execution Vulnerability
ZDI-14-229 CVE: CVE-2014-2615 Published: 2014-07-09
Hewlett-Packard Universal CMDB mam-collectors Information Disclosure Vulnerability
ZDI-14-228 CVE: CVE-2014-2614 Published: 2014-07-09
Hewlett-Packard SiteScope EmailServlet servlet Information Disclosure Vulnerability
ZDI-14-227 CVE: CVE-2014-2761 Published: 2014-07-09
Microsoft Internet Explorer TextBlockRun Use-After-Free Remote Code Execution Vulnerability
ZDI-14-226 CVE: CVE-2014-1769 Published: 2014-07-09
Microsoft Internet Explorer Uninitialized Variable Remote Code Execution Vulnerability
ZDI-14-225 CVE: CVE-2014-2813 Published: 2014-07-09
Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability
ZDI-14-224 CVE: CVE-2014-4647 Published: 2014-07-09
(0Day) Embarcadero ER/Studio Data Architect TSVisualization ActiveX loadExtensionFactory Remote Code Execution Vulnerability
ZDI-14-223 CVE: CVE-2014-1765 Published: 2014-07-09
Microsoft Internet Explorer CAttrArray Use-After-Free Remote Code Execution Vulnerability
ZDI-14-222 CVE: CVE-2014-2809 Published: 2014-07-09
Microsoft Internet Explorer CImgElement Use-After-Free Remote Code Execution Vulnerability
ZDI-14-221 CVE: CVE-2014-2780 Published: 2014-07-09
(Pwn2Own) Microsoft Windows DirectShow Privilege Escalation Vulnerability
ZDI-14-220 CVE: CVE-2014-1767 Published: 2014-07-09
(Pwn2Own) Microsoft Windows AFD.SYS Dangling Pointer Privilege Escalation Vulnerability
ZDI-14-219 CVE: CVE-2014-1765 Published: 2014-07-09
(Pwn2Own) Microsoft Internet Explorer CAttrArray Use-After-Free Remote Code Execution Vulnerability
ZDI-14-218 CVE: CVE-2014-2781 Published: 2014-07-09
(Pwn2Own) Microsoft On-Screen Keyboard Privilege Escalation Vulnerability
ZDI-14-217 CVE: CVE-2014-1763 Published: 2014-07-09
(Pwn2Own) Microsoft Internet Explorer CSS Memory Corruption Vulnerability
ZDI-14-216 CVE: CVE-2014-2792 Published: 2014-07-09
Microsoft Internet Explorer CDOMNode Use-After-Free Remote Code Execution Vulnerability
ZDI-14-215 CVE: CVE-2014-2791 Published: 2014-07-09
Microsoft Internet Explorer CAryWindowTbl Use-After-Free Remote Code Execution Vulnerability
ZDI-14-214 CVE: CVE-2014-4646 Published: 2014-06-30
Foxit PDF SDK DLL FPDFBookmark_GetTitle Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-213 CVE: CVE-2014-2782 Published: 2014-06-18
Microsoft Internet Explorer ControlTracker Use-After-Free Remote Code Execution Vulnerability
ZDI-14-212 CVE: CVE-2014-0282 Published: 2014-06-18
Microsoft Internet Explorer CInput Use-After-Free Remote Code Execution Vulnerability
ZDI-14-211 CVE: CVE-2013-5017 Published: 2014-06-18
Symantec Web Gateway user.php SQL Injection and snmpConfig.php Command Injection Remote Code Execution Vulnerability
ZDI-14-210 CVE: CVE-2014-2611 Published: 2014-06-18
Hewlett-Packard IT Executive Scorecard fndwar Directory Traversal Remote Code Execution Vulnerability
ZDI-14-209 CVE: CVE-2014-2610 Published: 2014-06-18
Hewlett-Packard IT Executive Scorecard CAP File Upload Directory Traversal Remote Code Execution Vulnerability
ZDI-14-208 CVE: CVE-2014-2609 Published: 2014-06-18
Hewlett-Packard IT Executive Scorecard Java Glassfish Admin Console Remote Code Execution Vulnerability
ZDI-14-207 CVE: CVE-2014-4153 Published: 2014-06-13
AlienVault OSSIM av-centerd Util.pm get_file Information Disclosure Vulnerability
ZDI-14-206 CVE: CVE-2014-4152 Published: 2014-06-13
AlienVault OSSIM av-centerd Util.pm remote_task Remote Code Execution Vulnerability
ZDI-14-205 CVE: CVE-2014-4151 Published: 2014-06-13
AlienVault OSSIM av-centerd Util.pm set_file Arbitrary File Write Remote Code Execution Vulnerability
ZDI-14-204 CVE: CVE-2014-3805 Published: 2014-06-11
AlienVault OSSIM av-centerd Util.pm get_license Remote Code Execution Vulnerability
ZDI-14-203 CVE: CVE-2014-3804 Published: 2014-06-11
AlienVault OSSIM av-centerd Util.pm set_file Remote Code Execution Vulnerability
ZDI-14-202 CVE: CVE-2014-3804 Published: 2014-06-11
AlienVault OSSIM av-centerd Util.pm update_system_info_debian_package Remote Code Execution Vulnerability
ZDI-14-201 CVE: CVE-2014-3804 Published: 2014-06-11
AlienVault OSSIM av-centerd Util.pm ossec_task Remote Code Execution Vulnerability
ZDI-14-200 CVE: CVE-2014-3804 Published: 2014-06-11
AlienVault OSSIM av-centerd Util.pm admin_ip Remote Code Execution Vulnerability
ZDI-14-199 CVE: CVE-2014-3805 Published: 2014-06-11
AlienVault OSSIM av-centerd Util.pm get_log_line Remote Code Execution Vulnerability
ZDI-14-198 CVE: CVE-2014-3805 Published: 2014-06-11
AlienVault OSSIM av-centerd Util.pm update_system/upgrade_pro_web Remote Code Execution Vulnerability
ZDI-14-197 CVE: CVE-2014-3804 Published: 2014-06-11
AlienVault OSSIM av-centerd Util.pm sync_rserver Remote Code Execution Vulnerability
ZDI-14-196 CVE: CVE-2014-3804 Published: 2014-06-11
AlienVault OSSIM av-centerd Util.pm framework_ip Remote Code Execution Vulnerability
ZDI-14-195 CVE: CVE-2013-6221 Published: 2014-06-11
Hewlett-Packard AutoPass License Server Remote Code Execution Vulnerability
ZDI-14-194 CVE: CVE-2014-1799 Published: 2014-06-11
Microsoft Internet Explorer CTreeNode Use-After-Free Remote Code Execution Vulnerability
ZDI-14-193 CVE: CVE-2014-2756 Published: 2014-06-11
Microsoft Internet Explorer CMarkupPointer Use-After-Free Remote Code Execution Vulnerability
ZDI-14-192 CVE: CVE-2014-1766 Published: 2014-06-11
(Pwn2Own) Microsoft Internet Explorer CDispNodeBase Use-After-Free Remote Code Execution Vulnerability
ZDI-14-191 CVE: CVE-2014-1805 Published: 2014-06-11
Microsoft Internet Explorer CWindow Use-After-Free Remote Code Execution Vulnerability
ZDI-14-190 CVE: CVE-2014-1764 Published: 2014-06-11
(Pwn2Own) Microsoft Internet Explorer Protected Mode Bypass Vulnerability
ZDI-14-189 CVE: CVE-2014-2777 Published: 2014-06-11
(Pwn2Own) Microsoft Internet Explorer Protected Mode Bypass Vulnerability
ZDI-14-188 CVE: CVE-2014-2776 Published: 2014-06-11
Microsoft Internet Explorer Js::PathTypeHandlerBase Improper Indexing Remote Code Execution Vulnerability
ZDI-14-187 CVE: CVE-2014-2775 Published: 2014-06-11
Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability
ZDI-14-186 CVE: CVE-2014-1762 Published: 2014-06-11
(Pwn2Own\Pwn4Fun) Microsoft Internet Explorer CDOMTextNode Use-After-Free Remote Code Execution Vulnerability
ZDI-14-185 CVE: CVE-2014-2772 Published: 2014-06-11
Microsoft Internet Explorer textContent Heap Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-184 CVE: CVE-2014-1800 Published: 2014-06-11
Microsoft Internet Explorer CTreePos Use-After-Free Remote Code Execution Vulnerability
ZDI-14-183 CVE: CVE-2014-1797 Published: 2014-06-11
Microsoft Internet Explorer isindex Memory Corruption Remote Code Execution Vulnerability
ZDI-14-182 CVE: CVE-2014-2758 Published: 2014-06-11
Microsoft Internet Explorer CDXTFilterNode Use-After-Free Remote Code Execution Vulnerability
ZDI-14-181 CVE: CVE-2014-2757 Published: 2014-06-11
Microsoft Internet Explorer CElement Use-After-Free Remote Code Execution Vulnerability
ZDI-14-180 CVE: CVE-2014-1785 Published: 2014-06-11
Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability
ZDI-14-179 CVE: CVE-2014-1782 Published: 2014-06-11
Microsoft Internet Explorer CGeneratedContent Use-After-Free Remote Code Execution Vulnerability
ZDI-14-178 CVE: CVE-2014-1780 Published: 2014-06-11
Microsoft Internet Explorer CElement Use-After-Free Remote Code Execution Vulnerability
ZDI-14-177 CVE: CVE-2014-1779 Published: 2014-06-11
Microsoft Internet Explorer CElement Use-After-Free Remote Code Execution Vulnerability
ZDI-14-176 CVE: CVE-2014-0282 Published: 2014-06-11
Microsoft Internet Explorer CFormElement Use-After-Free Remote Code Execution Vulnerability
ZDI-14-175 CVE: CVE-2014-1775 Published: 2014-06-11
Microsoft Internet Explorer CPeerFactoryUrlMap Use-After-Free Remote Code Execution Vulnerability
ZDI-14-174 CVE: CVE-2014-1774 Published: 2014-06-11
Microsoft Internet Explorer CGeneratedTreeNode Use-After-Free Remote Code Execution Vulnerability
ZDI-14-173 CVE: CVE-2014-0195 Published: 2014-06-05
OpenSSL DTLS Fragment Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-14-172 CVE: CVE-2014-3911 Published: 2014-06-04
Samsung iPOLiS Device Manager XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 Multiple Methods Remote Code Execution Vulnerability
ZDI-14-171 CVE: CVE-2014-3911 Published: 2014-06-04
Samsung iPOLiS Device Manager XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 FrameAdvanceReader Method Remote Code Execution Vulnerability
ZDI-14-170 CVE: CVE-2014-3911 Published: 2014-06-04
Samsung iPOLiS Device Manager XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 DeleteDeviceProfile Method Remote Code Execution Vulnerability
ZDI-14-169 CVE: CVE-2014-3912 Published: 2014-06-04
Samsung iPOLiS Device Manager XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 FindConfigChildeKeyList Method Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-168 CVE: CVE-2014-3911 Published: 2014-06-04
Samsung iPOLiS Device Manager XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ChangeControlLocalName Method Remote Code Execution Vulnerability
ZDI-14-167 CVE: CVE-2014-3911 Published: 2014-06-04
Samsung iPOLiS Device Manager XNSSDKWINDOW.XnsSdkWindowCtrlForIpInstaller.1 Start Method Remote Code Execution Vulnerability
ZDI-14-166 CVE: CVE-2014-3914 Published: 2014-06-02
(0Day) Rocket Servergraph Admin Center for TSM userRequest save_server_groups Command Remote Code Execution Vulnerability
ZDI-14-165 CVE: CVE-2014-3914 Published: 2014-06-02
(0Day) Rocket Servergraph Admin Center for TSM fileRequestorServlet del Command Denial of Service Vulnerability
ZDI-14-164 CVE: CVE-2014-3915 Published: 2014-06-02
(0Day) Rocket Servergraph Admin Center for TSM userRequest/tsmRequest Command Injection Remote Code Execution Vulnerability
ZDI-14-163 CVE: CVE-2014-3914 Published: 2014-06-02
(0Day) Rocket Servergraph Admin Center for TSM fileRequestorServlet readDataFile Command Information Disclosure Vulnerability
ZDI-14-162 CVE: CVE-2014-3914 Published: 2014-06-02
(0Day) Rocket Servergraph Admin Center for TSM fileRequestorServlet run/runClear Command Remote Code Execution Vulnerability
ZDI-14-161 CVE: CVE-2014-3914 Published: 2014-06-02
(0Day) Rocket Servergraph Admin Center for TSM fileRequestServlet writeDataFile Command Remote Code Execution Vulnerability
ZDI-14-160 CVE: CVE-2014-3913 Published: 2014-06-02
(0Day) Ericom AccessNow Server Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-159 CVE: CVE-2014-3790 Published: 2014-05-30
(0Day) VMware vCenter Server Appliance Ruby vSphere Console Privilege Escalation Vulnerability
ZDI-14-158 CVE: CVE-2014-3457 Published: 2014-05-22
(0Day) SAP Sybase ESP esp_parse ConnectionType.getConnection Remote Code Execution Vulnerability
ZDI-14-157 CVE: CVE-2014-3457 Published: 2014-05-22
(0Day) SAP Sybase ESP esp_parse ConnectionType.isInput Remote Code Execution Vulnerability
ZDI-14-156 CVE: CVE-2014-3457 Published: 2014-05-22
(0Day) SAP Sybase ESP esp_parse Connection.getSampleRow Remote Code Execution Vulnerability
ZDI-14-155 CVE: CVE-2014-3457 Published: 2014-05-22
(0Day) SAP Sybase ESP esp_parse Connection.getFieldTypes Remote Code Execution Vulnerability
ZDI-14-154 CVE: CVE-2014-3457 Published: 2014-05-22
(0Day) SAP Sybase ESP esp_parse Connection.getFieldNames Remote Code Execution Vulnerability
ZDI-14-153 CVE: CVE-2014-3457 Published: 2014-05-22
(0Day) SAP Sybase ESP esp_parse Connection.setParams Remote Code Execution Vulnerability
ZDI-14-152 CVE: CVE-2014-3457 Published: 2014-05-22
(0Day) SAP Sybase ESP esp_parse Connection.destroy Remote Code Execution Vulnerability
ZDI-14-151 CVE: CVE-2014-3457 Published: 2014-05-22
(0Day) SAP Sybase ESP esp_parse Connection.dispose Remote Code Execution Vulnerability
ZDI-14-150 CVE: CVE-2014-3457 Published: 2014-05-22
(0Day) SAP Sybase ESP esp_parse Connection.getTableNames Remote Code Execution Vulnerability
ZDI-14-149 CVE: CVE-2014-3457 Published: 2014-05-22
(0Day) SAP Sybase ESP esp_parse Connection.setScanDepth Remote Code Execution Vulnerability
ZDI-14-148 CVE: CVE-2014-3457 Published: 2014-05-22
(0Day) SAP Sybase ESP esp_parse Connection.canDiscover Remote Code Execution Vulnerability
ZDI-14-147 CVE: CVE-2014-3457 Published: 2014-05-22
(0Day) SAP Sybase ESP esp_parse Connection.getError Remote Code Execution Vulnerability
ZDI-14-146 CVE: CVE-2014-3457 Published: 2014-05-22
(0Day) SAP Sybase ESP esp_parse Connection.reset Remote Code Execution Vulnerability
ZDI-14-145 CVE: CVE-2014-3458 Published: 2014-05-22
(0Day) SAP Sybase ESP esp_parse Connection.getErrors Remote Code Execution Vulnerability
ZDI-14-144 CVE: CVE-2014-3458 Published: 2014-05-22
(0Day) SAP Sybase ESP esp_parse ConnectionType.getName Remote Code Execution Vulnerability
ZDI-14-143 CVE: CVE-2014-3458 Published: 2014-05-22
(0Day) SAP Sybase ESP esp_parse ConnectionType.getParamNames Remote Code Execution Vulnerability
ZDI-14-142 CVE: CVE-2014-3458 Published: 2014-05-22
(0Day) SAP Sybase ESP esp_parse ConnectionType.getXmlDescription Remote Code Execution Vulnerability
ZDI-14-141 CVE: CVE-2014-3458 Published: 2014-05-22
(0Day) SAP Sybase ESP esp_parse Connection.getType Remote Code Execution Vulnerability
ZDI-14-140 CVE: CVE-2014-1770 Published: 2014-05-21
(0Day) Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability
ZDI-14-139 CVE: CVE-2014-0773 Published: 2014-05-19
Advantech WebAccess bwocxrun.ocx CreateProcess Remote Code Execution Vulnerability
ZDI-14-138 CVE: CVE-2014-0772 Published: 2014-05-19
Advantech WebAccess bwocxrun.ocx OpenUrlToBufferTimeout Information Disclosure Vulnerability
ZDI-14-137 CVE: CVE-2014-0771 Published: 2014-05-19
Advantech WebAccess bwocxrun.ocx OpenUrlToBuffer Information Disclosure Vulnerability
ZDI-14-136 CVE: CVE-2014-3789 Published: 2014-05-19
Cogent DataHub Command Injection Remote Code Execution Vulnerability
ZDI-14-135 CVE: CVE-2014-3788 Published: 2014-05-19
Cogent DataHub Heap Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-134 CVE: CVE-2014-3460 Published: 2014-05-19
(0Day) Novell NetIQ Sentinel Agent Manager NQMcsVarSet DumpToFile Remote Code Execution Vulnerability
ZDI-14-133 CVE: CVE-2014-3459 Published: 2014-05-19
(0Day) SolarWinds Network Configuration Manager PEstrarg1 Heap Overflow Remote Code Execution Vulnerability
ZDI-14-132 CVE: CVE-2014-0512 Published: 2014-05-19
(Pwn2Own) Adobe Reader Sandbox Bypass Remote Code Execution Vulnerability
ZDI-14-131 CVE: CVE-2014-0511 Published: 2014-05-19
(Pwn2Own) Adobe Reader PDF417 Barcode Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-14-130 CVE: CVE-2014-0510 Published: 2014-05-19
(Pwn2Own) Adobe Flash Display Object Memory Corruption Remote Code Execution Vulnerability
ZDI-14-129 CVE: Published: 2014-05-14
Microsoft DIA SDK msdia.dll Memory Corruption Vulnerability
ZDI-14-128 CVE: CVE-2014-0527 Published: 2014-05-13
Adobe Reader AcroPDF messageHandler Use-After-Free Remote Code Execution Vulnerability
ZDI-14-127 CVE: CVE-2014-1649 Published: 2014-05-13
Symantec Workspace Streaming Agent XMLRPC Request putFile Method Remote Code Execution Vulnerability
ZDI-14-126 CVE: CVE-2014-1736 Published: 2014-05-13
Google Chrome ImageData Signedness Error Remote Code Execution Vulnerability
ZDI-14-125 CVE: CVE-2014-0310 Published: 2014-05-13
Microsoft Internet Explorer Attribute Double Free Remote Code Execution Vulnerability
ZDI-14-124 CVE: Published: 2014-05-05
(0day) Borland Silk Central TeeChart ActiveX Control GridLink Remote Code Execution Vulnerability
ZDI-14-123 CVE: Published: 2014-05-05
(0Day) Borland StarTeam Web Server AttachmentService performCheckoutFile Remote Information Disclosure Vulnerability
ZDI-14-122 CVE: Published: 2014-05-02
Kaspersky Internet Security prremote.dll Use-After-Free Remote Code Execution Vulnerability
ZDI-14-121 CVE: CVE-2014-1318 Published: 2014-05-02
(Pwn2Own\Pwn4Fun) Apple OS X Graphics Driver Memory Corruption Remote Code Execution Vulnerability
ZDI-14-120 CVE: CVE-2014-1320 Published: 2014-05-02
(Pwn2Own\Pwn4Fun) Apple OS X IOKit Kernel Information Disclosure Vulnerability
ZDI-14-119 CVE: CVE-2014-0285 Published: 2014-05-02
Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability
ZDI-14-118 CVE: CVE-2014-0780 Published: 2014-05-02
InduSoft Web Studio Directory Traversal Remote Code Execution Vulnerability
ZDI-14-117 CVE: CVE-2014-0786 Published: 2014-05-02
Ecava IntegraXor Guest Acccount Information Disclosure Vulnerability
ZDI-14-116 CVE: CVE-2014-0768 Published: 2014-04-24
Advantech WebAccess webvact.ocx AccessCode2 Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-115 CVE: Published: 2014-04-23
SolarWinds Server and Application Monitor PEstrarg1 ActiveX Heap Overflow Remote Code Execution Vulnerability
ZDI-14-114 CVE: CVE-2014-0456 Published: 2014-04-23
Oracle Java System.arraycopy() Race Condition Remote Code Execution Vulnerability
ZDI-14-113 CVE: CVE-2014-0290 Published: 2014-04-23
Microsoft Internet Explorer CMarkup Undo execCommand Use-After-Free Remote Code Execution Vulnerability
ZDI-14-112 CVE: CVE-2014-0278 Published: 2014-04-23
Microsoft Internet Explorer CSS Out-Of-Bounds Indexing Remote Code Execution Vulnerability
ZDI-14-111 CVE: CVE-2014-2407 Published: 2014-04-21
Oracle Data Quality LoaderWizard ActiveX Remote Code Execution Vulnerability
ZDI-14-110 CVE: CVE-2014-2418 Published: 2014-04-21
Oracle Data Quality FileChooserDlg onChangeDirectory Remote Code Execution Vulnerability
ZDI-14-109 CVE: CVE-2014-2415 Published: 2014-04-21
Oracle Data Quality PostcardPreviewInt onclose Remote Code Execution Vulnerability
ZDI-14-108 CVE: CVE-2014-2417 Published: 2014-04-21
Oracle Data Quality DscXB onloadstatechange Remote Code Execution Vulnerability
ZDI-14-107 CVE: CVE-2014-2416 Published: 2014-04-21
Oracle Data Quality DateTimeWrapper onchange Remote Code Execution Vulnerability
ZDI-14-106 CVE: CVE-2014-2424 Published: 2014-04-21
Oracle Event Processing FileUploadServlet Remote Code Execution Vulnerability
ZDI-14-105 CVE: CVE-2014-0457 Published: 2014-04-21
Oracle Java ScriptEngineManager Sandbox Bypass Remote Code Execution Vulnerability
ZDI-14-104 CVE: CVE-2014-0432 Published: 2014-04-21
Oracle Java permuteArguments Sandbox Bypass Remote Code Execution Vulnerability
ZDI-14-103 CVE: CVE-2014-0455 Published: 2014-04-21
Oracle Java DropArguments Sandbox Bypass Remote Code Execution Vulnerability
ZDI-14-102 CVE: CVE-2014-2421 Published: 2014-04-21
Oracle Java JPEG Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-101 CVE: CVE-2014-0321 Published: 2014-04-21
Microsoft Internet Explorer CTreeNode Use-After-Free Remote Code Execution Vulnerability
ZDI-14-100 CVE: CVE-2013-6213 Published: 2014-04-17
Hewlett-Packard Virtual User Generator EmulationAdmin Service Information Disclosure Vulnerability
ZDI-14-099 CVE: CVE-2013-6215 Published: 2014-04-17
Hewlett-Packard Universal CMDB Integration Service UploadScansServlet Remote Code Execution Vulnerability
ZDI-14-098 CVE: CVE-2013-6748 Published: 2014-04-17
IBM Lotus Quickr ActiveX Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-097 CVE: CVE-2014-2210 Published: 2014-04-17
CA ERwin Web Portal MIMM ProfileIconServlet Multiple Information Disclosure Vulnerabilities
ZDI-14-096 CVE: CVE-2014-2210 Published: 2014-04-17
CA ERwin Web Portal MIMM FileAccessServiceProvider Denial of Service Vulnerability
ZDI-14-095 CVE: CVE-2014-2210 Published: 2014-04-17
CA ERwin Web Portal MIMM ConfigServiceProvider Information Disclosure Vulnerability
ZDI-14-094 CVE: CVE-2014-2210 Published: 2014-04-17
CA ERwin Web Portal MIMM downloadScriptFile.do Information Disclosure Vulnerability
ZDI-14-093 CVE: CVE-2014-2210 Published: 2014-04-17
CA ERwin Web Portal MIMM ConfigServiceProviderServlet Remote File Creation/Overwrite Vulnerability
ZDI-14-092 CVE: CVE-2014-0506 Published: 2014-04-11
(Pwn2Own) Adobe Flash ExternalInterface Use-After-Free Remote Code Execution Vulnerability
ZDI-14-091 CVE: CVE-2014-1303 Published: 2014-04-11
(Pwn2Own) Apple Safari Heap Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-090 CVE: CVE-2014-1300 Published: 2014-04-11
(Pwn2Own\Pwn4Fun) Apple Webkit JSStringJoiner Memory Corruption Remote Code Execution Vulnerability
ZDI-14-089 CVE: CVE-2014-1715 Published: 2014-04-11
(Pwn2Own) Google Chrome Directory Traversal Sandbox Escape Vulnerability
ZDI-14-088 CVE: CVE-2014-1705 Published: 2014-04-11
(Pwn2Own) Google Chrome V8 Arbitrary Memory Read/Write Remote Code Execution Vulnerability
ZDI-14-087 CVE: CVE-2014-1714 Published: 2014-04-11
(Pwn2Own) Google Chrome Clipboard Sandbox Escape Vulnerability
ZDI-14-086 CVE: CVE-2014-1713 Published: 2014-04-11
(Pwn2Own) Google Chrome Blink Use-After-Free Remote Code Execution Vulnerability
ZDI-14-085 CVE: CVE-2014-1514 Published: 2014-04-11
(Pwn2Own) Mozilla Firefox TypedArrayObject Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-14-084 CVE: CVE-2014-1513 Published: 2014-04-11
(Pwn2Own) Mozilla Firefox ArrayBuffer Out-Of-Bounds Read/Write Remote Code Execution Vulnerability
ZDI-14-083 CVE: CVE-2014-1512 Published: 2014-04-11
(Pwn2Own) Mozilla Firefox TypeObject Use-After-Free Remote Code Execution Vulnerability
ZDI-14-082 CVE: CVE-2014-1511 Published: 2014-04-11
(Pwn2Own) Mozilla Firefox Pop-Up Blocker Bypass Vulnerability
ZDI-14-081 CVE: CVE-2014-1510 Published: 2014-04-11
(Pwn2Own) Mozilla Firefox Privileged Content Loading Remote Code Execution Vulnerability
ZDI-14-080 CVE: CVE-2014-1760 Published: 2014-04-10
Microsoft Internet Explorer CFormatCache<CSvgFormat>::AddRefData Improper Indexing Remote Code Execution Vulnerability
ZDI-14-079 CVE: CVE-2014-1753 Published: 2014-04-10
Microsoft Internet Explorer CAttrArray Use-After-Free Remote Code Execution Vulnerability
ZDI-14-078 CVE: CVE-2014-0325 Published: 2014-04-10
Microsoft Internet Explorer CElement Use-After-Free Remote Code Execution Vulnerability
ZDI-14-077 CVE: CVE-2014-0763 Published: 2014-04-10
Advantech WebAccess DBVisitor.dll SQL Injection Remote Code Execution Vulnerability
ZDI-14-076 CVE: CVE-2014-0764 Published: 2014-04-10
Advantech WebAccess webvact.ocx NodeName Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-075 CVE: CVE-2014-0770 Published: 2014-04-10
Advantech WebAccess webvact.ocx UserName Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-074 CVE: CVE-2014-0767 Published: 2014-04-10
Advantech WebAccess webvact.ocx AccessCode Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-073 CVE: CVE-2014-0766 Published: 2014-04-10
Advantech WebAccess webvact.ocx NodeName2 Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-072 CVE: CVE-2014-0765 Published: 2014-04-10
Advantech WebAccess webvact.ocx GotoCmd Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-071 CVE: CVE-2014-0787 Published: 2014-04-10
WellinTech KingScada AEserver.exe Remote Code Execution Vulnerability
ZDI-14-070 CVE: CVE-2014-0507 Published: 2014-04-08
Adobe Flash Player Regular Expression Stack Overflow Remote Code Execution Vulnerability
ZDI-14-069 CVE: Published: 2014-04-08
Sophos Web Appliance Privilege Escalation and Remote Code Execution Vulnerability
ZDI-14-068 CVE: Published: 2014-04-08
SolarWinds Firewall Security Manager FSMWebService Information Disclosure Vulnerability
ZDI-14-067 CVE: Published: 2014-04-08
SolarWinds Server and Application Monitor VSReport Remote Code Execution Vulnerability
ZDI-14-066 CVE: Published: 2014-04-08
SolarWinds Server and Application Monitor Apex Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-065 CVE: Published: 2014-04-08
SolarWinds Server and Application Monitor C1Chart3D8 Array Indexing Remote Code Execution Vulnerability
ZDI-14-064 CVE: Published: 2014-04-08
SolarWinds Server and Application Monitor wpdlx Remote Code Execution Vulnerability
ZDI-14-063 CVE: CVE-2013-6210 Published: 2014-04-08
HP Unified Functional Testing ExGrid SaveXML Remote Code Execution Vulnerability
ZDI-14-062 CVE: CVE-2014-0285 Published: 2014-04-08
Microsoft Internet Explorer NavigateToBookmark Use-After-Free Remote Code Execution Vulnerability
ZDI-14-061 CVE: CVE-2014-0274 Published: 2014-04-08
Microsoft Internet Explorer CDomRange Use-After-Free Remote Code Execution Vulnerability
ZDI-14-060 CVE: CVE-2014-2276 Published: 2014-04-08
EMC Connectrix Manager Converged Network Edition inmservlets.war FileUploadController Servlet Information Disclosure Vulnerability
ZDI-14-059 CVE: CVE-2014-0779 Published: 2014-04-03
Schneider-Electric ClearSCADA ServerMain.exe OPF File Parsing Remote Code Execution Vulnerability
ZDI-14-058 CVE: CVE-2014-1486 Published: 2014-04-03
Mozilla Firefox imgRequestProxy Use-After-Free Remote Code Execution Vulnerability
ZDI-14-057 CVE: CVE-2014-1290 Published: 2014-04-03
Apple Mobile Safari isindex Use-After-Free Remote Code Execution Vulnerability
ZDI-14-056 CVE: Published: 2014-04-03
Avaya IP Office one-X Portal Remote Code Execution Vulnerability
ZDI-14-055 CVE: CVE-2013-3706 Published: 2014-04-03
Novell ZENworks Configuration Management PreBoot Service Information Disclosure Vulnerability
ZDI-14-054 CVE: CVE-2014-0774 Published: 2014-04-03
Schneider Electric OPC Factory Server OFS Client Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-053 CVE: CVE-2013-6771 Published: 2014-04-03
Splunk runshellscript echo.sh Remote Code Execution Vulnerability
ZDI-14-052 CVE: CVE-2013-6771 Published: 2014-04-03
Splunk collect file Remote Code Execution Vulnerability
ZDI-14-051 CVE: CVE-2013-4841 Published: 2014-04-03
Hewlett-Packard LeftHand Virtual SAN Appliance dbd_manager libens Unmarshalling Remote Code Execution Vulnerability
ZDI-14-050 CVE: Published: 2014-04-03
McAfee Cloud Identity Manager ExtensionAccessServlet Information Disclosure Vulnerability
ZDI-14-049 CVE: CVE-2014-1251 Published: 2014-04-03
Apple QuickTime clef Atom Heap Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-048 CVE: CVE-2014-1246 Published: 2014-04-03
Apple QuickTime ftab Atom Remote Code Execution Vulnerability
ZDI-14-047 CVE: CVE-2014-1245 Published: 2014-04-03
Apple QuickTime stsz Atom Remote Code Execution Vulnerability
ZDI-14-046 CVE: CVE-2014-1247 Published: 2014-04-03
Apple QuickTime dref Atom Remote Code Execution Vulnerability
ZDI-14-045 CVE: CVE-2014-1244 Published: 2014-04-03
Apple QuickTime stsz Atom Remote Code Execution Vulnerability
ZDI-14-044 CVE: CVE-2014-1243 Published: 2014-04-03
Apple QuickTime nam Atom Parsing Remote Code Execution Vulnerability
ZDI-14-043 CVE: CVE-2013-6207 Published: 2014-04-03
Hewlett-Packard SiteScope SOAP Arbitrary File Download and Denial of Service Vulnerability
ZDI-14-042 CVE: CVE-2013-6203 Published: 2014-04-03
Hewlett-Packard Application Information Optimizer Remote Code Execution Vulnerability
ZDI-14-041 CVE: CVE-2013-6204 Published: 2014-04-03
Hewlett-Packard Application Information Optimizer Credential Information Disclosure Vulnerability
ZDI-14-040 CVE: CVE-2014-0498 Published: 2014-04-03
Adobe Flash Player RegExp Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-039 CVE: CVE-2013-6724 Published: 2014-04-03
IBM SPSS SamplePower vsflex8l ActiveX Control ComboList Property Remote Code Execution Vulnerability
ZDI-14-038 CVE: CVE-2013-5907 Published: 2014-04-03
Oracle Java TrueType LookupCount Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-037 CVE: CVE-2013-5400 Published: 2014-04-03
IBM Platform Symphony DE Auth-Bypass Remote Code Execution Vulnerability
ZDI-14-036 CVE: CVE-2014-0307 Published: 2014-04-03
Microsoft Internet Explorer HtmlLayout Use-After-Free Remote Code Execution Vulnerability
ZDI-14-035 CVE: CVE-2014-0308 Published: 2014-04-03
Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability
ZDI-14-034 CVE: CVE-2014-0313 Published: 2014-04-03
Microsoft Internet Explorer Heap Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-033 CVE: CVE-2014-0312 Published: 2014-03-20
Microsoft Internet Explorer CSelectElement Use-After-Free Remote Code Execution Vulnerability
ZDI-14-032 CVE: CVE-2014-0299 Published: 2014-03-20
Microsoft Internet Explorer Uninitialized Variable Remote Code Execution Vulnerability
ZDI-14-031 CVE: CVE-2014-0298 Published: 2014-03-20
Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability
ZDI-14-030 CVE: CVE-2014-0297 Published: 2014-03-20
Microsoft Internet Explorer CTraversalMarkupPointer Use-After-Free Remote Code Execution Vulnerability
ZDI-14-029 CVE: CVE-2013-0946 Published: 2014-02-13
EMC AlphaStor Library Manager 0x4f Command Remote Code Execution Vulnerability
ZDI-14-028 CVE: CVE-2014-0281 Published: 2014-02-13
Microsoft Internet Explorer CTreeNode Use-After-Free Remote Code Execution Vulnerability
ZDI-14-027 CVE: CVE-2014-0289 Published: 2014-02-13
Microsoft Internet Explorer CMarkupPointer Use-After-Free Remote Code Execution Vulnerability
ZDI-14-026 CVE: CVE-2014-0275 Published: 2014-02-13
Microsoft Internet Explorer CAreaElement Use-After-Free Remote Code Execution Vulnerability
ZDI-14-025 CVE: CVE-2014-0274 Published: 2014-02-13
Microsoft Internet Explorer CDomRange Use-After-Free Remote Code Execution Vulnerability
ZDI-14-024 CVE: CVE-2014-0287 Published: 2014-02-13
Microsoft Internet Explorer CHtmlLayout Use-After-Free Remote Code Execution Vulnerability
ZDI-14-023 CVE: CVE-2014-0286 Published: 2014-02-13
Microsoft Internet Explorer CInputElement Use-After-Free Remote Code Execution Vulnerability
ZDI-14-022 CVE: CVE-2014-0288 Published: 2014-02-13
Microsoft Internet Explorer CDivElement Use-After-Free Remote Code Execution Vulnerability
ZDI-14-021 CVE: CVE-2014-0269 Published: 2014-02-13
Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability
ZDI-14-020 CVE: CVE-2014-0270 Published: 2014-02-13
Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability
ZDI-14-019 CVE: CVE-2014-0263 Published: 2014-02-13
Microsoft Direct2D Graphics Component Remote Code Execution Vulnerability
ZDI-14-018 CVE: CVE-2013-6749 Published: 2014-02-13
IBM Lotus Quickr ActiveX Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-14-017 CVE: CVE-2013-5387 Published: 2014-02-13
IBM Platform Symphony DE Remote Code Execution Vulnerability
ZDI-14-016 CVE: CVE-2014-0751 Published: 2014-02-13
GE Proficy CIMPLICITY CimWebServer File Upload Remote Code Execution Vulnerability
ZDI-14-015 CVE: CVE-2014-0750 Published: 2014-02-13
GE Proficy CIMPLICITY gefebt.exe File Upload Remote Code Execution Vulnerability
ZDI-14-014 CVE: CVE-2014-0492 Published: 2014-02-05
Adobe Flash Player Jump Opcode Information Leak Vulnerability
ZDI-14-013 CVE: CVE-2013-5907 Published: 2014-02-05
Oracle Java TTF Font Parsing Heap Corruption Remote Code Execution Vulnerability
ZDI-14-012 CVE: CVE-2013-2826 Published: 2014-02-05
WellinTech KingSCADA KingAlarm & Event KAEManageServer Information Disclosure Vulnerability
ZDI-14-011 CVE: CVE-2013-2827 Published: 2014-02-05
WellinTech KingScada KingGraphic kxClientDownload ActiveX Remote Code Execution Vulnerability
ZDI-14-010 CVE: CVE-2013-6189 Published: 2014-01-29
HP Application Information Optimizer DataDirect OpenAccess GIOP Remote Code Execution Vulnerability
ZDI-14-009 CVE: CVE-2013-6195 Published: 2014-01-10
Hewlett-Packard Data Protector Cell Manager crs.exe Multiple Opcodes Remote Code Execution Vulnerability
ZDI-14-008 CVE: CVE-2013-2347 Published: 2014-01-10
Hewlett-Packard Data Protector Backup Client Service EXEC_BAR Remote Code Execution Vulnerability
ZDI-14-007 CVE: CVE-2013-2350 Published: 2014-01-10
Hewlett-Packard Data Protector Backup Client Service rbda Remote Code Execution Vulnerability
ZDI-14-006 CVE: CVE-2013-2345 Published: 2014-01-10
Hewlett-Packard Data Protector Backup Client Service vrda Remote Code Execution Vulnerability
ZDI-14-005 CVE: CVE-2013-2349 Published: 2014-01-10
Hewlett-Packard Data Protector Backup Client Service vbda Remote Code Execution Vulnerability
ZDI-14-004 CVE: CVE-2013-2346 Published: 2014-01-10
Hewlett-Packard Data Protector Backup Client Service rrda Remote Code Execution Vulnerability
ZDI-14-003 CVE: CVE-2013-6194 Published: 2014-01-10
Hewlett-Packard Data Protector Backup Client Service Opcode 42 Remote Code Execution Vulnerability
ZDI-14-002 CVE: CVE-2013-2348 Published: 2014-01-10
Hewlett-Packard Data Protector Backup Client Service Opcode 45 and 46 Remote Code Execution Vulnerability
ZDI-14-001 CVE: CVE-2013-2344 Published: 2014-01-10
Hewlett-Packard Data Protector Backup Client Service RxNtSetup Remote Code Execution Vulnerability