| ZDI-17-1017 |
ZDI-CAN-5337 |
Huawei |
CVE-2017-15316 |
6.9 |
2018-06-08 |
2018-06-08 |
Huawei Mate 9 Pro Mali Double Free Privilege Escalation Vulnerability |
| ZDI-17-1016 |
ZDI-CAN-5321 |
Microsoft |
CVE-2017-11889 |
6.8 |
2018-04-16 |
2018-04-16 |
Microsoft Chakra Typed Array JIT Optimization Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-1015 |
ZDI-CAN-5215 |
Microsoft |
CVE-2017-11837 |
6.8 |
2018-03-23 |
2018-03-23 |
Microsoft Windows JavaScript Typed Array JIT Optimization Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-1014 |
ZDI-CAN-5315 |
Microsoft |
CVE-2017-11835 |
2.6 |
2018-03-07 |
2018-03-07 |
Microsoft Windows Font Embedding Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-1013 |
ZDI-CAN-5154 |
Adobe |
CVE-2017-11308 |
6.8 |
2018-03-07 |
2018-03-07 |
Adobe Acrobat Pro DC ImageConversion EMF BMP Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-1012 |
ZDI-CAN-5148 |
Adobe |
CVE-2017-11240 |
2.6 |
2018-03-06 |
2018-03-06 |
Adobe Acrobat Pro DC ImageConversion EMF JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-1011 |
ZDI-CAN-5146 |
Adobe |
CVE-2017-11307 |
2.6 |
2018-03-06 |
2018-03-06 |
Adobe Acrobat Pro DC ImageConversion EMF GIF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-1010 |
ZDI-CAN-5317 |
Microsoft |
CVE-2017-11835 |
2.6 |
2018-03-06 |
2018-03-06 |
Microsoft Windows Font Embedding Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-1009 |
ZDI-CAN-4755 |
Symantec |
CVE-2017-15532 |
4.0 |
2017-12-20 |
|
Symantec Messaging Gateway Export Servlet snmpFileName Directory Traversal Information Disclosure Vulnerability |
| ZDI-17-1008 |
ZDI-CAN-5280 |
QNAP |
CVE-2017-17032 |
10.0 |
2017-12-20 |
|
QNAP QTS Web change_password Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-1007 |
ZDI-CAN-5279 |
QNAP |
CVE-2017-17033 |
10.0 |
2017-12-20 |
|
QNAP QTS Web sysinfoReq Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-1006 |
ZDI-CAN-5278 |
QNAP |
CVE-2017-17031 |
10.0 |
2017-12-20 |
|
QNAP QTS Web change_password Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-1005 |
ZDI-CAN-5263 |
QNAP |
CVE-2017-17030 |
10.0 |
2017-12-20 |
|
QNAP QTS authLogin Host Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-1004 |
ZDI-CAN-5262 |
QNAP |
CVE-2017-17029 |
10.0 |
2017-12-20 |
|
QNAP QTS authLogin Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-1003 |
ZDI-CAN-5209 |
QNAP |
CVE-2017-17028 |
10.0 |
2017-12-20 |
|
QNAP QTS Web devRequest Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-1002 |
ZDI-CAN-5208 |
QNAP |
CVE-2017-17027 |
10.0 |
2017-12-20 |
|
QNAP QTS NASFTPD USER Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-1001 |
ZDI-CAN-5085 |
Wecon |
CVE-2017-16717 |
6.8 |
2017-12-20 |
|
WECON LeviStudio PLC Driver Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-1000 |
ZDI-CAN-5386 |
Ecava |
CVE-2017-16735 |
5.0 |
2017-12-20 |
|
Ecava IntegraXor Report getdata name SQL Injection Information Disclosure Vulnerability |
| ZDI-17-999 |
ZDI-CAN-5385 |
Ecava |
CVE-2017-16733 |
5.0 |
2017-12-20 |
|
Ecava IntegraXor Report batchlist SQL Injection Information Disclosure Vulnerability |
| ZDI-17-998 |
ZDI-CAN-5139 |
Adobe |
CVE-2017-11213 |
6.8 |
2017-12-20 |
|
Adobe Flash Player BitmapData hitTest Out-Of-Bounds Access Remote Code Execution Vulnerability |
| ZDI-17-997 |
ZDI-CAN-5075 |
Adobe |
CVE-2017-3114 |
6.8 |
2017-12-20 |
|
Adobe Flash LocaleID determinePreferredLocales Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-17-996 |
ZDI-CAN-5074 |
Adobe |
CVE-2017-3112 |
6.8 |
2017-12-20 |
|
Adobe Flash NetworkConfiguration addCustomHeader Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-17-995 |
ZDI-CAN-4906 |
Quest |
CVE-2017-17659 |
7.5 |
2017-12-15 |
|
Quest NetVault Backup Server Process Manager Service NVBUJobHistory Get Method SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-994 |
ZDI-CAN-4316 |
Quest |
CVE-2017-17658 |
7.5 |
2018-01-02 |
|
Quest NetVault Backup Server Process Manager Service NVBUJobDefinitions Get Method SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-993 |
ZDI-CAN-4294 |
Quest |
CVE-2017-17657 |
7.5 |
2017-12-15 |
|
Quest NetVault Backup Server Process Manager Service NVBUBackup TimeRange Method SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-992 |
ZDI-CAN-4292 |
Quest |
CVE-2017-17656 |
7.5 |
2017-12-15 |
|
Quest NetVault Backup Server Process Manager Service NVBUBackup JobList Method SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-991 |
ZDI-CAN-4289 |
Quest |
CVE-2017-17655 |
7.5 |
2017-12-15 |
|
Quest NetVault Backup Server Process Manager Service NVBUBackup PluginList Method SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-990 |
ZDI-CAN-4287 |
Quest |
CVE-2017-17654 |
7.5 |
2017-12-15 |
|
Quest NetVault Backup Server Process Manager Service NVBUBackup ClientList Method SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-989 |
ZDI-CAN-4286 |
Quest |
CVE-2017-17653 |
10.0 |
2017-12-15 |
|
Quest NetVault Backup Server Process Manager Service NVBUBackupOptionSet Get Method SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-988 |
ZDI-CAN-4238 |
Quest |
CVE-2017-17652 |
7.5 |
2017-12-15 |
|
Quest NetVault Backup Server Process Manager Service NVBUBackup Count Method SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-987 |
ZDI-CAN-4237 |
Quest |
CVE-2017-17425 |
7.5 |
2017-12-15 |
|
Quest NetVault Backup Server Process Manager Service NVBUSourceDeviceSet Get Method SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-986 |
ZDI-CAN-4232 |
Quest |
CVE-2017-17421 |
7.5 |
2017-12-15 |
|
Quest NetVault Backup Server Process Manager Service NVBUSelectionSet Get Method SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-985 |
ZDI-CAN-4231 |
Quest |
CVE-2017-17420 |
7.5 |
2017-12-15 |
|
Quest NetVault Backup Server Process Manager Service NVBUJobCountHistory Get Method SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-984 |
ZDI-CAN-4230 |
Quest |
CVE-2017-17419 |
7.5 |
2017-12-15 |
|
Quest NetVault Backup Server Process Manager Service NVBUTransferHistory Get Method SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-983 |
ZDI-CAN-4229 |
Quest |
CVE-2017-17418 |
7.5 |
2017-12-15 |
|
Quest NetVault Backup Server Process Manager Service NVBUPolicy Get Method SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-982 |
ZDI-CAN-4228 |
Quest |
CVE-2017-17417 |
7.5 |
2017-12-15 |
|
Quest NetVault Backup Server Process Manager Service NVBUPhaseStatus Acknowledge Method SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-981 |
ZDI-CAN-4227 |
Quest |
CVE-2017-17416 |
7.5 |
2017-12-15 |
|
Quest NetVault Backup Server Process Manager Service NVBUPhaseStatus GetPlugins Method SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-980 |
ZDI-CAN-4226 |
Quest |
CVE-2017-17415 |
7.5 |
2017-12-15 |
|
Quest NetVault Backup Server Process Manager Service NVBUPhaseStatus Count Method SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-979 |
ZDI-CAN-4225 |
Quest |
CVE-2017-17414 |
7.5 |
2017-12-15 |
|
Quest NetVault Backup Server Process Manager Service NVBUPhaseStatus Get Method SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-978 |
ZDI-CAN-4224 |
Quest |
CVE-2017-17413 |
7.5 |
2017-12-15 |
|
Quest NetVault Backup Server Process Manager Service NVBUBackupTargetSet Get Method SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-977 |
ZDI-CAN-4235 |
Quest |
CVE-2017-17424 |
7.5 |
2017-12-15 |
|
Quest NetVault Backup Server Process Manager Service NVBUScheduleSet Get Method SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-976 |
ZDI-CAN-4234 |
Quest |
CVE-2017-17423 |
7.5 |
2017-12-15 |
|
Quest NetVault Backup Server Process Manager Service NVBUBackupSegment Get Method SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-975 |
ZDI-CAN-4233 |
Quest |
CVE-2017-17422 |
7.5 |
2017-12-15 |
|
Quest NetVault Backup Server Process Manager Service NVBUBackup Get Method SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-974 |
ZDI-CAN-4223 |
Quest |
CVE-2017-17412 |
7.5 |
2017-12-15 |
|
Quest NetVault Backup Server Process Manager Service NVBUEventHistory Get Method SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-973 |
ZDI-CAN-4892 |
Linksys |
CVE-2017-17411 |
10.0 |
2017-12-18 |
|
(0Day) Linksys WVBR0 User-Agent Command Injection Remote Code Execution Vulnerability |
| ZDI-17-972 |
ZDI-CAN-4789 |
Trend Micro |
CVE-2017-14082 |
6.4 |
2017-12-13 |
|
Trend Micro Mobile Security for Enterprise clt_report_sms_status Uninitialized Pointer Information Disclosure Vulnerability |
| ZDI-17-971 |
ZDI-CAN-5197 |
NetGain Systems |
CVE-2017-16606 |
9.0 |
2017-12-13 |
|
NetGain Systems Enterprise Manager _3d.add_005f3d_005fview_005fdo_jsp Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-970 |
ZDI-CAN-5196 |
NetGain Systems |
CVE-2017-16605 |
7.5 |
2017-12-13 |
|
NetGain Systems Enterprise Manager db.save_005fattrs_jsp id Directory Traversal Arbitrary File Overwrite Vulnerability |
| ZDI-17-969 |
ZDI-CAN-5195 |
NetGain Systems |
CVE-2017-16604 |
7.5 |
2017-12-13 |
|
NetGain Systems Enterprise Manager deviceReport.deviceReport_005fexport_005fdo_jsp filename Directory Traversal Arbitrary File Overwrite Vulnerability |
| ZDI-17-968 |
ZDI-CAN-5194 |
NetGain Systems |
CVE-2017-16603 |
9.0 |
2017-12-13 |
|
NetGain Systems Enterprise Manager settings.upload_005ffile_005fdo_jsp filename Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-967 |
ZDI-CAN-5193 |
NetGain Systems |
CVE-2017-16602 |
9.0 |
2017-12-13 |
|
NetGain Systems Enterprise Manager tools.exec_jsp command Command Injection Remote Code Execution Vulnerability |
| ZDI-17-966 |
ZDI-CAN-5192 |
NetGain Systems |
CVE-2017-16601 |
7.5 |
2017-12-13 |
|
NetGain Systems Enterprise Manager service.service_005ffailures_jsp filename Directory Traversal Arbitrary File Overwrite Vulnerability |
| ZDI-17-965 |
ZDI-CAN-5191 |
NetGain Systems |
CVE-2017-16600 |
7.5 |
2017-12-13 |
|
NetGain Systems Enterprise Manager network.traffic_005freport_jsp filename Directory Traversal Arbitrary File Overwrite Vulnerability |
| ZDI-17-964 |
ZDI-CAN-5190 |
NetGain Systems |
CVE-2017-16599 |
9.4 |
2017-12-13 |
|
NetGain Systems Enterprise Manager misc.sample_jsp type Directory Traversal Arbitrary File Deletion Vulnerability |
| ZDI-17-963 |
ZDI-CAN-5138 |
NetGain Systems |
CVE-2017-16598 |
9.0 |
2017-12-13 |
|
NetGain Systems Enterprise Manager snmpwalk.snmpwalk_005fdo_jsp ip Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-962 |
ZDI-CAN-5137 |
NetGain Systems |
CVE-2017-16597 |
10.0 |
2017-12-13 |
|
NetGain Systems Enterprise Manager TFtpServer Filename Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-961 |
ZDI-CAN-5119 |
NetGain Systems |
CVE-2017-16596 |
7.8 |
2017-12-13 |
|
NetGain Systems Enterprise Manager designer.script_005fsamples_jsp type Directory Traversal Information Disclosure Vulnerability |
| ZDI-17-960 |
ZDI-CAN-5118 |
NetGain Systems |
CVE-2017-16595 |
7.8 |
2017-12-13 |
|
NetGain Systems Enterprise Manager reports.export_005fdownload_jsp filename Directory Traversal Information Disclosure Vulnerability |
| ZDI-17-959 |
ZDI-CAN-5117 |
NetGain Systems |
CVE-2017-16594 |
9.3 |
2017-12-13 |
|
NetGain Systems Enterprise Manager db.save_005fimage_jsp id Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-17-958 |
ZDI-CAN-5104 |
NetGain Systems |
CVE-2017-16593 |
7.8 |
2017-12-13 |
|
NetGain Systems Enterprise Manager restore.del_005fdo_jsp filenames Directory Traversal Denial of Service Vulnerability |
| ZDI-17-957 |
ZDI-CAN-5103 |
NetGain Systems |
CVE-2017-16592 |
7.8 |
2017-12-13 |
|
NetGain Systems Enterprise Manager common.download_jsp filename Directory Traversal Information Disclosure Vulnerability |
| ZDI-17-956 |
ZDI-CAN-5100 |
NetGain Systems |
CVE-2017-16591 |
7.8 |
2017-12-13 |
|
NetGain Systems Enterprise Manager restore.download_005fdo_jsp Directory Traversal Information Disclosure Vulnerability |
| ZDI-17-955 |
ZDI-CAN-5099 |
NetGain Systems |
CVE-2017-16590 |
7.8 |
2017-12-13 |
|
NetGain Systems Enterprise Manager MainFilter doFilter Authentication Bypass Vulnerability |
| ZDI-17-954 |
ZDI-CAN-5080 |
NetGain Systems |
CVE-2017-17407 |
7.5 |
2017-12-13 |
|
Netgain Systems Enterprise Manager script_test Command Injection Remote Code Execution Vulnerability |
| ZDI-17-953 |
ZDI-CAN-4753 |
NetGain Systems |
CVE-2017-17406 |
7.5 |
2017-12-13 |
|
NetGain Enterprise Manager RMI Registry Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-17-952 |
ZDI-CAN-4751 |
NetGain Systems |
CVE-2017-16610 |
7.5 |
2017-12-13 |
|
NetGain Enterprise Manager upload_save_do Remote Upload Remote Code Execution Vulnerability |
| ZDI-17-951 |
ZDI-CAN-4750 |
NetGain Systems |
CVE-2017-16609 |
5.0 |
2017-12-13 |
|
NetGain Enterprise Manager download Arbitrary File Download Vulnerability |
| ZDI-17-950 |
ZDI-CAN-4749 |
NetGain Systems |
CVE-2017-16608 |
7.5 |
2017-12-13 |
|
NetGain Enterprise Manager exec Command Injection Remote Code Execution Vulnerability |
| ZDI-17-949 |
ZDI-CAN-4718 |
NetGain Systems |
CVE-2017-16607 |
5.0 |
2017-12-13 |
|
NetGain Enterprise Manager heapdumps Remote Download Information Disclosure Vulnerability |
| ZDI-17-948 |
ZDI-CAN-5242 |
Microsoft |
CVE-2017-11901 |
7.5 |
2017-12-12 |
|
Microsoft Windows JavaScript Array JIT Optimization Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-947 |
ZDI-CAN-5243 |
Microsoft |
CVE-2017-11913 |
4.3 |
2017-12-12 |
|
Microsoft Windows VBScript VT_BSTR Use-After-Free Information Disclosure Vulnerability |
| ZDI-17-946 |
ZDI-CAN-5111 |
Microsoft |
CVE-2017-11887 |
5.0 |
2017-12-12 |
|
Microsoft Windows VBScript VT_BSTR Use-After-Free Information Disclosure Vulnerability |
| ZDI-17-945 |
ZDI-CAN-5110 |
Microsoft |
CVE-2017-11887 |
4.3 |
2017-12-12 |
|
Microsoft Windows VBScript Join Function Use-After-Free Information Disclosure Vulnerability |
| ZDI-17-944 |
ZDI-CAN-5116 |
Bitdefender |
CVE-2017-17410 |
6.8 |
2017-12-12 |
|
Bitdefender Internet Security Emulator 0x102 Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-943 |
ZDI-CAN-5102 |
Bitdefender |
CVE-2017-17409 |
6.8 |
2017-12-12 |
|
Bitdefender Internet Security Emulator 0x10A Integer Overflow Remote Code Execution Vulnerability |
| ZDI-17-942 |
ZDI-CAN-5101 |
Bitdefender |
CVE-2017-17408 |
6.8 |
2017-12-12 |
|
Bitdefender Internet Security Themida Emulator Integer Overflow Remote Code Execution Vulnerability |
| ZDI-17-941 |
ZDI-CAN-5203 |
Adobe |
CVE-2017-11250 |
4.3 |
2018-01-10 |
|
Adobe Acrobat Pro DC ImageConversion EMF EMR_ALPHABLEND Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-940 |
ZDI-CAN-4951 |
Advantech |
CVE-2017-12719 |
6.8 |
2017-12-06 |
|
Advantech WebAccess webvrpcs drawsrv Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-939 |
ZDI-CAN-4950 |
Advantech |
CVE-2017-12719 |
6.8 |
2017-12-06 |
|
Advantech WebAccess webvrpcs drawsrv Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-938 |
ZDI-CAN-4949 |
Advantech |
CVE-2017-14016 |
6.8 |
2017-12-06 |
|
Advantech WebAccess webvrpcs ViewDll1 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-937 |
ZDI-CAN-4986 |
Cisco |
CVE-2017-12371 |
6.8 |
2017-12-06 |
|
Cisco WebEx Recorder and Player WRF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-936 |
ZDI-CAN-4988 |
Cisco |
CVE-2017-12370 |
6.8 |
2017-12-06 |
|
Cisco WebEx Recorder and Player WRF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-935 |
ZDI-CAN-4989 |
Cisco |
CVE-2017-12370 |
6.8 |
2017-12-06 |
|
Cisco WebEx Recorder and Player WRF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-934 |
ZDI-CAN-4990 |
Cisco |
CVE-2017-12370 |
6.8 |
2017-12-06 |
|
Cisco WebEx Recorder and Player WRF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-933 |
ZDI-CAN-5041 |
Cisco |
CVE-2017-12372 |
6.8 |
2017-12-06 |
|
Cisco WebEx Network Recording Player Command Injection Remote Code Execution Vulnerability |
| ZDI-17-932 |
ZDI-CAN-5009 |
Cisco |
CVE-2017-12371 |
6.8 |
2017-12-06 |
|
Cisco WebEx ARF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-931 |
ZDI-CAN-4987 |
Cisco |
CVE-2017-12371 |
6.8 |
2017-12-06 |
|
Cisco WebEx Recorder and Player WRF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-930 |
ZDI-CAN-4914 |
Cisco |
CVE-2017-12371 |
6.8 |
2017-12-06 |
|
Cisco WebEx ARF File Parsing Uninitialized Memory Remote Code Execution Vulnerability |
| ZDI-17-929 |
ZDI-CAN-5320 |
Microsoft |
CVE-2017-11884 |
6.8 |
2017-12-06 |
|
Microsoft Office Excel XLS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-928 |
ZDI-CAN-5114 |
Microsoft |
CVE-2017-11812 |
7.5 |
2017-12-06 |
|
Microsoft Chakra asm.js ArrayBuffer Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-927 |
ZDI-CAN-4756 |
Adobe |
CVE-2017-16369 |
4.3 |
2017-11-21 |
|
Adobe Acrobat Pro DC iframe Same Origin Policy Bypass Information Disclosure Vulnerability |
| ZDI-17-926 |
ZDI-CAN-4891 |
Adobe |
CVE-2017-11304 |
4.3 |
2017-11-20 |
|
Adobe Photoshop JPEG2000 Use-After-Free Information Disclosure Vulnerability |
| ZDI-17-925 |
ZDI-CAN-4927 |
Apple |
CVE-2017-13833 |
4.4 |
2017-11-20 |
|
Apple macOS nsurlstoraged Integer Overflow Privilege Escalation Vulnerability |
| ZDI-17-924 |
ZDI-CAN-4908 |
Apple |
CVE-2017-13829 |
4.4 |
2017-11-20 |
|
Apple macOS nsurlstoraged Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-17-923 |
ZDI-CAN-5076 |
systemd |
CVE-2017-15908 |
7.8 |
2017-11-20 |
|
systemd Network Name Resolution Manager NSEC Resource Record Pseudo-Types Denial of Service Vulnerability |
| ZDI-17-922 |
ZDI-CAN-4856 |
ThinPrint |
CVE-2017-4935 |
6.2 |
2017-11-20 |
|
ThinPrint TPView JPEG2000 Parsing Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-17-921 |
ZDI-CAN-4909 |
VMware |
CVE-2017-4934 |
6.2 |
2017-11-21 |
|
VMware Workstation NAT IP Fragment Reassembly Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-17-920 |
ZDI-CAN-5096 |
Apple |
CVE-2017-13793 |
6.8 |
2017-11-20 |
|
Apple Safari Node Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-919 |
ZDI-CAN-5070 |
EMC |
CVE-2017-14375 |
4.3 |
2017-11-20 |
|
EMC Unisphere For VMAX vApp Manager ORBServlet Remote Credential Creation Information Disclosure Vulnerability |
| ZDI-17-918 |
ZDI-CAN-4918 |
Cisco |
CVE-2017-12285 |
6.4 |
2017-11-20 |
|
Cisco Prime Network Analysis Module graph sfile Parameter Directory Traversal Arbitrary File Deletion Vulnerability |
| ZDI-17-917 |
ZDI-CAN-5131 |
Microsoft |
CVE-2017-11851 |
5.4 |
2017-11-20 |
|
Microsoft Windows EngLockSurface Time-Of-Check Time-Of-Use Race Condition Information Disclosure Vulnerability |
| ZDI-17-916 |
ZDI-CAN-5112 |
Microsoft |
CVE-2017-11869 |
6.8 |
2017-11-20 |
|
Microsoft Windows VBScript Join Function Integer Overflow Remote Code Execution Vulnerability |
| ZDI-17-915 |
ZDI-CAN-5105 |
Microsoft |
CVE-2017-11878 |
5.1 |
2017-11-20 |
|
Microsoft Office Excel Workbook Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-914 |
ZDI-CAN-5077 |
Microsoft |
CVE-2017-11856 |
7.5 |
2017-11-20 |
|
Microsoft Windows JavaScript Array Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-913 |
ZDI-CAN-4912 |
Microsoft |
CVE-2017-8595 |
6.8 |
2017-11-20 |
|
Microsoft Chakra Spread Operator Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-912 |
ZDI-CAN-5198 |
Microsoft |
CVE-2017-11858 |
5.1 |
2017-11-20 |
|
Microsoft Chakra Regular Expression Integer Overflow Remote Code Execution Vulnerability |
| ZDI-17-911 |
ZDI-CAN-5086 |
Microsoft |
CVE-2017-11847 |
7.2 |
2017-11-20 |
|
Microsoft Windows win32k Menu Use-After-Free Privilege Escalation Vulnerability |
| ZDI-17-910 |
ZDI-CAN-5221 |
Adobe |
CVE-2017-16402 |
4.3 |
2017-11-14 |
|
Adobe Reader DC JPEG2000 QCC Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-909 |
ZDI-CAN-5220 |
Adobe |
CVE-2017-16400 |
4.3 |
2017-11-14 |
|
Adobe Reader DC JPEG2000 ihdr Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-908 |
ZDI-CAN-5219 |
Adobe |
CVE-2017-16401 |
4.3 |
2017-11-14 |
|
Adobe Acrobat Pro DC ImageConversion EMF EMR_COMMENT Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-907 |
ZDI-CAN-5218 |
Adobe |
CVE-2017-16404 |
6.8 |
2017-11-14 |
|
Adobe Acrobat Pro DC ImageConversion EMF EmfPlusObject Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-906 |
ZDI-CAN-5202 |
Adobe |
CVE-2017-16403 |
4.3 |
2017-11-14 |
|
Adobe Acrobat Pro DC ImageConversion EMF EmfPlusDrawBeziers Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-905 |
ZDI-CAN-5039 |
Adobe |
CVE-2017-16382 |
4.3 |
2017-11-14 |
|
Adobe Acrobat Pro DC XPS TIFF Rational Data Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-904 |
ZDI-CAN-5036 |
Adobe |
CVE-2017-16385 |
6.8 |
2017-11-14 |
|
Adobe Acrobat Pro DC XPS TIFF PhotometricInterpretation Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-903 |
ZDI-CAN-5040 |
Adobe |
CVE-2017-16381 |
6.8 |
2017-11-14 |
|
Adobe Acrobat Pro DC XPS TIFF dir Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-902 |
ZDI-CAN-5034 |
Adobe |
CVE-2017-16386 |
4.3 |
2017-11-14 |
|
Adobe Acrobat Pro DC XPS JPEG APP13 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-901 |
ZDI-CAN-5037 |
Adobe |
CVE-2017-16384 |
4.3 |
2017-11-14 |
|
Adobe Acrobat Pro DC XPS PNG tEXT Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-900 |
ZDI-CAN-5038 |
Adobe |
CVE-2017-16383 |
6.8 |
2017-11-14 |
|
Adobe Acrobat Pro DC XPS JPEG APP2 Parsing Heap-based Buffer Overflow Vulnerability |
| ZDI-17-899 |
ZDI-CAN-4972 |
Adobe |
CVE-2017-16387 |
4.3 |
2017-11-14 |
|
Adobe Reader DC JPEG2000 Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-898 |
ZDI-CAN-5296 |
Foxit |
CVE-2017-16587 |
6.8 |
2017-11-14 |
|
Foxit Reader removeField Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-897 |
ZDI-CAN-5295 |
Foxit |
CVE-2017-16586 |
6.8 |
2017-11-14 |
|
Foxit Reader addAnnot Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-896 |
ZDI-CAN-5294 |
Foxit |
CVE-2017-16585 |
6.8 |
2017-11-14 |
|
Foxit Reader App response Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-895 |
ZDI-CAN-5290 |
Foxit |
CVE-2017-16584 |
4.3 |
2017-11-14 |
|
Foxit Reader util printf Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-894 |
ZDI-CAN-5289 |
Foxit |
CVE-2017-16583 |
6.8 |
2017-11-14 |
|
Foxit Reader XFA datasets Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-893 |
ZDI-CAN-5288 |
Foxit |
CVE-2017-16582 |
6.8 |
2017-11-14 |
|
Foxit Reader clearItems Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-892 |
ZDI-CAN-5282 |
Foxit |
CVE-2017-16581 |
6.8 |
2017-11-14 |
|
Foxit Reader Document author Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-891 |
ZDI-CAN-5281 |
Foxit |
CVE-2017-16580 |
4.3 |
2017-11-14 |
|
Foxit Reader XFA ImageField Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-890 |
ZDI-CAN-5244 |
Foxit |
CVE-2017-16579 |
4.3 |
2017-11-14 |
|
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-889 |
ZDI-CAN-5216 |
Foxit |
CVE-2017-16578 |
6.8 |
2017-11-14 |
|
Foxit Reader XFA picture Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-888 |
ZDI-CAN-5094 |
Foxit |
CVE-2017-16577 |
6.8 |
2017-11-14 |
|
Foxit Reader Field alignment Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-887 |
ZDI-CAN-5092 |
Foxit |
CVE-2017-16576 |
6.8 |
2017-11-14 |
|
Foxit Reader XFA field element Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-886 |
ZDI-CAN-5091 |
Foxit |
CVE-2017-16575 |
6.8 |
2017-11-14 |
|
Foxit Reader XFA bind Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-885 |
ZDI-CAN-5079 |
Foxit |
CVE-2017-16574 |
4.3 |
2017-11-14 |
|
Foxit Reader Image Filter Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-884 |
ZDI-CAN-5078 |
Foxit |
CVE-2017-16573 |
4.3 |
2017-11-14 |
|
Foxit Reader LZWDecode filter Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-883 |
ZDI-CAN-5073 |
Foxit |
CVE-2017-16572 |
6.8 |
2017-11-14 |
|
Foxit Reader FormCalc closeDoc Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-882 |
ZDI-CAN-5072 |
Foxit |
CVE-2017-16571 |
6.8 |
2017-11-14 |
|
Foxit Reader FormCalc app Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-881 |
ZDI-CAN-5029 |
Foxit |
CVE-2017-14837 |
6.8 |
2017-11-14 |
|
Foxit Reader XFA Layout pageSpan Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-880 |
ZDI-CAN-5028 |
Foxit |
CVE-2017-14836 |
6.8 |
2017-11-14 |
|
Foxit Reader Annotations modDate Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-879 |
ZDI-CAN-5027 |
Foxit |
CVE-2017-14835 |
6.8 |
2017-11-14 |
|
Foxit Reader XFA Layout page Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-878 |
ZDI-CAN-5026 |
Foxit |
CVE-2017-14834 |
6.8 |
2017-11-14 |
|
Foxit Reader FileAttachment Annotations style Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-877 |
ZDI-CAN-5025 |
Foxit |
CVE-2017-14833 |
6.8 |
2017-11-14 |
|
Foxit Reader Text Annotations style Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-876 |
ZDI-CAN-5024 |
Foxit |
CVE-2017-14832 |
6.8 |
2017-11-14 |
|
Foxit Reader Caret Annotations style Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-875 |
ZDI-CAN-5023 |
Foxit |
CVE-2017-14831 |
6.8 |
2017-11-14 |
|
Foxit Reader Circle Annotations author Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-874 |
ZDI-CAN-5022 |
Foxit |
CVE-2017-14830 |
6.8 |
2017-11-14 |
|
Foxit Reader XFAScriptObject setFocus Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-873 |
ZDI-CAN-5021 |
Foxit |
CVE-2017-14829 |
6.8 |
2017-11-14 |
|
Foxit Reader XFAScriptObject openList Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-872 |
ZDI-CAN-5020 |
Foxit |
CVE-2017-14828 |
6.8 |
2017-11-14 |
|
Foxit Reader XFA Layout w Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-871 |
ZDI-CAN-5019 |
Foxit |
CVE-2017-14827 |
6.8 |
2017-11-14 |
|
Foxit Reader XFA Nodes append Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-870 |
ZDI-CAN-5018 |
Foxit |
CVE-2017-14826 |
6.8 |
2017-11-14 |
|
Foxit Reader XFA Nodes formNodes Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-869 |
ZDI-CAN-5017 |
Foxit |
CVE-2017-14825 |
6.8 |
2017-11-14 |
|
Foxit Reader XFAScriptObject remove Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-868 |
ZDI-CAN-5016 |
Foxit |
CVE-2017-14824 |
6.8 |
2017-11-14 |
|
Foxit Reader XFAScriptObject insert Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-867 |
ZDI-CAN-5015 |
Foxit |
CVE-2017-14823 |
6.8 |
2017-11-14 |
|
Foxit Reader XFA Signature Object signer Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-866 |
ZDI-CAN-5014 |
Foxit |
CVE-2017-14822 |
4.3 |
2017-11-14 |
|
Foxit Reader JPEG2000 SIZ marker xOsiz Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-865 |
ZDI-CAN-5013 |
Foxit |
CVE-2017-14821 |
4.3 |
2017-11-14 |
|
Foxit Reader JPEG2000 SIZ marker xTsiz Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-864 |
ZDI-CAN-5012 |
Foxit |
CVE-2017-14820 |
4.3 |
2017-11-14 |
|
Foxit Reader JPEG2000 SOT tile index Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-863 |
ZDI-CAN-5011 |
Foxit |
CVE-2017-14819 |
4.3 |
2017-11-14 |
|
Foxit Reader JPEG2000 cdef channel number Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-862 |
ZDI-CAN-4982 |
Foxit |
CVE-2017-14818 |
4.3 |
2017-11-14 |
|
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-861 |
ZDI-CAN-4981 |
Foxit |
CVE-2017-10959 |
6.8 |
2017-11-14 |
|
Foxit Reader Link setAction Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-860 |
ZDI-CAN-4980 |
Foxit |
CVE-2017-10958 |
6.8 |
2017-11-14 |
|
Foxit Reader Field value Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-859 |
ZDI-CAN-4979 |
Foxit |
CVE-2017-10957 |
6.8 |
2017-11-14 |
|
Foxit Reader Annotations arrowEnd Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-858 |
ZDI-CAN-4978 |
Foxit |
CVE-2017-10956 |
4.3 |
2017-11-14 |
|
Foxit Reader JPEG2000 SOT marker tile index Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-857 |
ZDI-CAN-4977 |
Foxit |
CVE-2017-16589 |
4.3 |
2017-11-29 |
|
Foxit Reader JPEG2000 SIZ marker yTsiz Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-856 |
ZDI-CAN-4976 |
Foxit |
CVE-2017-16588 |
4.3 |
2017-11-29 |
|
Foxit Reader JPEG2000 SOT marker Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-855 |
ZDI-CAN-4810 |
Hewlett Packard Enterprise |
CVE-2017-8962 |
9.0 |
2017-11-06 |
|
Hewlett Packard Enterprise Intelligent Management Center perfAccessMgrServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-17-854 |
ZDI-CAN-4811 |
Hewlett Packard Enterprise |
CVE-2017-8963 |
9.0 |
2017-11-06 |
|
Hewlett Packard Enterprise Intelligent Management Center TopoReqServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-17-853 |
ZDI-CAN-4812 |
Hewlett Packard Enterprise |
CVE-2017-8964 |
9.0 |
2017-11-06 |
|
Hewlett Packard Enterprise Intelligent Management Center TopoBroadcastServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-17-852 |
ZDI-CAN-4813 |
Hewlett Packard Enterprise |
CVE-2017-8967 |
9.0 |
2017-11-06 |
|
Hewlett Packard Enterprise Intelligent Management Center TopoDebugServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-17-851 |
ZDI-CAN-4814 |
Hewlett Packard Enterprise |
CVE-2017-8965 |
9.0 |
2017-11-06 |
|
Hewlett Packard Enterprise Intelligent Management Center AccessMgrServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-17-850 |
ZDI-CAN-4815 |
Hewlett Packard Enterprise |
CVE-2017-8966 |
9.0 |
2017-11-06 |
|
Hewlett Packard Enterprise Intelligent Management Center TopoMsgServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-17-849 |
ZDI-CAN-4758 |
Hewlett Packard Enterprise |
CVE-2017-8961 |
9.0 |
2017-11-06 |
|
Hewlett Packard Enterprise Intelligent Management Center flexFileUpload Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-848 |
ZDI-CAN-5115 |
Microsoft |
CVE-2017-11812 |
7.5 |
2017-10-11 |
|
Microsoft Chakra asm.js ArrayBuffer Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-847 |
ZDI-CAN-4948 |
Microsoft |
CVE-2017-11790 |
2.6 |
2017-10-11 |
|
Microsoft Office Excel xls File Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-846 |
ZDI-CAN-5207 |
Microsoft |
CVE-2017-11779 |
6.8 |
2017-10-10 |
|
Microsoft Windows DNSAPI NSEC3_RecordRead Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-845 |
ZDI-CAN-5199 |
Microsoft |
CVE-2017-8689 |
7.2 |
2017-10-10 |
|
Microsoft Windows Submenu Use-After-Free Privilege Escalation Vulnerability |
| ZDI-17-844 |
ZDI-CAN-5084 |
Microsoft |
CVE-2017-11800 |
7.5 |
2017-10-10 |
|
Microsoft Chakra Array JIT Optimization Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-843 |
ZDI-CAN-5069 |
Microsoft |
CVE-2017-11781 |
6.8 |
2017-10-10 |
|
Microsoft Windows SMB Out-Of-Bounds Read Denial of Service Vulnerability |
| ZDI-17-842 |
ZDI-CAN-5059 |
Microsoft |
CVE-2017-11794 |
4.3 |
2017-10-10 |
|
Microsoft Edge substringData Use-After-Free Information Disclosure Vulnerability |
| ZDI-17-841 |
ZDI-CAN-4967 |
Microsoft |
CVE-2017-11762 |
2.6 |
2017-10-10 |
|
Microsoft Windows Font Embedding Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-840 |
ZDI-CAN-4702 |
Microsoft |
CVE-2017-8717 |
6.8 |
2017-10-10 |
|
Microsoft Windows XLS File Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-839 |
ZDI-CAN-4669 |
Microsoft |
CVE-2017-8718 |
6.8 |
2017-10-10 |
|
Microsoft Windows XLS File Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-838 |
ZDI-CAN-5130 |
Microsoft |
|
5.0 |
2017-10-06 |
|
(0Day) Microsoft Windows WAV File Uninitialized Pointer Denial of Service Vulnerability |
| ZDI-17-837 |
ZDI-CAN-4635 |
Cisco |
CVE-2017-12263 |
7.8 |
2017-10-04 |
|
Cisco License Manager Server ReportCSV Directory Traversal Information Disclosure Vulnerability |
| ZDI-17-836 |
ZDI-CAN-4896 |
Hewlett Packard Enterprise |
CVE-2017-12561 |
10.0 |
2017-10-03 |
|
Hewlett Packard Enterprise Intelligent Management Center dbman Opcode 10012 Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-835 |
ZDI-CAN-4809 |
Hewlett Packard Enterprise |
CVE-2017-12560 |
6.8 |
2017-10-03 |
|
Hewlett Packard Enterprise Intelligent Management Center mibFileServlet Directory Traversal Denial of Service Vulnerability |
| ZDI-17-834 |
ZDI-CAN-4808 |
Hewlett Packard Enterprise |
CVE-2017-12559 |
6.8 |
2017-10-03 |
|
Hewlett Packard Enterprise Intelligent Management Center mibFileServlet Directory Traversal Denial of Service Vulnerability |
| ZDI-17-833 |
ZDI-CAN-4761 |
Hewlett Packard Enterprise |
CVE-2017-12558 |
10.0 |
2017-10-03 |
|
Hewlett Packard Enterprise Intelligent Management Center WebDMServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-17-832 |
ZDI-CAN-4760 |
Hewlett Packard Enterprise |
CVE-2017-12557 |
10.0 |
2017-10-03 |
|
Hewlett Packard Enterprise Intelligent Management Center WebDMDebugServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-17-831 |
ZDI-CAN-4759 |
Hewlett Packard Enterprise |
CVE-2017-12556 |
10.0 |
2017-10-03 |
|
Hewlett Packard Enterprise Intelligent Management Center MibBrowserTopoFilterServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-17-830 |
ZDI-CAN-4837 |
Hewlett Packard Enterprise |
CVE-2017-12554 |
9.0 |
2017-10-03 |
|
Hewlett Packard Enterprise Intelligent Management Center mibFileServlet Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-829 |
ZDI-CAN-5071 |
Trend Micro |
CVE-2017-14088 |
6.9 |
2017-09-27 |
|
Trend Micro OfficeScan tmwfp Memory Corruption Privilege Escalation Vulnerability |
| ZDI-17-828 |
ZDI-CAN-5068 |
Trend Micro |
CVE-2017-14088 |
6.9 |
2017-09-27 |
|
Trend Micro OfficeScan tmwfp Memory Corruption Privilege Escalation Vulnerability |
| ZDI-17-827 |
ZDI-CAN-4754 |
Dell EMC |
CVE-2017-8007 |
9.0 |
2017-09-26 |
|
Dell EMC VNX Monitoring and Reporting Scheduler Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-826 |
ZDI-CAN-4807 |
Dell EMC |
CVE-2017-8012 |
6.8 |
2017-09-26 |
|
Dell EMC VNX Monitoring and Reporting RMI Registry Deserialization of Untrusted Data Denial of Service Vulnerability |
| ZDI-17-825 |
ZDI-CAN-4825 |
Hewlett Packard Enterprise |
CVE-2017-14350 |
10.0 |
2017-09-26 |
|
Hewlett Packard Enterprise Application Performance Management Staging Data Replicator hpbsmsdr Missing Authentication for Critical Function Remote Code Execution Vulnerability |
| ZDI-17-824 |
ZDI-CAN-4955 |
Apple |
CVE-2017-7111 |
6.8 |
2017-09-26 |
|
Apple Safari RegExp replace Out-Of-Bounds Access Remote Code Execution Vulnerability |
| ZDI-17-823 |
ZDI-CAN-4771 |
Apple |
CVE-2017-7095 |
6.8 |
2017-09-26 |
|
Apple Safari JSString Out-Of-Bounds Access Remote Code Execution Vulnerability |
| ZDI-17-822 |
ZDI-CAN-4717 |
Apple |
CVE-2017-7091 |
6.8 |
2017-09-26 |
|
Apple Safari RenderFlowThread Out-Of-Bounds Access Remote Code Execution Vulnerability |
| ZDI-17-821 |
ZDI-CAN-4712 |
Apple |
CVE-2017-7092 |
6.8 |
2017-09-26 |
|
Apple Safari String link Integer Overflow Remote Code Execution Vulnerability |
| ZDI-17-820 |
ZDI-CAN-4711 |
Apple |
CVE-2017-7093 |
6.8 |
2017-09-26 |
|
Apple Safari BoundFunction Out-Of-Bounds Access Remote Code Execution Vulnerability |
| ZDI-17-819 |
ZDI-CAN-4553 |
Eaton |
|
7.5 |
2017-09-26 |
|
(0Day) Eaton ELCSoft SegCmt Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-818 |
ZDI-CAN-4637 |
Eaton |
|
7.5 |
2017-09-26 |
|
(0Day) Eaton ELCSoft LAD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-817 |
ZDI-CAN-4636 |
Eaton |
|
7.5 |
2017-09-26 |
|
(0Day) Eaton ELCSoft SFC File Parsing Out-Of-Bounds Access Remote Code Execution Vulnerability |
| ZDI-17-816 |
ZDI-CAN-4555 |
Eaton |
|
7.5 |
2017-09-26 |
|
(0Day) Eaton ELCSoft DEV File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-815 |
ZDI-CAN-4554 |
Eaton |
|
7.5 |
2017-09-26 |
|
(0Day) Eaton ELCSoft EPC File Parsing Out-Of-Bounds Access Remote Code Execution Vulnerability |
| ZDI-17-814 |
ZDI-CAN-4551 |
Eaton |
|
7.5 |
2017-09-26 |
|
(0Day) Eaton ELCSoft EPC File Parsing Out-Of-Bounds Access Remote Code Execution Vulnerability |
| ZDI-17-813 |
ZDI-CAN-4552 |
Eaton |
|
7.5 |
2017-09-26 |
|
(0Day) Eaton ELCSoft Device Comment Range Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-812 |
ZDI-CAN-4697 |
EMC |
CVE-2017-10955 |
9.0 |
2017-09-28 |
|
(0Day) EMC Data Protection Advisor ScheduledReportResource Command Injection Remote Code Execution Vulnerability |
| ZDI-17-811 |
ZDI-CAN-4699 |
EMC |
CVE-2017-8013 |
7.8 |
2017-09-15 |
|
EMC Data Protection Advisor Application Service Static Credentials Authentication Bypass Vulnerability |
| ZDI-17-810 |
ZDI-CAN-4683 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise get_moveto_group_list Device_DeviceId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-809 |
ZDI-CAN-4679 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise delete_admin_account UserName SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-808 |
ZDI-CAN-4806 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise add_app_category Name SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-807 |
ZDI-CAN-4805 |
Trend Micro |
CVE-2017-14079 |
6.5 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise upload_img_file Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-17-806 |
ZDI-CAN-4804 |
Trend Micro |
CVE-2017-14078 |
10.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise eas_agent_check_upgrade SlinkId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-805 |
ZDI-CAN-4803 |
Trend Micro |
CVE-2017-14078 |
10.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise eas_agent_sync_client_info SlinkId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-804 |
ZDI-CAN-4802 |
Trend Micro |
CVE-2017-14078 |
10.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise eas_agent_sync_all_devices SlinkId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-803 |
ZDI-CAN-4801 |
Trend Micro |
CVE-2017-14078 |
10.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise eas_agent_unregister SlinkId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-802 |
ZDI-CAN-4800 |
Trend Micro |
CVE-2017-14078 |
10.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise eas_agent_upload_new_devices SlinkId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-801 |
ZDI-CAN-4799 |
Trend Micro |
CVE-2017-14078 |
10.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise eas_agent_command SlinkId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-800 |
ZDI-CAN-4797 |
Trend Micro |
CVE-2017-14078 |
10.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise eas_agent_register SlinkId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-799 |
ZDI-CAN-4796 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise cancel_command_list CmdUUID SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-798 |
ZDI-CAN-4794 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise delete_user Id SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-797 |
ZDI-CAN-4793 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise remove_command_list CmdUUID SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-796 |
ZDI-CAN-4792 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise resend_command_list CmdUUID SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-795 |
ZDI-CAN-4791 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise edit_eas_note Id SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-794 |
ZDI-CAN-4790 |
Trend Micro |
CVE-2017-14078 |
10.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise save_eas_agent_setting SlinkId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-793 |
ZDI-CAN-4788 |
Trend Micro |
CVE-2017-14078 |
10.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise remove_eas_agent_info SlinkId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-792 |
ZDI-CAN-4787 |
Trend Micro |
CVE-2017-14078 |
10.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise show_eas_agent_info SlinkId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-791 |
ZDI-CAN-4786 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise create_db SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-790 |
ZDI-CAN-4785 |
Trend Micro |
CVE-2017-14079 |
6.5 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise upload_font_file Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-17-789 |
ZDI-CAN-4784 |
Trend Micro |
CVE-2017-14079 |
6.5 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise upload_wallpaper_file Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-17-788 |
ZDI-CAN-4783 |
Trend Micro |
CVE-2017-14078 |
10.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise mdm_register_new_connector SlinkId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-787 |
ZDI-CAN-4782 |
Trend Micro |
CVE-2017-14078 |
10.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise diagnose_eas_status SlinkId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-786 |
ZDI-CAN-4781 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise reinvite_user Id SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-785 |
ZDI-CAN-4780 |
Trend Micro |
CVE-2017-14079 |
6.5 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise upload_app_file Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-17-784 |
ZDI-CAN-4779 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise assign_policy Id SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-783 |
ZDI-CAN-4693 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise remote_selective_wipe_device id SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-782 |
ZDI-CAN-4692 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise get_dep_profile Id SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-781 |
ZDI-CAN-4691 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise upload_web_app AppFile SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-780 |
ZDI-CAN-4690 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise invite_devices user_name SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-779 |
ZDI-CAN-4688 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise update_group Id SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-778 |
ZDI-CAN-4687 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise delete_group ParentId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-777 |
ZDI-CAN-4686 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise remote_lock_device Device_DeviceId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-776 |
ZDI-CAN-4685 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise export_devices Device_DeviceGroupId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-775 |
ZDI-CAN-4682 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise get_subgroup_list id SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-774 |
ZDI-CAN-4681 |
Trend Micro |
CVE-2017-14081 |
6.5 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise Proxy Command Injection Remote Code Execution Vulnerability |
| ZDI-17-773 |
ZDI-CAN-4680 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise notify_devices_to_update id SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-772 |
ZDI-CAN-4678 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise get_device_detail_info id SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-771 |
ZDI-CAN-4677 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise query_user search_by SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-770 |
ZDI-CAN-4676 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise get_device_list_brief_by_group id SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-769 |
ZDI-CAN-4673 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise search_device_invitations user_name SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-768 |
ZDI-CAN-4672 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise edit_user id SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-767 |
ZDI-CAN-4671 |
Trend Micro |
CVE-2017-14080 |
7.5 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise widgetforsecurity talker Authentication Bypass Vulnerability |
| ZDI-17-766 |
ZDI-CAN-4670 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise change_device_user id SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-765 |
ZDI-CAN-4668 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise reset_device_passwd id SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-764 |
ZDI-CAN-4667 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise get_remote_unlockstring Device_DeviceId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-763 |
ZDI-CAN-4666 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise get_user_list LDAPAccount SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-762 |
ZDI-CAN-4665 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise move_group Id SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-761 |
ZDI-CAN-4664 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise query_installed_applications application_name SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-760 |
ZDI-CAN-4663 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise edit_device id SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-759 |
ZDI-CAN-4662 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise locate_device id SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-758 |
ZDI-CAN-4661 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise search_user_for_report user_name SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-757 |
ZDI-CAN-4660 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise get_device_location Device_DeviceId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-756 |
ZDI-CAN-4659 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise search_users_for_vpp user_name SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-755 |
ZDI-CAN-4658 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise query_event_log AdminName SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-754 |
ZDI-CAN-4657 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise add_group Name SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-753 |
ZDI-CAN-4656 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise remote_wipe_device id SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-752 |
ZDI-CAN-4655 |
Trend Micro |
CVE-2017-14081 |
6.5 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise Proxy Command Injection Remote Code Execution Vulnerability |
| ZDI-17-751 |
ZDI-CAN-4654 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise broadcast_group GroupId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-750 |
ZDI-CAN-4653 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise search_devices group_id SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-749 |
ZDI-CAN-4652 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise invite_devices email SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-748 |
ZDI-CAN-4651 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise stop_mirroring Device_DeviceId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-747 |
ZDI-CAN-4650 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise change_ios_setting Device_DeviceId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-746 |
ZDI-CAN-4649 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise export_eas_devices Domain SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-745 |
ZDI-CAN-4648 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise broadcast_devices Device_DeviceDeviceId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-744 |
ZDI-CAN-4647 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise notify_groups_to_update DeviceGroupId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-743 |
ZDI-CAN-4646 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise delete_devices Device_DeviceId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-742 |
ZDI-CAN-4645 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise show_eas_devices Domain SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-741 |
ZDI-CAN-4644 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise move_devices Device_DeviceDeviceId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-740 |
ZDI-CAN-4643 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise notify_devices_to_scan Device_DeviceDeviceId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-739 |
ZDI-CAN-4642 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise notify_groups_to_scan DeviceGroupId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-738 |
ZDI-CAN-4857 |
VMware |
CVE-2017-4924 |
6.2 |
2017-09-15 |
|
VMware Workstation Shader Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-17-737 |
ZDI-CAN-4778 |
Trend Micro |
CVE-2017-14078 |
9.0 |
2017-09-15 |
|
Trend Micro Mobile Security for Enterprise change_user Device_DeviceId SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-736 |
ZDI-CAN-5056 |
Microsoft |
CVE-2017-8738 |
7.5 |
2017-09-15 |
|
Microsoft Chakra Array Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-735 |
ZDI-CAN-5082 |
Microsoft |
CVE-2017-8720 |
1.2 |
2017-09-15 |
|
Microsoft Windows PlgBlt Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-734 |
ZDI-CAN-4845 |
Microsoft |
CVE-2017-8692 |
4.3 |
2017-09-12 |
|
Microsoft Windows Uniscribe Bidirectional Text Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-733 |
ZDI-CAN-5081 |
Microsoft |
CVE-2016-0165 |
6.2 |
2017-09-12 |
|
Microsoft Windows win32kfull Integer Overflow Remote Code Execution Vulnerability |
| ZDI-17-732 |
ZDI-CAN-4968 |
Microsoft |
CVE-2017-8743 |
6.8 |
2017-09-12 |
|
Microsoft Office PowerPoint ppt File Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-731 |
ZDI-CAN-4910 |
Microsoft |
CVE-2017-8738 |
7.5 |
2017-09-12 |
|
Microsoft Chakra Array Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-730 |
ZDI-CAN-4893 |
Microsoft |
CVE-2017-8744 |
6.8 |
2017-09-12 |
|
Microsoft Office Word WordPerfect Document Converter Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-729 |
ZDI-CAN-4885 |
Microsoft |
CVE-2017-8728 |
6.8 |
2017-09-15 |
|
Microsoft Windows PDF Library JPEG2000 Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-728 |
ZDI-CAN-4844 |
Microsoft |
CVE-2017-8737 |
4.3 |
2017-09-12 |
|
Microsoft Windows PDF Library JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-727 |
ZDI-CAN-4795 |
Microsoft |
CVE-2017-8631 |
6.8 |
2017-09-15 |
|
Microsoft Office Excel xlsb File Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-726 |
ZDI-CAN-4985 |
Microsoft |
CVE-2017-8750 |
6.8 |
2017-09-15 |
|
Microsoft Internet Explorer JavaScript WeakMap Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-725 |
ZDI-CAN-4888 |
Microsoft |
CVE-2017-8661 |
4.3 |
2017-09-12 |
|
Microsoft Edge Undo Command Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-724 |
ZDI-CAN-4708 |
Microsoft |
CVE-2017-8676 |
2.6 |
2017-09-12 |
|
Microsoft Windows Bitmap Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-723 |
ZDI-CAN-4710 |
EMC |
CVE-2017-8015 |
6.8 |
2017-09-12 |
|
EMC AppSync Apollo REST Services SQL Injection Information Disclosure Vulnerability |
| ZDI-17-722 |
ZDI-CAN-4466 |
Hewlett Packard Enterprise |
CVE-2017-13983 |
6.8 |
2017-09-07 |
|
Hewlett Packard Enterprise Application Performance Management System Health Authentication Bypass Vulnerability |
| ZDI-17-721 |
ZDI-CAN-4456 |
Hewlett Packard Enterprise |
CVE-2017-13985 |
6.8 |
2017-09-07 |
|
Hewlett Packard Enterprise Application Performance Management System Health Email Servlet Directory Traversal Information Disclosure Vulnerability |
| ZDI-17-720 |
ZDI-CAN-4457 |
Hewlett Packard Enterprise |
CVE-2017-13984 |
6.8 |
2017-09-07 |
|
Hewlett Packard Enterprise Application Performance Management System Health SHExportToExcel Servlet Directory Traversal Arbitrary File Deletion Vulnerability |
| ZDI-17-719 |
ZDI-CAN-4455 |
Hewlett Packard Enterprise |
CVE-2017-13982 |
9.0 |
2017-09-07 |
|
Hewlett Packard Enterprise Application Performance Management System Health UploadManager Servlet Directory Traversal Unrestricted File Upload Vulnerability |
| ZDI-17-718 |
ZDI-CAN-5030 |
Foxit |
CVE-2017-10953 |
6.8 |
2017-09-07 |
|
Foxit Reader XFA gotoURL Command Injection Remote Code Execution Vulnerability |
| ZDI-17-717 |
ZDI-CAN-4361 |
Bitdefender |
CVE-2017-10954 |
9.3 |
2017-09-06 |
|
Bitdefender Internet Security PDF Predictor Integer Overflow Remote Code Execution Vulnerability |
| ZDI-17-716 |
ZDI-CAN-4524 |
Hewlett Packard Enterprise |
CVE-2017-8994 |
7.5 |
2017-09-05 |
|
Hewlett Packard Enterprise Operations Orchestration Backwards Compatibility Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-17-715 |
ZDI-CAN-4563 |
Hewlett Packard Enterprise |
CVE-2017-8994 |
7.5 |
2017-09-05 |
|
Hewlett Packard Enterprise Operations Orchestration Central-Remoting Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-17-714 |
ZDI-CAN-4521 |
Apple |
CVE-2017-7071 |
6.8 |
2017-09-05 |
|
Apple Safari HTMLSlotElement Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-713 |
ZDI-CAN-4897 |
Advantech |
CVE-2017-12713 |
7.2 |
2017-08-30 |
|
Advantech WebAccess Product Installation File Access Control Modification Privilege Escalation Vulnerability |
| ZDI-17-712 |
ZDI-CAN-4548 |
Advantech |
CVE-2017-12710 |
9.4 |
2017-08-30 |
|
Advantech WebAccess rmTemplate SQL Injection Information Disclosure Vulnerability |
| ZDI-17-711 |
ZDI-CAN-4695 |
EMC |
CVE-2017-8003 |
6.8 |
2017-08-25 |
|
EMC Data Protection Advisor ScheduledReportResource Directory Traversal Information Disclosure Vulnerability |
| ZDI-17-710 |
ZDI-CAN-4698 |
EMC |
CVE-2017-8002 |
6.8 |
2017-08-25 |
|
EMC Data Protection Advisor RequestHistoryResource orderby SQL Injection Information Disclosure Vulnerability |
| ZDI-17-709 |
ZDI-CAN-4694 |
EMC |
CVE-2017-8002 |
6.8 |
2017-08-25 |
|
EMC Data Protection Advisor ReportQueueResource orderby SQL Injection Information Disclosure Vulnerability |
| ZDI-17-708 |
ZDI-CAN-4696 |
EMC |
CVE-2017-8002 |
6.8 |
2017-08-25 |
|
EMC Data Protection Advisor BaseRestEntityResource orderby SQL Injection Information Disclosure Vulnerability |
| ZDI-17-707 |
ZDI-CAN-4111 |
Delta Industrial Automation |
|
6.8 |
2017-08-24 |
|
(0Day) Delta Industrial Automation PMSoft Project File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-706 |
ZDI-CAN-4045 |
Delta Industrial Automation |
|
6.8 |
2017-08-24 |
|
(0Day) Delta Industrial Automation PMSoft Project File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-705 |
ZDI-CAN-4442 |
Delta Industrial Automation |
CVE-2018-7507 |
6.8 |
2017-08-24 |
2018-03-28 |
(0Day) Delta Industrial Automation WPLSoft dvp File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-704 |
ZDI-CAN-4441 |
Delta Industrial Automation |
CVE-2018-7507 |
5.1 |
2017-08-24 |
2018-03-28 |
(0Day) Delta Industrial Automation WPLSoft dvp File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-703 |
ZDI-CAN-4436 |
Delta Industrial Automation |
CVE-2018-7507 |
7.5 |
2017-08-24 |
2018-03-28 |
(0Day) Delta Industrial Automation WPLSoft dvp File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-702 |
ZDI-CAN-4440 |
Delta Industrial Automation |
CVE-2018-7507 |
7.5 |
2017-08-24 |
2018-03-28 |
(0Day) Delta Industrial Automation WPLSoft dvp File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-701 |
ZDI-CAN-4435 |
Delta Industrial Automation |
CVE-2018-7509 |
7.5 |
2017-08-24 |
2018-03-28 |
(0Day) Delta Industrial Automation WPLSoft dvp File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-700 |
ZDI-CAN-4428 |
Delta Industrial Automation |
CVE-2018-7509 |
7.5 |
2017-08-24 |
2018-03-28 |
(0Day) Delta Industrial Automation WPLSoft dvp File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-699 |
ZDI-CAN-4439 |
Delta Industrial Automation |
CVE-2018-7507 |
6.8 |
2017-08-24 |
2018-03-28 |
(0Day) Delta Industrial Automation WPLSoft dvp File Parsing Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-698 |
ZDI-CAN-3917 |
Delta Industrial Automation |
CVE-2018-7494 |
7.5 |
2017-08-24 |
2018-03-28 |
(0Day) Delta Industrial Automation WPLSoft File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-697 |
ZDI-CAN-4438 |
Delta Industrial Automation |
CVE-2018-7509 |
7.5 |
2017-08-24 |
2018-03-28 |
(0Day) Delta Industrial Automation WPLSoft dvp File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-696 |
ZDI-CAN-4884 |
Microsoft |
CVE-2017-8496 |
6.8 |
2017-08-24 |
|
Microsoft Edge DOMAttrModified Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-695 |
ZDI-CAN-4174 |
SpiderControl |
CVE-2017-12694 |
7.8 |
2017-08-23 |
|
SpiderControl SCADA Webserver iniNet Directory Traversal Information Disclosure Vulnerability |
| ZDI-17-694 |
ZDI-CAN-4194 |
SpiderControl |
CVE-2017-12707 |
6.8 |
2017-08-23 |
|
SpiderControl SCADA MicroBrowser StaticHTMLTagsFileName Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-693 |
ZDI-CAN-4776 |
Bitdefender |
CVE-2017-10950 |
6.2 |
2017-08-17 |
|
Bitdefender Total Security bdfwfpf Kernel Driver Double Free Privilege Escalation Vulnerability |
| ZDI-17-692 |
ZDI-CAN-4518 |
Foxit |
CVE-2017-10952 |
7.5 |
2017-08-17 |
|
(0Day) Foxit Reader saveAs Arbitrary File Write Remote Code Execution Vulnerability |
| ZDI-17-691 |
ZDI-CAN-4724 |
Foxit |
CVE-2017-10951 |
6.8 |
2017-08-17 |
|
(0Day) Foxit Reader launchURL Command Injection Remote Code Execution Vulnerability |
| ZDI-17-690 |
ZDI-CAN-4880 |
Hewlett Packard Enterprise |
CVE-2017-12526 |
9.0 |
2017-08-14 |
|
Hewlett Packard Enterprise Intelligent Management Center wmiConfigContent Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-689 |
ZDI-CAN-4879 |
Hewlett Packard Enterprise |
CVE-2017-12525 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center index Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-688 |
ZDI-CAN-4878 |
Hewlett Packard Enterprise |
CVE-2017-12524 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center operatorGroupSelectContent Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-687 |
ZDI-CAN-4875 |
Hewlett Packard Enterprise |
CVE-2017-12523 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center guiDataDetail Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-686 |
ZDI-CAN-4873 |
Hewlett Packard Enterprise |
CVE-2017-12522 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center quickTemplateSelect Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-685 |
ZDI-CAN-4872 |
Hewlett Packard Enterprise |
CVE-2017-12521 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center userSelectPagingContent Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-684 |
ZDI-CAN-4871 |
Hewlett Packard Enterprise |
CVE-2017-12520 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center perfAddorModDeviceMonitor Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-683 |
ZDI-CAN-4870 |
Hewlett Packard Enterprise |
CVE-2017-12519 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center faultEventSelectFactWithRecover Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-682 |
ZDI-CAN-4869 |
Hewlett Packard Enterprise |
CVE-2017-12518 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center operationSelect Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-681 |
ZDI-CAN-4868 |
Hewlett Packard Enterprise |
CVE-2017-12517 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center iccSelectDymicParam Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-680 |
ZDI-CAN-4864 |
Hewlett Packard Enterprise |
CVE-2017-12515 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center iccSelectRules Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-679 |
ZDI-CAN-4862 |
Hewlett Packard Enterprise |
CVE-2017-12514 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center devSoftSel Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-678 |
ZDI-CAN-4860 |
Hewlett Packard Enterprise |
CVE-2017-12513 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center perfSelectTask Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-677 |
ZDI-CAN-4859 |
Hewlett Packard Enterprise |
CVE-2017-12512 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center deviceThresholdConfig Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-676 |
ZDI-CAN-4874 |
Hewlett Packard Enterprise |
CVE-2017-12510 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center iccSelectDeviceSeries Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-675 |
ZDI-CAN-4853 |
Hewlett Packard Enterprise |
CVE-2017-12511 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center dnd Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-674 |
ZDI-CAN-4841 |
Hewlett Packard Enterprise |
CVE-2017-12499 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center select Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-673 |
ZDI-CAN-4877 |
Hewlett Packard Enterprise |
CVE-2017-12509 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center smsRulesDownload Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-672 |
ZDI-CAN-4876 |
Hewlett Packard Enterprise |
CVE-2017-12508 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center operatorGroupTreeSelectContent Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-671 |
ZDI-CAN-4867 |
Hewlett Packard Enterprise |
CVE-2017-12516 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center deploySelectBootrom Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-670 |
ZDI-CAN-4866 |
Hewlett Packard Enterprise |
CVE-2017-12507 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center deploySelectSoftware Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-669 |
ZDI-CAN-4865 |
Hewlett Packard Enterprise |
CVE-2017-12506 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center compareFilesResult Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-668 |
ZDI-CAN-4863 |
Hewlett Packard Enterprise |
CVE-2017-12505 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-667 |
ZDI-CAN-4861 |
Hewlett Packard Enterprise |
CVE-2017-12504 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center iccSelectDevType Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-666 |
ZDI-CAN-4858 |
Hewlett Packard Enterprise |
CVE-2017-12503 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center templateSelect Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-665 |
ZDI-CAN-4850 |
Hewlett Packard Enterprise |
CVE-2017-12502 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center reportTaskSelect Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-664 |
ZDI-CAN-4849 |
Hewlett Packard Enterprise |
CVE-2017-12501 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center select Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-663 |
ZDI-CAN-4848 |
Hewlett Packard Enterprise |
CVE-2017-12500 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center ictExpertDownload Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-662 |
ZDI-CAN-4839 |
Hewlett Packard Enterprise |
CVE-2017-12498 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center customTemplateSelect Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-661 |
ZDI-CAN-4852 |
Hewlett Packard Enterprise |
CVE-2017-12497 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center deviceSelect Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-660 |
ZDI-CAN-4851 |
Hewlett Packard Enterprise |
CVE-2017-12496 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center sshConfig Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-659 |
ZDI-CAN-4840 |
Hewlett Packard Enterprise |
CVE-2017-12495 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center selectUserGroup Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-658 |
ZDI-CAN-4838 |
Hewlett Packard Enterprise |
CVE-2017-12494 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center mediaForAction Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-657 |
ZDI-CAN-4904 |
Hewlett Packard Enterprise |
CVE-2017-12493 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center queryCustomCondition Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-656 |
ZDI-CAN-4903 |
Hewlett Packard Enterprise |
CVE-2017-12492 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center saveSelectedInterfaces Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-655 |
ZDI-CAN-4902 |
Hewlett Packard Enterprise |
CVE-2017-12491 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center safeSelectedDevices Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-654 |
ZDI-CAN-4901 |
Hewlett Packard Enterprise |
CVE-2017-12490 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center perfSelInsServer Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-653 |
ZDI-CAN-4900 |
Hewlett Packard Enterprise |
CVE-2017-12489 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center perfInsListServer Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-652 |
ZDI-CAN-4899 |
Hewlett Packard Enterprise |
CVE-2017-12488 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center perfSelItemServer Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-651 |
ZDI-CAN-4898 |
Hewlett Packard Enterprise |
CVE-2017-12487 |
9.0 |
2017-08-11 |
|
Hewlett Packard Enterprise Intelligent Management Center perfAddFormServer Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-17-650 |
ZDI-CAN-4407 |
Bitdefender |
|
6.8 |
2017-08-11 |
|
Bitdefender Internet Security RAR STM Record Integer Overflow Remote Code Execution Vulnerability |
| ZDI-17-649 |
ZDI-CAN-4360 |
Bitdefender |
|
6.8 |
2017-08-11 |
|
Bitdefender Internet Security Inno File Locations Integer Overflow Remote Code Execution Vulnerability |
| ZDI-17-648 |
ZDI-CAN-4359 |
Bitdefender |
|
6.8 |
2017-08-11 |
|
Bitdefender Internet Security Inno Header Strings Integer Overflow Remote Code Execution Vulnerability |
| ZDI-17-647 |
ZDI-CAN-4406 |
Bitdefender |
|
6.8 |
2017-08-11 |
|
Bitdefender Internet Security NSIS Sections Integer Overflow Remote Code Execution Vulnerability |
| ZDI-17-646 |
ZDI-CAN-4021 |
Fuji Electric |
CVE-2017-9662 |
4.4 |
2017-08-10 |
|
Fuji Electric Monitouch V-SFT Insecure Configuration Privilege Escalation Vulnerability |
| ZDI-17-645 |
ZDI-CAN-3994 |
Fuji Electric |
CVE-2017-9660 |
6.8 |
2017-08-10 |
|
Fuji Electric Monitouch V-SFT Project File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-644 |
ZDI-CAN-4014 |
Fuji Electric |
CVE-2017-9659 |
6.8 |
2017-08-10 |
|
Fuji Electric Monitouch V-SFT Project File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-643 |
ZDI-CAN-3993 |
Fuji Electric |
CVE-2017-9659 |
6.8 |
2017-08-10 |
|
Fuji Electric Monitouch V-SFT Project File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-642 |
ZDI-CAN-4127 |
Adobe |
CVE-2017-11274 |
6.8 |
2017-08-09 |
|
Adobe Digital Editions ePub Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-641 |
ZDI-CAN-4826 |
Microsoft |
CVE-2017-8641 |
6.8 |
2017-08-08 |
|
Microsoft Chakra eval Integer Overflow Remote Code Execution Vulnerability |
| ZDI-17-640 |
ZDI-CAN-4777 |
Microsoft |
CVE-2017-8653 |
5.1 |
2017-08-08 |
|
Microsoft Internet Explorer SVG Layout Uninitialized Memory Remote Code Execution Vulnerability |
| ZDI-17-639 |
ZDI-CAN-4770 |
Microsoft |
CVE-2017-8633 |
2.6 |
2017-08-08 |
|
Microsoft Windows Error Reporting Manager Improper Access Control Privilege Escalation Vulnerability |
| ZDI-17-638 |
ZDI-CAN-4405 |
Microsoft |
CVE-2017-0250 |
5.1 |
2017-08-08 |
|
Microsoft Windows Jet Engine Library Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-637 |
ZDI-CAN-4461 |
Microsoft |
CVE-2017-8503 |
3.7 |
2017-08-08 |
|
Microsoft Edge XAML File Improper Access Control Privilege Escalation Vulnerability |
| ZDI-17-636 |
ZDI-CAN-4484 |
Microsoft |
CVE-2017-0293 |
6.8 |
2017-08-08 |
|
Microsoft Windows PDF Library JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-635 |
ZDI-CAN-4773 |
Microsoft |
CVE-2017-8624 |
6.9 |
2017-08-08 |
|
Microsoft Windows CLFS Driver Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-17-634 |
ZDI-CAN-4762 |
Adobe |
CVE-2017-3085 |
4.3 |
2017-08-08 |
|
Adobe Flash URL Redirect Information Disclosure Vulnerability |
| ZDI-17-633 |
ZDI-CAN-4887 |
Adobe |
CVE-2017-11231 |
6.8 |
2017-08-08 |
|
Adobe Acrobat Reader DC PDF Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-632 |
ZDI-CAN-4883 |
Adobe |
CVE-2017-11265 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-631 |
ZDI-CAN-4881 |
Adobe |
CVE-2017-11256 |
6.8 |
2017-08-08 |
|
Adobe Acrobat Pro DC XFA AFLayoutInfo Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-630 |
ZDI-CAN-4854 |
Adobe |
CVE-2017-11255 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion TIFF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-629 |
ZDI-CAN-4847 |
Adobe |
CVE-2017-11271 |
6.8 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-17-628 |
ZDI-CAN-4843 |
Adobe |
CVE-2017-11256 |
6.8 |
2017-08-09 |
|
Adobe Acrobat Pro DC XFA PDEContent Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-627 |
ZDI-CAN-4842 |
Adobe |
CVE-2017-11257 |
6.8 |
2017-08-09 |
|
Adobe Acrobat Pro DC XFA nodes Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-626 |
ZDI-CAN-4836 |
Adobe |
CVE-2017-11261 |
6.8 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-625 |
ZDI-CAN-4835 |
Adobe |
CVE-2017-11270 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-624 |
ZDI-CAN-4834 |
Adobe |
CVE-2017-11259 |
6.8 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-623 |
ZDI-CAN-4833 |
Adobe |
CVE-2017-11269 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-622 |
ZDI-CAN-4832 |
Adobe |
CVE-2017-11268 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-621 |
ZDI-CAN-4831 |
Adobe |
CVE-2017-11267 |
6.8 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-17-620 |
ZDI-CAN-4830 |
Adobe |
CVE-2017-11259 |
6.8 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-619 |
ZDI-CAN-4829 |
Adobe |
CVE-2017-11258 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-618 |
ZDI-CAN-4827 |
Adobe |
CVE-2017-11261 |
6.8 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-617 |
ZDI-CAN-4828 |
Adobe |
CVE-2017-11260 |
6.8 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-616 |
ZDI-CAN-4823 |
Adobe |
CVE-2017-11233 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-615 |
ZDI-CAN-4764 |
Adobe |
CVE-2017-11249 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-614 |
ZDI-CAN-4821 |
Adobe |
CVE-2017-11232 |
6.8 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-613 |
ZDI-CAN-4820 |
Adobe |
CVE-2017-11231 |
6.8 |
2017-08-08 |
|
Adobe Acrobat Pro DC PDF Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-612 |
ZDI-CAN-4819 |
Adobe |
CVE-2017-11252 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-611 |
ZDI-CAN-4818 |
Adobe |
CVE-2017-11230 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-610 |
ZDI-CAN-4817 |
Adobe |
CVE-2017-11228 |
6.8 |
2017-08-08 |
|
Adobe Acrobat Pro DC JPEG2000 Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-17-609 |
ZDI-CAN-4769 |
Adobe |
CVE-2017-11251 |
6.8 |
2017-08-08 |
|
Adobe Acrobat Pro DC JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-608 |
ZDI-CAN-4767 |
Adobe |
CVE-2017-11244 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-607 |
ZDI-CAN-4766 |
Adobe |
CVE-2017-11216 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-606 |
ZDI-CAN-4765 |
Adobe |
CVE-2017-11227 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-605 |
ZDI-CAN-4822 |
Adobe |
CVE-2017-11242 |
6.8 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-604 |
ZDI-CAN-4763 |
Adobe |
CVE-2017-11248 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-603 |
ZDI-CAN-4748 |
Adobe |
CVE-2017-11246 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-602 |
ZDI-CAN-4747 |
Adobe |
CVE-2017-11245 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-601 |
ZDI-CAN-4746 |
Adobe |
CVE-2017-11244 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-600 |
ZDI-CAN-4734 |
Adobe |
CVE-2017-11243 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC XSLT Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-599 |
ZDI-CAN-4733 |
Adobe |
CVE-2017-3121 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-598 |
ZDI-CAN-4732 |
Adobe |
CVE-2017-11242 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-597 |
ZDI-CAN-4731 |
Adobe |
CVE-2017-11241 |
6.8 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-596 |
ZDI-CAN-4730 |
Adobe |
CVE-2017-3122 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-595 |
ZDI-CAN-4729 |
Adobe |
CVE-2017-11239 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-594 |
ZDI-CAN-4728 |
Adobe |
CVE-2017-11239 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-593 |
ZDI-CAN-4727 |
Adobe |
CVE-2017-11238 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-592 |
ZDI-CAN-4726 |
Adobe |
CVE-2017-11237 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-591 |
ZDI-CAN-4725 |
Adobe |
CVE-2017-11236 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC Forms Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-590 |
ZDI-CAN-4720 |
Adobe |
CVE-2017-11235 |
6.8 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion JPEG Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-589 |
ZDI-CAN-4719 |
Adobe |
CVE-2017-11234 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion TIFF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-588 |
ZDI-CAN-4716 |
Adobe |
CVE-2017-11223 |
6.8 |
2017-08-08 |
|
Adobe Reader DC XFA closeDoc Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-587 |
ZDI-CAN-4715 |
Adobe |
CVE-2017-11224 |
6.8 |
2017-08-08 |
|
Adobe Reader DC XFA loadXML Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-586 |
ZDI-CAN-4572 |
Adobe |
CVE-2017-11217 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-585 |
ZDI-CAN-4571 |
Adobe |
CVE-2017-11219 |
6.8 |
2017-08-08 |
|
Adobe Reader DC XFA topInset Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-584 |
ZDI-CAN-4570 |
Adobe |
CVE-2017-11216 |
6.8 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-583 |
ZDI-CAN-4569 |
Adobe |
CVE-2017-3121 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-582 |
ZDI-CAN-4568 |
Adobe |
CVE-2017-11214 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-581 |
ZDI-CAN-4567 |
Adobe |
CVE-2017-3122 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-580 |
ZDI-CAN-4566 |
Adobe |
CVE-2017-11212 |
6.8 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-579 |
ZDI-CAN-4562 |
Adobe |
CVE-2017-11211 |
6.8 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion JPEG Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-578 |
ZDI-CAN-4559 |
Adobe |
CVE-2017-11210 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion XPS Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-577 |
ZDI-CAN-4558 |
Adobe |
CVE-2017-11209 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion XPS Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-576 |
ZDI-CAN-4557 |
Adobe |
CVE-2017-3124 |
6.8 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion PCX Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-575 |
ZDI-CAN-4556 |
Adobe |
CVE-2017-3123 |
6.8 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-574 |
ZDI-CAN-4534 |
Adobe |
CVE-2017-3122 |
4.3 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-573 |
ZDI-CAN-4502 |
Adobe |
CVE-2017-3121 |
6.8 |
2017-08-08 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-572 |
ZDI-CAN-4490 |
Adobe |
CVE-2017-11218 |
6.8 |
2017-08-08 |
|
Adobe Reader DC XFA Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-571 |
ZDI-CAN-4489 |
Adobe |
CVE-2017-3120 |
6.8 |
2017-08-08 |
|
Adobe Reader DC XFA Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-570 |
ZDI-CAN-4369 |
Adobe |
CVE-2017-3115 |
4.3 |
2017-08-08 |
|
Adobe Reader DC URL Parsing Insufficient Verification of Data Authenticity Information Disclosure Vulnerability |
| ZDI-17-569 |
ZDI-CAN-4310 |
Adobe |
CVE-2017-3113 |
6.8 |
2017-08-08 |
|
Adobe Reader DC XFA exportAsXFAStr Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-568 |
ZDI-CAN-4128 |
Adobe |
CVE-2017-3091 |
4.3 |
2017-08-08 |
|
Adobe Digital Editions ePub JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-567 |
ZDI-CAN-4099 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess nvA1Media Connect MediaUsername Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-566 |
ZDI-CAN-4076 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess nvA1Media DeviceType 3 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-565 |
ZDI-CAN-4102 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess nvA1Media Connect MediaPassword Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-564 |
ZDI-CAN-4080 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess RtspVapgDecoderNew2 PMSettingData3D Name Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-563 |
ZDI-CAN-4079 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess RtspVapgDecoderNew2 SetLangStringHex Out-of-bounds Access Remote Code Execution Vulnerability |
| ZDI-17-562 |
ZDI-CAN-4082 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess RtspVapgDecoderNew2 PMSettingData3D Height Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-561 |
ZDI-CAN-4110 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess TpMegaJVT setCameraName Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-560 |
ZDI-CAN-4075 |
Advantech |
|
7.5 |
2017-08-07 |
2018-02-21 |
(0Day) Advantech WebAccess RtspVapgDecoderNew2 SetPaybackFilePath Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-559 |
ZDI-CAN-4086 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess TpMegaJVT createStream Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-558 |
ZDI-CAN-4085 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess RtspVapgDecoderNew2 PMSettingData3D Width Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-557 |
ZDI-CAN-4105 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess nvA1Media Connect MediaPassword Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-556 |
ZDI-CAN-4106 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess nvA1Media Connect MediaURL Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-555 |
ZDI-CAN-4077 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess nvA1Media Saturation Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-554 |
ZDI-CAN-4074 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess nvA1Media GetMDInterval Out-Of-Bounds Access Remote Code Execution Vulnerability |
| ZDI-17-553 |
ZDI-CAN-4109 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess nvA1Media Connect MediaURL Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-552 |
ZDI-CAN-4071 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess nvA1Media Hue Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-551 |
ZDI-CAN-4098 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess nvA1Media Connect MediaPassword Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-550 |
ZDI-CAN-4108 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess nvA1Media Connect MediaPassword Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-549 |
ZDI-CAN-4068 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess RtspVapgDecoderNew2 SetPaybackFilePath Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-548 |
ZDI-CAN-4107 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess nvA1Media Connect MediaUsername Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-547 |
ZDI-CAN-4069 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess nvA1Media Brightness Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-546 |
ZDI-CAN-4096 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess VideoDAQ SDFileEnum Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-545 |
ZDI-CAN-4081 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess RtspVapgDecoderNew2 PMSettingData3D Name Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-544 |
ZDI-CAN-4090 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess TpMegaJVT setGroupIp Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-543 |
ZDI-CAN-4089 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess TpMegaJVT startSoundRecord Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-542 |
ZDI-CAN-4072 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess nvA1Media ExecuteURLCommand Format String Remote Code Execution Vulnerability |
| ZDI-17-541 |
ZDI-CAN-4083 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess RtspVapgDecoderNew2 PMSettingData3D Height Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-540 |
ZDI-CAN-4095 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess VideoDAQ SDFileDownload Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-539 |
ZDI-CAN-4097 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess nvA1Media Caption Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-538 |
ZDI-CAN-4104 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess nvA1Media Connect MediaUsername Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-537 |
ZDI-CAN-4070 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess nvA1Media Contrast Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-536 |
ZDI-CAN-4094 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess bwocxrun OpenUrlToBufferTimeout Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-535 |
ZDI-CAN-4092 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess TpMegaJVT CreateSound Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-534 |
ZDI-CAN-4093 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess TpMegaJVT CreateStream Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-533 |
ZDI-CAN-4088 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess TpMegaJVT getSectionValue createStream Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-532 |
ZDI-CAN-4073 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess nvA1Media SetMDInterval Out-Of-Bounds Access Remote Code Execution Vulnerability |
| ZDI-17-531 |
ZDI-CAN-4078 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess RtspVapgDecoderNew2 SetLangString Out-of-bounds Access Remote Code Execution Vulnerability |
| ZDI-17-530 |
ZDI-CAN-4087 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess TpMegaJVT startSoundRecord Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-529 |
ZDI-CAN-4084 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess RtspVapgDecoderNew2 PMSettingData3D Width Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-528 |
ZDI-CAN-4103 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess nvA1Media Connect MediaURL Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-527 |
ZDI-CAN-4091 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess TpMegaJVT Set_MD_Mode Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-526 |
ZDI-CAN-4100 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess nvA1Media Connect MediaURL Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-525 |
ZDI-CAN-4101 |
Advantech |
|
7.5 |
2017-08-07 |
|
(0Day) Advantech WebAccess nvA1Media Connect MediaUsername Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-524 |
ZDI-CAN-4211 |
Advantech |
|
5.0 |
2017-08-07 |
|
(0Day) Advantech WebAccess ExlViewer getTemplateDetailByName template SQL Injection Information Disclosure Vulnerability |
| ZDI-17-523 |
ZDI-CAN-4459 |
Dell EMC |
CVE-2017-10949 |
7.8 |
2017-08-02 |
|
Dell Storage Manager EmWebsiteServlet Directory Traversal Information Disclosure Vulnerability |
| ZDI-17-522 |
ZDI-CAN-4543 |
Trend Micro |
CVE-2017-11393 |
9.0 |
2017-11-29 |
|
Trend Micro OfficeScan Proxy Command Injection Remote Code Execution Vulnerability |
| ZDI-17-521 |
ZDI-CAN-4544 |
Trend Micro |
CVE-2017-11394 |
9.0 |
2017-08-02 |
|
Trend Micro OfficeScan Proxy Command Injection Remote Code Execution Vulnerability |
| ZDI-17-520 |
ZDI-CAN-4037 |
Eaton |
|
6.8 |
2017-08-07 |
|
(0Day) Eaton ELCSoft ELCSimulator Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-519 |
ZDI-CAN-3960 |
Eaton |
|
6.8 |
2017-08-07 |
|
(0Day) Eaton ELCSoft Project File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-518 |
ZDI-CAN-3794 |
Mitsubishi Electric |
CVE-2017-9636 |
9.3 |
2017-08-01 |
|
Mitsubishi Electric E-Designer BEMatsushita Driver Configuration TCP_IP_Address Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-517 |
ZDI-CAN-3795 |
Mitsubishi Electric |
CVE-2017-9636 |
9.3 |
2017-08-01 |
|
Mitsubishi Electric E-Designer BEYaskawaSMC Driver Configuration IPAddress Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-516 |
ZDI-CAN-3796 |
Mitsubishi Electric |
CVE-2017-9638 |
9.3 |
2017-08-01 |
|
Mitsubishi Electric E-Designer BECMpi Driver Configuration ClockDevice Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-515 |
ZDI-CAN-3797 |
Mitsubishi Electric |
CVE-2017-9638 |
9.3 |
2017-08-01 |
|
Mitsubishi Electric E-Designer BES7IsoTcp Driver Configuration ClockDevice Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-514 |
ZDI-CAN-3798 |
Mitsubishi Electric |
CVE-2017-9638 |
9.3 |
2017-08-01 |
|
Mitsubishi Electric E-Designer BEMBSlave Driver Configuration CommErrIO Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-513 |
ZDI-CAN-3799 |
Mitsubishi Electric |
CVE-2017-9638 |
9.3 |
2017-08-01 |
|
Mitsubishi Electric E-Designer BEModbus Driver Configuration ClockDevice Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-512 |
ZDI-CAN-3800 |
Mitsubishi Electric |
CVE-2017-9636 |
9.3 |
2017-08-01 |
|
Mitsubishi Electric E-Designer BEGalil Driver Configuration IPAddress Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-511 |
ZDI-CAN-3801 |
Mitsubishi Electric |
CVE-2017-9636 |
9.3 |
2017-08-01 |
|
Mitsubishi Electric E-Designer BECoDeSysARTI Driver Configuration IPAddress0 Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-510 |
ZDI-CAN-3802 |
Mitsubishi Electric |
CVE-2017-9636 |
9.3 |
2017-08-01 |
|
Mitsubishi Electric E-Designer BEMicroLogix Driver Configuration TCP_IP_Address Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-509 |
ZDI-CAN-3808 |
Mitsubishi Electric |
CVE-2017-9638 |
9.3 |
2017-08-01 |
|
Mitsubishi Electric E-Designer BEComliSlave Driver Configuration Status_bit Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-508 |
ZDI-CAN-3803 |
Mitsubishi Electric |
CVE-2017-9638 |
9.3 |
2017-08-01 |
|
Mitsubishi Electric E-Designer SetupAlarm Font Property Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-507 |
ZDI-CAN-3804 |
Mitsubishi Electric |
CVE-2017-9634 |
9.3 |
2017-08-01 |
|
Mitsubishi Electric E-Designer Symbol xSize Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-506 |
ZDI-CAN-3759 |
Mitsubishi Electric |
CVE-2017-9634 |
9.3 |
2017-08-01 |
|
Mitsubishi Electric E-Designer TxStaticString Col Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-505 |
ZDI-CAN-4768 |
Dell EMC |
CVE-2017-8011 |
9.0 |
2017-08-01 |
|
Dell EMC VNX Monitoring and Reporting Scheduler Static Credentials Remote Code Execution Vulnerability |
| ZDI-17-504 |
ZDI-CAN-4745 |
Trend Micro |
CVE-2017-11392 |
6.5 |
2017-07-31 |
|
Trend Micro InterScan Messaging Security Proxy Command Injection Remote Code Execution Vulnerability |
| ZDI-17-503 |
ZDI-CAN-4350 |
Trend Micro |
CVE-2017-11382 |
7.8 |
2017-07-31 |
|
Trend Micro Deep Discovery Email Inspector kdump_setting Denial of Service Vulnerability |
| ZDI-17-502 |
ZDI-CAN-4744 |
Trend Micro |
CVE-2017-11391 |
6.5 |
2017-07-31 |
|
Trend Micro InterScan Messaging Security Proxy Command Injection Remote Code Execution Vulnerability |
| ZDI-17-501 |
ZDI-CAN-4706 |
Trend Micro |
CVE-2017-11390 |
4.0 |
2017-07-31 |
|
Trend Micro Control Manager BasePageSessionExpire External Entity Processing Information Disclosure Vulnerability |
| ZDI-17-500 |
ZDI-CAN-4684 |
Trend Micro |
CVE-2017-11389 |
6.8 |
2017-07-31 |
|
Trend Micro Control Manager cmdHandlerFileHandling Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-499 |
ZDI-CAN-4638 |
Trend Micro |
CVE-2017-11388 |
6.0 |
2017-07-31 |
|
Trend Micro Control Manager RestfulServiceUtility.NET SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-498 |
ZDI-CAN-4639 |
Trend Micro |
CVE-2017-11388 |
6.0 |
2017-07-31 |
|
Trend Micro Control Manager RestfulServiceUtility.NET SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-497 |
ZDI-CAN-4512 |
Trend Micro |
CVE-2017-11387 |
5.0 |
2017-07-31 |
|
Trend Micro Control Manager Debug Level Authentication Bypass Information Disclosure Vulnerability |
| ZDI-17-496 |
ZDI-CAN-4549 |
Trend Micro |
CVE-2017-11386 |
7.8 |
2017-08-02 |
|
Trend Micro Control Manager cmdHandlerNewReportScheduler SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-495 |
ZDI-CAN-4545 |
Trend Micro |
CVE-2017-11385 |
7.8 |
2017-08-02 |
|
Trend Micro Control Manager cmdHandlerStatusMonitor SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-494 |
ZDI-CAN-4561 |
Trend Micro |
CVE-2017-11384 |
7.8 |
2017-08-02 |
|
Trend Micro Control Manager cmdHandlerLicenseManager SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-493 |
ZDI-CAN-4560 |
Trend Micro |
CVE-2017-11383 |
7.8 |
2017-08-02 |
|
Trend Micro Control Manager cmdHandlerTVCSCommander SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-492 |
ZDI-CAN-4416 |
AlienVault |
|
10.0 |
2017-07-20 |
2018-02-09 |
AlienVault Unified Security Management nfcapd Process_ipfix_template_withdraw Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-491 |
ZDI-CAN-4641 |
EMC |
CVE-2017-4997 |
10.0 |
2017-07-19 |
|
EMC VMAX3 VASA Provider UploadConfigurator Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-17-490 |
ZDI-CAN-4798 |
Apple |
CVE-2017-7053 |
7.2 |
2017-07-19 |
|
Apple iTunes iPodService Privilege Escalation Vulnerability |
| ZDI-17-489 |
ZDI-CAN-4707 |
Apple |
CVE-2017-7052 |
6.8 |
2017-07-19 |
|
Apple Safari Frame Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-488 |
ZDI-CAN-4713 |
Microsoft |
CVE-2017-0285 |
2.6 |
2017-07-14 |
|
Microsoft Windows OTL Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-487 |
ZDI-CAN-4612 |
Microsoft |
CVE-2017-8465 |
6.9 |
2017-07-12 |
|
(Pwn2Own) Microsoft Windows NtUserLinkDpiCursor Use-After-Free Privilege Escalation Vulnerability |
| ZDI-17-486 |
ZDI-CAN-4640 |
Adobe |
CVE-2017-3080 |
4.7 |
2017-07-12 |
|
Adobe Flash BrokerCreateFile Broker Method Information Disclosure Vulnerability |
| ZDI-17-485 |
ZDI-CAN-4030 |
Fuji Electric |
CVE-2017-9639 |
6.8 |
2017-07-12 |
|
Fuji Electric V-Server VPR File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-17-484 |
ZDI-CAN-4368 |
Hewlett Packard Enterprise |
CVE-2017-8956 |
10.0 |
2017-08-07 |
|
Hewlett Packard Enterprise Intelligent Management Center dbman Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-483 |
ZDI-CAN-4426 |
Hewlett Packard Enterprise |
CVE-2017-8954 |
10.0 |
2017-08-07 |
|
Hewlett Packard Enterprise Intelligent Management Center dbman Opcode 10005 Command Injection Remote Code Execution Vulnerability |
| ZDI-17-482 |
ZDI-CAN-4425 |
Hewlett Packard Enterprise |
CVE-2017-8955 |
7.8 |
2017-08-07 |
|
Hewlett Packard Enterprise Intelligent Management Center dbman Opcode 10006 Arbitrary File Deletion Denial of Service Vulnerability |
| ZDI-17-481 |
ZDI-CAN-4380 |
Hewlett Packard Enterprise |
CVE-2017-8957 |
10.0 |
2017-08-07 |
|
Hewlett Packard Enterprise Intelligent Management Center dbman Opcode 10005 Command Injection Remote Code Execution Vulnerability |
| ZDI-17-480 |
ZDI-CAN-4894 |
Microsoft |
CVE-2017-8601 |
6.8 |
2017-07-11 |
|
Microsoft Chakra Array JIT Optimization Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-479 |
ZDI-CAN-4889 |
Microsoft |
CVE-2017-8601 |
6.8 |
2017-07-11 |
|
Microsoft Chakra Array JIT Optimization Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-478 |
ZDI-CAN-4886 |
Microsoft |
CVE-2017-8601 |
6.8 |
2017-07-11 |
|
Microsoft Chakra Typed Array JIT Optimization Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-477 |
ZDI-CAN-4895 |
Adobe |
CVE-2017-3100 |
6.8 |
2017-07-11 |
|
Adobe Flash Player BitmapData applyFilter Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-17-476 |
ZDI-CAN-4577 |
Microsoft |
CVE-2017-8590 |
6.9 |
2017-07-11 |
|
(Pwn2Own) Microsoft Windows CLFS Driver Uninitialized Memory Privilege Escalation Vulnerability |
| ZDI-17-475 |
ZDI-CAN-4775 |
Microsoft |
CVE-2017-8598 |
6.8 |
2017-08-01 |
|
Microsoft Windows JavaScript super Keyword Uninitialized Memory Remote Code Execution Vulnerability |
| ZDI-17-474 |
ZDI-CAN-4633 |
Microsoft |
CVE-2017-8580 |
6.9 |
2017-07-31 |
|
(Pwn2Own) Microsoft Windows Palette Object Use-After-Free Privilege Escalation Vulnerability |
| ZDI-17-473 |
ZDI-CAN-4624 |
Microsoft |
CVE-2017-8578 |
6.9 |
2017-07-11 |
|
(Pwn2Own) Microsoft Windows PlgBlt Integer Overflow Privilege Escalation Vulnerability |
| ZDI-17-472 |
ZDI-CAN-4621 |
Microsoft |
CVE-2017-8577 |
6.9 |
2017-07-11 |
|
(Pwn2Own) Microsoft Windows GDI Region Object Uninitialized Memory Privilege Escalation Vulnerability |
| ZDI-17-471 |
ZDI-CAN-4576 |
Microsoft |
CVE-2017-8486 |
2.1 |
2017-07-11 |
|
(Pwn2Own) Microsoft Windows win32kfull CopyOutputString Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-470 |
ZDI-CAN-4626 |
Microsoft |
CVE-2017-8467 |
7.2 |
2017-07-11 |
|
(Pwn2Own) Microsoft Windows fnHKINLPRECT Untrusted Pointer Dereference Privilege Escalation Vulnerability |
| ZDI-17-469 |
ZDI-CAN-4630 |
Microsoft |
CVE-2017-8579 |
6.9 |
2017-07-11 |
|
(Pwn2Own) Microsoft Windows D3DKMTCreateAllocation Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-17-468 |
ZDI-CAN-4485 |
Microsoft |
CVE-2017-0291 |
6.8 |
2017-07-11 |
|
Microsoft Windows PDF Library JPEG2000 Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-17-467 |
ZDI-CAN-4482 |
Microsoft |
CVE-2017-0291 |
4.3 |
2017-07-11 |
|
Microsoft Windows PDF Library JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-466 |
ZDI-CAN-4481 |
Microsoft |
CVE-2017-0291 |
6.8 |
2017-07-11 |
|
Microsoft Windows PDF Library JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-465 |
ZDI-CAN-3706 |
Fatek Automation |
CVE-2017-6023 |
6.8 |
2017-07-11 |
|
Fatek Automation PLC Ethernet Module Configuration Tool Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-464 |
ZDI-CAN-4611 |
Microsoft |
CVE-2017-0236 |
6.8 |
2017-07-10 |
|
(Pwn2Own) Microsoft Chakra ArrayBuffer Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-463 |
ZDI-CAN-4603 |
Microsoft |
CVE-2017-8575 |
2.1 |
2017-07-10 |
|
(Pwn2Own) Microsoft Windows basicrender WarpKMEscape Information Disclosure Vulnerability |
| ZDI-17-462 |
ZDI-CAN-4587 |
Google |
CVE-2017-5053 |
6.8 |
2017-07-10 |
|
(Pwn2Own) Google Chrome Array indexOf Out-Of-Bounds Access Remote Code Execution Vulnerability |
| ZDI-17-461 |
ZDI-CAN-4723 |
Foxit |
CVE-2017-10948 |
6.8 |
2017-07-07 |
|
Foxit Reader execMenuItem Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-460 |
ZDI-CAN-4722 |
Foxit |
CVE-2017-10947 |
6.8 |
2017-07-07 |
|
Foxit Reader print Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-459 |
ZDI-CAN-4721 |
Foxit |
CVE-2017-10946 |
6.8 |
2017-07-07 |
|
Foxit Reader setItem Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-458 |
ZDI-CAN-4855 |
Foxit |
CVE-2017-10945 |
6.8 |
2017-07-07 |
|
Foxit Reader App alert Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-457 |
ZDI-CAN-4846 |
Foxit |
CVE-2017-10944 |
4.3 |
2017-07-07 |
|
Foxit Reader ObjStm Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-456 |
ZDI-CAN-4738 |
Foxit |
CVE-2017-10943 |
4.3 |
2017-07-07 |
|
Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-455 |
ZDI-CAN-4737 |
Foxit |
CVE-2017-10942 |
4.3 |
2017-07-07 |
|
Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-454 |
ZDI-CAN-4816 |
Foxit |
CVE-2017-10941 |
6.8 |
2017-07-07 |
|
Foxit Reader AFParseDateEx Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-453 |
ZDI-CAN-3853 |
Joyent |
CVE-2017-10940 |
9.0 |
2017-07-07 |
|
Joyent Smart Data Center Docker API Zone Escape Privilege Escalation Vulnerability |
| ZDI-17-452 |
ZDI-CAN-3703 |
Advantech |
CVE-2017-12705 |
6.8 |
2017-08-15 |
|
(0Day) Advantech WebOP Designer Project File Heap Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-451 |
ZDI-CAN-4602 |
Microsoft |
CVE-2017-8553 |
2.1 |
2017-06-27 |
|
(Pwn2Own) Microsoft Windows XPS Document Writer Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-17-450 |
ZDI-CAN-4604 |
Microsoft |
CVE-2017-8576 |
6.9 |
2017-06-27 |
|
(Pwn2Own) Microsoft Windows WarpKMSubmitCommandVirtual Uninitialized Memory Privilege Escalation Vulnerability |
| ZDI-17-449 |
ZDI-CAN-4344 |
Cisco |
CVE-2017-6636 |
7.8 |
2017-06-26 |
|
Cisco Prime Collaboration Provisioning Logs Directory Improper Access Control Information Disclosure Vulnerability |
| ZDI-17-448 |
ZDI-CAN-4469 |
Cisco |
CVE-2017-6637 |
7.8 |
2017-06-26 |
|
Cisco Prime Collaboration Provisioning logconfigtracer Directory Traversal Arbitrary File Deletion Vulnerability |
| ZDI-17-447 |
ZDI-CAN-4468 |
Cisco |
CVE-2017-6621 |
7.8 |
2017-06-26 |
|
Cisco Prime Collaboration Provisioning logconfigtracer Directory Traversal Information Disclosure Vulnerability |
| ZDI-17-446 |
ZDI-CAN-4467 |
Cisco |
CVE-2017-6635 |
7.8 |
2017-06-26 |
|
Cisco Prime Collaboration Provisioning licensestatus Directory Traversal Arbitrary File Deletion Vulnerability |
| ZDI-17-445 |
ZDI-CAN-4343 |
Cisco |
CVE-2017-6622 |
10.0 |
2017-06-26 |
|
Cisco Prime Collaboration Provisioning ScriptMgr Servlet Authentication Bypass Remote Code Execution Vulnerability |
| ZDI-17-444 |
ZDI-CAN-4279 |
Cisco |
CVE-2017-6669 |
6.8 |
2017-06-23 |
|
Cisco WebEx Network Recording Player ARF File Memory Corruption Remote Code Execution Vulnerability |
| ZDI-17-443 |
ZDI-CAN-4278 |
Cisco |
CVE-2017-6669 |
6.8 |
2017-06-23 |
|
Cisco WebEx Network Recording Player ARF File Memory Corruption Remote Code Execution Vulnerability |
| ZDI-17-442 |
ZDI-CAN-4277 |
Cisco |
CVE-2017-6669 |
6.8 |
2017-06-23 |
|
Cisco WebEx Network Recording Player ARF File CImageList Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-441 |
ZDI-CAN-4537 |
Apple |
CVE-2017-2454 |
6.8 |
2017-06-22 |
|
Apple Safari Node Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-440 |
ZDI-CAN-3833 |
Lepide |
|
9.3 |
2017-06-21 |
|
(0Day) Lepide LepideAuditor Suite Malicious Server Command Injection Remote Code Execution Vulnerability |
| ZDI-17-439 |
ZDI-CAN-3975 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCDRAW AddTabShapeEmptyPage Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-438 |
ZDI-CAN-3974 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCDRAW AddStringUserProperty Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-437 |
ZDI-CAN-3973 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCDRAW AddIntUserProperty Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-436 |
ZDI-CAN-3972 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCDRAW AddFloatUserProperty Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-435 |
ZDI-CAN-3971 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite TKGIS RemoveShape Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-434 |
ZDI-CAN-3970 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite TKGIS FindPortFromIndex Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-433 |
ZDI-CAN-3890 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCDRAW AddDoubleUserProperty Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-432 |
ZDI-CAN-3889 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCDRAW AddDateUserProperty AddDefaultPort Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-431 |
ZDI-CAN-3888 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCDRAW AddColorUserProperty Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-430 |
ZDI-CAN-3887 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCDRAW AddBoolUserProperty Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-429 |
ZDI-CAN-3886 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCDRAW AddShapePoint Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-428 |
ZDI-CAN-3897 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite TKGIS CloneShape Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-427 |
ZDI-CAN-3896 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCSIMPLE PositionShape Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-426 |
ZDI-CAN-3885 |
UCanCode |
|
6.8 |
2017-08-30 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCHMI UpdateShapeGeo Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-425 |
ZDI-CAN-3884 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCUML SetShapeWithLabelShow Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-424 |
ZDI-CAN-3895 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCDIAGRAM InsertShapePoint Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-423 |
ZDI-CAN-3893 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCPRINT FlashShape Untrusted Pointer Dreference Remote Code Execution Vulnerability |
| ZDI-17-422 |
ZDI-CAN-3907 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite TKDRAWCAD RotateShape Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-421 |
ZDI-CAN-3906 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCDRAW MoveShape Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-420 |
ZDI-CAN-3905 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCVIEWER RotateFromCenter Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-419 |
ZDI-CAN-3894 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCVIEWER MoveCenterTo Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-418 |
ZDI-CAN-3904 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCVIEWER ScaleFromCenter Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-417 |
ZDI-CAN-3892 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCVIEWER SelectShape Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-416 |
ZDI-CAN-3883 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCVIEWER AddShapeWithoutUndo Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-415 |
ZDI-CAN-3882 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCVIEWER UpdateControl Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-414 |
ZDI-CAN-3881 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCVIEWER StartRichTextEdit Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-413 |
ZDI-CAN-3880 |
UCanCode |
|
6.8 |
2017-06-21 |
|
(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCVIEWER Multiple Methods Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-17-412 |
ZDI-CAN-4709 |
Apple |
CVE-2017-2530 |
6.8 |
2017-06-21 |
|
Apple Safari Element Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-411 |
ZDI-CAN-4376 |
Foxit |
|
6.8 |
2017-06-15 |
|
Foxit Reader JPXDecode stream Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-410 |
ZDI-CAN-3879 |
Novell |
|
6.8 |
2017-06-14 |
|
Novell ZENworks Reporting Appliance Directory Traversal Arbitrary File Creation Vulnerability |
| ZDI-17-409 |
ZDI-CAN-4701 |
Microsoft |
CVE-2017-0285 |
2.6 |
2017-06-13 |
|
Microsoft Windows OTL Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-408 |
ZDI-CAN-4705 |
Adobe |
CVE-2017-3082 |
6.8 |
2017-06-13 |
|
Adobe Flash LocaleID determinePreferredLocales Uninitialized Memory Remote Code Execution Vulnerability |
| ZDI-17-407 |
ZDI-CAN-4704 |
Adobe |
CVE-2017-3084 |
6.8 |
2017-06-13 |
|
Adobe Flash AuditudeSettings clone Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-406 |
ZDI-CAN-4703 |
Adobe |
CVE-2017-3083 |
6.8 |
2017-06-13 |
|
Adobe Flash Profile Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-405 |
ZDI-CAN-4700 |
Microsoft |
CVE-2017-8532 |
2.6 |
2017-06-13 |
|
Microsoft Windows OTL Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-404 |
ZDI-CAN-4619 |
Microsoft |
CVE-2017-8466 |
6.9 |
2017-06-13 |
|
(Pwn2Own) Microsoft Windows NtUserLinkDpiCursor Use-After-Free Privilege Escalation Vulnerability |
| ZDI-17-403 |
ZDI-CAN-4590 |
Microsoft |
CVE-2017-8468 |
6.9 |
2017-06-13 |
|
(Pwn2Own) Microsoft Windows NtUserLinkDpiCursor Use-After-Free Privilege Escalation Vulnerability |
| ZDI-17-402 |
ZDI-CAN-4608 |
Microsoft |
CVE-2017-8465 |
6.9 |
2017-06-13 |
|
(Pwn2Own) Microsoft Windows NtUserLinkDpiCursor Use-After-Free Privilege Escalation Vulnerability |
| ZDI-17-401 |
ZDI-CAN-4573 |
Microsoft |
CVE-2017-8547 |
7.5 |
2017-06-13 |
|
Microsoft Internet Explorer InsertRow Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-17-400 |
ZDI-CAN-4622 |
Microsoft |
CVE-2017-0296 |
6.9 |
2017-06-13 |
|
(Pwn2Own) Microsoft Windows TdxCreateTransportAddress Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-17-399 |
ZDI-CAN-4564 |
Adobe |
CVE-2017-3075 |
6.8 |
2017-06-13 |
|
Adobe Flash XML load Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-398 |
ZDI-CAN-4483 |
Microsoft |
CVE-2017-8460 |
4.3 |
2017-06-13 |
|
Microsoft Windows PDF Library JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-397 |
ZDI-CAN-4480 |
Microsoft |
CVE-2017-0292 |
6.8 |
2017-06-13 |
|
Microsoft Windows PDF Library JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-396 |
ZDI-CAN-4065 |
Trend Micro |
|
6.9 |
2017-06-13 |
|
Trend Micro Maximum Security tmusa Time-Of-Check/Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-17-395 |
ZDI-CAN-4191 |
Trend Micro |
|
4.7 |
2017-06-13 |
|
Trend Micro Maximum Security tmusa Kernel Driver Untrusted Pointer Dereference Denial of Service Vulnerability |
| ZDI-17-394 |
ZDI-CAN-3844 |
EMC |
CVE-2016-8211 |
5.0 |
2017-06-12 |
|
EMC Data Protection Advisor ImageServlet Directory Traversal Information Disclosure Vulnerability |
| ZDI-17-393 |
ZDI-CAN-4342 |
Hewlett Packard Enterprise |
CVE-2017-8947 |
10.0 |
2017-06-12 |
|
Hewlett Packard Enterprise Universal CMDB UploadFileOnUIServerServlet Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-392 |
ZDI-CAN-3648 |
Schneider Electric |
|
6.8 |
2017-06-12 |
|
(0Day) Schneider Electric U.motion Builder Local Privilege Escalation Vulnerability |
| ZDI-17-391 |
ZDI-CAN-3582 |
Schneider Electric |
|
7.5 |
2017-06-12 |
|
(0Day) Schneider Electric U.motion Builder Embedded Session ID Authentication Bypass Vulnerability |
| ZDI-17-390 |
ZDI-CAN-3583 |
Schneider Electric |
|
5.0 |
2017-06-12 |
|
(0Day) Schneider Electric U.motion Builder css.inc Directory Traversal Information Disclosure Vulnerability |
| ZDI-17-389 |
ZDI-CAN-3584 |
Schneider Electric |
|
5.0 |
2017-06-12 |
|
(0Day) Schneider Electric U.motion Builder runscript Directory Traversal Information Disclosure Vulnerability |
| ZDI-17-388 |
ZDI-CAN-3580 |
Schneider Electric |
|
6.5 |
2017-06-12 |
|
(0Day) Schneider Electric U.motion Builder file_picker Directory Traversal Arbitrary File Upload Remote Code Execution Vulnerability |
| ZDI-17-387 |
ZDI-CAN-3579 |
Schneider Electric |
|
7.5 |
2017-06-12 |
|
(0Day) Schneider Electric U.motion Builder SOAP Request Remote SQL Command Execution Vulnerability |
| ZDI-17-386 |
ZDI-CAN-3669 |
Schneider Electric |
|
5.0 |
2017-06-12 |
|
(0Day) Schneider Electric U.motion Builder Error Message Path Information Disclosure Vulnerability |
| ZDI-17-385 |
ZDI-CAN-3670 |
Schneider Electric |
|
5.0 |
2017-06-12 |
|
(0Day) Schneider Electric U.motion Builder error Information Disclosure Vulnerability |
| ZDI-17-384 |
ZDI-CAN-3631 |
Schneider Electric |
|
7.5 |
2017-06-12 |
|
(0Day) Schneider Electric U.motion Builder editobject SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-383 |
ZDI-CAN-3644 |
Schneider Electric |
|
7.5 |
2017-06-12 |
|
(0Day) Schneider Electric U.motion Builder xmlserver SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-382 |
ZDI-CAN-3630 |
Schneider Electric |
|
7.5 |
2017-06-12 |
|
(0Day) Schneider Electric U.motion Builder track_getdata SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-381 |
ZDI-CAN-3652 |
Schneider Electric |
|
7.5 |
2017-06-12 |
|
(0Day) Schneider Electric U.motion Builder nfcserver SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-380 |
ZDI-CAN-3653 |
Schneider Electric |
|
7.5 |
2017-06-12 |
|
(0Day) Schneider Electric U.motion Builder localize SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-379 |
ZDI-CAN-3628 |
Schneider Electric |
|
7.5 |
2017-06-12 |
|
(0Day) Schneider Electric U.motion Builder syslog_getdata SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-378 |
ZDI-CAN-3629 |
Schneider Electric |
|
10.0 |
2017-06-12 |
|
(0Day) Schneider Electric U.motion Builder track_import_export SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-377 |
ZDI-CAN-3649 |
Schneider Electric |
|
7.5 |
2017-06-12 |
|
(0Day) Schneider Electric U.motion Builder HTTP Cookie SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-376 |
ZDI-CAN-3647 |
Schneider Electric |
|
6.5 |
2017-06-12 |
|
(0Day) Schneider Electric U.motion Builder editscript Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-375 |
ZDI-CAN-3646 |
Schneider Electric |
|
7.8 |
2017-06-12 |
|
(0Day) Schneider Electric U.motion Builder message_simple_html reboot Parameter Denial of Service Vulnerability |
| ZDI-17-374 |
ZDI-CAN-3632 |
Schneider Electric |
|
7.5 |
2017-06-12 |
|
(0Day) Schneider Electric U.motion Builder loadtemplate SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-373 |
ZDI-CAN-3645 |
Schneider Electric |
|
7.8 |
2017-06-12 |
|
(0Day) Schneider Electric U.motion Builder sendmail email_attachment Parameter Absolute Path Traversal Information Disclosure Vulnerability |
| ZDI-17-372 |
ZDI-CAN-3643 |
Schneider Electric |
|
7.5 |
2017-06-12 |
|
(0Day) Schneider Electric U.motion Builder Hard-Coded Password Remote Code Execution Vulnerability |
| ZDI-17-371 |
ZDI-CAN-4772 |
Microsoft |
CVE-2017-0266 |
6.8 |
2017-05-30 |
|
Microsoft Windows JavaScript Array Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-370 |
ZDI-CAN-4583 |
Apple |
|
2.1 |
2017-05-30 |
|
(Pwn2Own) Apple macOS nsurlstoraged Null Pointer Dereference Denial of Service Vulnerability |
| ZDI-17-369 |
ZDI-CAN-4596 |
Apple |
CVE-2017-7002 |
6.8 |
2017-05-30 |
|
(Pwn2Own) Apple Safari WebSQL matchinfo Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-368 |
ZDI-CAN-4595 |
Apple |
CVE-2017-7001 |
6.8 |
2017-05-30 |
|
(Pwn2Own) Apple Safari WebSQL offsets Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-367 |
ZDI-CAN-4594 |
Apple |
CVE-2017-7000 |
6.8 |
2017-05-30 |
|
(Pwn2Own) Apple Safari WebSQL snippet Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-366 |
ZDI-CAN-4591 |
Apple |
CVE-2017-6983 |
6.8 |
2017-05-30 |
|
(Pwn2Own) Apple Safari WebSQL optimize Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-365 |
ZDI-CAN-4221 |
Hewlett Packard Enterprise |
CVE-2017-8944 |
7.8 |
2017-05-18 |
|
Hewlett Packard Enterprise Cloud Optimizer DownloadServlet Information Disclosure Vulnerability |
| ZDI-17-364 |
ZDI-CAN-4610 |
Apple |
CVE-2017-2543 |
6.9 |
2017-05-18 |
|
(Pwn2Own) Apple macOS AppleMultitouchDevice Use-After-Free Privilege Escalation Vulnerability |
| ZDI-17-363 |
ZDI-CAN-4609 |
Apple |
CVE-2017-2542 |
1.9 |
2017-05-18 |
|
(Pwn2Own) Apple macOS AppleMultitouchDevice Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-17-362 |
ZDI-CAN-4598 |
Apple |
CVE-2017-2538 |
6.8 |
2017-05-18 |
|
(Pwn2Own) Apple Safari ProcessingInstruction Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-361 |
ZDI-CAN-4597 |
Apple |
CVE-2017-2539 |
4.3 |
2017-05-18 |
|
(Pwn2Own) Apple Safari WebGLRenderingContextBase drawElements Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-360 |
ZDI-CAN-4593 |
Apple |
CVE-2017-6991 |
4.3 |
2017-05-18 |
|
(Pwn2Own) Apple Safari WebSQL Type Confusion Information Disclosure Vulnerability |
| ZDI-17-359 |
ZDI-CAN-4617 |
Apple |
CVE-2017-2546 |
7.2 |
2017-05-18 |
|
(Pwn2Own) Apple macOS smbfs Out-Of-Bounds Access Privilege Escalation Vulnerability |
| ZDI-17-358 |
ZDI-CAN-4582 |
Apple |
CVE-2017-2536 |
6.8 |
2017-05-18 |
|
(Pwn2Own) Apple Safari Spread Operator Integer Overflow Remote Code Execution Vulnerability |
| ZDI-17-357 |
ZDI-CAN-4580 |
Apple |
CVE-2017-2533 |
6.9 |
2017-05-18 |
|
(Pwn2Own) Apple macOS diskarbitrationd Time-Of-Check/Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-17-356 |
ZDI-CAN-4579 |
Apple |
CVE-2017-2535 |
6.9 |
2017-05-18 |
|
(Pwn2Own) Apple macOS authd Privilege Escalation Vulnerability |
| ZDI-17-355 |
ZDI-CAN-4624 |
Apple |
CVE-2017-2548 |
4.4 |
2017-05-18 |
|
(Pwn2Own) Apple macOS WindowServer XSetWindowListBrightness Out-Of-Bounds Access Privilege Escalation Vulnerability |
| ZDI-17-354 |
ZDI-CAN-4623 |
Apple |
CVE-2017-2547 |
6.8 |
2017-05-18 |
|
(Pwn2Own) Apple Safari B3 Optimization Out-Of-Bounds Access Remote Code Execution Vulnerability |
| ZDI-17-353 |
ZDI-CAN-4592 |
Apple |
CVE-2017-2537 |
4.4 |
2017-05-18 |
|
(Pwn2Own) Apple macOS WindowServer Dragging Space Use-After-Free Privilege Escalation Vulnerability |
| ZDI-17-352 |
ZDI-CAN-4615 |
Apple |
CVE-2017-6990 |
1.9 |
2017-05-18 |
|
(Pwn2Own) Apple macOS HFS Uninitialized Memory Information Disclosure Privilege Escalation Vulnerability |
| ZDI-17-351 |
ZDI-CAN-4614 |
Apple |
CVE-2017-2545 |
6.9 |
2017-05-15 |
|
(Pwn2Own) Apple macOS IOGraphic Use-After-Free Privilege Escalation Vulnerability |
| ZDI-17-350 |
ZDI-CAN-4613 |
Apple |
CVE-2017-2544 |
6.8 |
2017-05-15 |
|
(Pwn2Own) Apple Safari Array concat Integer Overflow Remote Code Execution Vulnerability |
| ZDI-17-349 |
ZDI-CAN-4600 |
Apple |
CVE-2017-2541 |
4.4 |
2017-05-15 |
|
(Pwn2Own) Apple macOS WindowServer _XGetWindowMovementGroup Stack-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-17-348 |
ZDI-CAN-4599 |
Apple |
CVE-2017-2540 |
1.9 |
2017-05-15 |
|
(Pwn2Own) Apple macOS WindowServer _XGetConnectionPSN Information Disclosure Vulnerability |
| ZDI-17-347 |
ZDI-CAN-4581 |
Apple |
CVE-2017-2534, CVE-2017-6977 |
4.6 |
2017-05-15 |
|
(Pwn2Own) Apple macOS speechsynthesisd Unsigned Dylib Loading Privilege Escalation Vulnerability |
| ZDI-17-346 |
ZDI-CAN-4536 |
Apple |
CVE-2017-2506 |
6.8 |
2017-05-15 |
|
Apple Safari RenderElement Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-345 |
ZDI-CAN-4520 |
Apple |
CVE-2017-2526 |
6.8 |
2017-05-15 |
|
Apple Safari RenderInline Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-344 |
ZDI-CAN-4519 |
Apple |
CVE-2017-2525 |
6.8 |
2017-05-15 |
|
Apple Safari RenderLayer Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-343 |
ZDI-CAN-4387 |
Hewlett Packard Enterprise |
CVE-2017-5819 |
10.0 |
2017-05-15 |
|
Hewlett Packard Enterprise Intelligent Management Center dbman Opcode 10007 Command Injection Remote Code Execution Vulnerability |
| ZDI-17-342 |
ZDI-CAN-4386 |
Hewlett Packard Enterprise |
CVE-2017-5818 |
7.8 |
2017-05-15 |
|
Hewlett Packard Enterprise Intelligent Management Center dbman Opcode 10007 Arbitrary File Deletion Denial of Service Vulnerability |
| ZDI-17-341 |
ZDI-CAN-4372 |
Hewlett Packard Enterprise |
CVE-2017-5817 |
10.0 |
2017-05-15 |
|
Hewlett Packard Enterprise Intelligent Management Center dbman Opcode 10007 Command Injection Remote Code Execution Vulnerability |
| ZDI-17-340 |
ZDI-CAN-4367 |
Hewlett Packard Enterprise |
CVE-2017-5816 |
10.0 |
2017-05-15 |
|
Hewlett Packard Enterprise Intelligent Management Center dbman Opcode 10008 Command Injection Remote Code Execution Vulnerability |
| ZDI-17-339 |
ZDI-CAN-4379 |
Hewlett Packard Enterprise |
CVE-2017-5821 |
10.0 |
2017-05-15 |
|
Hewlett Packard Enterprise Intelligent Management Center dbman Opcode 10006 Command Injection Remote Code Execution Vulnerability |
| ZDI-17-338 |
ZDI-CAN-4378 |
Hewlett Packard Enterprise |
CVE-2017-5823 |
10.0 |
2017-05-15 |
|
Hewlett Packard Enterprise Intelligent Management Center dbman Opcode 10013 Command Injection Remote Code Execution Vulnerability |
| ZDI-17-337 |
ZDI-CAN-4377 |
Hewlett Packard Enterprise |
CVE-2017-5822 |
7.8 |
2017-05-15 |
|
Hewlett Packard Enterprise Intelligent Management Center dbman Opcode 10010 Arbitrary File Write Remote Code Execution Vulnerability |
| ZDI-17-336 |
ZDI-CAN-4373 |
Hewlett Packard Enterprise |
CVE-2017-5820 |
10.0 |
2017-05-15 |
|
Hewlett Packard Enterprise Intelligent Management Center dbman Opcode 10004 Command Injection Remote Code Execution Vulnerability |
| ZDI-17-335 |
ZDI-CAN-4550 |
Adobe |
CVE-2017-3040 |
4.3 |
2017-05-12 |
|
Adobe Reader DC PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-334 |
ZDI-CAN-4522 |
Bitdefender |
|
9.3 |
2017-05-11 |
|
Bitdefender Internet Security Dalvik Integer Overflow Remote Code Execution Vulnerability |
| ZDI-17-333 |
ZDI-CAN-4574 |
Bitdefender |
|
9.3 |
2017-05-11 |
|
Bitdefender Internet Security cevakrnl Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-332 |
ZDI-CAN-4362 |
Hewlett Packard Enterprise |
CVE-2017-5812 |
5.0 |
2017-05-11 |
|
Hewlett Packard Enterprise Network Automation PermissionFilter Authentication Bypass Vulnerability |
| ZDI-17-331 |
ZDI-CAN-4219 |
Hewlett Packard Enterprise |
CVE-2017-5810 |
10.0 |
2017-05-11 |
|
Hewlett Packard Enterprise Network Automation RedirectServlet SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-330 |
ZDI-CAN-4217 |
Hewlett Packard Enterprise |
CVE-2017-5811 |
7.8 |
2017-05-11 |
|
Hewlett Packard Enterprise Network Automation TrueControl Management Engine Service FileServlet Directory Traversal Information Disclosure Vulnerability |
| ZDI-17-329 |
ZDI-CAN-4629 |
Microsoft |
CVE-2017-0240 |
6.8 |
2017-05-10 |
|
(Pwn2Own) Microsoft Edge AudioBuffer Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-328 |
ZDI-CAN-4628 |
Microsoft |
CVE-2017-0240 |
4.3 |
2017-05-10 |
|
(Pwn2Own) Microsoft Edge AudioBuffer Use-After-Free Information Disclosure Vulnerability |
| ZDI-17-327 |
ZDI-CAN-4625 |
Microsoft |
CVE-2017-0238 |
6.8 |
2017-05-10 |
|
(Pwn2Own) Microsoft Chakra Array unshift Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-326 |
ZDI-CAN-4618 |
Microsoft |
CVE-2017-0228 |
6.8 |
2017-05-10 |
|
(Pwn2Own) Microsoft Chakra Array Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-325 |
ZDI-CAN-4585 |
Microsoft |
CVE-2017-0233 |
7.2 |
2017-05-10 |
2018-03-06 |
(Pwn2Own) Microsoft Edge WriteClassesOfCategory DLL Planting Sandbox Escape Vulnerability |
| ZDI-17-324 |
ZDI-CAN-4584 |
Microsoft |
CVE-2017-0234 |
6.8 |
2017-05-10 |
|
(Pwn2Own) Microsoft Edge ArrayBuffer Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-323 |
ZDI-CAN-4285 |
Microsoft |
CVE-2017-0226 |
4.4 |
2017-05-10 |
|
Microsoft Internet Explorer Enhanced Protected Mode Sandbox Escape Vulnerability |
| ZDI-17-322 |
ZDI-CAN-4013 |
Advantech |
CVE-2017-7929 |
6.8 |
2017-05-04 |
|
Advantech WebAccess odbcPg4 Absolute Path Traversal File Denial of Service Vulnerability |
| ZDI-17-321 |
ZDI-CAN-4578 |
Apple |
CVE-2017-2491 |
6.8 |
2017-05-04 |
|
(Pwn2Own) Apple Safari String replace Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-320 |
ZDI-CAN-4535 |
Mozilla |
CVE-2017-5448 |
5.1 |
2017-05-03 |
|
Mozilla Firefox ClearKeyDecryptor Integer Overflow Remote Code Execution Vulnerability |
| ZDI-17-319 |
ZDI-CAN-4477 |
Foxit |
|
6.8 |
2017-05-03 |
|
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-318 |
ZDI-CAN-4476 |
Foxit |
|
6.8 |
2017-05-03 |
|
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-317 |
ZDI-CAN-4538 |
Hewlett Packard Enterprise |
CVE-2017-5806 |
10.0 |
2017-05-03 |
|
Hewlett Packard Enterprise Intelligent Management Center imcwlandm SSID Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-316 |
ZDI-CAN-4539 |
Hewlett Packard Enterprise |
CVE-2017-5805 |
10.0 |
2017-05-03 |
|
Hewlett Packard Enterprise Intelligent Management Center imcwlandm UserName Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-315 |
ZDI-CAN-4507 |
Hewlett Packard Enterprise |
CVE-2017-5804 |
10.0 |
2017-05-03 |
|
Hewlett Packard Enterprise Intelligent Management Center imcwlandm Integer Overflow Remote Code Execution Vulnerability |
| ZDI-17-314 |
ZDI-CAN-4429 |
Google |
CVE-2017-5059 |
6.8 |
2017-05-02 |
|
Google Chrome List Item Marker Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-313 |
ZDI-CAN-4525 |
Foxit |
|
6.8 |
2017-04-21 |
|
Foxit Reader getAnnot Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-312 |
ZDI-CAN-4517 |
Foxit |
|
6.8 |
2017-04-21 |
|
Foxit Reader Annotations lock Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-311 |
ZDI-CAN-4513 |
Foxit |
|
6.8 |
2017-04-21 |
|
Foxit Reader Annotations style Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-310 |
ZDI-CAN-4515 |
Foxit |
|
6.8 |
2017-04-21 |
|
Foxit Reader Annotations opacity Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-309 |
ZDI-CAN-4514 |
Foxit |
|
6.8 |
2017-04-21 |
|
Foxit Reader Annotations arrowEnd Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-308 |
ZDI-CAN-4506 |
Foxit |
|
6.8 |
2017-04-21 |
|
Foxit Reader importAnXFDF Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-307 |
ZDI-CAN-4498 |
Foxit |
|
6.8 |
2017-04-21 |
|
Foxit Reader Field setAction Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-306 |
ZDI-CAN-4494 |
Foxit |
|
6.8 |
2017-04-21 |
|
Foxit Reader Link setAction Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-305 |
ZDI-CAN-4510 |
Foxit |
|
6.8 |
2017-04-21 |
|
Foxit Reader getURL Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-304 |
ZDI-CAN-4504 |
Foxit |
|
6.8 |
2017-04-21 |
|
Foxit Reader spawnPageFromTemplate Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-303 |
ZDI-CAN-4505 |
Foxit |
|
6.8 |
2017-04-21 |
|
Foxit Reader Field insertItemAt Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-302 |
ZDI-CAN-4503 |
Foxit |
|
6.8 |
2017-04-21 |
|
Foxit Reader scroll Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-301 |
ZDI-CAN-4497 |
Foxit |
|
6.8 |
2017-04-21 |
|
Foxit Reader exportAsFDF Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-300 |
ZDI-CAN-4531 |
Foxit |
|
6.8 |
2017-04-21 |
|
Foxit Reader resetForm Use-After-Free Information Disclosure Vulnerability |
| ZDI-17-299 |
ZDI-CAN-4530 |
Foxit |
|
6.8 |
2017-04-21 |
|
Foxit Reader Field buttonSetCaption Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-298 |
ZDI-CAN-4527 |
Foxit |
|
6.8 |
2017-04-21 |
|
Foxit Reader response Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-297 |
ZDI-CAN-4528 |
Foxit |
|
6.8 |
2017-04-21 |
|
Foxit Reader Field getItemAt Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-296 |
ZDI-CAN-4526 |
Foxit |
|
6.8 |
2017-04-21 |
|
Foxit Reader addAnnot Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-295 |
ZDI-CAN-4388 |
ThinPrint |
CVE-2017-4911 |
6.2 |
2017-04-19 |
|
ThinPrint TPView JPEG2000 Parsing Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-17-294 |
ZDI-CAN-4207 |
ThinPrint |
CVE-2017-4911 |
6.2 |
2017-04-19 |
|
ThinPrint TPView JPEG2000 Parsing Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-17-293 |
ZDI-CAN-4205 |
ThinPrint |
CVE-2017-4911 |
6.2 |
2017-04-19 |
|
ThinPrint TPView JPEG2000 Parsing Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-17-292 |
ZDI-CAN-4203 |
ThinPrint |
CVE-2017-4911 |
6.9 |
2017-04-19 |
|
ThinPrint TPView JPEG2000 Parsing Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-17-291 |
ZDI-CAN-4206 |
ThinPrint |
CVE-2017-4911 |
6.2 |
2017-04-19 |
|
ThinPrint TPView JPEG2000 Parsing Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-17-290 |
ZDI-CAN-4204 |
ThinPrint |
CVE-2017-4910 |
6.2 |
2017-04-19 |
|
ThinPrint TPView JPEG2000 Parsing Out-Of-Bounds Read Privilege Escalation Vulnerability |
| ZDI-17-289 |
ZDI-CAN-4059 |
ThinPrint |
CVE-2017-4908 |
6.2 |
2017-04-19 |
|
ThinPrint TPView JPEG2000 Parsing Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-17-288 |
ZDI-CAN-3988 |
Oracle |
CVE-2017-3230 |
7.5 |
2017-04-19 |
|
Oracle Fusion Middleware MapViewer FileUploaderServlet fileName Remote Code Execution Vulnerability |
| ZDI-17-287 |
ZDI-CAN-4565 |
Adobe |
CVE-2017-2994 |
6.8 |
2017-04-19 |
|
Adobe Flash PSDKEvent Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-286 |
ZDI-CAN-4523 |
LAquis SCADA |
CVE-2017-6020 |
5.0 |
2017-04-12 |
|
LAquis SCADA Software Web Server Directory Traversal Information Disclosure Vulnerability |
| ZDI-17-285 |
ZDI-CAN-4337 |
Microsoft |
CVE-2017-0155 |
7.2 |
2017-04-11 |
|
Microsoft Windows Font Object Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-17-284 |
ZDI-CAN-4218 |
Microsoft |
CVE-2017-0158 |
4.3 |
2017-04-11 |
|
Microsoft Windows ADO Array-Type Parameter Use-After-Free Information Disclosure Vulnerability |
| ZDI-17-283 |
ZDI-CAN-4427 |
Trend Micro |
|
10.0 |
2017-04-11 |
|
Trend Micro Deep Discovery Email Inspector policy_setting Arbitrary File Upload Remote Code Execution Vulnerability |
| ZDI-17-282 |
ZDI-CAN-4589 |
Adobe |
CVE-2017-3057 |
6.8 |
2017-08-01 |
|
(Pwn2Own) Adobe Reader DC Collab documentToStream Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-281 |
ZDI-CAN-4588 |
Adobe |
CVE-2017-3056 |
4.3 |
2017-08-01 |
|
(Pwn2Own) Adobe Reader DC util streamFromString Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-17-280 |
ZDI-CAN-4575 |
Adobe |
CVE-2017-3055 |
6.8 |
2017-04-11 |
|
(Pwn2Own) Adobe Reader DC JPEG2000 Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-279 |
ZDI-CAN-4607 |
Adobe |
CVE-2017-3063 |
6.8 |
2017-08-01 |
|
(Pwn2Own) Adobe Flash NetStream Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-278 |
ZDI-CAN-4601 |
Adobe |
CVE-2017-3062 |
6.8 |
2017-04-11 |
|
(Pwn2Own) Adobe Flash TextField Attribute Array Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-277 |
ZDI-CAN-4460 |
Adobe |
CVE-2017-3053 |
4.3 |
2017-04-11 |
|
Adobe Acrobat Pro DC ImageConversion JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-276 |
ZDI-CAN-4486 |
Adobe |
CVE-2017-3052 |
4.3 |
2017-04-11 |
|
Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-275 |
ZDI-CAN-4487 |
Adobe |
CVE-2017-3051 |
4.3 |
2017-04-11 |
|
Adobe Acrobat Pro DC ImageConversion JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-274 |
ZDI-CAN-4491 |
Adobe |
CVE-2017-3050 |
6.8 |
2017-04-11 |
|
Adobe Acrobat Pro DC ImageConversion GIF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-273 |
ZDI-CAN-4496 |
Adobe |
CVE-2017-3049 |
6.8 |
2017-04-11 |
|
Adobe Acrobat Pro DC ImageConversion TIFF Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-272 |
ZDI-CAN-4488 |
Adobe |
CVE-2017-3048 |
6.8 |
2017-04-11 |
|
Adobe Acrobat Pro DC ImageConversion TIFF Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-271 |
ZDI-CAN-4495 |
Adobe |
CVE-2017-3047 |
6.8 |
2017-04-11 |
|
Adobe Reader DC Annotations Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-270 |
ZDI-CAN-4500 |
Adobe |
CVE-2017-3046 |
4.3 |
2017-04-11 |
|
Adobe Acrobat Pro DC JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-269 |
ZDI-CAN-4493 |
Adobe |
CVE-2017-3042 |
4.3 |
2017-04-11 |
|
Adobe Acrobat Pro DC ImageConversion TIFF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-268 |
ZDI-CAN-4499 |
Adobe |
CVE-2017-3045 |
4.3 |
2017-04-11 |
|
Adobe Acrobat Pro DC JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-267 |
ZDI-CAN-4501 |
Adobe |
CVE-2017-3044 |
6.8 |
2017-04-11 |
|
Adobe Acrobat Pro DC JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-266 |
ZDI-CAN-4431 |
Adobe |
CVE-2017-3042 |
4.3 |
2017-04-11 |
|
Adobe Acrobat Pro DC ImageConversion TIFF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-265 |
ZDI-CAN-4433 |
Adobe |
CVE-2017-3042 |
6.8 |
2017-04-11 |
|
Adobe Acrobat Pro DC ImageConversion TIFF Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-264 |
ZDI-CAN-4432 |
Adobe |
CVE-2017-3042 |
6.8 |
2017-04-11 |
|
Adobe Acrobat Pro DC ImageConversion TIFF Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-263 |
ZDI-CAN-4434 |
Adobe |
CVE-2017-3043 |
4.3 |
2017-04-11 |
|
Adobe Reader DC Collab shareFile Information Disclosure Vulnerability |
| ZDI-17-262 |
ZDI-CAN-4395 |
Adobe |
CVE-2017-3036 |
6.8 |
2017-04-11 |
|
Adobe Acrobat Pro DC ImageConversion PCX Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-261 |
ZDI-CAN-4374 |
Adobe |
CVE-2017-3035 |
6.8 |
2017-04-11 |
|
Adobe Reader DC XFA dashDotDot Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-260 |
ZDI-CAN-4355 |
Adobe |
CVE-2017-3034 |
6.8 |
2017-04-11 |
|
Adobe Reader DC XFA Array Index Integer Underflow Remote Code Execution Vulnerability |
| ZDI-17-259 |
ZDI-CAN-4382 |
Adobe |
CVE-2017-3031 |
4.3 |
2017-04-11 |
|
Adobe Reader DC Nested Variables Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-258 |
ZDI-CAN-4384 |
Adobe |
CVE-2017-3033 |
4.3 |
2017-04-11 |
|
Adobe Reader DC JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-257 |
ZDI-CAN-4334 |
Adobe |
CVE-2017-3032 |
4.3 |
2017-04-11 |
|
Adobe Reader DC JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-256 |
ZDI-CAN-4381 |
Adobe |
CVE-2017-3031 |
4.3 |
2017-04-11 |
|
Adobe Reader DC XSLT Namespace Node Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-255 |
ZDI-CAN-4335 |
Adobe |
CVE-2017-3029 |
4.3 |
2017-04-11 |
|
Adobe Reader DC JPEG2000 Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-254 |
ZDI-CAN-4336 |
Adobe |
CVE-2017-3028 |
6.8 |
2017-04-11 |
|
Adobe Acrobat Pro DC ImageConversion TIFF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-253 |
ZDI-CAN-4306 |
Adobe |
CVE-2017-3023 |
6.8 |
2017-04-11 |
|
Adobe Reader DC JPEG2000 Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-252 |
ZDI-CAN-4318 |
Adobe |
CVE-2017-3022 |
4.3 |
2017-04-11 |
|
Adobe Reader DC JPEG2000 Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-251 |
ZDI-CAN-4202 |
Adobe |
CVE-2017-3021 |
6.8 |
2017-04-11 |
|
Adobe Reader DC JPEG2000 Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-250 |
ZDI-CAN-4201 |
Adobe |
CVE-2017-3020 |
4.3 |
2017-04-11 |
|
Adobe Reader DC Weblink Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-249 |
ZDI-CAN-4212 |
Adobe |
CVE-2017-3019 |
6.8 |
2017-04-11 |
|
Adobe Reader DC PRC Parsing Out-Of-Bound Read Remote Code Execution Vulnerability |
| ZDI-17-248 |
ZDI-CAN-4533 |
Adobe |
CVE-2017-3060 |
4.3 |
2017-04-11 |
|
Adobe Flash SWF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-247 |
ZDI-CAN-4532 |
Adobe |
CVE-2017-3060 |
4.3 |
2017-04-11 |
|
Adobe Flash SWF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-246 |
ZDI-CAN-4443 |
Adobe |
CVE-2017-3059 |
6.8 |
2017-04-11 |
|
Adobe Flash AS2 New Opcode Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-245 |
ZDI-CAN-4448 |
Adobe |
CVE-2017-3058 |
6.8 |
2017-04-11 |
|
Adobe Flash ByteArray Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-244 |
ZDI-CAN-4511 |
Trend Micro |
|
7.5 |
2017-04-05 |
|
Trend Micro Control Manager cgiShowClientAdm Missing Authentication for Critical Function Vulnerability |
| ZDI-17-243 |
ZDI-CAN-4242 |
Trend Micro |
|
8.5 |
2017-04-05 |
|
Trend Micro Smart Protection Server wcs_bwlists_handler Command Injection Remote Code Execution Vulnerability |
| ZDI-17-242 |
ZDI-CAN-4039 |
Adobe |
CVE-2017-3009 |
4.3 |
2017-04-05 |
|
Adobe Reader DC JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-241 |
ZDI-CAN-4452 |
Apple |
CVE-2017-2463 |
6.8 |
2017-03-30 |
|
Apple Safari RenderBox Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-240 |
ZDI-CAN-4586 |
Linux |
CVE-2017-7184 |
6.9 |
2017-03-30 |
|
(Pwn2Own) Linux Kernel XFRM Out-Of-Bounds Access Privilege Escalation Vulnerability |
| ZDI-17-239 |
ZDI-CAN-4632 |
VMware |
CVE-2017-4904 |
6.9 |
2017-03-30 |
|
(Pwn2Own) VMware Workstation Uninitialized Memory Privilege Escalation Vulnerability |
| ZDI-17-238 |
ZDI-CAN-4631 |
VMware |
CVE-2017-4905 |
4.9 |
2017-03-30 |
|
(Pwn2Own) VMware Workstation Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-17-237 |
ZDI-CAN-4627 |
VMware |
CVE-2017-4903 |
6.9 |
2017-03-30 |
|
(Pwn2Own) VMware Workstation SVGA Uninitialized Memory Privilege Escalation Vulnerability |
| ZDI-17-236 |
ZDI-CAN-4606 |
VMware |
CVE-2017-4902 |
6.9 |
2017-03-30 |
|
VMware Workstation SVGA Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-17-235 |
ZDI-CAN-4605 |
VMware |
CVE-2017-4902 |
6.9 |
2017-03-30 |
|
VMware Workstation SVGA Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-17-234 |
ZDI-CAN-4620 |
Mozilla |
CVE-2017-5428 |
6.8 |
2017-03-30 |
|
(Pwn2Own) Mozilla Firefox createImageBitmap Integer Overflow Remote Code Execution Vulnerability |
| ZDI-17-233 |
ZDI-CAN-4437 |
Trend Micro |
|
7.5 |
2017-03-30 |
|
Trend Micro InterScan Web Security Virtual Appliance transparent_setting CRLF Injection Authentication Bypass Vulnerability |
| ZDI-17-232 |
ZDI-CAN-4324 |
Trend Micro |
|
7.5 |
2017-03-30 |
|
Trend Micro InterScan Web Security Virtual Appliance TestConfigure Command Injection Remote Code Execution Vulnerability |
| ZDI-17-231 |
ZDI-CAN-4304 |
Trend Micro |
|
9.0 |
2017-03-30 |
|
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration datagateIPv6Changed Command Injection Remote Code Execution Vulnerability |
| ZDI-17-230 |
ZDI-CAN-4299 |
Trend Micro |
|
9.0 |
2017-03-30 |
|
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration isMgntDHCPIPv6Changed Command Injection Remote Code Execution Vulnerability |
| ZDI-17-229 |
ZDI-CAN-4276 |
Trend Micro |
|
9.0 |
2017-03-30 |
|
Trend Micro InterScan Web Security Virtual Appliance PacFileManagement delete_pac_files Command Injection Remote Code Execution Vulnerability |
| ZDI-17-228 |
ZDI-CAN-4267 |
Trend Micro |
|
9.0 |
2017-03-30 |
|
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration hostname Command Injection Remote Code Execution Vulnerability |
| ZDI-17-227 |
ZDI-CAN-4262 |
Trend Micro |
|
4.0 |
2017-03-30 |
|
Trend Micro InterScan Web Security Virtual Appliance ConfigBackup Information Disclosure Vulnerability |
| ZDI-17-226 |
ZDI-CAN-4256 |
Trend Micro |
|
9.0 |
2017-03-30 |
|
Trend Micro InterScan Web Security Virtual Appliance ManageIPConfig setHostname Command Injection Remote Code Execution Vulnerability |
| ZDI-17-225 |
ZDI-CAN-4385 |
Trend Micro |
|
7.2 |
2017-03-30 |
|
Trend Micro InterScan Web Security Virtual Appliance uihelper Privilege Escalation Vulnerability |
| ZDI-17-224 |
ZDI-CAN-4315 |
Trend Micro |
|
9.0 |
2017-03-30 |
|
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration Command Injection Remote Code Execution Vulnerability |
| ZDI-17-223 |
ZDI-CAN-4303 |
Trend Micro |
|
9.0 |
2017-03-30 |
|
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration manageIP6 Command Injection Remote Code Execution Vulnerability |
| ZDI-17-222 |
ZDI-CAN-4298 |
Trend Micro |
|
9.0 |
2017-03-30 |
|
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration gateChanged Command Injection Remote Code Execution Vulnerability |
| ZDI-17-221 |
ZDI-CAN-4275 |
Trend Micro |
|
9.0 |
2017-03-30 |
|
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration dataIP6Changed Command Injection Remote Code Execution Vulnerability |
| ZDI-17-220 |
ZDI-CAN-4266 |
Trend Micro |
|
9.0 |
2017-03-30 |
|
Trend Micro InterScan Web Security Virtual Appliance ContentCacheSSAction Command Injection Remote Code Execution Vulnerability |
| ZDI-17-219 |
ZDI-CAN-4261 |
Trend Micro |
|
9.0 |
2017-03-30 |
|
Trend Micro InterScan Web Security Virtual Appliance PacFileManagement Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-17-218 |
ZDI-CAN-4255 |
Trend Micro |
|
9.0 |
2017-03-30 |
|
Trend Micro InterScan Web Security Virtual Appliance ManageIPConfig setMgmtIPConfig Command Injection Remote Code Execution Vulnerability |
| ZDI-17-217 |
ZDI-CAN-4375 |
Trend Micro |
|
7.5 |
2017-03-30 |
|
Trend Micro InterScan Web Security Virtual Appliance DomainList TestingADKerberos Command Injection Remote Code Execution Vulnerability |
| ZDI-17-216 |
ZDI-CAN-4313 |
Trend Micro |
|
9.0 |
2017-03-30 |
|
Trend Micro InterScan Web Security Virtual Appliance ManagePatches untarPatchFile Command Injection Remote Code Execution Vulnerability |
| ZDI-17-215 |
ZDI-CAN-4302 |
Trend Micro |
|
9.0 |
2017-03-30 |
|
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration mgmtPingChanged Command Injection Remote Code Execution Vulnerability |
| ZDI-17-214 |
ZDI-CAN-4296 |
Trend Micro |
|
9.0 |
2017-03-30 |
|
Trend Micro InterScan Web Security Virtual Appliance DeploymentWizardAction GetClusterInfo Command Injection Remote Code Execution Vulnerability |
| ZDI-17-213 |
ZDI-CAN-4270 |
Trend Micro |
|
9.0 |
2017-03-30 |
|
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration dataPingChanged Command Injection Remote Code Execution Vulnerability |
| ZDI-17-212 |
ZDI-CAN-4265 |
Trend Micro |
|
9.0 |
2017-03-29 |
|
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration primaryDNS6 Command Injection Remote Code Execution Vulnerability |
| ZDI-17-211 |
ZDI-CAN-4260 |
Trend Micro |
|
4.0 |
2017-03-29 |
|
Trend Micro InterScan Web Security Virtual Appliance VerboseLog Directory Traversal Information Disclosure Vulnerability |
| ZDI-17-210 |
ZDI-CAN-4254 |
Trend Micro |
|
9.0 |
2017-03-29 |
|
Trend Micro InterScan Web Security Virtual Appliance ManageIPConfig setMgmtIPConfig Command Injection Remote Code Execution Vulnerability |
| ZDI-17-209 |
ZDI-CAN-4326 |
Trend Micro |
|
10.0 |
2017-03-29 |
|
Trend Micro InterScan Web Security Virtual Appliance LogSettingHandler doPostMountDevice Command Injection Remote Code Execution Vulnerability |
| ZDI-17-208 |
ZDI-CAN-4312 |
Trend Micro |
|
9.0 |
2017-03-29 |
|
Trend Micro InterScan Web Security Virtual Appliance ManagePatches rollbackPatch Command Injection Remote Code Execution Vulnerability |
| ZDI-17-207 |
ZDI-CAN-4301 |
Trend Micro |
|
9.0 |
2017-03-29 |
|
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration mgmtIPv6Changed Command Injection Remote Code Execution Vulnerability |
| ZDI-17-206 |
ZDI-CAN-4295 |
Trend Micro |
|
9.0 |
2017-03-29 |
|
Trend Micro InterScan Web Security Virtual Appliance ReportHandler DoCmd Command Injection Remote Code Execution Vulnerability |
| ZDI-17-205 |
ZDI-CAN-4269 |
Trend Micro |
|
9.0 |
2017-03-29 |
|
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration manageEth Command Injection Remote Code Execution Vulnerability |
| ZDI-17-204 |
ZDI-CAN-4264 |
Trend Micro |
|
9.0 |
2017-03-29 |
|
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration isDHCP Command Injection Remote Code Execution Vulnerability |
| ZDI-17-203 |
ZDI-CAN-4258 |
Trend Micro |
|
9.0 |
2017-03-29 |
|
Trend Micro InterScan Web Security Virtual Appliance ManageIPConfig setDataIPConfig static IP Information Command Injection Remote Code Execution Vulnerability |
| ZDI-17-202 |
ZDI-CAN-4253 |
Trend Micro |
|
9.0 |
2017-03-29 |
|
Trend Micro InterScan Web Security Virtual Appliance ClusterManagement ChangeNodeSetting Command Injection Remote Code Execution Vulnerability |
| ZDI-17-201 |
ZDI-CAN-4471 |
Trend Micro |
|
9.0 |
2017-03-29 |
|
Trend Micro InterScan Web Security Virtual Appliance config_date_time Command Injection Remote Code Execution Vulnerability |
| ZDI-17-200 |
ZDI-CAN-4325 |
Trend Micro |
|
7.5 |
2017-03-29 |
|
Trend Micro InterScan Web Security Virtual Appliance WmiDCDetector getAdHost Command Injection Remote Code Execution Vulnerability |
| ZDI-17-199 |
ZDI-CAN-4311 |
Trend Micro |
|
4.0 |
2017-03-29 |
|
Trend Micro InterScan Web Security Virtual Appliance LogDelete processRequest method Directory Traversal Denial of Service Vulnerability |
| ZDI-17-198 |
ZDI-CAN-4300 |
Trend Micro |
|
9.0 |
2017-03-29 |
|
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration mgnt_gateway6 Command Injection Remote Code Execution Vulnerability |
| ZDI-17-197 |
ZDI-CAN-4280 |
Trend Micro |
|
9.0 |
2017-03-29 |
|
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration isDHCP6_data Command Injection Remote Code Execution Vulnerability |
| ZDI-17-196 |
ZDI-CAN-4268 |
Trend Micro |
|
9.0 |
2017-03-29 |
|
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration proxyEthChanged Command Injection Remote Code Execution Vulnerability |
| ZDI-17-195 |
ZDI-CAN-4263 |
Trend Micro |
|
9.0 |
2017-03-29 |
|
Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration dataIPChanged Command Injection Remote Code Execution Vulnerability |
| ZDI-17-194 |
ZDI-CAN-4257 |
Trend Micro |
|
9.0 |
2017-03-29 |
|
Trend Micro InterScan Web Security Virtual Appliance ManageIPConfig setDataIPConfig DNS Information Command Injection Remote Code Execution Vulnerability |
| ZDI-17-193 |
ZDI-CAN-4243 |
Trend Micro |
|
9.0 |
2017-03-29 |
|
Trend Micro InterScan Web Security Virtual Appliance ManageIPConfig setDataIPConfig DHCP Information Command Injection Remote Code Execution Vulnerability |
| ZDI-17-192 |
ZDI-CAN-4057 |
Hewlett Packard Enterprise |
CVE-2017-5797 |
7.8 |
2017-03-29 |
|
Hewlett Packard Enterprise Intelligent Management Center Service Operation Manager Module FileDownloadServlet filePath Information Disclosure Vulnerability |
| ZDI-17-191 |
ZDI-CAN-4454 |
Apple |
CVE-2017-2481 |
6.8 |
2017-03-28 |
|
Apple Safari ElementData Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-190 |
ZDI-CAN-4414 |
Apple |
CVE-2017-2430 |
6.8 |
2017-03-28 |
|
Apple macOS M4A Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-189 |
ZDI-CAN-4413 |
Apple |
CVE-2017-2462 |
6.8 |
2017-03-28 |
|
Apple macOS M4A Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-188 |
ZDI-CAN-4329 |
Apple |
CVE-2017-2432 |
6.8 |
2017-03-28 |
|
Apple macOS ImageIO JPEG Parsing Integer Overflow Remote Code Execution Vulnerability |
| ZDI-17-187 |
ZDI-CAN-4472 |
Trend Micro |
|
6.8 |
2017-03-22 |
|
Trend Micro InterScan Messaging Security Suite DetailReportAction Directory Traversal Information Disclosure Vulnerability |
| ZDI-17-186 |
ZDI-CAN-4166 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager CCGIServlet SpecialSpywarePolicyResult SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-185 |
ZDI-CAN-4116 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager AdHocQueryExportProcessing SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-184 |
ZDI-CAN-4155 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager CCGIServlet IDTB_SV parameters SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-183 |
ZDI-CAN-4154 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager CCGIServlet ID_HIDDEN_UG_STR SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-182 |
ZDI-CAN-4117 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager cgiCMUIDispatcher ScheduleDownloadSavedEnableList SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-181 |
ZDI-CAN-4115 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager CCGIServlet ID_QUERY_COMMAND_TRACKING_ID SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-180 |
ZDI-CAN-4112 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager cgiCMUIDispatcher ManualDownloadResult SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-179 |
ZDI-CAN-4465 |
Adobe |
CVE-2017-3001 |
6.8 |
2017-03-21 |
|
Adobe Flash MovieClip transform Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-178 |
ZDI-CAN-4453 |
Adobe |
CVE-2017-3001 |
6.8 |
2017-03-21 |
|
Adobe Flash Transform matrix Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-177 |
ZDI-CAN-4447 |
Adobe |
CVE-2017-3001 |
6.8 |
2017-03-21 |
|
Adobe Flash BitmapData Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-176 |
ZDI-CAN-4446 |
Adobe |
CVE-2017-3001 |
6.8 |
2017-03-21 |
|
Adobe Flash Sound loadSound Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-175 |
ZDI-CAN-4445 |
Adobe |
CVE-2017-3001 |
6.8 |
2017-03-21 |
|
Adobe Flash TextFormat getTextExtent Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-174 |
ZDI-CAN-4444 |
Adobe |
CVE-2017-3001 |
6.8 |
2017-03-21 |
|
Adobe Flash AS2 RemoveClip Opcode Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-173 |
ZDI-CAN-4470 |
Microsoft |
CVE-2017-0067 |
5.1 |
2017-03-21 |
|
Microsoft Edge JavaScript Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-17-172 |
ZDI-CAN-4430 |
Microsoft |
CVE-2017-0015 |
4.3 |
2017-03-21 |
|
Microsoft Windows JavaScript Spread Operator Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-17-171 |
ZDI-CAN-4422 |
Microsoft |
CVE-2017-0032 |
6.8 |
2017-03-21 |
|
Microsoft Windows JavaScript Spread Operator Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-170 |
ZDI-CAN-4271 |
Microsoft |
CVE-2017-0094 |
6.8 |
2017-03-21 |
|
Microsoft Windows JavaScript Proxy Setter Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-169 |
ZDI-CAN-4058 |
Microsoft |
CVE-2017-0018 |
4.3 |
2017-03-21 |
|
Microsoft Internet Explorer CHtmTag Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-168 |
ZDI-CAN-4052 |
Microsoft |
CVE-2017-0047 |
6.9 |
2017-03-21 |
|
Microsoft Windows DrawIconEx Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-17-167 |
ZDI-CAN-3934 |
Microsoft |
CVE-2017-0011 |
2.6 |
2017-03-21 |
|
Microsoft Edge CTransitionValues Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-166 |
ZDI-CAN-4122 |
Hewlett Packard Enterprise |
CVE-2017-5790 |
10.0 |
2017-03-11 |
|
Hewlett Packard Enterprise Intelligent Management Center accessMgrServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-17-165 |
ZDI-CAN-4053 |
Hewlett Packard Enterprise |
CVE-2017-5795 |
6.8 |
2017-03-11 |
|
Hewlett Packard Enterprise Intelligent Management Center FileDownloadServlet fileName Directory Traversal Information Disclosure Vulnerability |
| ZDI-17-164 |
ZDI-CAN-4055 |
Hewlett Packard Enterprise |
CVE-2017-5794 |
9.0 |
2017-03-11 |
|
Hewlett Packard Enterprise Intelligent Management Center FileUploadServlet Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-163 |
ZDI-CAN-4054 |
Hewlett Packard Enterprise |
CVE-2017-5793 |
9.0 |
2017-03-11 |
|
Hewlett Packard Enterprise Intelligent Management Center CommonUtils Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-162 |
ZDI-CAN-4067 |
Hewlett Packard Enterprise |
CVE-2017-5792 |
7.5 |
2017-03-11 |
|
Hewlett Packard Enterprise Intelligent Management Center RMI Registry Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-17-161 |
ZDI-CAN-4056 |
Hewlett Packard Enterprise |
CVE-2017-5791 |
10.0 |
2017-03-11 |
|
Hewlett Packard Enterprise Intelligent Management Center UrlAccessController Filter Authentication Bypass Vulnerability |
| ZDI-17-160 |
ZDI-CAN-3933 |
Hewlett Packard Enterprise |
CVE-2017-5789 |
6.8 |
2017-03-09 |
|
Hewlett Packard Enterprise LoadRunner libxdrutil mxdr_string Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-159 |
ZDI-CAN-4418 |
Trend Micro |
|
10.0 |
2017-03-09 |
|
Trend Micro Deep Discovery Email Inspector download_pdf Command Injection Remote Code Execution Vulnerability |
| ZDI-17-158 |
ZDI-CAN-4417 |
Trend Micro |
|
10.0 |
2017-03-09 |
|
Trend Micro Deep Discovery Email Inspector write_new_html_with_svg Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-157 |
ZDI-CAN-4366 |
Trend Micro |
|
10.0 |
2017-03-09 |
|
Trend Micro Deep Discovery Email Inspector network_dump Command Injection Remote Code Execution Vulnerability |
| ZDI-17-156 |
ZDI-CAN-4351 |
Trend Micro |
|
10.0 |
2017-03-09 |
|
Trend Micro Deep Discovery Email Inspector get_filesize Command Injection Remote Code Execution Vulnerability |
| ZDI-17-155 |
ZDI-CAN-4349 |
Trend Micro |
|
10.0 |
2017-03-09 |
|
Trend Micro Deep Discovery Email Inspector firewall_setting Command Injection Remote Code Execution Vulnerability |
| ZDI-17-154 |
ZDI-CAN-4347 |
Trend Micro |
|
7.8 |
2017-03-09 |
|
Trend Micro Deep Discovery Email Inspector reboot_after_hotfix Denial of Service Vulnerability |
| ZDI-17-153 |
ZDI-CAN-4348 |
Trend Micro |
|
10.0 |
2017-03-09 |
|
Trend Micro Deep Discovery Email Inspector screenshot Command Injection Remote Code Execution Vulnerability |
| ZDI-17-152 |
ZDI-CAN-4346 |
Trend Micro |
|
10.0 |
2017-03-09 |
|
Trend Micro Deep Discovery Email Inspector ajax_checklicense_AC Command Injection Remote Code Execution Vulnerability |
| ZDI-17-151 |
ZDI-CAN-4333 |
Trend Micro |
|
10.0 |
2017-03-09 |
|
Trend Micro Deep Discovery Email Inspector db_export Command Injection Remote Code Execution Vulnerability |
| ZDI-17-150 |
ZDI-CAN-4529 |
Foxit |
|
6.8 |
2017-03-09 |
|
Foxit Reader Field buttonGetIcon Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-149 |
ZDI-CAN-4516 |
Foxit |
|
6.8 |
2017-03-09 |
|
Foxit Reader ePub Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-148 |
ZDI-CAN-4509 |
Foxit |
|
6.8 |
2017-03-09 |
|
Foxit Reader openDoc Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-147 |
ZDI-CAN-4508 |
Foxit |
|
6.8 |
2017-03-09 |
|
Foxit Reader Field deleteItemAt Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-146 |
ZDI-CAN-4479 |
Foxit |
|
6.8 |
2017-03-09 |
|
Foxit Reader PDB Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-17-145 |
ZDI-CAN-4478 |
Foxit |
|
4.3 |
2017-03-09 |
|
Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-144 |
ZDI-CAN-4475 |
Foxit |
|
4.3 |
2017-03-09 |
|
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-143 |
ZDI-CAN-4464 |
Foxit |
|
6.8 |
2017-03-09 |
|
Foxit Reader execMenuItem Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-142 |
ZDI-CAN-4463 |
Foxit |
|
6.8 |
2017-03-09 |
|
Foxit Reader execMenuItem Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-141 |
ZDI-CAN-4462 |
Foxit |
|
6.8 |
2017-03-09 |
|
Foxit Reader execMenuItem Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-140 |
ZDI-CAN-4458 |
Foxit |
|
4.3 |
2017-03-09 |
|
Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-139 |
ZDI-CAN-4423 |
Foxit |
|
6.8 |
2017-03-09 |
|
Foxit Reader ePub Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-17-138 |
ZDI-CAN-4330 |
Foxit |
|
6.8 |
2017-03-09 |
|
Foxit Reader XFA Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-17-137 |
ZDI-CAN-4354 |
Foxit |
|
6.8 |
2017-03-09 |
|
Foxit Reader Pattern Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-17-136 |
ZDI-CAN-4353 |
Foxit |
|
6.8 |
2017-03-09 |
|
Foxit Reader Xref Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-135 |
ZDI-CAN-4365 |
Foxit |
|
4.3 |
2017-03-09 |
|
Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-134 |
ZDI-CAN-4364 |
Foxit |
|
4.3 |
2017-03-09 |
|
Foxit Reader Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-133 |
ZDI-CAN-4363 |
Foxit |
|
4.3 |
2017-03-09 |
|
Foxit Reader ConvertToPDF TIFF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-132 |
ZDI-CAN-4408 |
Trend Micro |
|
4.0 |
2017-03-01 |
|
Trend Micro SafeSync for Enterprise displayName_get SQL Injection Information Disclosure Vulnerability |
| ZDI-17-131 |
ZDI-CAN-4409 |
Trend Micro |
|
4.0 |
2017-03-01 |
|
Trend Micro SafeSync for Enterprise count_ad_members SQL Injection Information Disclosure Vulnerability |
| ZDI-17-130 |
ZDI-CAN-4410 |
Trend Micro |
|
9.0 |
2017-03-01 |
|
Trend Micro SafeSync for Enterprise restartService Command Injection Remote Code Execution Vulnerability |
| ZDI-17-129 |
ZDI-CAN-4411 |
Trend Micro |
|
9.0 |
2017-03-01 |
|
Trend Micro SafeSync for Enterprise rollback Command Injection Remote Code Execution Vulnerability |
| ZDI-17-128 |
ZDI-CAN-4412 |
Trend Micro |
|
4.0 |
2017-03-01 |
|
Trend Micro SafeSync for Enterprise get_device_info SQL Injection Information Disclosure Vulnerability |
| ZDI-17-127 |
ZDI-CAN-4404 |
Trend Micro |
|
9.0 |
2017-03-01 |
|
Trend Micro SafeSync for Enterprise get_replacement Command Injection Remote Code Execution Vulnerability |
| ZDI-17-126 |
ZDI-CAN-4403 |
Trend Micro |
|
9.0 |
2017-03-01 |
|
Trend Micro SafeSync for Enterprise license Command Injection Remote Code Execution Vulnerability |
| ZDI-17-125 |
ZDI-CAN-4402 |
Trend Micro |
|
4.0 |
2017-03-01 |
|
Trend Micro SafeSync for Enterprise get_nic_device SQL Injection Information Disclosure Vulnerability |
| ZDI-17-124 |
ZDI-CAN-4401 |
Trend Micro |
|
9.0 |
2017-03-01 |
|
Trend Micro SafeSync for Enterprise reconnect_nfs_device Command Injection Remote Code Execution Vulnerability |
| ZDI-17-123 |
ZDI-CAN-4400 |
Trend Micro |
|
9.0 |
2017-03-01 |
|
Trend Micro SafeSync for Enterprise reconnect_iscsi_device Command Injection Remote Code Execution Vulnerability |
| ZDI-17-122 |
ZDI-CAN-4399 |
Trend Micro |
|
9.0 |
2017-03-01 |
|
Trend Micro SafeSync for Enterprise reconnect_local_device Command Injection Remote Code Execution Vulnerability |
| ZDI-17-121 |
ZDI-CAN-4398 |
Trend Micro |
|
9.0 |
2017-03-01 |
|
Trend Micro SafeSync for Enterprise mount_local_device Command Injection Remote Code Execution Vulnerability |
| ZDI-17-120 |
ZDI-CAN-4397 |
Trend Micro |
|
9.0 |
2017-03-01 |
|
Trend Micro SafeSync for Enterprise mount_iscsi_device Command Injection Remote Code Execution Vulnerability |
| ZDI-17-119 |
ZDI-CAN-4396 |
Trend Micro |
|
9.0 |
2017-03-01 |
|
Trend Micro SafeSync for Enterprise replace_local_disk Command Injection Remote Code Execution Vulnerability |
| ZDI-17-118 |
ZDI-CAN-4394 |
Trend Micro |
|
9.0 |
2017-03-01 |
|
Trend Micro SafeSync for Enterprise dead_local_device Command Injection Remote Code Execution Vulnerability |
| ZDI-17-117 |
ZDI-CAN-4393 |
Trend Micro |
|
9.0 |
2017-03-01 |
|
Trend Micro SafeSync for Enterprise dead_iscsi_device Command Injection Remote Code Execution Vulnerability |
| ZDI-17-116 |
ZDI-CAN-4392 |
Trend Micro |
|
9.0 |
2017-03-01 |
|
Trend Micro SafeSync for Enterprise discovery_iscsi_device Command Injection Remote Code Execution Vulnerability |
| ZDI-17-115 |
ZDI-CAN-4391 |
Trend Micro |
|
9.0 |
2017-03-01 |
|
Trend Micro SafeSync for Enterprise save_local_config Command Injection Remote Code Execution Vulnerability |
| ZDI-17-114 |
ZDI-CAN-4390 |
Trend Micro |
|
9.0 |
2017-03-01 |
|
Trend Micro SafeSync for Enterprise save_iscsi_config Command Injection Remote Code Execution Vulnerability |
| ZDI-17-113 |
ZDI-CAN-4389 |
Trend Micro |
|
9.0 |
2017-03-01 |
|
Trend Micro SafeSync for Enterprise check_nfs_server_status Command Injection Remote Code Execution Vulnerability |
| ZDI-17-112 |
ZDI-CAN-3721 |
VIPA |
CVE-2017-5177 |
6.8 |
2017-02-28 |
|
VIPA Automation WinPLC7 recv Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-111 |
ZDI-CAN-3920 |
Adobe |
CVE-2017-2939 |
6.8 |
2017-02-16 |
|
Adobe Acrobat Reader DC Memory Corruption Remote Code Execution Vulnerability |
| ZDI-17-110 |
ZDI-CAN-4370 |
Adobe |
CVE-2017-2994 |
6.8 |
2017-02-14 |
|
Adobe Flash Player MediaPlayer Out-Of-Bounds Access Remote Code Execution Vulnerability |
| ZDI-17-109 |
ZDI-CAN-4371 |
Adobe |
CVE-2017-2995 |
6.8 |
2017-02-14 |
|
Adobe Flash Player MessageChannel Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-108 |
ZDI-CAN-3984 |
Adobe |
CVE-2017-2976 |
4.3 |
2017-02-14 |
|
Adobe Digital Editions PDF Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-107 |
ZDI-CAN-3983 |
Adobe |
CVE-2017-2975 |
4.3 |
2017-02-14 |
|
Adobe Digital Editions PDF Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-106 |
ZDI-CAN-3982 |
Adobe |
CVE-2017-2974 |
4.3 |
2017-02-14 |
|
Adobe Digital Editions PDF Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-105 |
ZDI-CAN-3981 |
Adobe |
CVE-2017-2981 |
4.3 |
2017-02-14 |
|
Adobe Digital Editions PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-104 |
ZDI-CAN-3980 |
Adobe |
CVE-2017-2978 |
4.3 |
2017-02-14 |
|
Adobe Digital Editions PDF Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-103 |
ZDI-CAN-3978 |
Adobe |
CVE-2017-2979 |
4.3 |
2017-02-14 |
|
Adobe Digital Editions FlateDecode Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-102 |
ZDI-CAN-3977 |
Adobe |
CVE-2017-2977 |
4.3 |
2017-02-14 |
|
Adobe Digital Editions FlateDecode Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-101 |
ZDI-CAN-4345 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager cgiRedAlertStatusTracking SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-100 |
ZDI-CAN-4214 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager CCGIServlet NotificationMethodResult SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-099 |
ZDI-CAN-4173 |
Trend Micro |
|
4.0 |
2017-09-22 |
|
Trend Micro Control Manager AdHocQuery_Result XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-17-098 |
ZDI-CAN-4172 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager CCGIServlet CnCContactAlertResult SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-097 |
ZDI-CAN-4171 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager CCGIServlet HighRiskDetectionResult SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-096 |
ZDI-CAN-4170 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager CCGIServlet DLPIncidentStatusChangeResult SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-095 |
ZDI-CAN-4169 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager CCGIServlet StealthProgramFoundResult SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-094 |
ZDI-CAN-4168 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager CCGIServlet SHA1DenyDetectionResult SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-093 |
ZDI-CAN-4167 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager CCGIServlet CorrelatedIncidentResult SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-092 |
ZDI-CAN-4165 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager CCGIServlet DLPIncidentScheduleSummaryResult SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-091 |
ZDI-CAN-4164 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager CCGIServlet VirtualAnalysisDetectionResult SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-090 |
ZDI-CAN-4163 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager CCGIServlet KnownAttackDetectionResult SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-089 |
ZDI-CAN-4162 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager CCGIServlet SuspiciousThreat parameters SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-088 |
ZDI-CAN-4161 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager CCGIServlet ID_HIDDEN_RED_ALERT_TASK_ID SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-087 |
ZDI-CAN-4159 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager CCGIServlet EmailMessageDetected parameters SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-086 |
ZDI-CAN-4160 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager CCGIServlet CnC parameters SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-085 |
ZDI-CAN-4156 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager CCGIServlet ThreatSentToWatchlistResult SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-084 |
ZDI-CAN-4158 |
Trend Micro |
|
4.0 |
2017-09-22 |
|
Trend Micro Control Manager ProductTree_TreeManagement1 XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-17-083 |
ZDI-CAN-4157 |
Trend Micro |
|
4.0 |
2017-09-22 |
|
Trend Micro Control Manager ProductTree_Table XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-17-082 |
ZDI-CAN-4153 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager CCGIServlet IDTB_ Parameters SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-081 |
ZDI-CAN-4152 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager CCGIServlet IDTB_GroupName SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-080 |
ZDI-CAN-4151 |
Trend Micro |
|
4.0 |
2017-09-22 |
|
Trend Micro Control Manager TreeUserControl_process_tree_event XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-17-079 |
ZDI-CAN-4150 |
Trend Micro |
|
4.0 |
2017-09-22 |
|
Trend Micro Control Manager ProductTree XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-17-078 |
ZDI-CAN-4149 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager CCGIServlet IDCB_SuspiciousThreat SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-077 |
ZDI-CAN-4148 |
Trend Micro |
|
4.0 |
2017-09-22 |
|
Trend Micro Control Manager ProductTree_RightWindow XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-17-076 |
ZDI-CAN-4147 |
Trend Micro |
|
4.0 |
2017-09-22 |
|
Trend Micro Control Manager ProductTree_LeftWindow XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-17-075 |
ZDI-CAN-4140 |
Trend Micro |
|
4.0 |
2017-09-22 |
|
Trend Micro Control Manager DeploymentPlan_Event_Handler XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-17-074 |
ZDI-CAN-4113 |
Trend Micro |
|
4.3 |
2017-09-22 |
|
Trend Micro Control Manager ProgressReportCGI SQL Injection Authentication Bypass Vulnerability |
| ZDI-17-073 |
ZDI-CAN-4114 |
Trend Micro |
|
6.0 |
2017-09-22 |
|
Trend Micro Control Manager cgiCMUIDispatcher Login Token SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-072 |
ZDI-CAN-3996 |
Trend Micro |
|
6.8 |
2017-02-07 |
|
Trend Micro Control Manager dlp_policy Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-071 |
ZDI-CAN-3997 |
Trend Micro |
|
6.8 |
2017-02-07 |
|
Trend Micro Control Manager dlp_policy Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-070 |
ZDI-CAN-3998 |
Trend Micro |
|
6.8 |
2017-02-07 |
|
Trend Micro Control Manager dlp_policy Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-069 |
ZDI-CAN-3999 |
Trend Micro |
|
6.8 |
2017-02-07 |
|
Trend Micro Control Manager modDLPViolationCnt_drildown Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-068 |
ZDI-CAN-4000 |
Trend Micro |
|
6.8 |
2017-02-07 |
|
Trend Micro Control Manager modDLPViolationCnt_drildown Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-067 |
ZDI-CAN-4001 |
Trend Micro |
|
6.8 |
2017-02-07 |
|
Trend Micro Control Manager modDLPViolationCnt_drildown Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-066 |
ZDI-CAN-4002 |
Trend Micro |
|
6.8 |
2017-02-07 |
|
Trend Micro Control Manager modDLPTemplateMatch_drildown Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-065 |
ZDI-CAN-4003 |
Trend Micro |
|
6.8 |
2017-02-07 |
|
Trend Micro Control Manager modDLPTemplateMatch_drildown Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-064 |
ZDI-CAN-4004 |
Trend Micro |
|
6.8 |
2017-02-07 |
|
Trend Micro Control Manager modDLPTemplateMatch_drildown Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-063 |
ZDI-CAN-4005 |
Trend Micro |
|
6.8 |
2017-02-07 |
|
Trend Micro Control Manager importFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-062 |
ZDI-CAN-4006 |
Trend Micro |
|
4.3 |
2017-02-07 |
|
Trend Micro Control Manager download Directory Traversal Information Disclosure Vulnerability |
| ZDI-17-061 |
ZDI-CAN-4007 |
Trend Micro |
|
4.3 |
2017-02-07 |
|
Trend Micro Control Manager download Directory Traversal Information Disclosure Vulnerability |
| ZDI-17-060 |
ZDI-CAN-4008 |
Trend Micro |
|
6.8 |
2017-02-07 |
|
Trend Micro Control Manager importFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-059 |
ZDI-CAN-3824 |
Ecava |
CVE-2016-8341 |
7.5 |
2017-02-07 |
|
Ecava IntegraXor getdata param SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-058 |
ZDI-CAN-3849 |
Ecava |
CVE-2016-8341 |
7.5 |
2017-02-07 |
|
Ecava IntegraXor getdata name SQL Injection Remote Code Execution Vulnerability |
| ZDI-17-057 |
ZDI-CAN-4018 |
Oracle |
CVE-2017-3289 |
6.8 |
2017-01-24 |
|
Oracle Java Uninitialized Memory Remote Code Execution Vulnerability |
| ZDI-17-056 |
ZDI-CAN-3834 |
Oracle |
CVE-2017-3272 |
6.8 |
2017-01-24 |
|
Oracle Java AtomicReferenceFieldUpdater Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-055 |
ZDI-CAN-3826 |
Oracle |
CVE-2017-3248 |
7.5 |
2017-01-24 |
|
Oracle WebLogic RMI Registry UnicastRef Object Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-17-054 |
ZDI-CAN-4121 |
Apple |
CVE-2017-2354 |
6.8 |
2017-01-24 |
|
Apple Safari SearchInputType Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-053 |
ZDI-CAN-3995 |
Samba |
CVE-2016-2123 |
6.8 |
2017-01-20 |
|
Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-052 |
ZDI-CAN-4026 |
Brocade |
CVE-2016-8207 |
7.8 |
2017-01-20 |
|
Brocade Network Advisor CliMonitorReportServlet Directory Traversal Information Disclosure Vulnerability |
| ZDI-17-051 |
ZDI-CAN-4025 |
Brocade |
CVE-2016-8206 |
9.4 |
2017-01-20 |
|
Brocade Network Advisor SoftwareImageUpload Directory Traversal Arbitrary File Deletion Vulnerability |
| ZDI-17-050 |
ZDI-CAN-4024 |
Brocade |
CVE-2016-8205 |
10.0 |
2017-01-20 |
|
Brocade Network Advisor DashboardFileReceiveServlet Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-049 |
ZDI-CAN-4023 |
Brocade |
CVE-2016-8204 |
10.0 |
2017-01-20 |
|
Brocade Network Advisor FileReceiveServlet Directory Traversal Remote Code Execution Vulnerability |
| ZDI-17-048 |
ZDI-CAN-4358 |
Bitdefender |
|
6.8 |
2017-01-20 |
|
Bitdefender Internet Security NSIS Entries Integer Overflow Remote Code Execution Vulnerability |
| ZDI-17-047 |
ZDI-CAN-4357 |
Bitdefender |
|
6.8 |
2017-01-20 |
|
Bitdefender Internet Security NSIS Pages Integer Overflow Remote Code Execution Vulnerability |
| ZDI-17-046 |
ZDI-CAN-4356 |
Bitdefender |
|
6.8 |
2017-01-20 |
|
Bitdefender Internet Security SIS Parsing Integer Overflow Remote Code Execution Vulnerability |
| ZDI-17-045 |
ZDI-CAN-4182 |
Adobe |
CVE-2017-2970 |
6.8 |
2017-01-20 |
|
Adobe Reader DC XSLT apply-templates Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-044 |
ZDI-CAN-3936 |
Apache |
CVE-2016-6814 |
7.5 |
2017-12-27 |
|
Apache Groovy MethodClosure Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-17-043 |
ZDI-CAN-3679 |
Advantech |
CVE-2017-5154, CVE-2017-5152 |
6.5 |
2017-01-12 |
|
Advantech WebAccess updateTemplate SQL Injection Information Disclosure Vulnerability |
| ZDI-17-042 |
ZDI-CAN-4327 |
Foxit |
|
6.8 |
2017-01-11 |
|
Foxit PhantomPDF ConvertToPDF TIFF Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-17-041 |
ZDI-CAN-4252 |
Foxit |
|
6.8 |
2017-01-11 |
|
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-040 |
ZDI-CAN-4251 |
Foxit |
|
4.3 |
2017-01-11 |
|
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-039 |
ZDI-CAN-4250 |
Foxit |
|
4.3 |
2017-01-11 |
|
Foxit PhantomPDF ConvertToPDF JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-038 |
ZDI-CAN-4249 |
Foxit |
|
6.8 |
2017-01-11 |
|
Foxit Reader setInterval Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-037 |
ZDI-CAN-4248 |
Foxit |
|
4.3 |
2017-01-11 |
|
Foxit Reader Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-036 |
ZDI-CAN-4247 |
Foxit |
|
4.3 |
2017-01-11 |
|
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-035 |
ZDI-CAN-4246 |
Foxit |
|
6.8 |
2017-01-11 |
|
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-034 |
ZDI-CAN-4245 |
Foxit |
|
6.8 |
2017-01-11 |
|
Foxit Reader alert Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-033 |
ZDI-CAN-4323 |
Foxit |
|
4.3 |
2017-01-11 |
|
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-032 |
ZDI-CAN-4322 |
Foxit |
|
6.8 |
2017-01-11 |
|
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-031 |
ZDI-CAN-4317 |
Adobe |
CVE-2017-2967 |
6.8 |
2017-01-10 |
|
Adobe Reader DC XFA template Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-17-030 |
ZDI-CAN-4305 |
Adobe |
CVE-2017-2966 |
6.8 |
2017-01-10 |
|
Adobe Acrobat Pro DC ImageConversion TIFF Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-029 |
ZDI-CAN-4185 |
Adobe |
CVE-2017-2949 |
6.8 |
2017-01-10 |
|
Adobe Reader DC XSLT call-template Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-028 |
ZDI-CAN-4180 |
Adobe |
CVE-2017-2949 |
6.8 |
2017-01-10 |
|
Adobe Reader DC XSLT element Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-027 |
ZDI-CAN-4308 |
Adobe |
CVE-2017-2963 |
4.3 |
2017-01-10 |
|
Adobe Acrobat Pro DC ImageConversion TIFF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-026 |
ZDI-CAN-4213 |
Adobe |
CVE-2017-2962 |
6.8 |
2017-01-10 |
|
Adobe Reader DC XSLT lang Type Confusion Remote Code Execution Vulnerability |
| ZDI-17-025 |
ZDI-CAN-4209 |
Adobe |
CVE-2017-2961 |
6.8 |
2017-01-10 |
|
Acrobat Reader DC XFA Field Font Size Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-024 |
ZDI-CAN-4208 |
Adobe |
CVE-2017-2960 |
4.3 |
2017-01-10 |
|
Adobe Acrobat Pro DC ImageConversion JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-023 |
ZDI-CAN-4200 |
Adobe |
CVE-2017-2959 |
6.8 |
2017-01-10 |
|
Adobe Acrobat Pro DC ImageConversion JPEG Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-022 |
ZDI-CAN-4126 |
Adobe |
CVE-2017-2951 |
6.8 |
2017-01-10 |
|
Adobe Reader DC XFA hyphenation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-021 |
ZDI-CAN-4125 |
Adobe |
CVE-2017-2950 |
6.8 |
2017-01-10 |
|
Adobe Reader DC XFA Layout Use-After-Free Remote Code Execution Vulnerability |
| ZDI-17-020 |
ZDI-CAN-4197 |
Adobe |
CVE-2017-2949 |
6.8 |
2017-01-10 |
|
Adobe Reader DC XSLT decimal-format Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-019 |
ZDI-CAN-4198 |
Adobe |
CVE-2017-2949 |
6.8 |
2017-01-10 |
|
Adobe Reader DC XSLT namespace-alias Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-018 |
ZDI-CAN-4196 |
Adobe |
CVE-2017-2949 |
6.8 |
2017-01-10 |
|
Adobe Reader DC XSLT processing-instruction Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-017 |
ZDI-CAN-4195 |
Adobe |
CVE-2017-2949 |
6.8 |
2017-01-10 |
|
Adobe Reader DC XSLT function-available Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-016 |
ZDI-CAN-4183 |
Adobe |
CVE-2017-2949 |
6.8 |
2017-01-10 |
|
Adobe Reader DC XSLT sort Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-015 |
ZDI-CAN-4181 |
Adobe |
CVE-2017-2949 |
6.8 |
2017-01-10 |
|
Adobe Reader DC XSLT key Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-014 |
ZDI-CAN-4309 |
Adobe |
CVE-2017-2964 |
4.3 |
2017-01-10 |
|
Adobe Acrobat Pro DC ImageConversion JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-013 |
ZDI-CAN-4199 |
Adobe |
CVE-2017-2949 |
6.8 |
2017-01-10 |
|
Adobe Reader DC XSLT key Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-012 |
ZDI-CAN-4179 |
Adobe |
CVE-2017-2949 |
6.8 |
2017-01-10 |
|
Adobe Reader DC XSLT attribute Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-011 |
ZDI-CAN-4190 |
Adobe |
CVE-2017-2949 |
6.8 |
2017-01-10 |
|
Adobe Reader DC XSLT attribute-set Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-010 |
ZDI-CAN-4307 |
Adobe |
CVE-2017-2965 |
6.8 |
2017-01-10 |
|
Adobe Acrobat Pro DC ImageConversion TIFF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-17-009 |
ZDI-CAN-4184 |
Adobe |
CVE-2017-2949 |
6.8 |
2017-01-10 |
|
Adobe Reader DC XSLT format-number Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-008 |
ZDI-CAN-4186 |
Adobe |
CVE-2017-2949 |
6.8 |
2017-01-10 |
|
Adobe Reader DC XSLT output Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-007 |
ZDI-CAN-4189 |
Adobe |
CVE-2017-2949 |
6.8 |
2017-01-10 |
|
Adobe Reader DC XSLT variable Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-006 |
ZDI-CAN-4187 |
Adobe |
CVE-2017-2949 |
6.8 |
2017-01-10 |
|
Adobe Reader DC XSLT system-property Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-005 |
ZDI-CAN-4188 |
Adobe |
CVE-2017-2949 |
6.8 |
2017-01-10 |
|
Adobe Reader DC XSLT element-available Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-004 |
ZDI-CAN-4193 |
Adobe |
CVE-2017-2946 |
4.3 |
2017-01-10 |
|
Adobe Reader DC JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-003 |
ZDI-CAN-4192 |
Adobe |
CVE-2017-2946 |
6.8 |
2017-01-10 |
|
Adobe Reader DC JPEG2000 Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-17-002 |
ZDI-CAN-4012 |
Adobe |
CVE-2017-2941 |
4.3 |
2017-01-10 |
|
Adobe Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-17-001 |
ZDI-CAN-3836 |
Hewlett Packard Enterprise |
CVE-2016-8519 |
7.5 |
2017-01-10 |
|
Hewlett Packard Enterprise Operations Orchestration Backwards Compatibility Deserialization of Untrusted Data Remote Code Execution Vulnerability |
