| ZDI-20-1453 |
ZDI-CAN-11257 |
Qognify |
CVE-2020-27868 |
9.8 |
2020-12-29 |
2021-03-04 |
Qognify Ocularis EventCoordinator ConnectedChannel_GotMessage Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1452 |
ZDI-CAN-11486 |
Microsoft |
|
6.6 |
2020-12-21 |
2021-02-03 |
(0Day) Microsoft 3D Builder GLB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1451 |
ZDI-CAN-11355 |
NETGEAR |
CVE-2020-27866 |
8.8 |
2020-12-18 |
|
NETGEAR Multiple Routers mini_httpd Authentication Bypass Vulnerability |
| ZDI-20-1450 |
ZDI-CAN-11695 |
VMware |
CVE-2020-3999 |
6.5 |
2020-12-18 |
|
VMware Workstation SetGuestInfo Null Pointer Dereference Denial-of-Service Vulnerability |
| ZDI-20-1449 |
ZDI-CAN-11847 |
Hewlett Packard Enterprise |
CVE-2020-7200 |
9.8 |
2020-12-18 |
|
Hewlett Packard Enterprise Systems Insight Manager AMF Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1448 |
ZDI-CAN-12385 |
Western Digital |
CVE-2020-28970 |
0.0 |
2020-12-16 |
|
(Pwn2Own) Western Digital MyCloud PR4100 nasAdmin Incorrect Authorization Authentication Bypass Vulnerability |
| ZDI-20-1447 |
ZDI-CAN-12327 |
Western Digital |
CVE-2020-28971 |
5.4 |
2020-12-15 |
|
(Pwn2Own) Western Digital MyCloud PR4100 nasAdmin Authentication Bypass Vulnerability |
| ZDI-20-1446 |
ZDI-CAN-12465 |
Western Digital |
CVE-2020-29563 |
9.8 |
2020-12-15 |
|
(Pwn2Own) Western Digital MyCloud PR4100 nasAdmin Incorrect Authorization Authentication Bypass Vulnerability |
| ZDI-20-1445 |
ZDI-CAN-12214 |
Western Digital |
CVE-2020-28940 |
5.4 |
2020-12-15 |
|
(Pwn2Own) Western Digital MyCloud PR4100 nasAdmin Authentication Bypass Vulnerability |
| ZDI-20-1444 |
ZDI-CAN-11083 |
Eaton |
|
7.8 |
2020-12-15 |
|
(0Day) Eaton EASYsoft E70 File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-20-1443 |
ZDI-CAN-11082 |
Eaton |
|
7.8 |
2020-12-15 |
|
(0Day) Eaton EASYsoft E70 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-1442 |
ZDI-CAN-11080 |
Eaton |
|
7.8 |
2020-12-15 |
|
(0Day) Eaton EASYsoft E70 File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-20-1441 |
ZDI-CAN-11078 |
Eaton |
|
7.8 |
2020-12-15 |
|
(0Day) Eaton EASYsoft E70 File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-20-1440 |
ZDI-CAN-10905 |
Linux |
|
8.8 |
2020-12-15 |
|
(0Day) Linux Kernel eBPF Improper Input Validation Privilege Escalation Vulnerability |
| ZDI-20-1439 |
ZDI-CAN-11115 |
LibTIFF |
|
3.3 |
2020-12-15 |
|
(0Day) LibTIFF tiff2pdf Converter Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1438 |
ZDI-CAN-11359 |
D-Link |
|
8.8 |
2020-12-15 |
|
(0Day) D-Link DCS-960L HTTP Authorization Header Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1437 |
ZDI-CAN-11352 |
D-Link |
|
8.8 |
2020-12-15 |
2021-09-27 |
(0Day) D-Link DCS-960L HNAP LoginPassword Incorrect Implementation of Authentication Algorithm Authentication Bypass Vulnerability |
| ZDI-20-1436 |
ZDI-CAN-11366 |
D-Link |
|
8.8 |
2020-12-15 |
|
(0Day) D-Link DCS-960L HNAP Login Cookie Format String Remote Code Execution Vulnerability |
| ZDI-20-1435 |
ZDI-CAN-11360 |
D-Link |
|
8.8 |
2020-12-15 |
2021-09-27 |
(0Day) D-Link DCS-960L HNAP Cookie Format String Remote Code Execution Vulnerability |
| ZDI-20-1434 |
ZDI-CAN-11350 |
Microsoft |
CVE-2021-1648 |
2.5 |
2020-12-15 |
|
(0Day) Microsoft Windows splwow64 Untrusted Pointer Dereference Information Disclosure Vulnerability |
| ZDI-20-1433 |
ZDI-CAN-11349 |
Microsoft |
CVE-2021-1648 |
2.5 |
2021-01-08 |
|
(0Day) Microsoft Windows splwow64 Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1432 |
ZDI-CAN-11351 |
Microsoft |
CVE-2021-1648 |
7.0 |
2020-12-15 |
|
(0Day) Microsoft Windows splwow64 Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-20-1431 |
ZDI-CAN-11632 |
FreeBSD |
CVE-2020-7468 |
8.8 |
2020-12-15 |
|
FreeBSD FTPD Improper Handling of Exceptional Conditions Privilege Escalation Vulnerability |
| ZDI-20-1430 |
ZDI-CAN-11076 |
NETGEAR |
CVE-2020-27861 |
8.8 |
2020-12-15 |
|
NETGEAR Orbi UA_Parser Host Name Command Injection Remote Code Execution Vulnerability |
| ZDI-20-1429 |
ZDI-CAN-10894 |
D-Link |
CVE-2020-27865 |
8.8 |
2020-12-15 |
|
D-Link DAP-1860 uhttpd Authentication Bypass Remote Code Execution Vulnerability |
| ZDI-20-1428 |
ZDI-CAN-10880 |
D-Link |
CVE-2020-27864 |
8.8 |
2020-12-15 |
|
D-Link DAP-1860 HNAP Authorization Command Injection Remote Code Execution Vulnerability |
| ZDI-20-1427 |
ZDI-CAN-10912 |
D-Link |
CVE-2020-27863 |
6.5 |
2020-12-15 |
2021-09-27 |
D-Link Multiple Routers dhttpd Authentication Bypass Vulnerability |
| ZDI-20-1426 |
ZDI-CAN-10911 |
D-Link |
CVE-2020-27862 |
8.8 |
2020-12-15 |
2021-09-27 |
D-Link Multiple Routers dhttpd Command Injection Remote Code Execution Vulnerability |
| ZDI-20-1425 |
ZDI-CAN-11752 |
Microsoft |
CVE-2020-17128 |
7.0 |
2020-12-11 |
|
Microsoft Excel XLS File Parsing Integer Signedness Remote Code Execution Vulnerability |
| ZDI-20-1424 |
ZDI-CAN-11888 |
Microsoft |
CVE-2020-17125 |
7.8 |
2020-12-11 |
|
Microsoft Excel XLS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-1423 |
ZDI-CAN-11653 |
NETGEAR |
CVE-2020-27867 |
6.8 |
2020-12-21 |
2020-12-21 |
NETGEAR Multiple Routers mini_httpd Command Injection Remote Code Execution Vulnerability |
| ZDI-20-1422 |
ZDI-CAN-11887 |
Microsoft |
CVE-2020-17119 |
2.5 |
2020-12-11 |
|
Microsoft Outlook MSG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1421 |
ZDI-CAN-11839 |
X.Org |
CVE-2020-25712 |
7.8 |
2020-12-09 |
|
X.Org Server XkbSetDeviceInfo Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-20-1420 |
ZDI-CAN-11572 |
X.Org |
CVE-2020-14360 |
7.8 |
2020-12-09 |
|
X.Org Server XkbSetMap Out-Of-Bounds Access Privilege Escalation Vulnerability |
| ZDI-20-1419 |
ZDI-CAN-11574 |
X.Org |
CVE-2020-14362 |
7.8 |
2020-12-09 |
|
X.Org Server XRecordRegisterClients Integer Underflow Privilege Escalation Vulnerability |
| ZDI-20-1418 |
ZDI-CAN-11573 |
X.Org |
CVE-2020-14361 |
7.8 |
2020-12-09 |
|
X.Org Server XkbSelectEvents Integer Underflow Privilege Escalation Vulnerability |
| ZDI-20-1417 |
ZDI-CAN-11429 |
X.Org |
CVE-2020-14346 |
7.8 |
2020-12-09 |
|
X.Org Server XIChangeHierarchy Integer Underflow Privilege Escalation Vulnerability |
| ZDI-20-1416 |
ZDI-CAN-11428 |
X.Org |
CVE-2020-14345 |
7.8 |
2020-12-09 |
|
X.Org Server XkbSetNames Out-Of-Bounds Access Privilege Escalation Vulnerability |
| ZDI-20-1415 |
ZDI-CAN-11727 |
Foxit |
CVE-2020-27860 |
7.8 |
2020-12-09 |
|
Foxit Reader XFA Template Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1414 |
ZDI-CAN-11894 |
Microsoft |
CVE-2020-17124 |
7.8 |
2020-12-09 |
|
Microsoft PowerPoint PPTX File Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-1413 |
ZDI-CAN-11906 |
Microsoft |
CVE-2020-17131 |
8.8 |
2020-12-09 |
|
Microsoft Chakra LinearScan Memory Corruption Remote Code Execution Vulnerability |
| ZDI-20-1412 |
ZDI-CAN-11873 |
Microsoft |
CVE-2020-17121 |
8.8 |
2020-12-09 |
|
Microsoft SharePoint Site Import Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-1411 |
ZDI-CAN-11588 |
Apple |
CVE-2020-9956 |
4.3 |
2020-12-09 |
|
Apple macOS libFontParser TTF Font Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1410 |
ZDI-CAN-11307 |
Apple |
CVE-2020-9955 |
4.3 |
2020-12-09 |
|
Apple macOS KTX Image DecodeRow Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1409 |
ZDI-CAN-11122 |
Apple |
CVE-2020-10015 |
7.8 |
2020-12-09 |
|
Apple macOS process_token_BlitLibSetup3D Out-Of-Bounds Access Privilege Escalation Vulnerability |
| ZDI-20-1408 |
ZDI-CAN-11123 |
Apple |
CVE-2020-10015 |
7.8 |
2020-12-09 |
|
Apple macOS process_token_BlitLibSetup2D Out-Of-Bounds Access Privilege Escalation Vulnerability |
| ZDI-20-1407 |
ZDI-CAN-11124 |
Apple |
CVE-2020-27907 |
7.8 |
2020-12-09 |
|
Apple macOS process_token_GenerateMipmaps Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-20-1406 |
ZDI-CAN-11828 |
Apple |
CVE-2020-9999 |
7.8 |
2020-12-08 |
|
Apple macOS CoreText MorxLigatureSubtableBuilder TTF Parsing Out-of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1405 |
ZDI-CAN-11801 |
Apple |
CVE-2020-27931 |
3.3 |
2020-12-08 |
|
Apple macOS libFontParser TwOFFStream TTF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1404 |
ZDI-CAN-11598 |
Apple |
CVE-2020-27952 |
7.8 |
2020-12-08 |
|
Apple macOS libFontParser TTF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1403 |
ZDI-CAN-11209 |
Apple |
CVE-2020-27897 |
7.8 |
2020-12-08 |
|
Apple macOS Kernel Command 0x10007 Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-20-1402 |
ZDI-CAN-11208 |
Apple |
CVE-2020-27897 |
7.8 |
2020-12-08 |
|
Apple macOS Kernel Command 0x10006 Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-20-1401 |
ZDI-CAN-11207 |
Apple |
CVE-2020-27897 |
7.8 |
2020-12-08 |
|
Apple macOS Kernel Command 0x10005 Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-20-1400 |
ZDI-CAN-10758 |
Realtek |
|
8.0 |
2020-12-07 |
|
(0Day) Realtek RTL8811AU Wi-Fi Driver rtwlane Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1399 |
ZDI-CAN-10715 |
Realtek |
|
8.0 |
2020-12-07 |
|
(0Day) Realtek RTL8811AU Wi-Fi Driver rtwlanu Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1398 |
ZDI-CAN-11267 |
Microsoft |
CVE-2020-0971 |
6.5 |
2020-12-04 |
|
Microsoft SharePoint DataFormWebPart Server-Side Include Information Disclosure Vulnerability |
| ZDI-20-1397 |
ZDI-CAN-11103 |
Arcserve |
CVE-2020-27858 |
7.5 |
2020-12-04 |
|
Arcserve D2D getNews XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-20-1396 |
ZDI-CAN-11507 |
Apple |
CVE-2020-10017 |
7.8 |
2020-12-04 |
|
Apple macOS AudioCodecs AAC Decoding Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1395 |
ZDI-CAN-11183 |
Apple |
CVE-2020-10007 |
5.5 |
2020-12-04 |
2024-07-08 |
Apple macOS powerd Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-20-1394 |
ZDI-CAN-11498 |
Apple |
CVE-2020-9950 |
4.3 |
2020-12-03 |
|
Apple Safari TextNode Use-After-Free Information Disclosure Vulnerability |
| ZDI-20-1393 |
ZDI-CAN-11457 |
Apple |
CVE-2020-9996 |
7.8 |
2020-12-03 |
|
Apple macOS libnetworkextension ne_filter_protocol_remove_input_handler Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-1392 |
ZDI-CAN-11235 |
Apple |
CVE-2020-9954 |
7.8 |
2020-12-03 |
|
Apple macOS AudioCodecs Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1391 |
ZDI-CAN-11189 |
Apple |
CVE-2020-9889 |
7.8 |
2020-12-03 |
|
Apple macOS AudioToolboxCore Wave Header Parsing Sign Extension Remote Code Execution Vulnerability |
| ZDI-20-1390 |
ZDI-CAN-11125 |
Apple |
CVE-2020-9947 |
8.8 |
2020-12-03 |
|
Apple Safari RenderObject Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-1389 |
ZDI-CAN-11210 |
Apple |
CVE-2020-9883 |
3.3 |
2020-12-03 |
|
Apple macOS CoreGraphics JBIG2Stream Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1388 |
ZDI-CAN-11575 |
McAfee |
CVE-2020-7335 |
7.0 |
2020-12-01 |
|
McAfee Total Protection Junction Privilege Escalation Vulnerability |
| ZDI-20-1387 |
ZDI-CAN-11583 |
Trend Micro |
CVE-2020-28583 |
5.3 |
2020-11-27 |
|
Trend Micro OfficeScan Improper Access Control Information Disclosure Vulnerability |
| ZDI-20-1386 |
ZDI-CAN-11582 |
Trend Micro |
CVE-2020-28582 |
5.3 |
2020-11-27 |
|
Trend Micro OfficeScan Improper Access Control Information Disclosure Vulnerability |
| ZDI-20-1385 |
ZDI-CAN-12409 |
VMware |
CVE-2020-3992 |
7.8 |
2020-11-25 |
|
VMware ESXi SLP Use-After-Free Privilege Escalation Vulnerability |
| ZDI-20-1384 |
ZDI-CAN-11353 |
Fuji Electric |
CVE-2020-25171 |
7.8 |
2020-11-25 |
|
Fuji Electric V-Server Lite VPR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1383 |
ZDI-CAN-11173 |
SaltStack |
CVE-2020-16846 |
7.3 |
2020-11-24 |
|
SaltStack Salt rest_cherrypy ssh_remote_port_forwards Command Injection Remote Code Execution Vulnerability |
| ZDI-20-1382 |
ZDI-CAN-11172 |
SaltStack |
CVE-2020-16846 |
7.3 |
2020-11-24 |
|
SaltStack Salt rest_cherrypy ssh_port Command Injection Remote Code Execution Vulnerability |
| ZDI-20-1381 |
ZDI-CAN-11169 |
SaltStack |
CVE-2020-16846 |
7.3 |
2020-11-24 |
|
SaltStack Salt rest_cherrypy ssh_options Command Injection Remote Code Execution Vulnerability |
| ZDI-20-1380 |
ZDI-CAN-11167 |
SaltStack |
CVE-2020-16846 |
7.3 |
2020-11-24 |
|
SaltStack Salt rest_cherrypy tgt Command Injection Remote Code Execution Vulnerability |
| ZDI-20-1379 |
ZDI-CAN-11143 |
SaltStack |
CVE-2020-16846 |
7.3 |
2020-11-24 |
|
SaltStack Salt rest_cherrypy ssh_priv Command Injection Remote Code Execution Vulnerability |
| ZDI-20-1378 |
ZDI-CAN-11064 |
Trend Micro |
CVE-2020-28575 |
8.2 |
2020-11-24 |
|
Trend Micro ServerProtect ioctlMod Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-20-1377 |
ZDI-CAN-12190 |
VMware |
CVE-2020-3992 |
8.8 |
2020-11-23 |
|
VMware ESXi SLP Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-1376 |
ZDI-CAN-11571 |
Trend Micro |
CVE-2020-28577 |
5.3 |
2020-11-22 |
|
Trend Micro Apex One Improper Access Control Information Disclosure Vulnerability |
| ZDI-20-1375 |
ZDI-CAN-11237 |
Trend Micro |
CVE-2020-28576 |
5.3 |
2020-11-22 |
|
Trend Micro Apex One Improper Access Control Information Disclosure Vulnerability |
| ZDI-20-1374 |
ZDI-CAN-11236 |
Trend Micro |
CVE-2020-28573 |
5.3 |
2020-11-22 |
|
Trend Micro Apex One Improper Access Control Information Disclosure Vulnerability |
| ZDI-20-1373 |
ZDI-CAN-12020 |
Microsoft |
CVE-2020-1319 |
8.8 |
2020-11-22 |
|
Microsoft Windows WebM Video Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-20-1372 |
ZDI-CAN-11510 |
Linux |
CVE-2020-14351 |
7.8 |
2020-11-22 |
|
Linux Kernel Performance Counters Race Condition Privilege Escalation Vulnerability |
| ZDI-20-1371 |
ZDI-CAN-11867 |
Microsoft |
CVE-2020-17057 |
8.8 |
2020-11-11 |
|
Microsoft Windows DirectComposition Uninitialized Pointer Privilege Escalation Vulnerability |
| ZDI-20-1370 |
ZDI-CAN-11871 |
Microsoft |
CVE-2020-17048 |
7.5 |
2020-11-11 |
|
Microsoft Chakra Array Iterator Type Confusion Remote Code Execution Vulnerability |
| ZDI-20-1369 |
ZDI-CAN-11875 |
Microsoft |
CVE-2020-17053 |
8.8 |
2020-11-11 |
|
Microsoft Internet Explorer array Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1368 |
ZDI-CAN-11874 |
Microsoft |
CVE-2020-17053 |
8.8 |
2020-11-11 |
|
Microsoft Internet Explorer array Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-1367 |
ZDI-CAN-11518 |
Microsoft |
CVE-2020-17019 |
7.8 |
2020-11-11 |
|
Microsoft Excel XLS File Parsing Double Free Remote Code Execution Vulnerability |
| ZDI-20-1366 |
ZDI-CAN-11796 |
Microsoft |
CVE-2020-17014 |
6.1 |
2020-11-11 |
2020-12-01 |
Microsoft Windows Print Spooler Directory Junction Denial-of-Service Vulnerability |
| ZDI-20-1365 |
ZDI-CAN-11361 |
Microsoft |
CVE-2020-17012 |
7.8 |
2020-11-11 |
|
Microsoft Windows bindflt Driver Missing Authentication Privilege Escalation Vulnerability |
| ZDI-20-1364 |
ZDI-CAN-11866 |
SAP |
CVE-2020-26817 |
7.8 |
2020-11-11 |
|
SAP 3D Visual Enterprise Viewer HPGL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1363 |
ZDI-CAN-11175 |
Cisco |
CVE-2020-3604 |
7.8 |
2020-11-10 |
|
Cisco WebEx Network Recording Player ARF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1362 |
ZDI-CAN-11176 |
Cisco |
CVE-2020-3573 |
7.8 |
2020-11-10 |
|
Cisco WebEx Network Recording Player ARF File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-20-1361 |
ZDI-CAN-11133 |
Cisco |
CVE-2020-3603 |
7.8 |
2020-11-10 |
|
Cisco WebEx Network Recording Player ARF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1360 |
ZDI-CAN-11187 |
WECON |
CVE-2020-25181 |
7.8 |
2020-11-10 |
|
WECON PLC Editor WCP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1359 |
ZDI-CAN-11186 |
WECON |
CVE-2020-25181 |
7.8 |
2020-11-10 |
|
WECON PLC Editor WCP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1358 |
ZDI-CAN-11185 |
WECON |
CVE-2020-25177 |
7.8 |
2020-11-10 |
|
WECON PLC Editor WCP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1357 |
ZDI-CAN-12015 |
Adobe |
CVE-2020-24438 |
3.3 |
2020-11-10 |
|
Adobe Acrobat Reader DC AVDocumentLocal Use-After-Free Information Disclosure Vulnerability |
| ZDI-20-1356 |
ZDI-CAN-11958 |
Adobe |
CVE-2020-24434 |
3.3 |
2020-11-10 |
|
Adobe Acrobat Pro DC PDF Export Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1355 |
ZDI-CAN-11957 |
Adobe |
CVE-2020-24436 |
7.8 |
2020-11-10 |
|
Adobe Acrobat Pro DC PDF Export Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1354 |
ZDI-CAN-11540 |
Adobe |
CVE-2020-24426 |
3.3 |
2020-11-10 |
|
Adobe Acrobat Reader DC ID Parameter Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1353 |
ZDI-CAN-11100 |
WECON |
CVE-2020-16243 |
7.8 |
2020-11-10 |
|
WECON LeviStudioU HSC File Parsing CharSize Attribute Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1352 |
ZDI-CAN-11098 |
WECON |
CVE-2020-16243 |
7.8 |
2020-11-10 |
|
WECON LeviStudioU HFT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1351 |
ZDI-CAN-11097 |
WECON |
CVE-2020-16243 |
7.8 |
2020-11-10 |
|
WECON LeviStudioU HFT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1350 |
ZDI-CAN-11488 |
Foxit |
CVE-2020-27857 |
7.8 |
2020-10-28 |
|
Foxit Studio Photo NEF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1349 |
ZDI-CAN-11434 |
Foxit |
CVE-2020-27856 |
3.3 |
2020-10-28 |
|
Foxit Studio Photo CR2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1348 |
ZDI-CAN-11433 |
Foxit |
CVE-2020-27855 |
3.3 |
2020-10-28 |
|
Foxit Studio Photo SR2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1347 |
ZDI-CAN-11432 |
Foxit |
CVE-2020-17436 |
3.3 |
2020-10-28 |
|
Foxit Studio Photo CMP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1346 |
ZDI-CAN-11358 |
Foxit |
CVE-2020-17435 |
3.3 |
2020-10-28 |
|
Foxit Studio Photo CR2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1345 |
ZDI-CAN-11357 |
Foxit |
CVE-2020-17434 |
3.3 |
2020-10-28 |
|
Foxit Studio Photo ARW File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1344 |
ZDI-CAN-11356 |
Foxit |
CVE-2020-17433 |
3.3 |
2020-10-28 |
|
Foxit Studio Photo CMP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1343 |
ZDI-CAN-11335 |
Foxit |
CVE-2020-17432 |
3.3 |
2020-10-28 |
|
Foxit Studio Photo CR2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1342 |
ZDI-CAN-11333 |
Foxit |
CVE-2020-17431 |
7.8 |
2020-10-28 |
|
Foxit Studio Photo CR2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1341 |
ZDI-CAN-11332 |
Foxit |
CVE-2020-17430 |
7.8 |
2020-10-28 |
|
Foxit Studio Photo CR2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1340 |
ZDI-CAN-11337 |
Foxit |
CVE-2020-17429 |
3.3 |
2020-10-28 |
|
Foxit Studio Photo CMP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1339 |
ZDI-CAN-11336 |
Foxit |
CVE-2020-17428 |
3.3 |
2020-10-28 |
|
Foxit Studio Photo CMP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1338 |
ZDI-CAN-11334 |
Foxit |
CVE-2020-17427 |
7.8 |
2020-10-28 |
|
Foxit Studio Photo NEF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-1337 |
ZDI-CAN-11230 |
Foxit |
CVE-2020-17426 |
7.8 |
2020-10-28 |
|
Foxit Studio Photo CR2 File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-20-1336 |
ZDI-CAN-11259 |
Foxit |
CVE-2020-17425 |
7.8 |
2020-10-28 |
|
Foxit Studio Photo EPS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1335 |
ZDI-CAN-11247 |
Foxit |
CVE-2020-17424 |
7.8 |
2020-10-28 |
|
Foxit Studio Photo EZI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1334 |
ZDI-CAN-11196 |
Foxit |
CVE-2020-17423 |
7.8 |
2020-10-28 |
|
Foxit Studio Photo ARW File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1333 |
ZDI-CAN-11195 |
Foxit |
CVE-2020-17422 |
3.3 |
2020-10-28 |
|
Foxit Studio Photo EPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1332 |
ZDI-CAN-11194 |
Foxit |
CVE-2020-17421 |
7.8 |
2020-10-28 |
|
Foxit Studio Photo NEF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1331 |
ZDI-CAN-11193 |
Foxit |
CVE-2020-17420 |
3.3 |
2020-10-28 |
|
Foxit Studio Photo NEF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1330 |
ZDI-CAN-11192 |
Foxit |
CVE-2020-17419 |
7.8 |
2020-10-28 |
|
Foxit Studio Photo NEF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1329 |
ZDI-CAN-11197 |
Foxit |
CVE-2020-17418 |
7.8 |
2020-10-28 |
|
Foxit Studio Photo EZIX channel id Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1328 |
ZDI-CAN-11198 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager SAMDownloadServlet Deserialization Of Untrusted Data Privilege Escalation Vulnerability |
| ZDI-20-1327 |
ZDI-CAN-11203 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager RegistrationServlet Deserialization Of Untrusted Data Privilege Escalation Vulnerability |
| ZDI-20-1326 |
ZDI-CAN-11204 |
Micro Focus |
CVE-2020-11858 |
7.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager Service Incorrect Permission Assignment Privilege Escalation Vulnerability |
| ZDI-20-1325 |
ZDI-CAN-11417 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager GenericAdapterService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1324 |
ZDI-CAN-11416 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager LicensingService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1323 |
ZDI-CAN-11415 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager AutomationMappingService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1322 |
ZDI-CAN-11414 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager ResourceManagementService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1321 |
ZDI-CAN-11413 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager MultiTenancyService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1320 |
ZDI-CAN-11412 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager CITService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1319 |
ZDI-CAN-11411 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager LDAPService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1318 |
ZDI-CAN-11410 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager SnapshotService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1317 |
ZDI-CAN-11409 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager ClassModelService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1316 |
ZDI-CAN-11408 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager PermissionsService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1315 |
ZDI-CAN-11407 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager CommonService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1314 |
ZDI-CAN-11406 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager ImpactService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1313 |
ZDI-CAN-11405 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager SchedulerService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1312 |
ZDI-CAN-11404 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager LocationService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1311 |
ZDI-CAN-11403 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager BundleService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1310 |
ZDI-CAN-11402 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager HistoryService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1309 |
ZDI-CAN-11401 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager CIService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1308 |
ZDI-CAN-11400 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager DataAcquisitionService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1307 |
ZDI-CAN-11399 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager SoftwareLibraryService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1306 |
ZDI-CAN-11398 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager ServiceDiscoveryService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1305 |
ZDI-CAN-11397 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager DiscoveryService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1304 |
ZDI-CAN-11396 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager MailService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1303 |
ZDI-CAN-11395 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager RelatedCIsService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1302 |
ZDI-CAN-11394 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager FolderService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1301 |
ZDI-CAN-11393 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager PatternService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1300 |
ZDI-CAN-11392 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager CMSImagesService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1299 |
ZDI-CAN-11391 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager ReportService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1298 |
ZDI-CAN-11390 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager TopologyService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1297 |
ZDI-CAN-11389 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager WatchServerAPI Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1296 |
ZDI-CAN-11388 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager BusinessModelFacadeForGui Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1295 |
ZDI-CAN-11387 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager FoldersFacade Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1294 |
ZDI-CAN-11386 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager SchedulerFacadeForGui Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1293 |
ZDI-CAN-11385 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager PackageFacadeForGui Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1292 |
ZDI-CAN-11384 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager CorrelationRunnerFacade Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1291 |
ZDI-CAN-11383 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager CorrelationFacadeForGui Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1290 |
ZDI-CAN-11382 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager CategoryFacadeForGui Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1289 |
ZDI-CAN-11381 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager CmdbOperationExecuterService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1288 |
ZDI-CAN-11200 |
Micro Focus |
CVE-2020-11853 |
8.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager SecurityService Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1287 |
ZDI-CAN-11201 |
Micro Focus |
CVE-2020-11854 |
9.8 |
2020-10-28 |
|
Micro Focus Operations Bridge Manager diagnostics Use of Hard-coded Credentials Remote Code Execution Vulnerability |
| ZDI-20-1286 |
ZDI-CAN-11047 |
Trend Micro |
CVE-2020-27015 |
6.0 |
2020-10-26 |
|
Trend Micro Antivirus for Mac Error Message Information Disclosure Vulnerability |
| ZDI-20-1285 |
ZDI-CAN-11045 |
Trend Micro |
CVE-2020-27014 |
8.2 |
2020-10-26 |
|
Trend Micro Antivirus for Mac Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-20-1284 |
ZDI-CAN-10607 |
WECON |
CVE-2020-25186 |
5.5 |
2020-10-22 |
|
WECON LeviStudioU XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-20-1283 |
ZDI-CAN-11687 |
Oracle |
CVE-2020-14876 |
7.5 |
2020-10-22 |
|
Oracle E-Business Suite ozfVendorLov SQL Injection Information Disclosure Vulnerability |
| ZDI-20-1282 |
ZDI-CAN-11829 |
Oracle |
CVE-2020-14825 |
9.8 |
2020-10-22 |
|
Oracle WebLogic Server T3 Protocol Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1281 |
ZDI-CAN-11679 |
Oracle |
CVE-2020-14885 |
5.3 |
2020-10-22 |
|
Oracle VirtualBox Shader Bytecode Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1280 |
ZDI-CAN-11677 |
Oracle |
CVE-2020-14886 |
5.3 |
2020-10-22 |
|
Oracle VirtualBox Shader Bytecode Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1279 |
ZDI-CAN-11676 |
Oracle |
CVE-2020-14884 |
5.3 |
2020-10-22 |
|
Oracle VirtualBox Shader Bytecode Type Confusion Information Disclosure Vulnerability |
| ZDI-20-1278 |
ZDI-CAN-11678 |
Oracle |
CVE-2020-14881 |
5.3 |
2020-10-22 |
|
Oracle VirtualBox Shader Bytecode Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1277 |
ZDI-CAN-11591 |
Oracle |
CVE-2020-14825 |
9.8 |
2020-10-22 |
|
Oracle WebLogic Server T3 Protocol Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1276 |
ZDI-CAN-11453 |
Oracle |
CVE-2020-14841 |
9.8 |
2020-10-22 |
|
Oracle WebLogic Server IIOP Protocol Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1275 |
ZDI-CAN-11305 |
Oracle |
CVE-2020-14859 |
9.8 |
2020-10-22 |
|
Oracle WebLogic Server T3 Protocol Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1274 |
ZDI-CAN-10818 |
Oracle |
CVE-2020-14841 |
9.8 |
2020-10-22 |
|
Oracle WebLogic Server IIOP Protocol Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1273 |
ZDI-CAN-10968 |
Oracle |
CVE-2020-14825 |
9.8 |
2020-10-22 |
|
Oracle WebLogic Server T3 Protocol Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1272 |
ZDI-CAN-11477 |
Adobe |
CVE-2020-24410 |
7.8 |
2020-10-22 |
|
Adobe Illustrator PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-1271 |
ZDI-CAN-11474 |
Adobe |
CVE-2020-24409 |
7.8 |
2020-10-22 |
|
Adobe Illustrator PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-1270 |
ZDI-CAN-11346 |
Adobe |
CVE-2020-24411 |
7.8 |
2020-10-22 |
|
Adobe Illustrator PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1269 |
ZDI-CAN-11563 |
VMware |
CVE-2020-3992 |
9.8 |
2020-10-20 |
|
VMware ESXi SLP Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-1268 |
ZDI-CAN-11228 |
VMware |
CVE-2020-3982 |
8.2 |
2020-10-20 |
2021-03-02 |
VMware Workstation BDOOR_CMD_PATCH_ACPI_TABLES Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-20-1267 |
ZDI-CAN-11227 |
VMware |
CVE-2020-3981 |
6.0 |
2020-10-20 |
2021-03-02 |
VMware Workstation BDOOR_CMD_PATCH_ACPI_TABLES Time-Of-Check Time-Of-Use Information Disclosure Vulnerability |
| ZDI-20-1266 |
ZDI-CAN-11705 |
SAP |
CVE-2020-6374 |
7.8 |
2020-10-19 |
|
SAP 3D Visual Enterprise Viewer JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-1265 |
ZDI-CAN-11243 |
SAP |
CVE-2020-6315 |
5.5 |
2020-10-19 |
|
SAP 3D Visual Enterprise Viewer SVG File XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-20-1264 |
ZDI-CAN-11467 |
SAP |
CVE-2020-6372 |
7.8 |
2020-10-19 |
|
SAP 3D Visual Enterprise Viewer PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1263 |
ZDI-CAN-11462 |
SAP |
CVE-2020-6373 |
7.8 |
2020-10-19 |
|
SAP 3D Visual Enterprise Viewer PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1262 |
ZDI-CAN-11373 |
Advantech |
CVE-2020-25157 |
7.5 |
2020-10-19 |
|
Advantech R-SeeNet device_position device_id SQL Injection Information Disclosure Vulnerability |
| ZDI-20-1261 |
ZDI-CAN-11262 |
Advantech |
CVE-2020-25161 |
8.8 |
2020-10-19 |
|
Advantech WebAccess/SCADA WADashboard External Control of File Path Remote Code Execution Vulnerability |
| ZDI-20-1260 |
ZDI-CAN-10924 |
Apple |
CVE-2020-9990 |
7.8 |
2020-10-19 |
|
Apple macOS process_token_SetFence Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-20-1259 |
ZDI-CAN-10823 |
Apple |
CVE-2020-9990 |
7.8 |
2020-10-19 |
|
Apple macOS process_token_SetFence Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-20-1258 |
ZDI-CAN-11981 |
Microsoft |
CVE-2020-16968 |
8.8 |
2020-10-19 |
|
Microsoft Windows Camera Codec Pack Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1257 |
ZDI-CAN-11980 |
Microsoft |
CVE-2020-16915 |
8.8 |
2020-10-19 |
|
Microsoft Windows Media Player HEVC Stream Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1256 |
ZDI-CAN-11602 |
Microsoft |
CVE-2020-16930 |
7.8 |
2020-10-19 |
|
Microsoft Excel XLS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1255 |
ZDI-CAN-11613 |
Microsoft |
CVE-2020-16931 |
7.8 |
2020-10-19 |
|
Microsoft Excel XLS File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-20-1254 |
ZDI-CAN-11622 |
Microsoft |
CVE-2020-16939 |
7.3 |
2020-10-19 |
|
Microsoft Windows Group Policy Client Service Link Resolution Privilege Escalation Vulnerability |
| ZDI-20-1253 |
ZDI-CAN-11529 |
Microsoft |
CVE-2020-16932 |
7.8 |
2020-10-19 |
|
Microsoft Excel XLS File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| ZDI-20-1252 |
ZDI-CAN-11524 |
Microsoft |
CVE-2020-16930 |
7.8 |
2020-10-19 |
|
Microsoft Excel XLS File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-20-1251 |
ZDI-CAN-11516 |
Microsoft |
CVE-2020-16929 |
7.8 |
2020-10-19 |
|
Microsoft Excel XLS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-1250 |
ZDI-CAN-11250 |
Microsoft |
CVE-2020-16947 |
3.7 |
2020-10-19 |
|
Microsoft Outlook HTML Email Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1249 |
ZDI-CAN-11249 |
Microsoft |
CVE-2020-16947 |
8.1 |
2020-10-19 |
|
Microsoft Outlook HTML Email Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1248 |
ZDI-CAN-11129 |
Microsoft |
CVE-2020-16940 |
5.5 |
2020-10-19 |
|
Microsoft Windows User Profile Service Arbitrary File Deletion Vulnerability |
| ZDI-20-1247 |
ZDI-CAN-11174 |
Microsoft |
CVE-2020-1167 |
7.8 |
2020-10-19 |
|
Microsoft 3D Builder GLB File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1246 |
ZDI-CAN-11032 |
Microsoft |
CVE-2020-17003 |
5.3 |
2020-10-14 |
|
Microsoft 3D Viewer FBX File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-1245 |
ZDI-CAN-11241 |
Microsoft |
CVE-2020-16967 |
7.8 |
2020-10-14 |
|
Microsoft Windows Camera Codec Pack Image Processing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1244 |
ZDI-CAN-11029 |
LAquis |
CVE-2020-25188 |
7.8 |
2020-10-14 |
|
LAquis SCADA LQS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-1243 |
ZDI-CAN-10945 |
Trend Micro |
CVE-2020-27013 |
4.4 |
2020-10-14 |
|
Trend Micro Antivirus for Mac Improper Access Control Information Disclosure Vulnerability |
| ZDI-20-1242 |
ZDI-CAN-11046 |
Trend Micro |
CVE-2020-25777 |
5.4 |
2020-10-14 |
|
Trend Micro Antivirus for Mac Protection Bypass Vulnerability |
| ZDI-20-1241 |
ZDI-CAN-11048 |
Trend Micro |
CVE-2020-25778 |
6.0 |
2020-10-14 |
|
Trend Micro Antivirus for Mac Error Message Information Disclosure Vulnerability |
| ZDI-20-1240 |
ZDI-CAN-10181 |
Realtek |
|
7.5 |
2020-10-08 |
2021-06-29 |
(0Day) Realtek rtl81xx SDK Wi-Fi Driver rtwlane Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1239 |
ZDI-CAN-10180 |
Realtek |
|
7.1 |
2020-10-08 |
2021-06-29 |
(0Day) Realtek rtl81xx SDK Wi-Fi Driver rtwlanu Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1238 |
ZDI-CAN-11184 |
Apple |
CVE-2020-9883 |
7.8 |
2020-10-08 |
|
Apple macOS CoreGraphics JBIG2Bitmap Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1237 |
ZDI-CAN-10580 |
IBM |
CVE-2020-4799 |
7.8 |
2020-10-08 |
|
IBM Informix spatial Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-20-1236 |
ZDI-CAN-10941 |
Trend Micro |
CVE-2020-25776 |
7.8 |
2020-10-01 |
|
Trend Micro Antivirus for Mac Symbolic Link Privilege Escalation Vulnerability |
| ZDI-20-1235 |
ZDI-CAN-11226 |
Foxit |
CVE-2020-17413 |
7.8 |
2020-09-29 |
2020-10-09 |
Foxit PhantomPDF U3DBrowser U3D File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1234 |
ZDI-CAN-11657 |
Foxit |
CVE-2020-17417 |
7.8 |
2020-09-29 |
2020-10-09 |
Foxit Reader AcroForm Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-1233 |
ZDI-CAN-11497 |
Foxit |
CVE-2020-17416 |
7.8 |
2020-09-29 |
2020-10-09 |
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1232 |
ZDI-CAN-11308 |
Foxit |
CVE-2020-17415 |
7.8 |
2020-09-29 |
2020-10-09 |
Foxit PhantomPDF Update Service Incorrect Permission Assignment Privilege Escalation Vulnerability |
| ZDI-20-1231 |
ZDI-CAN-11229 |
Foxit |
CVE-2020-17414 |
7.8 |
2020-09-29 |
2020-10-09 |
Foxit Reader Update Service Incorrect Permission Assignment Privilege Escalation Vulnerability |
| ZDI-20-1230 |
ZDI-CAN-11224 |
Foxit |
CVE-2020-17412 |
7.8 |
2020-09-29 |
2020-10-09 |
Foxit PhantomPDF U3DBrowser U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1229 |
ZDI-CAN-11190 |
Foxit |
CVE-2020-17411 |
3.3 |
2020-09-29 |
2020-10-09 |
Foxit PhantomPDF U3DBrowser U3D Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1228 |
ZDI-CAN-11135 |
Foxit |
CVE-2020-17410 |
7.8 |
2020-09-29 |
2020-10-09 |
Foxit PhantomPDF GIF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-1227 |
ZDI-CAN-10819 |
Trend Micro |
CVE-2020-25775 |
5.3 |
2020-09-28 |
|
Trend Micro Maximum Security Race Condition Arbitrary File Deletion Vulnerability |
| ZDI-20-1226 |
ZDI-CAN-10794 |
Trend Micro |
CVE-2020-24562 |
7.8 |
2020-09-25 |
|
Trend Micro OfficeScan Hard Link Privilege Escalation Vulnerability |
| ZDI-20-1225 |
ZDI-CAN-11108 |
Trend Micro |
CVE-2020-25774 |
3.3 |
2020-09-25 |
|
Trend Micro OfficeScan ServerMigrationTool ZIP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1224 |
ZDI-CAN-10973 |
Trend Micro |
CVE-2020-25773 |
7.8 |
2020-09-25 |
|
Trend Micro OfficeScan ServerMigrationTool DAT File Parsing Double Free Remote Code Execution Vulnerability |
| ZDI-20-1223 |
ZDI-CAN-10844 |
Trend Micro |
CVE-2020-25771 |
5.5 |
2020-09-25 |
|
Trend Micro Apex One scanServer64 Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1222 |
ZDI-CAN-10839 |
Trend Micro |
CVE-2020-25772 |
5.5 |
2020-09-25 |
|
Trend Micro Apex One scanServer64 Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1221 |
ZDI-CAN-10848 |
Trend Micro |
CVE-2020-25770 |
5.5 |
2020-09-25 |
|
Trend Micro Apex One scanServer64 Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1220 |
ZDI-CAN-10847 |
Trend Micro |
CVE-2020-24565 |
5.5 |
2020-09-25 |
|
Trend Micro Apex One scanServer64 Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1219 |
ZDI-CAN-10826 |
Trend Micro |
CVE-2020-24564 |
5.5 |
2020-09-25 |
|
Trend Micro Apex One Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1218 |
ZDI-CAN-10515 |
Trend Micro |
CVE-2020-24563 |
7.8 |
2020-09-25 |
|
Trend Micro Apex One Authentication Bypass Vulnerability |
| ZDI-20-1217 |
ZDI-CAN-11073 |
Micro Focus |
CVE-2020-11855 |
8.4 |
2020-09-23 |
|
Micro Focus Operations Bridge Reporter HPE-OBR Incorrect Permission Assignment Privilege Escalation Vulnerability |
| ZDI-20-1216 |
ZDI-CAN-11071 |
Micro Focus |
CVE-2020-11856 |
9.8 |
2020-09-23 |
|
Micro Focus Operations Bridge Reporter JMX Missing Authentication Remote Code Execution Vulnerability |
| ZDI-20-1215 |
ZDI-CAN-11075 |
Micro Focus |
CVE-2020-11857 |
7.3 |
2020-09-23 |
|
Micro Focus Operations Bridge Reporter shrboadmin Use of Hard-coded Credentials Remote Code Execution Vulnerability |
| ZDI-20-1214 |
ZDI-CAN-11116 |
Apple |
CVE-2020-9948 |
8.8 |
2020-09-21 |
|
Apple Safari replace Type Confusion Remote Code Execution Vulnerability |
| ZDI-20-1213 |
ZDI-CAN-10942 |
Apple |
CVE-2020-9921 |
7.8 |
2020-09-21 |
|
Apple macOS process_token_BlitFramebuffer Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-20-1212 |
ZDI-CAN-10943 |
Apple |
CVE-2020-9921 |
7.8 |
2020-09-21 |
|
Apple macOS process_token_CopyPixelsSrcFBO Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-20-1211 |
ZDI-CAN-10944 |
Apple |
CVE-2020-9921 |
7.8 |
2020-09-21 |
|
Apple macOS process_token_TexSubImage2D Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-20-1210 |
ZDI-CAN-10946 |
Apple |
CVE-2020-9921 |
7.8 |
2020-09-21 |
|
Apple macOS process_token_TexPBOUpload Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-20-1209 |
ZDI-CAN-10643 |
Apple |
CVE-2020-9927 |
8.8 |
2020-09-21 |
|
Apple macOS AMDSupport Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-20-1208 |
ZDI-CAN-11502 |
Hewlett Packard Enterprise |
CVE-2020-24623 |
5.3 |
2020-09-21 |
|
Hewlett Packard Enterprise Universal API Framework uaf_token SQL Injection Information Disclosure Vulnerability |
| ZDI-20-1207 |
ZDI-CAN-10966 |
Mitsubishi Electric |
CVE-2020-16226 |
9.8 |
2020-09-08 |
2020-09-17 |
Mitsubishi Electric MELSEC iQ-F Predictable TCP Sequence Number Remote Code Execution Vulnerability |
| ZDI-20-1206 |
ZDI-CAN-10596 |
Microhard |
CVE-2020-17407 |
9.8 |
2020-08-26 |
2020-09-17 |
Microhard Bullet-LTE Basic Authorization Header Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1205 |
ZDI-CAN-10595 |
Microhard |
CVE-2020-17406 |
8.8 |
2020-08-26 |
2020-09-17 |
Microhard Bullet-LTE Ping Command Injection Remote Code Execution Vulnerability |
| ZDI-20-1204 |
ZDI-CAN-11010 |
Fuji Electric |
|
7.8 |
2020-09-17 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1203 |
ZDI-CAN-10987 |
Fuji Electric |
|
7.8 |
2020-09-17 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1202 |
ZDI-CAN-10986 |
Fuji Electric |
|
7.8 |
2020-09-17 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1201 |
ZDI-CAN-10985 |
Fuji Electric |
|
7.8 |
2020-09-17 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1200 |
ZDI-CAN-10984 |
Fuji Electric |
|
7.8 |
2020-09-17 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1199 |
ZDI-CAN-10983 |
Fuji Electric |
|
7.8 |
2020-09-17 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1198 |
ZDI-CAN-10929 |
Fuji Electric |
|
7.8 |
2020-09-17 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1197 |
ZDI-CAN-10961 |
Fuji Electric |
|
7.8 |
2020-09-17 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1196 |
ZDI-CAN-10960 |
Fuji Electric |
|
7.8 |
2020-09-17 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1195 |
ZDI-CAN-10959 |
Fuji Electric |
|
7.8 |
2020-09-17 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1194 |
ZDI-CAN-10958 |
Fuji Electric |
|
7.8 |
2020-09-17 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-1193 |
ZDI-CAN-10957 |
Fuji Electric |
|
7.8 |
2020-09-17 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1192 |
ZDI-CAN-10956 |
Fuji Electric |
|
7.8 |
2020-09-17 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-1191 |
ZDI-CAN-10928 |
Fuji Electric |
|
7.8 |
2020-09-17 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1190 |
ZDI-CAN-10927 |
Fuji Electric |
|
7.8 |
2020-09-17 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1189 |
ZDI-CAN-10906 |
Fuji Electric |
|
7.8 |
2020-09-17 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1188 |
ZDI-CAN-10931 |
Fuji Electric |
|
7.8 |
2020-09-17 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1187 |
ZDI-CAN-10930 |
Fuji Electric |
|
7.8 |
2020-09-17 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1186 |
ZDI-CAN-10611 |
Fuji Electric |
|
7.8 |
2020-09-17 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1185 |
ZDI-CAN-11086 |
Apple |
CVE-2020-9919 |
7.8 |
2020-08-05 |
2020-09-17 |
Apple macOS ImageIO PIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1184 |
ZDI-CAN-10610 |
Fuji Electric |
|
7.8 |
2020-09-17 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 6 SIM2 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1183 |
ZDI-CAN-11165 |
Apple |
CVE-2020-9876 |
7.8 |
2020-08-05 |
2020-09-17 |
Apple macOS ImageIO TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1182 |
ZDI-CAN-11106 |
Apple |
CVE-2020-9887 |
7.8 |
2020-09-16 |
|
Apple macOS AppleVPA JPEG Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1181 |
ZDI-CAN-10979 |
VMware |
CVE-2020-3988 |
6.5 |
2020-09-15 |
|
VMware Workstation ThinPrint JPEG2000 Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1180 |
ZDI-CAN-11066 |
VMware |
CVE-2020-3987 |
6.5 |
2020-09-15 |
2020-09-15 |
VMware Workstation ThinPrint EMR_STRETCHDIBITS Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1179 |
ZDI-CAN-11065 |
VMware |
CVE-2020-3986 |
6.5 |
2020-09-15 |
2020-09-15 |
VMware Workstation ThinPrint EMF Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1178 |
ZDI-CAN-10923 |
VMware |
CVE-2020-3990 |
6.5 |
2020-09-15 |
|
VMware Workstation ThinPrint TTCHeader Integer Overflow Information Disclosure Vulnerability |
| ZDI-20-1177 |
ZDI-CAN-10922 |
VMware |
CVE-2020-3989 |
8.8 |
2020-09-15 |
|
VMware Workstation ThinPrint name Table Integer Overflow Privilege Escalation Vulnerability |
| ZDI-20-1176 |
ZDI-CAN-10754 |
NETGEAR |
CVE-2020-17409 |
6.5 |
2020-09-15 |
|
NETGEAR Multiple Routers mini_httpd Authentication Bypass Vulnerability |
| ZDI-20-1175 |
ZDI-CAN-11263 |
Microsoft |
CVE-2020-0997 |
7.8 |
2020-10-16 |
|
Microsoft Windows Camera Codec Pack Image Processing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1174 |
ZDI-CAN-10146 |
Fatek Automation |
|
7.8 |
2020-09-14 |
|
(0Day) Fatek Automation PLC WinProladder TAB File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1173 |
ZDI-CAN-10570 |
Fatek Automation |
|
7.8 |
2020-09-14 |
|
(0Day) Fatek Automation PLC WinProladder SPF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1172 |
ZDI-CAN-11501 |
SAP |
CVE-2020-6361 |
7.8 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer RLE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1171 |
ZDI-CAN-11500 |
SAP |
CVE-2020-6360 |
7.8 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer DIB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1170 |
ZDI-CAN-11499 |
SAP |
CVE-2020-6359 |
7.8 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer PLT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1169 |
ZDI-CAN-11484 |
SAP |
CVE-2020-6358 |
7.8 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer FBX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1168 |
ZDI-CAN-11340 |
SAP |
CVE-2020-6357 |
7.8 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer U3D File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-20-1167 |
ZDI-CAN-11290 |
SAP |
CVE-2020-6350 |
7.8 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer BMP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-20-1166 |
ZDI-CAN-11289 |
SAP |
CVE-2020-6349 |
7.8 |
2020-09-10 |
2021-01-27 |
SAP 3D Visual Enterprise Viewer GIF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-20-1165 |
ZDI-CAN-11286 |
SAP |
CVE-2020-6348 |
7.8 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer GIF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-20-1164 |
ZDI-CAN-11285 |
SAP |
CVE-2020-6347 |
7.8 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer HDR File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-20-1163 |
ZDI-CAN-11284 |
SAP |
CVE-2020-6346 |
7.8 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer BMP File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-20-1162 |
ZDI-CAN-11283 |
SAP |
CVE-2020-6356 |
7.8 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1161 |
ZDI-CAN-11282 |
SAP |
CVE-2020-6355 |
7.8 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer TGA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1160 |
ZDI-CAN-11281 |
SAP |
CVE-2020-6345 |
7.8 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer TGA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-1159 |
ZDI-CAN-11280 |
SAP |
CVE-2020-6336 |
7.8 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer PCX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1158 |
ZDI-CAN-11292 |
SAP |
CVE-2020-6354 |
5.3 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-1157 |
ZDI-CAN-11291 |
SAP |
CVE-2020-6338 |
7.8 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer RH File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1156 |
ZDI-CAN-11288 |
SAP |
CVE-2020-6339 |
7.8 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1155 |
ZDI-CAN-11287 |
SAP |
CVE-2020-6337 |
7.8 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer HDR File Parsing Memory Corruption Remote Code Execution Vulnerabililty |
| ZDI-20-1154 |
ZDI-CAN-11275 |
SAP |
CVE-2020-6340 |
7.8 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer PCX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1153 |
ZDI-CAN-11345 |
SAP |
CVE-2020-6341 |
7.8 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer EPS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-1152 |
ZDI-CAN-11344 |
SAP |
CVE-2020-6342 |
7.8 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1151 |
ZDI-CAN-11342 |
SAP |
CVE-2020-6343 |
7.8 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer EPS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1150 |
ZDI-CAN-11294 |
SAP |
CVE-2020-6344 |
7.8 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer PDF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-20-1149 |
ZDI-CAN-11272 |
SAP |
CVE-2020-6353 |
5.3 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-1148 |
ZDI-CAN-11265 |
SAP |
CVE-2020-6352 |
7.8 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer FBX File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-20-1147 |
ZDI-CAN-11261 |
SAP |
CVE-2020-6351 |
7.8 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer FBX File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-20-1146 |
ZDI-CAN-11158 |
SAP |
CVE-2020-6335 |
7.0 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer HPGL File Parsing hpgl Plugin Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1145 |
ZDI-CAN-11161 |
SAP |
CVE-2020-6334 |
4.5 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-1144 |
ZDI-CAN-11159 |
SAP |
CVE-2020-6333 |
7.0 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer HPGL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1143 |
ZDI-CAN-11160 |
SAP |
CVE-2020-6332 |
7.0 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer HPGL File Parsing hpgl Plugin Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1142 |
ZDI-CAN-11205 |
SAP |
CVE-2020-6331 |
7.0 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer HPGL File Parsing hpgl Plugin Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1141 |
ZDI-CAN-11152 |
SAP |
CVE-2020-6314 |
7.0 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer HPGL File Parsing hpgl Plugin Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-20-1140 |
ZDI-CAN-10940 |
SAP |
CVE-2020-6321 |
7.0 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer U3D File Parsing 3difr Plugin Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-20-1139 |
ZDI-CAN-11090 |
SAP |
CVE-2020-6322 |
7.0 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer 3DM File Parsing rhino Plugin Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-1138 |
ZDI-CAN-11089 |
SAP |
CVE-2020-6327 |
7.0 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer 3DM File Parsing Integer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1137 |
ZDI-CAN-11147 |
SAP |
CVE-2020-6328 |
7.0 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer CGM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-20-1136 |
ZDI-CAN-11113 |
SAP |
CVE-2020-6329 |
4.5 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-1135 |
ZDI-CAN-11091 |
SAP |
CVE-2020-6330 |
7.0 |
2020-09-10 |
|
SAP 3D Visual Enterprise Viewer 3DM File Parsing rhino Plugin Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-1134 |
ZDI-CAN-11511 |
Microsoft |
CVE-2020-1319 |
8.8 |
2020-09-10 |
|
Microsoft Windows WebM Video Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-20-1133 |
ZDI-CAN-11446 |
Microsoft |
CVE-2020-1594 |
7.8 |
2020-09-10 |
|
Microsoft Excel XLS File SST Record Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1132 |
ZDI-CAN-11276 |
Microsoft |
CVE-2020-1193 |
5.3 |
2020-09-10 |
|
Microsoft Excel XLS File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-1131 |
ZDI-CAN-11242 |
Microsoft |
CVE-2020-1338 |
7.8 |
2020-09-10 |
|
Microsoft Word DOCX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1130 |
ZDI-CAN-11126 |
Microsoft |
CVE-2020-0914 |
2.5 |
2020-09-10 |
|
Microsoft Windows State Repository Service Race Condition Use-After-Free Information Disclosure Vulnerability |
| ZDI-20-1129 |
ZDI-CAN-11215 |
Microsoft |
CVE-2020-1129 |
8.8 |
2020-09-10 |
|
Microsoft Windows Media Player HEVC Stream Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1128 |
ZDI-CAN-11153 |
Microsoft |
CVE-2020-1074 |
7.8 |
2020-09-10 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1127 |
ZDI-CAN-11128 |
Microsoft |
CVE-2020-1039 |
7.8 |
2020-09-10 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1126 |
ZDI-CAN-11214 |
Microsoft |
CVE-2020-16874 |
7.0 |
2020-09-10 |
|
Microsoft Visual Studio DDS File Parsing Integer Overflow Remote Code Execution Multiple Vulnerabilities |
| ZDI-20-1125 |
ZDI-CAN-11213 |
Microsoft |
CVE-2020-16856 |
7.8 |
2020-09-10 |
|
Microsoft Visual Studio DDS File Parsing Integer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1124 |
ZDI-CAN-11212 |
Microsoft |
CVE-2020-16874 |
3.3 |
2020-09-10 |
|
Microsoft Visual Studio DDS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1123 |
ZDI-CAN-10834 |
Microsoft |
CVE-2020-0908 |
6.3 |
2020-09-10 |
|
Microsoft Internet Explorer CTSF3CandidateMessage Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-1122 |
ZDI-CAN-11240 |
Microsoft |
CVE-2020-0997 |
7.8 |
2020-09-10 |
|
Microsoft Windows Camera Codec Pack Image Processing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1121 |
ZDI-CAN-11156 |
Microsoft |
CVE-2020-16874 |
7.0 |
2020-09-10 |
|
Microsoft Visual Studio DDS File Parsing Integer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1120 |
ZDI-CAN-11095 |
Microsoft |
CVE-2020-16874 |
7.0 |
2020-09-10 |
|
Microsoft Visual Studio DDS File Parsing Integer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1119 |
ZDI-CAN-11221 |
Adobe |
CVE-2020-9725 |
7.8 |
2020-09-10 |
|
Adobe FrameMaker FM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1118 |
ZDI-CAN-11110 |
Adobe |
CVE-2020-9726 |
7.8 |
2020-09-10 |
|
Adobe FrameMaker FM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-1117 |
ZDI-CAN-10737 |
Fuji Electric |
|
7.8 |
2020-09-08 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1116 |
ZDI-CAN-10736 |
Fuji Electric |
|
7.8 |
2020-09-08 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1115 |
ZDI-CAN-10735 |
Fuji Electric |
|
7.8 |
2020-09-08 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1114 |
ZDI-CAN-10734 |
Fuji Electric |
|
7.8 |
2020-09-08 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1113 |
ZDI-CAN-10705 |
Fuji Electric |
|
7.8 |
2020-09-08 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1112 |
ZDI-CAN-10698 |
Fuji Electric |
|
7.8 |
2020-09-08 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1111 |
ZDI-CAN-10697 |
Fuji Electric |
|
7.8 |
2020-09-08 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1110 |
ZDI-CAN-10696 |
Fuji Electric |
|
7.8 |
2020-09-08 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1109 |
ZDI-CAN-10695 |
Fuji Electric |
|
7.8 |
2020-09-08 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1108 |
ZDI-CAN-10680 |
Fuji Electric |
|
7.8 |
2020-09-08 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1107 |
ZDI-CAN-10679 |
Fuji Electric |
|
7.8 |
2020-09-08 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1106 |
ZDI-CAN-10678 |
Fuji Electric |
|
7.8 |
2020-09-08 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1105 |
ZDI-CAN-10677 |
Fuji Electric |
|
7.8 |
2020-09-08 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1104 |
ZDI-CAN-10676 |
Fuji Electric |
|
7.8 |
2020-09-08 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-1103 |
ZDI-CAN-10675 |
Fuji Electric |
|
7.8 |
2020-09-08 |
|
(0Day) Fuji Electric Tellus Lite V-Simulator 6 V9 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1102 |
ZDI-CAN-10801 |
NEC |
CVE-2020-17408 |
7.5 |
2020-09-08 |
|
NEC ExpressCluster ApplyConfig XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-20-1101 |
ZDI-CAN-10907 |
Cisco |
CVE-2020-3453 |
6.8 |
2020-09-08 |
|
Cisco RV340 upload.cgi Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1100 |
ZDI-CAN-10640 |
Cisco |
CVE-2020-3451 |
5.5 |
2020-09-08 |
|
Cisco RV340 upload.cgi Command Injection Remote Code Execution Vulnerability |
| ZDI-20-1099 |
ZDI-CAN-10603 |
Hewlett Packard Enterprise |
CVE-2020-24625 |
7.5 |
2020-09-08 |
2020-10-01 |
(0Day) Hewlett Packard Enterprise Pay per use UCS Meter ReceiverServlet doGet Directory Traversal Information Disclosure Vulnerability |
| ZDI-20-1098 |
ZDI-CAN-10602 |
Hewlett Packard Enterprise |
CVE-2020-24624 |
7.5 |
2020-09-08 |
2020-10-01 |
(0Day) Hewlett Packard Enterprise Pay per use UCS Meter DownloadServlet execute Directory Traversal Information Disclosure Vulnerability |
| ZDI-20-1097 |
ZDI-CAN-10601 |
Hewlett Packard Enterprise |
CVE-2020-24626 |
9.8 |
2020-09-08 |
2020-10-01 |
(0Day) Hewlett Packard Enterprise Pay per use UCS Meter ReceiverServlet doPost Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-1096 |
ZDI-CAN-10790 |
Trend Micro |
CVE-2020-24559 |
7.8 |
2020-08-31 |
|
Trend Micro Apex One Hard Link Privilege Escalation Vulnerability |
| ZDI-20-1095 |
ZDI-CAN-10760 |
Trend Micro |
CVE-2020-24558 |
2.5 |
2020-08-31 |
|
Trend Micro Apex One Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1094 |
ZDI-CAN-10514 |
Trend Micro |
CVE-2020-24557 |
7.8 |
2020-08-31 |
|
Trend Micro Apex One Improper Access Control Privilege Escalation Vulnerability |
| ZDI-20-1093 |
ZDI-CAN-10513 |
Trend Micro |
CVE-2020-24556 |
7.8 |
2020-08-31 |
|
Trend Micro Apex One Hard Link Privilege Escalation Vulnerability |
| ZDI-20-1092 |
ZDI-CAN-10995 |
Advantech |
CVE-2020-16245 |
9.8 |
2020-08-27 |
|
Advantech iView NetworkServlet findSummaryCfgDeviceListExport Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-1091 |
ZDI-CAN-10994 |
Advantech |
CVE-2020-16245 |
9.8 |
2020-08-27 |
|
Advantech iView NetworkServlet findUpdateDeviceListExport Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-1090 |
ZDI-CAN-10993 |
Advantech |
CVE-2020-16245 |
9.8 |
2020-08-27 |
|
Advantech iView NetworkServlet findCfgDeviceListExport Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-1089 |
ZDI-CAN-10992 |
Advantech |
CVE-2020-16245 |
9.8 |
2020-08-27 |
|
Advantech iView NetworkServlet findSummaryUpdateDeviceListExport Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-1088 |
ZDI-CAN-10991 |
Advantech |
CVE-2020-16245 |
9.4 |
2020-08-27 |
|
Advantech iView NetworkServlet backupDatabase Directory Traversal Information Disclosure Vulnerability |
| ZDI-20-1087 |
ZDI-CAN-10990 |
Advantech |
CVE-2020-16245 |
9.8 |
2020-08-27 |
|
Advantech iView TaskMgrTable exportTaskMgrReportDetails Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-1086 |
ZDI-CAN-10989 |
Advantech |
CVE-2020-16245 |
8.2 |
2020-08-27 |
|
Advantech iView PSTable exportPSInventoryTable Directory Traversal File Creation Vulnerability |
| ZDI-20-1085 |
ZDI-CAN-10988 |
Advantech |
CVE-2020-16245 |
8.2 |
2020-08-27 |
|
Advantech iView DeviceTreeTable exportInventoryTable Directory Traversal File Creation Vulnerability |
| ZDI-20-1084 |
ZDI-CAN-10976 |
Advantech |
CVE-2020-16245 |
9.8 |
2020-08-27 |
|
Advantech iView DeviceTreeTable exportTaskMgrReport Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-1083 |
ZDI-CAN-11431 |
Trend Micro |
CVE-2020-15605 |
8.1 |
2020-08-27 |
|
Trend Micro Vulnerability Protection Authentication Bypass Vulnerability |
| ZDI-20-1082 |
ZDI-CAN-11000 |
Apple |
CVE-2020-9908 |
6.5 |
2020-08-27 |
|
Apple macOS Intel Graphics Driver Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1081 |
ZDI-CAN-10962 |
Microsoft |
CVE-2020-1457 |
7.8 |
2020-08-27 |
|
Microsoft Windows hevcdecoder_store MKV File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1080 |
ZDI-CAN-10980 |
Senstar |
CVE-2020-17405 |
8.8 |
2020-08-26 |
|
Senstar Symphony SSOAuth Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1079 |
ZDI-CAN-11191 |
Foxit |
CVE-2020-17404 |
7.8 |
2020-08-21 |
|
Foxit Studio Photo PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1078 |
ZDI-CAN-11003 |
Foxit |
CVE-2020-17403 |
7.8 |
2020-08-21 |
|
Foxit Studio Photo PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1077 |
ZDI-CAN-11368 |
Trend Micro |
CVE-2020-15601 |
8.1 |
2020-08-21 |
|
Trend Micro Deep Security Manager Authentication Bypass Vulnerability |
| ZDI-20-1076 |
ZDI-CAN-10546 |
WECON |
|
7.8 |
2020-08-19 |
|
(0Day) WECON LeviStudioU MultiLink bitaddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1075 |
ZDI-CAN-10543 |
WECON |
|
7.8 |
2020-08-19 |
|
(0Day) WECON LeviStudioU Alarm bitaddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1074 |
ZDI-CAN-10542 |
WECON |
|
7.8 |
2020-08-19 |
|
(0Day) WECON LeviStudioU Disc WordAddr3 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1073 |
ZDI-CAN-10541 |
WECON |
|
7.8 |
2020-08-19 |
|
(0Day) WECON LeviStudioU Disc WordAddr4 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1072 |
ZDI-CAN-10540 |
WECON |
|
7.8 |
2020-08-19 |
|
(0Day) WECON LeviStudioU Disc WordAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1071 |
ZDI-CAN-10528 |
WECON |
|
7.8 |
2020-08-19 |
|
(0Day) WECON LeviStudioU TrendSet WordAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1070 |
ZDI-CAN-10489 |
WECON |
|
7.8 |
2020-08-19 |
|
(0Day) WECON LeviStudioU AlarmSet bitaddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1069 |
ZDI-CAN-10548 |
WECON |
|
7.8 |
2020-08-19 |
|
(0Day) WECON LeviStudioU AlarmSet WordAddr9 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1068 |
ZDI-CAN-10547 |
WECON |
|
7.8 |
2020-08-19 |
|
(0Day) WECON LeviStudioU WordAlarmSet WordAddr9 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1067 |
ZDI-CAN-10545 |
WECON |
|
7.8 |
2020-08-19 |
|
(0Day) WECON LeviStudioU MultiLink WordAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1066 |
ZDI-CAN-10544 |
WECON |
|
7.8 |
2020-08-19 |
|
(0Day) WECON LeviStudioU WebSet WordAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1065 |
ZDI-CAN-10539 |
WECON |
|
7.8 |
2020-08-19 |
|
(0Day) WECON LeviStudioU DiscSet WordAddr2 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1064 |
ZDI-CAN-10538 |
WECON |
|
7.8 |
2020-08-19 |
|
(0Day) WECON LeviStudioU DiscSet WordAddr1 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1063 |
ZDI-CAN-10537 |
WECON |
|
7.8 |
2020-08-19 |
|
(0Day) WECON LeviStudioU XYSet WordAddr Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1062 |
ZDI-CAN-10536 |
WECON |
|
7.8 |
2020-08-19 |
|
(0Day) WECON LeviStudioU XYSet WordAddr2 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1061 |
ZDI-CAN-10535 |
WECON |
|
7.8 |
2020-08-19 |
|
(0Day) WECON LeviStudioU XYSet WordAddr4 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1060 |
ZDI-CAN-10534 |
WECON |
|
7.8 |
2020-08-19 |
|
(0Day) WECON LeviStudioU XYSet WordAddr3 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1059 |
ZDI-CAN-10533 |
WECON |
|
7.8 |
2020-08-19 |
|
(0Day) WECON LeviStudioU XYSet WordAddr1 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1058 |
ZDI-CAN-10532 |
WECON |
|
7.8 |
2020-08-19 |
|
(0Day) WECON LeviStudioU TrendSet WordAddr4 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1057 |
ZDI-CAN-10531 |
WECON |
|
7.8 |
2020-08-19 |
|
(0Day) WECON LeviStudioU TrendSet WordAddr2 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1056 |
ZDI-CAN-10530 |
WECON |
|
7.8 |
2020-08-19 |
|
(0Day) WECON LeviStudioU TrendSet WordAddr3 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1055 |
ZDI-CAN-10529 |
WECON |
|
7.8 |
2020-08-19 |
|
(0Day) WECON LeviStudioU TrendSet WordAddr1 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-1054 |
ZDI-CAN-10441 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition prefs sync_calendars Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1053 |
ZDI-CAN-10440 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition attendees fb_cals Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1052 |
ZDI-CAN-10439 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition fb fb_cals Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1051 |
ZDI-CAN-10436 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition Sort sortpref Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1050 |
ZDI-CAN-10435 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition Poll nav_poll Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1049 |
ZDI-CAN-10434 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition Remote Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1048 |
ZDI-CAN-10433 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition Event event_alarms Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1047 |
ZDI-CAN-10432 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition CalendarsManager _checkDisplayCals Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1046 |
ZDI-CAN-10431 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition Search filter Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1045 |
ZDI-CAN-10430 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition Search vfolder Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1044 |
ZDI-CAN-10429 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition Flags msgflags Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1043 |
ZDI-CAN-10428 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition Expanded expanded_folders Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1042 |
ZDI-CAN-10427 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition Upgrade upgrade_tasks Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1041 |
ZDI-CAN-10426 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition Horde last_logintasks Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1040 |
ZDI-CAN-10425 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition Compose reply_lang Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1039 |
ZDI-CAN-10458 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition prefs sync_calendars Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1038 |
ZDI-CAN-10457 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition Nag show_external Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1037 |
ZDI-CAN-10456 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition Prefs sync_lists Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1036 |
ZDI-CAN-10455 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition prefs sync_lists Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1035 |
ZDI-CAN-10454 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition Nag display_tasklists Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1034 |
ZDI-CAN-10453 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition List tasklist_columns Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1033 |
ZDI-CAN-10452 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition Task task_alarms Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1032 |
ZDI-CAN-10451 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition Nag display_tasklists Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1031 |
ZDI-CAN-10450 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition Nag display_tasklists Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1030 |
ZDI-CAN-10449 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition Ui generateUI Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1029 |
ZDI-CAN-10448 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition Kronolith remote_cals Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1028 |
ZDI-CAN-10447 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition Mnemo display_notepads Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1027 |
ZDI-CAN-10446 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition prefs sync_notepads Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1026 |
ZDI-CAN-10445 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition Kronolith show_time Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1025 |
ZDI-CAN-10444 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition prefs sync_notepads Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1024 |
ZDI-CAN-10443 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition Collection portal_layout Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1023 |
ZDI-CAN-10442 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition Kronolith remote_cals Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1022 |
ZDI-CAN-10438 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition remote_edit remote_cals Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1021 |
ZDI-CAN-10437 |
Horde |
|
6.3 |
2020-08-19 |
|
(0Day) Horde Groupware Webmail Edition remote_unsubscribe remote_cals Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-1020 |
ZDI-CAN-11063 |
Parallels |
CVE-2020-17402 |
6.5 |
2020-08-18 |
2024-07-08 |
Parallels Desktop prl_hypervisor Incorrect Permission Assignment for Critical Resource Information Disclosure Vulnerability |
| ZDI-20-1019 |
ZDI-CAN-11363 |
Parallels |
CVE-2020-17401 |
6.0 |
2020-08-18 |
|
Parallels Desktop VGA Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1018 |
ZDI-CAN-11304 |
Parallels |
CVE-2020-17400 |
8.8 |
2020-08-18 |
|
Parallels Desktop prl_hypervisor Out-Of-Bounds Read Privilege Escalation Vulnerability |
| ZDI-20-1017 |
ZDI-CAN-11303 |
Parallels |
CVE-2020-17399 |
8.8 |
2020-08-18 |
|
Parallels Desktop prl_hypervisor Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-20-1016 |
ZDI-CAN-11302 |
Parallels |
CVE-2020-17398 |
6.5 |
2020-08-18 |
|
Parallels Desktop prl_hypervisor Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1015 |
ZDI-CAN-11253 |
Parallels |
CVE-2020-17397 |
7.5 |
2020-08-18 |
|
Parallels Desktop Networking Out-Of-Bounds Access Privilege Escalation Vulnerability |
| ZDI-20-1014 |
ZDI-CAN-11217 |
Parallels |
CVE-2020-17396 |
8.8 |
2020-08-18 |
|
Parallels Desktop prl_hypervisor Integer Overflow Privilege Escalation Vulnerability |
| ZDI-20-1013 |
ZDI-CAN-11134 |
Parallels |
CVE-2020-17395 |
7.5 |
2020-08-18 |
|
Parallels Desktop Networking Service Integer Underflow Privilege Escalation Vulnerability |
| ZDI-20-1012 |
ZDI-CAN-11132 |
Parallels |
CVE-2020-17394 |
6.0 |
2020-08-18 |
|
Parallels Desktop OEMNet Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1011 |
ZDI-CAN-10520 |
Parallels |
CVE-2020-17393 |
6.5 |
2020-08-18 |
2021-03-02 |
Parallels Desktop prl_hypervisor Improper Input Validation Information Disclosure Vulnerability |
| ZDI-20-1010 |
ZDI-CAN-10519 |
Parallels |
CVE-2020-17392 |
8.8 |
2020-08-18 |
2021-03-02 |
Parallels Desktop prl_hypervisor Untrusted Pointer Dereference Privilege Escalation Vulnerability |
| ZDI-20-1009 |
ZDI-CAN-10518 |
Parallels |
CVE-2020-17391 |
6.5 |
2020-08-18 |
2021-03-02 |
Parallels Desktop prl_hypervisor Exposed Dangerous Method Information Disclosure Vulnerability |
| ZDI-20-1008 |
ZDI-CAN-10030 |
Parallels |
CVE-2020-17390 |
3.8 |
2020-08-18 |
|
Parallels Desktop hypervisor Out-Of-Bounds Read Privilege Escalation Vulnerability |
| ZDI-20-1007 |
ZDI-CAN-10605 |
Schneider Electric |
CVE-2020-7522 |
9.8 |
2020-08-17 |
|
Schneider Electric APC Easy UPS Online SoundUploadServlet processRequest Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-1006 |
ZDI-CAN-10604 |
Schneider Electric |
CVE-2020-7521 |
9.8 |
2020-08-17 |
|
Schneider Electric APC Easy UPS Online FileUploadServlet processRequest Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-1005 |
ZDI-CAN-10892 |
QEMU |
CVE-2020-10756 |
6.5 |
2020-08-17 |
|
QEMU SLiRP Networking Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-1004 |
ZDI-CAN-10937 |
Microsoft |
CVE-2020-1492 |
8.8 |
2020-08-14 |
|
Microsoft Windows QuickTime Video Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-1003 |
ZDI-CAN-10816 |
Microsoft |
CVE-2020-1561 |
5.0 |
2020-08-14 |
|
Microsoft Windows fontdrvhost Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-1002 |
ZDI-CAN-11006 |
Microsoft |
CVE-2020-1560 |
7.8 |
2020-08-14 |
|
Microsoft Windows av1decodermft_store MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-1001 |
ZDI-CAN-10925 |
Microsoft |
CVE-2020-1555 |
7.5 |
2020-08-14 |
|
Microsoft Chakra Inline Cache Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-1000 |
ZDI-CAN-10974 |
Microsoft |
CVE-2020-1581 |
7.8 |
2020-08-13 |
|
Microsoft Office OfficeClickToRun Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-20-999 |
ZDI-CAN-10914 |
Microsoft |
CVE-2020-1493 |
7.8 |
2020-08-13 |
|
Microsoft Outlook EML Rendering Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-998 |
ZDI-CAN-10908 |
Microsoft |
CVE-2020-1520 |
7.8 |
2020-08-13 |
|
Microsoft Windows PFB Font File Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-20-997 |
ZDI-CAN-11590 |
Microsoft |
CVE-2020-1556 |
2.5 |
2020-08-13 |
|
Microsoft Windows WalletService Race Condition Information Disclosure Vulnerability |
| ZDI-20-996 |
ZDI-CAN-11589 |
Microsoft |
CVE-2020-1556 |
2.5 |
2020-08-13 |
|
Microsoft Windows WalletService Race Condition Information Disclosure Vulnerability |
| ZDI-20-995 |
ZDI-CAN-11136 |
Microsoft |
CVE-2020-1337 |
7.8 |
2020-08-13 |
|
Microsoft Windows Print Spooler Directory Junction Privilege Escalation Vulnerability |
| ZDI-20-994 |
ZDI-CAN-10812 |
Microsoft |
CVE-2020-1577 |
3.3 |
2020-08-13 |
|
Microsoft Windows findBaseLigature TTF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-993 |
ZDI-CAN-11007 |
Microsoft |
CVE-2020-1585 |
7.8 |
2020-08-13 |
|
Microsoft Windows av1decodermft_store AVIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-992 |
ZDI-CAN-10609 |
Microsoft |
CVE-2020-1574 |
8.8 |
2020-08-13 |
|
Microsoft Windows WEBP VP8X Integer Overflow Remote Code Execution Vulnerability |
| ZDI-20-991 |
ZDI-CAN-11254 |
Adobe |
CVE-2020-9715 |
7.8 |
2020-08-12 |
|
Adobe Acrobat Reader DC ESObject Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-990 |
ZDI-CAN-11166 |
Adobe |
CVE-2020-9712 |
3.3 |
2020-08-12 |
|
Adobe Acrobat Pro DC Web2PDF:AppLinks JavaScript Restrictions Bypass Vulnerability |
| ZDI-20-989 |
ZDI-CAN-11164 |
Adobe |
CVE-2020-9710 |
3.3 |
2020-08-12 |
2020-08-19 |
Adobe Acrobat Pro DC convert Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-988 |
ZDI-CAN-11162 |
Adobe |
CVE-2020-9706 |
3.3 |
2020-08-12 |
|
Adobe Acrobat Pro DC updateFeed Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-987 |
ZDI-CAN-11150 |
Adobe |
CVE-2020-9706 |
3.3 |
2020-08-12 |
|
Adobe Acrobat Pro DC removeFeed Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-986 |
ZDI-CAN-11149 |
Adobe |
CVE-2020-9707 |
3.3 |
2020-08-12 |
|
Adobe Acrobat Pro DC selectFeed Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-985 |
ZDI-CAN-11148 |
Adobe |
CVE-2020-9706 |
3.3 |
2020-08-12 |
|
Adobe Acrobat Pro DC addFeed Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-984 |
ZDI-CAN-11105 |
Adobe |
CVE-2020-9697 |
5.5 |
2020-08-12 |
|
Adobe Acrobat Reader DC app.measureDialog Information Disclosure Vulnerability |
| ZDI-20-983 |
ZDI-CAN-11026 |
Adobe |
CVE-2020-9694 |
7.8 |
2020-08-12 |
|
Adobe Acrobat Reader DC JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-982 |
ZDI-CAN-11025 |
Adobe |
CVE-2020-9693 |
7.8 |
2020-08-12 |
|
Adobe Acrobat Reader DC JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-981 |
ZDI-CAN-11561 |
Canonical |
CVE-2020-15708 |
7.8 |
2020-08-11 |
|
Canonical Ubuntu Virtualization Library Arbitrary File Write Privilege Escalation Vulnerability |
| ZDI-20-980 |
ZDI-CAN-11504 |
Canonical |
CVE-2020-15704 |
5.5 |
2020-08-11 |
|
Canonical Ubuntu Point-to-Point Protocol Daemon Arbitrary File Read Information Disclosure Vulnerability |
| ZDI-20-979 |
ZDI-CAN-11234 |
Canonical |
CVE-2020-15702 |
7.0 |
2020-08-11 |
|
Canonical Ubuntu apport Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-20-978 |
ZDI-CAN-11233 |
Canonical |
CVE-2020-11936 |
2.5 |
2020-08-11 |
|
Canonical Ubuntu apport Unnecessary Privileges Information Disclosure Vulnerability |
| ZDI-20-977 |
ZDI-CAN-10333 |
Micro Focus |
|
6.3 |
2020-08-10 |
2021-06-29 |
Micro Focus Secure Messaging Gateway manage_domains_save_data SaveData Command Injection Remote Code Execution Vulnerability |
| ZDI-20-976 |
ZDI-CAN-10502 |
Marvell |
CVE-2020-17389 |
8.8 |
2020-08-10 |
|
Marvell QConvergeConsole GWTTestServiceImpl decryptFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-975 |
ZDI-CAN-10799 |
Marvell |
CVE-2020-17388 |
8.8 |
2020-08-10 |
|
Marvell QConvergeConsole Exposed Dangerous Method or Function Remote Code Execution |
| ZDI-20-974 |
ZDI-CAN-10565 |
Marvell |
CVE-2020-17387 |
8.8 |
2020-08-10 |
|
Marvell QConvergeConsole writeObjectToConfigFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-973 |
ZDI-CAN-10553 |
Marvell |
CVE-2020-15645 |
8.8 |
2020-08-10 |
|
Marvell QConvergeConsole getFileFromURL Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-20-972 |
ZDI-CAN-10550 |
Marvell |
CVE-2020-15644 |
8.8 |
2020-08-10 |
|
Marvell QConvergeConsole setAppFileBytes Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-971 |
ZDI-CAN-10549 |
Marvell |
CVE-2020-15643 |
8.8 |
2020-08-10 |
|
Marvell QConvergeConsole saveAsText Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-970 |
ZDI-CAN-10501 |
Marvell |
CVE-2020-15642 |
8.8 |
2020-08-10 |
|
Marvell QConvergeConsole isHPSmartComponent Command Injection Remote Code Execution Vulnerability |
| ZDI-20-969 |
ZDI-CAN-10499 |
Marvell |
CVE-2020-15641 |
7.5 |
2020-08-10 |
|
Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure Vulnerability |
| ZDI-20-968 |
ZDI-CAN-10497 |
Marvell |
CVE-2020-15640 |
7.5 |
2020-08-10 |
|
Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure Vulnerability |
| ZDI-20-967 |
ZDI-CAN-10496 |
Marvell |
CVE-2020-15639 |
9.8 |
2020-08-10 |
|
Marvell QConvergeConsole decryptFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-966 |
ZDI-CAN-11041 |
Delta Industrial Automation |
CVE-2020-16223 |
7.8 |
2020-08-10 |
|
Delta Industrial Automation TPEditor TPE File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-965 |
ZDI-CAN-10667 |
Delta Industrial Automation |
CVE-2020-16227 |
7.8 |
2020-08-10 |
|
Delta Industrial Automation TPEditor TPE File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-20-964 |
ZDI-CAN-10726 |
Delta Industrial Automation |
CVE-2020-16225 |
7.8 |
2020-08-10 |
|
Delta Industrial Automation TPEditor TPE File Parsing Write-what-where Condition Remote Code Execution Vulnerability |
| ZDI-20-963 |
ZDI-CAN-8564 |
Delta Industrial Automation |
CVE-2020-16219 |
7.8 |
2020-08-10 |
|
Delta Industrial Automation TPEditor TPE File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-962 |
ZDI-CAN-10130 |
Delta Industrial Automation |
CVE-2020-16221 |
7.8 |
2020-08-10 |
|
Delta Industrial Automation TPEditor TPE File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-961 |
ZDI-CAN-10128 |
Delta Industrial Automation |
CVE-2020-16219 |
7.8 |
2020-08-10 |
|
Delta Industrial Automation TPEditor TPE File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-960 |
ZDI-CAN-10778 |
Apple |
CVE-2020-9939 |
8.2 |
2020-08-10 |
2021-06-29 |
(Pwn2Own) Apple macOS kextload Time-Of-Check Time-Of-Use Memory Corruption Vulnerability |
| ZDI-20-959 |
ZDI-CAN-10122 |
Advantech |
CVE-2020-16207 |
7.8 |
2020-08-10 |
|
Advantech WebAccess/HMI Designer PM3 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-958 |
ZDI-CAN-10133 |
Advantech |
CVE-2020-16207 |
7.8 |
2020-08-10 |
|
Advantech WebAccess/HMI Designer PM3 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-957 |
ZDI-CAN-10134 |
Advantech |
CVE-2020-16211 |
3.3 |
2020-08-10 |
|
Advantech WebAccess/HMI Designer PM3 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-956 |
ZDI-CAN-10135 |
Advantech |
CVE-2020-16213 |
7.8 |
2020-08-10 |
|
Advantech WebAccess/HMI Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-955 |
ZDI-CAN-10136 |
Advantech |
CVE-2020-16207 |
7.8 |
2020-08-10 |
|
Advantech WebAccess/HMI Designer PM3 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-954 |
ZDI-CAN-10139 |
Advantech |
CVE-2020-16229 |
7.8 |
2020-08-10 |
|
Advantech WebAccess/HMI Designer PM3 File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-20-953 |
ZDI-CAN-10144 |
Advantech |
CVE-2020-16215 |
9.8 |
2020-08-10 |
|
Advantech WebAccess IOCTL 0x2711 BwPFile Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-952 |
ZDI-CAN-10187 |
Advantech |
CVE-2020-16217 |
7.8 |
2020-08-10 |
|
Advantech WebAccess/HMI Designer PM3 File Parsing Double Free Remote Code Execution Vulnerability |
| ZDI-20-951 |
ZDI-CAN-10188 |
Advantech |
CVE-2020-16207 |
7.8 |
2020-08-10 |
|
Advantech WebAccess/HMI Designer PM3 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-950 |
ZDI-CAN-10121 |
Advantech |
CVE-2020-16207 |
7.8 |
2020-08-10 |
|
Advantech WebAccess/HMI Designer PM3 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-949 |
ZDI-CAN-11543 |
FreeBSD |
CVE-2020-7460 |
8.8 |
2020-08-06 |
|
FreeBSD Kernel sendmsg System Call Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-20-948 |
ZDI-CAN-10893 |
Delta Industrial Automation |
CVE-2020-16203 |
7.8 |
2020-08-05 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Uninitialized Pointer Dereference Remote Code Execution Vulnerability |
| ZDI-20-947 |
ZDI-CAN-10888 |
Delta Industrial Automation |
CVE-2020-16201 |
3.3 |
2020-08-05 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-946 |
ZDI-CAN-10887 |
Delta Industrial Automation |
CVE-2020-16201 |
3.3 |
2020-08-05 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-945 |
ZDI-CAN-10885 |
Delta Industrial Automation |
CVE-2020-16201 |
3.3 |
2020-08-05 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-944 |
ZDI-CAN-10883 |
Delta Industrial Automation |
CVE-2020-16201 |
3.3 |
2020-08-05 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-943 |
ZDI-CAN-10881 |
Delta Industrial Automation |
CVE-2020-16199 |
7.8 |
2020-08-05 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-942 |
ZDI-CAN-10882 |
Delta Industrial Automation |
CVE-2020-16201 |
3.3 |
2020-08-05 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-941 |
ZDI-CAN-10886 |
Delta Industrial Automation |
CVE-2020-16201 |
3.3 |
2020-08-05 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-940 |
ZDI-CAN-10889 |
Delta Industrial Automation |
CVE-2020-16199 |
7.8 |
2020-08-05 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-939 |
ZDI-CAN-10890 |
Delta Industrial Automation |
CVE-2020-16199 |
7.8 |
2020-08-05 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-938 |
ZDI-CAN-11151 |
Apple |
CVE-2020-9875 |
7.8 |
2020-08-05 |
|
Apple macOS ImageIO EXR Parsing Integer Overflow Remote Code Execution Vulnerability |
| ZDI-20-937 |
ZDI-CAN-9852 |
NETGEAR |
CVE-2020-15636 |
8.1 |
2020-08-04 |
|
NETGEAR Multiple Routers check_ra Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-936 |
ZDI-CAN-9853 |
NETGEAR |
CVE-2020-15635 |
8.8 |
2020-08-04 |
|
NETGEAR R6700 acsd Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-935 |
ZDI-CAN-9755 |
NETGEAR |
CVE-2020-15634 |
6.3 |
2020-08-04 |
|
NETGEAR R6700 httpd strtblupgrade Format String Remote Code Execution Vulnerability |
| ZDI-20-934 |
ZDI-CAN-11426 |
X.Org |
CVE-2020-14347 |
5.5 |
2020-08-04 |
|
X.Org Server Pixel Data Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-20-933 |
ZDI-CAN-10950 |
Foxit |
CVE-2020-15638 |
7.8 |
2020-08-04 |
|
Foxit PhantomPDF JSCreate Type Confusion Remote Code Execution Vulnerability |
| ZDI-20-932 |
ZDI-CAN-10972 |
Foxit |
CVE-2020-15637 |
3.3 |
2020-08-04 |
|
Foxit PhantomPDF SetLocalDescription Use-After-Free Information Disclosure Vulnerability |
| ZDI-20-931 |
ZDI-CAN-10559 |
Rockwell Automation |
CVE-2019-13510 |
7.8 |
2020-08-04 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-930 |
ZDI-CAN-10558 |
Rockwell Automation |
CVE-2019-13510 |
7.8 |
2020-08-04 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-929 |
ZDI-CAN-10557 |
Rockwell Automation |
CVE-2019-13510 |
7.8 |
2020-08-04 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-928 |
ZDI-CAN-10556 |
Rockwell Automation |
CVE-2019-13510 |
7.8 |
2020-08-04 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-927 |
ZDI-CAN-10555 |
Rockwell Automation |
CVE-2019-13510 |
7.8 |
2020-08-04 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-926 |
ZDI-CAN-10554 |
Rockwell Automation |
CVE-2019-13510 |
7.8 |
2020-08-04 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-925 |
ZDI-CAN-10332 |
IBM |
|
7.5 |
2020-07-28 |
|
(0Day) IBM Informix bts_tracefile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-924 |
ZDI-CAN-11121 |
Microsoft |
CVE-2020-1400 |
7.0 |
2020-07-23 |
|
Microsoft Windows JET Database Engine Integer Underflow Remote Code Execution Vulnerability |
| ZDI-20-923 |
ZDI-CAN-10895 |
Microsoft |
CVE-2020-1421 |
8.8 |
2020-07-23 |
|
Microsoft Windows LNK File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-20-922 |
ZDI-CAN-10875 |
Adobe |
CVE-2020-9680 |
7.8 |
2020-07-22 |
|
Adobe Prelude MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-921 |
ZDI-CAN-10874 |
Adobe |
CVE-2020-9679 |
3.3 |
2020-07-22 |
|
Adobe Prelude MOV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-920 |
ZDI-CAN-10873 |
Adobe |
CVE-2020-9678 |
7.8 |
2020-07-22 |
|
Adobe Prelude MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-919 |
ZDI-CAN-10872 |
Adobe |
CVE-2020-9677 |
7.8 |
2020-07-22 |
|
Adobe Prelude 3GP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-918 |
ZDI-CAN-10863 |
Adobe |
CVE-2020-9687 |
7.8 |
2020-07-22 |
|
Adobe Photoshop MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-917 |
ZDI-CAN-10862 |
Adobe |
CVE-2020-9686 |
3.3 |
2020-07-22 |
|
Adobe Photoshop MOV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-916 |
ZDI-CAN-10861 |
Adobe |
CVE-2020-9685 |
7.8 |
2020-07-22 |
|
Adobe Photoshop MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-915 |
ZDI-CAN-10860 |
Adobe |
CVE-2020-9684 |
7.8 |
2020-07-22 |
|
Adobe Photoshop MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-914 |
ZDI-CAN-10859 |
Adobe |
CVE-2020-9683 |
7.8 |
2020-07-22 |
|
Adobe Photoshop 3GP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-913 |
ZDI-CAN-10858 |
Adobe |
CVE-2020-9674 |
7.8 |
2020-07-22 |
|
Adobe Bridge MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-912 |
ZDI-CAN-10857 |
Adobe |
CVE-2020-9676 |
7.8 |
2020-07-22 |
|
Adobe Bridge MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-911 |
ZDI-CAN-10856 |
Adobe |
CVE-2020-9675 |
7.8 |
2020-07-22 |
|
Adobe Bridge 3GP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-910 |
ZDI-CAN-11107 |
Apple |
CVE-2020-9936 |
7.8 |
2020-07-21 |
|
Apple macOS decodePICT PIC Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-909 |
ZDI-CAN-10832 |
Apple |
CVE-2020-9894 |
4.3 |
2020-07-21 |
|
Apple Safari getAnimations Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-908 |
ZDI-CAN-10653 |
Apple |
CVE-2020-9884 |
7.8 |
2020-07-21 |
|
Apple macOS AudioToolboxCore CAF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-907 |
ZDI-CAN-10111 |
Apple |
CVE-2020-9893 |
7.5 |
2020-07-21 |
|
Apple Safari RenderWidget Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-906 |
ZDI-CAN-10686 |
Microsoft |
|
3.3 |
2020-07-20 |
|
(0Day) Microsoft Windows hevcdecoder_store HEIC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-905 |
ZDI-CAN-11274 |
Oracle |
CVE-2020-14703 |
6.0 |
2020-07-20 |
|
Oracle VirtualBox e1000 Unintialized Memory Information Disclosure Vulnerability |
| ZDI-20-904 |
ZDI-CAN-11273 |
Oracle |
CVE-2020-14704 |
6.0 |
2020-07-20 |
|
Oracle VirtualBox BusLogicSCSI Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-20-903 |
ZDI-CAN-11140 |
Oracle |
CVE-2020-14700 |
5.3 |
2020-07-20 |
|
Oracle VirtualBox e1000 Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-902 |
ZDI-CAN-11138 |
Oracle |
CVE-2020-14699 |
7.5 |
2020-07-20 |
|
Oracle VirtualBox e1000 Integer Underflow Privilege Escalation Vulnerability |
| ZDI-20-901 |
ZDI-CAN-11137 |
Oracle |
CVE-2020-14698 |
5.3 |
2020-07-20 |
|
Oracle VirtualBox virtio-net Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-900 |
ZDI-CAN-11145 |
Oracle |
CVE-2020-14695 |
5.3 |
2020-07-20 |
|
Oracle VirtualBox BusLogicSCSI Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-899 |
ZDI-CAN-11142 |
Oracle |
CVE-2020-14694 |
5.3 |
2020-07-20 |
|
Oracle VirtualBox BusLogicSCSI Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-898 |
ZDI-CAN-11028 |
Oracle |
CVE-2020-14673 |
5.3 |
2020-07-20 |
|
Oracle VirtualBox LsiLogicSCSI Time-Of-Check Time-Of-Use Information Disclosure Vulnerability |
| ZDI-20-897 |
ZDI-CAN-10965 |
Oracle |
CVE-2020-14664 |
7.8 |
2020-07-20 |
|
Oracle Java Runtime Environment HTML Rendering Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-896 |
ZDI-CAN-10954 |
Oracle |
CVE-2020-14674 |
7.5 |
2020-07-20 |
|
Oracle VirtualBox LsiLogicSCSI Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-20-895 |
ZDI-CAN-10900 |
Oracle |
CVE-2020-14675 |
7.5 |
2020-07-20 |
2021-03-02 |
Oracle VirtualBox PCnet Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-20-894 |
ZDI-CAN-10899 |
Oracle |
CVE-2020-14676 |
7.5 |
2020-07-20 |
2021-03-02 |
Oracle VirtualBox PCnet Out-Of-Bounds Access Privilege Escalation Vulnerability |
| ZDI-20-893 |
ZDI-CAN-10898 |
Oracle |
CVE-2020-14677 |
7.5 |
2020-07-20 |
2021-03-02 |
Oracle VirtualBox PCnet Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-20-892 |
ZDI-CAN-10978 |
Oracle |
CVE-2020-14650 |
5.3 |
2020-07-20 |
|
Oracle VirtualBox LsiLogicSCSI Time-Of-Check Time-Of-Use Information Disclosure Vulnerability |
| ZDI-20-891 |
ZDI-CAN-10953 |
Oracle |
CVE-2020-14649 |
7.5 |
2020-07-20 |
|
Oracle VirtualBox LsiLogicSCSI Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-20-890 |
ZDI-CAN-10952 |
Oracle |
CVE-2020-14647 |
7.5 |
2020-07-20 |
|
Oracle VirtualBox LsiLogicSCSI Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-20-889 |
ZDI-CAN-10951 |
Oracle |
CVE-2020-14648 |
5.3 |
2020-07-20 |
|
Oracle VirtualBox LsiLogicSCSI Time-Of-Check Time-Of-Use Information Disclosure Vulnerability |
| ZDI-20-888 |
ZDI-CAN-10913 |
Oracle |
CVE-2020-14646 |
7.5 |
2020-07-20 |
|
Oracle VirtualBox LsiLogicSCSI Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-20-887 |
ZDI-CAN-10795 |
Oracle |
CVE-2020-14629 |
6.0 |
2020-07-20 |
2021-03-02 |
Oracle VirtualBox virtio-net Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-20-886 |
ZDI-CAN-10762 |
Oracle |
CVE-2020-14628 |
8.2 |
2020-07-20 |
|
Oracle VirtualBox Guest Additions Unnecessary Privileges Local Privilege Escalation Vulnerability |
| ZDI-20-885 |
ZDI-CAN-10741 |
Oracle |
CVE-2020-14625 |
9.8 |
2020-07-20 |
|
Oracle WebLogic Server T3 Protocol Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-884 |
ZDI-CAN-10846 |
Adobe |
CVE-2020-9650 |
7.8 |
2020-07-20 |
|
Adobe Media Encoder MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-883 |
ZDI-CAN-10838 |
Adobe |
CVE-2020-9646 |
7.8 |
2020-07-20 |
|
Adobe Media Encoder MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-882 |
ZDI-CAN-10830 |
Adobe |
CVE-2020-9649 |
7.8 |
2020-07-20 |
|
Adobe Media Encoder 3GP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-881 |
ZDI-CAN-10835 |
D-Link |
CVE-2020-15633 |
8.8 |
2020-07-20 |
|
D-Link Multiple Routers HNAP GetCAPTCHAsetting Authentication Bypass Vulnerability |
| ZDI-20-880 |
ZDI-CAN-10083 |
D-Link |
CVE-2020-15632 |
8.8 |
2020-07-20 |
|
D-Link DIR-842 HNAP GetCAPTCHAsetting Authentication Bypass Vulnerability |
| ZDI-20-879 |
ZDI-CAN-10084 |
D-Link |
CVE-2020-15631 |
8.0 |
2020-07-20 |
|
D-Link DAP-1860 HNAP SOAPAction Command Injection Remote Code Execution Vulnerability |
| ZDI-20-878 |
ZDI-CAN-10767 |
IBM |
CVE-2020-4464 |
9.8 |
2020-07-20 |
|
IBM WebSphere Application Server SOAP Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-877 |
ZDI-CAN-10903 |
Microsoft |
CVE-2020-1436 |
7.8 |
2020-07-16 |
|
Microsoft Windows PFB Font File Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-20-876 |
ZDI-CAN-10831 |
Microsoft |
CVE-2020-0987 |
3.3 |
2020-07-16 |
|
Microsoft Windows mf3216 EMF EMR_SETDIBITSTODEVICE Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-875 |
ZDI-CAN-10808 |
Microsoft |
CVE-2020-1355 |
6.3 |
2020-07-16 |
|
Microsoft Windows fontdrvhost Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-874 |
ZDI-CAN-10963 |
Microsoft |
CVE-2020-1439 |
8.8 |
2020-07-16 |
|
Microsoft SharePoint Scorecards Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-873 |
ZDI-CAN-10781 |
Microsoft |
CVE-2020-1382 |
7.8 |
2020-07-16 |
|
(Pwn2Own) Microsoft Windows DirectComposition RemoveBindingManagerReferenceFromTrackerIfNecessary Use-After-Free Privilege Escalation Vulnerability |
| ZDI-20-872 |
ZDI-CAN-10779 |
Microsoft |
CVE-2020-1381 |
7.8 |
2020-07-16 |
|
(Pwn2Own) Microsoft Windows DirectComposition SetBufferProperty Use-After-Free Privilege Escalation Vulnerability |
| ZDI-20-871 |
ZDI-CAN-10977 |
Foxit |
CVE-2020-15630 |
3.3 |
2020-07-16 |
|
Foxit Studio Photo PNG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-870 |
ZDI-CAN-10764 |
Foxit |
CVE-2020-15629 |
7.8 |
2020-07-16 |
|
Foxit Studio Photo TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-869 |
ZDI-CAN-10716 |
Advantech |
CVE-2020-14497 |
9.8 |
2020-07-16 |
|
Advantech iView TaskEditDeviceTable getTaskEditorSearchDevices SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-868 |
ZDI-CAN-10707 |
Advantech |
CVE-2020-14497 |
7.5 |
2020-07-16 |
|
Advantech iView TaskEditDeviceTable updateSelected SQL Injection Information Disclosure Vulnerability |
| ZDI-20-867 |
ZDI-CAN-10701 |
Advantech |
CVE-2020-14499 |
7.5 |
2020-07-16 |
|
Advantech iView UserServlet getAllUsersAccountInfo Improper Access Control Information Disclosure Vulnerability |
| ZDI-20-866 |
ZDI-CAN-10708 |
Advantech |
CVE-2020-14497 |
9.8 |
2020-07-16 |
|
Advantech iView TaskEditDeviceTable getDeviceCount SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-865 |
ZDI-CAN-10717 |
Advantech |
CVE-2020-14497 |
7.5 |
2020-07-16 |
|
Advantech iView DeviceTreeTable getUpdateDeviceListDetails SQL Injection Information Disclosure Vulnerability |
| ZDI-20-864 |
ZDI-CAN-10706 |
Advantech |
CVE-2020-14497 |
7.5 |
2020-07-16 |
|
Advantech iView TaskEditDeviceTable clearTaskEditorTable SQL Injection Information Disclosure Vulnerability |
| ZDI-20-863 |
ZDI-CAN-10704 |
Advantech |
CVE-2020-14497 |
9.8 |
2020-07-16 |
|
Advantech iView TaskEditDeviceTable initTaskEditorSearchValues SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-862 |
ZDI-CAN-10703 |
Advantech |
CVE-2020-14497 |
7.5 |
2020-07-16 |
|
Advantech iView User setUserAccountInfo SQL Injection Information Disclosure Vulnerability |
| ZDI-20-861 |
ZDI-CAN-10702 |
Advantech |
CVE-2020-14497 |
7.5 |
2020-07-16 |
|
Advantech iView User addUser SQL Injection Information Disclosure Vulnerability |
| ZDI-20-860 |
ZDI-CAN-10700 |
Advantech |
CVE-2020-14497 |
9.8 |
2020-07-16 |
|
Advantech iView User checkForDuplicateUserName SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-859 |
ZDI-CAN-10699 |
Advantech |
CVE-2020-14501 |
8.2 |
2020-07-16 |
|
Advantech iView UserServlet performDeleteUser Missing Authentication for Critical Function Information Disclosure Vulnerability |
| ZDI-20-858 |
ZDI-CAN-10673 |
Advantech |
CVE-2020-14497 |
7.5 |
2020-07-16 |
|
Advantech iView TaskEditDeviceTable updateDeviceAuthentication SQL Injection Information Disclosure Vulnerability |
| ZDI-20-857 |
ZDI-CAN-10970 |
Advantech |
CVE-2020-14497 |
9.8 |
2020-07-16 |
|
Advantech iView LinksTable deleteLinks SQL Injection Remote code Execution Vulnerability |
| ZDI-20-856 |
ZDI-CAN-10672 |
Advantech |
CVE-2020-14497 |
7.5 |
2020-07-16 |
|
Advantech iView DeviceTreeTable setDeviceAuthentication SQL Injection Information Disclosure Vulnerability |
| ZDI-20-855 |
ZDI-CAN-10671 |
Advantech |
CVE-2020-14497 |
7.5 |
2020-07-16 |
|
Advantech iView UpdateTable insertUpdateItem SQL Injection Information Disclosure Vulnerability |
| ZDI-20-854 |
ZDI-CAN-10670 |
Advantech |
CVE-2020-14497 |
9.8 |
2020-07-16 |
|
Advantech iView ZTPConfigTable findConfiguration SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-853 |
ZDI-CAN-10669 |
Advantech |
CVE-2020-14497 |
7.5 |
2020-07-16 |
|
Advantech iView TaskEditDeviceTable updateSelectedPROMVersion SQL Injection Information Disclosure Vulnerability |
| ZDI-20-852 |
ZDI-CAN-10668 |
Advantech |
CVE-2020-14497 |
7.5 |
2020-07-16 |
|
Advantech iView DeviceTreeTable updateSegmentInfo SQL Injection Information Disclosure Vulnerability |
| ZDI-20-851 |
ZDI-CAN-10661 |
Advantech |
CVE-2020-14497 |
7.5 |
2020-07-16 |
|
Advantech iView ZTPConfigTable findConfiguration SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-850 |
ZDI-CAN-10660 |
Advantech |
CVE-2020-14497 |
9.8 |
2020-07-16 |
|
Advantech iView TaskMgrTable getExportDataDetails SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-849 |
ZDI-CAN-10659 |
Advantech |
CVE-2020-14497 |
9.8 |
2020-07-16 |
|
Advantech iView TaskMgrTable getExportData SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-848 |
ZDI-CAN-10631 |
Advantech |
CVE-2020-14497 |
7.5 |
2020-07-16 |
|
Advantech iView NetworkServlet SQL Injection Information Disclosure Vulnerability |
| ZDI-20-847 |
ZDI-CAN-10630 |
Advantech |
CVE-2020-14507 |
9.8 |
2020-07-16 |
|
Advantech iView LinksTable exportLinks Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-846 |
ZDI-CAN-10629 |
Advantech |
CVE-2020-14497 |
9.8 |
2020-07-16 |
|
Advantech iView TrapTable retrieveActiveTrapCount SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-845 |
ZDI-CAN-10628 |
Advantech |
CVE-2020-14497 |
9.8 |
2020-07-16 |
|
Advantech iView DeviceTreeTable getInventoryReportData SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-844 |
ZDI-CAN-10627 |
Advantech |
CVE-2020-14497 |
9.8 |
2020-07-16 |
|
Advantech iView TrapEventConfig retrieveDeviceTrapConfig SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-843 |
ZDI-CAN-10626 |
Advantech |
CVE-2020-14497 |
7.5 |
2020-07-16 |
|
Advantech iView ConfigurationTable setConfigurationItem SQL Injection Information Disclosure Vulnerability |
| ZDI-20-842 |
ZDI-CAN-10625 |
Advantech |
CVE-2020-14497 |
9.8 |
2020-07-16 |
|
Advantech iView NetworkServlet SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-841 |
ZDI-CAN-10623 |
Advantech |
CVE-2020-14507 |
9.8 |
2020-07-16 |
|
Advantech iView NetworkServlet Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-840 |
ZDI-CAN-10622 |
Advantech |
CVE-2020-14507 |
7.5 |
2020-07-16 |
|
Advantech iView MenuServlet Directory Traversal Information Disclosure Vulnerability |
| ZDI-20-839 |
ZDI-CAN-10621 |
Advantech |
CVE-2020-14497 |
9.8 |
2020-07-16 |
|
Advantech iView UserServlet SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-838 |
ZDI-CAN-10658 |
Advantech |
CVE-2020-14497 |
9.8 |
2020-07-16 |
|
Advantech iView DeviceTreeTable getInventoryExportData SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-837 |
ZDI-CAN-10657 |
Advantech |
CVE-2020-14497 |
9.8 |
2020-07-16 |
|
Advantech iView PSTable getPSInventoryExportData SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-836 |
ZDI-CAN-10656 |
Advantech |
CVE-2020-14497 |
7.5 |
2020-07-16 |
|
Advantech iView DeviceTreeTable updateNamingData SQL Injection Information Disclosure Vulnerability |
| ZDI-20-835 |
ZDI-CAN-10655 |
Advantech |
CVE-2020-14497 |
7.5 |
2020-07-16 |
|
Advantech iView SystemTable updateLDAPSettings SQL Injection Information Disclosure Vulnerability |
| ZDI-20-834 |
ZDI-CAN-10646 |
Advantech |
CVE-2020-14503 |
9.8 |
2020-07-16 |
|
Advantech iView NetworkServlet Improper Input Validation Remote Code Execution Vulnerability |
| ZDI-20-833 |
ZDI-CAN-10633 |
Advantech |
CVE-2020-14497 |
9.8 |
2020-07-16 |
|
Advantech iView DeviceTreeTable checkForChassisUpdates SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-832 |
ZDI-CAN-10632 |
Advantech |
CVE-2020-14497 |
7.5 |
2020-07-16 |
|
Advantech iView NetworkServlet SQL Injection Information Disclosure Vulnerability |
| ZDI-20-831 |
ZDI-CAN-10645 |
Advantech |
CVE-2020-14505 |
9.8 |
2020-07-16 |
|
Advantech iView NetworkServlet restoreDatabase Command Injection Remote Code Execution Vulnerability |
| ZDI-20-830 |
ZDI-CAN-10637 |
Advantech |
CVE-2020-14497 |
7.5 |
2020-07-16 |
|
Advantech iView NetworkServlet SQL Injection Information Disclosure Vulnerability |
| ZDI-20-829 |
ZDI-CAN-10636 |
Advantech |
CVE-2020-14507 |
7.5 |
2020-07-16 |
|
Advantech iView ZTPConfig importZtpConfiguration Directory Traversal Information Disclosure Vulnerability |
| ZDI-20-828 |
ZDI-CAN-10635 |
Advantech |
CVE-2020-14497 |
9.8 |
2020-07-16 |
|
Advantech iView NetworkServlet SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-827 |
ZDI-CAN-10634 |
Advantech |
CVE-2020-14497 |
9.8 |
2020-07-16 |
|
Advantech iView LinksTable retrieveSearchLinks SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-826 |
ZDI-CAN-10586 |
Phoenix Contact |
CVE-2020-12498 |
7.8 |
2020-07-10 |
|
Phoenix Contact Automationworx PC WORX MWE File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-825 |
ZDI-CAN-10147 |
Phoenix Contact |
CVE-2020-12497 |
7.8 |
2020-07-10 |
|
Phoenix Contact Automationworx PLCOpen XML File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-824 |
ZDI-CAN-10290 |
Rockwell Automation |
CVE-2020-12025 |
3.3 |
2020-07-09 |
2021-06-29 |
(0Day) (Pwn2Own) Rockwell Automation Studio 5000 AML File Parsing XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-20-823 |
ZDI-CAN-10579 |
Apple |
CVE-2020-9815 |
3.3 |
2020-07-09 |
|
Apple macOS AudioToolboxCore CAF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-822 |
ZDI-CAN-10710 |
Veeam |
CVE-2020-15419 |
7.5 |
2020-07-08 |
|
Veeam ONE Reporter_ImportLicense Page_Load XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-20-821 |
ZDI-CAN-10709 |
Veeam |
CVE-2020-15418 |
7.5 |
2020-07-08 |
|
Veeam ONE SSRSReport GetCustomElementText XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-20-820 |
ZDI-CAN-10896 |
Microsoft |
CVE-2020-1457 |
7.8 |
2020-07-08 |
|
Microsoft Windows hevcdecoder_store HEIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-819 |
ZDI-CAN-10765 |
Microsoft |
CVE-2020-1425 |
7.8 |
2020-07-08 |
|
Microsoft Windows hevcdecoder_store HEIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-818 |
ZDI-CAN-10692 |
Microsoft |
CVE-2020-1425 |
7.8 |
2020-07-08 |
|
Microsoft Windows hevcdecoder_store HEIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-817 |
ZDI-CAN-10685 |
Microsoft |
CVE-2020-1425 |
3.3 |
2020-07-08 |
|
Microsoft Windows hevcdecoder_store HEIC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-816 |
ZDI-CAN-10684 |
Microsoft |
CVE-2020-1425 |
7.8 |
2020-07-08 |
|
Microsoft Windows hevcdecoder_store HEIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-815 |
ZDI-CAN-10936 |
Microsoft |
CVE-2020-1425 |
7.8 |
2020-07-07 |
|
Microsoft Windows hevcdecoder_store MKV File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-814 |
ZDI-CAN-10470 |
Rockwell Automation |
CVE-2019-13511 |
7.8 |
2020-07-07 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-813 |
ZDI-CAN-10374 |
Rockwell Automation |
CVE-2019-13511 |
7.8 |
2020-07-07 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-812 |
ZDI-CAN-10373 |
Rockwell Automation |
CVE-2019-13511 |
7.8 |
2020-07-07 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-811 |
ZDI-CAN-10129 |
Rockwell Automation |
CVE-2019-13511 |
7.8 |
2020-07-07 |
2021-06-29 |
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-810 |
ZDI-CAN-10186 |
Rockwell Automation |
CVE-2019-13511 |
7.8 |
2020-07-07 |
|
Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-809 |
ZDI-CAN-10527 |
C-MORE |
CVE-2020-10922 |
7.5 |
2020-07-07 |
2020-07-08 |
C-MORE HMI EA9 EA-HTTP Improper Input Validation Denial-of-Service Vulnerability |
| ZDI-20-808 |
ZDI-CAN-10493 |
C-MORE |
CVE-2020-10920 |
9.8 |
2020-07-07 |
2020-07-08 |
C-MORE HMI EA9 Control Port Missing Authentication for Critical Function Remote Code Execution Vulnerability |
| ZDI-20-807 |
ZDI-CAN-10482 |
C-MORE |
CVE-2020-10921 |
9.8 |
2020-07-07 |
2020-07-08 |
C-MORE HMI EA9 EA-HTTP Missing Authentication for Critical Function Remote Code Execution Vulnerability |
| ZDI-20-806 |
ZDI-CAN-10185 |
C-MORE |
CVE-2020-10919 |
5.9 |
2020-07-07 |
2020-10-08 |
C-MORE HMI EA9 Weak Cryptography for Passwords Information Disclosure Vulnerability |
| ZDI-20-805 |
ZDI-CAN-10182 |
C-MORE |
CVE-2020-10918 |
7.5 |
2020-07-07 |
2020-11-24 |
C-MORE HMI EA9 Authentication Bypass Vulnerability |
| ZDI-20-804 |
ZDI-CAN-10690 |
Microsoft |
CVE-2020-1425 |
3.3 |
2020-07-07 |
|
Microsoft Windows hevcdecoder_store HEIC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-803 |
ZDI-CAN-10071 |
Check Point |
CVE-2020-6013 |
7.5 |
2020-07-02 |
|
Check Point ZoneAlarm Symlink Following Privilege Escalation Vulnerability |
| ZDI-20-802 |
ZDI-CAN-10683 |
Microsoft |
CVE-2020-1425 |
3.3 |
2020-07-01 |
|
Microsoft Windows hevcdecoder_store HEIC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-801 |
ZDI-CAN-10687 |
Microsoft |
CVE-2020-1457 |
7.8 |
2020-07-01 |
|
Microsoft Windows hevcdecoder_store HEIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-800 |
ZDI-CAN-10273 |
ICONICS |
|
7.8 |
2020-07-01 |
|
(Pwn2Own) ICONICS Genesis64 PKGX Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability |
| ZDI-20-799 |
ZDI-CAN-10471 |
Delta Industrial Automation |
|
3.3 |
2020-07-01 |
|
(0Day) Delta Industrial Automation DOPSoft DPA File Parsing EnRcpNoName Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-798 |
ZDI-CAN-10459 |
Delta Industrial Automation |
|
3.3 |
2020-07-01 |
|
(0Day) Delta Industrial Automation DOPSoft DPA File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-797 |
ZDI-CAN-10183 |
Delta Industrial Automation |
|
3.3 |
2020-07-01 |
|
(0Day) Delta Industrial Automation DOPSoft DPA File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-796 |
ZDI-CAN-10472 |
Delta Industrial Automation |
|
3.3 |
2020-07-01 |
|
(0Day) Delta Industrial Automation DOPSoft DPA File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-795 |
ZDI-CAN-10480 |
Delta Industrial Automation |
|
3.3 |
2020-07-01 |
|
(0Day) Delta Industrial Automation DOPSoft DPA File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-794 |
ZDI-CAN-10481 |
Delta Industrial Automation |
|
3.3 |
2020-07-01 |
|
(0Day) Delta Industrial Automation DOPSoft DPA File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-793 |
ZDI-CAN-10483 |
Delta Industrial Automation |
|
3.3 |
2020-07-01 |
|
(0Day) Delta Industrial Automation DOPSoft DPA File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-792 |
ZDI-CAN-10494 |
Delta Industrial Automation |
|
3.3 |
2020-07-01 |
|
(0Day) Delta Industrial Automation DOPSoft DPA File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-791 |
ZDI-CAN-10508 |
Delta Industrial Automation |
|
3.3 |
2020-07-01 |
|
(0Day) Delta Industrial Automation DOPSoft DPA File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-790 |
ZDI-CAN-10509 |
Delta Industrial Automation |
|
3.3 |
2020-07-01 |
|
(0Day) Delta Industrial Automation DOPSoft DPA File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-789 |
ZDI-CAN-10571 |
Delta Industrial Automation |
|
7.8 |
2020-07-01 |
|
(0Day) Delta Industrial Automation DOPSoft DPA File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-788 |
ZDI-CAN-10572 |
Delta Industrial Automation |
|
3.3 |
2020-07-01 |
|
(0Day) Delta Industrial Automation DOPSoft DPA File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-787 |
ZDI-CAN-10184 |
Delta Industrial Automation |
|
3.3 |
2020-07-01 |
|
(0Day) Delta Industrial Automation DOPSoft DPA File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-786 |
ZDI-CAN-10891 |
VMware |
CVE-2020-3969 |
8.8 |
2020-06-30 |
2021-06-29 |
VMware Workstation SVGA3D Command Heap Overflow Privilege Escalation Vulnerability |
| ZDI-20-785 |
ZDI-CAN-10786 |
VMware |
CVE-2020-3962 |
8.2 |
2020-06-30 |
|
VMware Workstation SVGA DXInvalidateContext Use-After-Free Privilege Escalation Vulnerability |
| ZDI-20-784 |
ZDI-CAN-10694 |
VMware |
CVE-2020-3967 |
7.5 |
2020-06-30 |
2021-03-02 |
VMware Workstation EHCI Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-20-783 |
ZDI-CAN-10608 |
VMware |
CVE-2020-3966 |
7.5 |
2020-06-30 |
2021-03-02 |
VMware Workstation EHCI Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-20-782 |
ZDI-CAN-10478 |
VMware |
CVE-2020-3970 |
2.8 |
2020-06-30 |
|
VMware Workstation Shader Bytecode Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-781 |
ZDI-CAN-10097 |
VMware |
CVE-2020-3968 |
8.2 |
2020-06-30 |
2021-03-02 |
VMware Workstation xHCI Isoch TD Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-20-780 |
ZDI-CAN-10297 |
ICONICS |
CVE-2020-12015 |
9.8 |
2020-06-30 |
|
(Pwn2Own) ICONICS Genesis64 IcoFwxServer Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-779 |
ZDI-CAN-10288 |
ICONICS |
CVE-2020-12013 |
9.8 |
2020-06-30 |
|
ICONICS Genesis64 TestQuery SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-778 |
ZDI-CAN-10274 |
ICONICS |
CVE-2020-12011 |
9.8 |
2020-06-30 |
|
(Pwn2Own) ICONICS Genesis64 VariantClear Out-Of-Bounds Access Remote Code Execution Vulnerability |
| ZDI-20-777 |
ZDI-CAN-10272 |
ICONICS |
CVE-2020-12009 |
7.8 |
2020-06-30 |
|
(Pwn2Own) ICONICS Genesis64 PKGX WbPackAndGoSettings Absolute Path Traversal Remote Code Execution Vulnerability |
| ZDI-20-776 |
ZDI-CAN-10267 |
ICONICS |
CVE-2020-12007 |
5.3 |
2020-06-30 |
|
(Pwn2Own) ICONICS Genesis64 fwxserver Deserialization Denial-Of-Service Vulnerability |
| ZDI-20-775 |
ZDI-CAN-9710 |
CentOS Web Panel |
CVE-2020-15628 |
7.5 |
2020-06-26 |
|
(0Day) CentOS Web Panel ajax_mail_autoreply user SQL Injection Information Disclosure Vulnerability |
| ZDI-20-774 |
ZDI-CAN-9738 |
CentOS Web Panel |
CVE-2020-15627 |
7.5 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_mail_autoreply account SQL Injection Information Disclosure Vulnerability |
| ZDI-20-773 |
ZDI-CAN-9730 |
CentOS Web Panel |
CVE-2020-15626 |
7.5 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_dashboard term SQL Injection Information Disclosure Vulnerability |
| ZDI-20-772 |
ZDI-CAN-9729 |
CentOS Web Panel |
CVE-2020-15625 |
7.5 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_add_mailbox username SQL Injection Information Disclosure Vulnerability |
| ZDI-20-771 |
ZDI-CAN-9727 |
CentOS Web Panel |
CVE-2020-15624 |
7.5 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_new_account domain SQL Injection Information Disclosure Vulnerability |
| ZDI-20-770 |
ZDI-CAN-9722 |
CentOS Web Panel |
CVE-2020-15623 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_mod_security archivo Arbitrary File Write Remote Code Execution Vulnerability |
| ZDI-20-769 |
ZDI-CAN-9712 |
CentOS Web Panel |
CVE-2020-15622 |
7.5 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_mail_autoreply search SQL Injection Information Disclosure Vulnerability |
| ZDI-20-768 |
ZDI-CAN-9711 |
CentOS Web Panel |
CVE-2020-15621 |
7.5 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_mail_autoreply email SQL Injection Information Disclosure Vulnerability |
| ZDI-20-767 |
ZDI-CAN-9741 |
CentOS Web Panel |
CVE-2020-15620 |
7.5 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_list_accounts id SQL Injection Information Disclosure Vulnerability |
| ZDI-20-766 |
ZDI-CAN-9723 |
CentOS Web Panel |
CVE-2020-15619 |
7.5 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_list_accounts type SQL Injection Information Disclosure Vulnerability |
| ZDI-20-765 |
ZDI-CAN-9717 |
CentOS Web Panel |
CVE-2020-15618 |
7.5 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_list_accounts username SQL Injection Information Disclosure Vulnerability |
| ZDI-20-764 |
ZDI-CAN-9708 |
CentOS Web Panel |
CVE-2020-15617 |
7.5 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_list_accounts status SQL Injection Information Disclosure Vulnerability |
| ZDI-20-763 |
ZDI-CAN-9706 |
CentOS Web Panel |
CVE-2020-15616 |
7.5 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_list_accounts package SQL Injection Information Disclosure Vulnerability |
| ZDI-20-762 |
ZDI-CAN-9746 |
CentOS Web Panel |
CVE-2020-15615 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_ftp_manager Command Injection Remote Code Execution Vulnerability |
| ZDI-20-761 |
ZDI-CAN-9718 |
CentOS Web Panel |
CVE-2020-15614 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_php_pecl cha Command Injection Remote Code Execution Vulnerability |
| ZDI-20-760 |
ZDI-CAN-9739 |
CentOS Web Panel |
CVE-2020-15613 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_admin_apis line Command Injection Remote Code Execution Vulnerability |
| ZDI-20-759 |
ZDI-CAN-9737 |
CentOS Web Panel |
CVE-2020-15612 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_ftp_manager userLogin Command Injection Remote Code Execution Vulnerability |
| ZDI-20-758 |
ZDI-CAN-9734 |
CentOS Web Panel |
CVE-2020-15611 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_dashboard service_restart Command Injection Remote Code Execution Vulnerability |
| ZDI-20-757 |
ZDI-CAN-9728 |
CentOS Web Panel |
CVE-2020-15610 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_php_pecl modulo Command Injection Remote Code Execution Vulnerability |
| ZDI-20-756 |
ZDI-CAN-9726 |
CentOS Web Panel |
CVE-2020-15609 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_dashboard service_stop Command Injection Remote Code Execution Vulnerability |
| ZDI-20-755 |
ZDI-CAN-9724 |
CentOS Web Panel |
CVE-2020-15608 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_dashboard ai_service Command Injection Remote Code Execution Vulnerability |
| ZDI-20-754 |
ZDI-CAN-9721 |
CentOS Web Panel |
CVE-2020-15607 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_admin_apis line Command Injection Remote Code Execution Vulnerability |
| ZDI-20-753 |
ZDI-CAN-9720 |
CentOS Web Panel |
CVE-2020-15606 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_admin_apis Command Injection Remote Code Execution Vulnerability |
| ZDI-20-752 |
ZDI-CAN-9719 |
CentOS Web Panel |
CVE-2020-15435 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_dashboard service_start Command Injection Remote Code Execution Vulnerability |
| ZDI-20-751 |
ZDI-CAN-9745 |
CentOS Web Panel |
CVE-2020-15434 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_php_pecl canal Command Injection Remote Code Execution Vulnerability |
| ZDI-20-750 |
ZDI-CAN-9715 |
CentOS Web Panel |
CVE-2020-15433 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_php_pecl phpversion Command Injection Remote Code Execution Vulnerability |
| ZDI-20-749 |
ZDI-CAN-9743 |
CentOS Web Panel |
CVE-2020-15432 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_migration_cpanel filespace Command Injection Remote Code Execution Vulnerability |
| ZDI-20-748 |
ZDI-CAN-9740 |
CentOS Web Panel |
CVE-2020-15431 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_crons user Command Injection Remote Code Execution Vulnerability |
| ZDI-20-747 |
ZDI-CAN-9736 |
CentOS Web Panel |
CVE-2020-15430 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_list_accounts username Command Injection Remote Code Execution Vulnerability |
| ZDI-20-746 |
ZDI-CAN-9716 |
CentOS Web Panel |
CVE-2020-15429 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_crons user Command Injection Remote Code Execution Vulnerability |
| ZDI-20-745 |
ZDI-CAN-9714 |
CentOS Web Panel |
CVE-2020-15428 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_crons line Command Injection Remote Code Execution Vulnerability |
| ZDI-20-744 |
ZDI-CAN-9713 |
CentOS Web Panel |
CVE-2020-15427 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_disk_usage folderName Command Injection Remote Code Execution Vulnerability |
| ZDI-20-743 |
ZDI-CAN-9709 |
CentOS Web Panel |
CVE-2020-15426 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_migration_cpanel serverip Command Injection Remote Code Execution Vulnerability |
| ZDI-20-742 |
ZDI-CAN-9742 |
CentOS Web Panel |
CVE-2020-15425 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_mod_security Command Injection Remote Code Execution Vulnerability |
| ZDI-20-741 |
ZDI-CAN-9735 |
CentOS Web Panel |
CVE-2020-15424 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_mod_security domain Command Injection Remote Code Execution Vulnerability |
| ZDI-20-740 |
ZDI-CAN-9732 |
CentOS Web Panel |
CVE-2020-15423 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_mod_security dominio Command Injection Remote Code Execution Vulnerability |
| ZDI-20-739 |
ZDI-CAN-9731 |
CentOS Web Panel |
CVE-2020-15422 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_mod_security archivo Command Injection Remote Code Execution Vulnerability |
| ZDI-20-738 |
ZDI-CAN-9707 |
CentOS Web Panel |
CVE-2020-15421 |
9.8 |
2020-06-25 |
|
(0Day) CentOS Web Panel ajax_mod_security check_ip Command Injection Remote Code Execution Vulnerability |
| ZDI-20-737 |
ZDI-CAN-9259 |
CentOS Web Panel |
CVE-2020-15420 |
9.8 |
2020-06-25 |
2020-07-10 |
(0Day) CentOS Web Panel loader_ajax line Command Injection Remote Code Execution Vulnerability |
| ZDI-20-736 |
ZDI-CAN-9607 |
NEC |
CVE-2020-27859 |
7.5 |
2020-06-25 |
2020-12-04 |
(0Day) NEC ESMPRO Manager GetEuaLogDownloadAction Directory Traversal Information Disclosure Vulnerability |
| ZDI-20-735 |
ZDI-CAN-10299 |
Rockwell Automation |
CVE-2020-12033 |
9.8 |
2020-06-22 |
|
(Pwn2Own) Rockwell Automation FactoryTalk View SE AddAgent Missing Authentication for Critical Function Remote Code Execution Vulnerability |
| ZDI-20-734 |
ZDI-CAN-10298 |
Rockwell Automation |
|
9.8 |
2020-06-22 |
|
(Pwn2Own) Rockwell Automation FactoryTalk View SE RegisterEDSFiles Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-733 |
ZDI-CAN-10292 |
Rockwell Automation |
CVE-2020-12001 |
9.8 |
2020-06-22 |
2020-06-23 |
(Pwn2Own) Rockwell Automation FactoryTalk Linx CopyRenameProject Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-732 |
ZDI-CAN-10291 |
Rockwell Automation |
CVE-2020-12027 |
5.3 |
2020-06-22 |
|
(Pwn2Own) Rockwell Automation Studio 5000 Version Missing Authentication for Critical Function Information Disclosure Vulnerability |
| ZDI-20-731 |
ZDI-CAN-10270 |
Rockwell Automation |
CVE-2020-12031 |
7.8 |
2020-06-22 |
2021-06-29 |
(Pwn2Own) Rockwell Automation FactoryTalk View SE Project File Parsing Out-Of-Bounds Access Remote Code Execution Vulnerability |
| ZDI-20-730 |
ZDI-CAN-10284 |
Rockwell Automation |
CVE-2020-12029 |
9.8 |
2020-06-22 |
|
(Pwn2Own) Rockwell Automation FactoryTalk View SE Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-729 |
ZDI-CAN-10283 |
Rockwell Automation |
CVE-2020-12028 |
7.3 |
2020-06-22 |
2021-06-29 |
(Pwn2Own) Rockwell Automation FactoryTalk View SE Backup Missing Authentication for Critical Function Vulnerability |
| ZDI-20-728 |
ZDI-CAN-10282 |
Rockwell Automation |
CVE-2020-12027 |
5.3 |
2020-06-22 |
2021-06-29 |
(Pwn2Own) Rockwell Automation FactoryTalk View SE GetHMIProjectPaths Missing Authentication for Critical Function Information Disclosure Vulnerability |
| ZDI-20-727 |
ZDI-CAN-10281 |
Rockwell Automation |
CVE-2020-12027 |
5.3 |
2020-06-22 |
2021-06-29 |
(Pwn2Own) Rockwell Automation FactoryTalk View SE GetHMIProjects Missing Authentication for Critical Function Information Disclosure Vulnerability |
| ZDI-20-726 |
ZDI-CAN-10877 |
Adobe |
CVE-2020-9662 |
7.8 |
2020-06-18 |
|
Adobe After Effects MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-725 |
ZDI-CAN-10878 |
Adobe |
CVE-2020-9660 |
7.8 |
2020-06-18 |
|
Adobe After Effects MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-724 |
ZDI-CAN-10876 |
Adobe |
CVE-2020-9661 |
7.8 |
2020-06-18 |
|
Adobe After Effects 3GP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-723 |
ZDI-CAN-10868 |
Adobe |
CVE-2020-9655 |
7.8 |
2020-06-18 |
|
Adobe Premiere Rush 3GP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-722 |
ZDI-CAN-10869 |
Adobe |
CVE-2020-9656 |
7.8 |
2020-06-18 |
|
Adobe Premiere Rush MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-721 |
ZDI-CAN-10870 |
Adobe |
CVE-2020-9657 |
7.8 |
2020-06-18 |
|
Adobe Premiere Rush MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-720 |
ZDI-CAN-10854 |
Adobe |
CVE-2020-9659 |
7.8 |
2020-06-18 |
|
Adobe Audition MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-719 |
ZDI-CAN-10853 |
Adobe |
CVE-2020-9658 |
7.8 |
2020-06-18 |
|
Adobe Audition MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-718 |
ZDI-CAN-10864 |
Adobe |
CVE-2020-9652 |
7.8 |
2020-06-18 |
|
Adobe Premiere Pro 3GP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-717 |
ZDI-CAN-10865 |
Adobe |
CVE-2020-9653 |
7.8 |
2020-06-18 |
|
Adobe Premiere Pro MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-716 |
ZDI-CAN-10866 |
Adobe |
CVE-2020-9654 |
7.8 |
2020-06-18 |
|
Adobe Premiere Pro MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-715 |
ZDI-CAN-10074 |
Docker |
|
7.8 |
2020-06-15 |
|
Docker Desktop Execution with Unnecessary Privileges Privilege Escalation Vulnerability |
| ZDI-20-714 |
ZDI-CAN-10277 |
Inductive Automation |
|
5.3 |
2020-06-15 |
|
(0Day) (Pwn2Own) Inductive Automation Ignition ServerMessageHeader Deserialization of Untrusted Data Information Disclosure Vulnerability |
| ZDI-20-713 |
ZDI-CAN-9756 |
NETGEAR |
|
6.3 |
2020-06-15 |
|
(0Day) NETGEAR R6700 httpd strtblupgrade Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-712 |
ZDI-CAN-9703 |
NETGEAR |
|
8.8 |
2020-06-15 |
|
(0Day) NETGEAR R6700 httpd Firmware Upload Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-711 |
ZDI-CAN-9618 |
NETGEAR |
|
6.5 |
2020-06-15 |
|
(0Day) NETGEAR R6700 httpd Improper Access Control Information Disclosure Vulnerability |
| ZDI-20-710 |
ZDI-CAN-9751 |
IBM |
CVE-2020-4216 |
7.3 |
2020-06-15 |
|
IBM Spectrum Protect Plus Hardcoded Username And Password Authentication Bypass Vulnerability |
| ZDI-20-709 |
ZDI-CAN-9768 |
NETGEAR |
|
8.8 |
2020-06-15 |
|
(0Day) NETGEAR R6700 httpd strtblupgrade Integer Overflow Remote Code Execution Vulnerability |
| ZDI-20-708 |
ZDI-CAN-9767 |
NETGEAR |
|
8.4 |
2020-06-15 |
|
(0Day) NETGEAR R6700 httpd strtblupgrade Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-707 |
ZDI-CAN-9649 |
NETGEAR |
|
7.5 |
2020-06-15 |
|
(0Day) (Pwn2Own) NETGEAR R6700 check_ra Use of a Broken or Risky Cryptographic Algorithm Remote Code Execution Vulnerability |
| ZDI-20-706 |
ZDI-CAN-9648 |
NETGEAR |
|
7.5 |
2020-06-15 |
|
(0Day) (Pwn2Own) NETGEAR R6700 check_ra Download of Code Without Integrity Check Remote Code Execution Vulnerability |
| ZDI-20-705 |
ZDI-CAN-9647 |
NETGEAR |
|
7.5 |
2020-06-15 |
|
(0Day) (Pwn2Own) NETGEAR R6700 check_ra Improper Certificate Validation Remote Code Execution Vulnerability |
| ZDI-20-704 |
ZDI-CAN-9643 |
NETGEAR |
CVE-2020-10924 |
8.8 |
2020-06-15 |
|
(0Day) (Pwn2Own) NETGEAR R6700 UPnP NewBlockSiteName Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-703 |
ZDI-CAN-9642 |
NETGEAR |
|
6.5 |
2020-06-15 |
|
(0Day) (Pwn2Own) NETGEAR R6700 UPnP SOAPAction Authentication Bypass Vulnerability |
| ZDI-20-702 |
ZDI-CAN-10005 |
McAfee |
CVE-2020-7280 |
7.8 |
2020-06-15 |
|
McAfee VirusScan Enterprise Junction Privilege Escalation Vulnerability |
| ZDI-20-701 |
ZDI-CAN-10776 |
Apple |
|
5.3 |
2020-06-09 |
2021-06-29 |
(0Day) (Pwn2Own) Apple macOS Quarantine Attribute Bypass Vulnerability |
| ZDI-20-700 |
ZDI-CAN-10592 |
Adobe |
CVE-2020-9634 |
7.8 |
2020-06-09 |
|
Adobe FrameMaker GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-699 |
ZDI-CAN-10576 |
Adobe |
CVE-2020-9635 |
7.8 |
2020-06-09 |
|
Adobe FrameMaker PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-698 |
ZDI-CAN-10788 |
Microsoft |
CVE-2020-1219 |
7.5 |
2020-06-09 |
|
Microsoft Chakra Intl Object Type Confusion Remote Code Execution Vulnerability |
| ZDI-20-697 |
ZDI-CAN-10681 |
Microsoft |
CVE-2020-1239 |
8.8 |
2020-06-09 |
|
Microsoft Windows Media Player mpg2splt Integer Underflow Remote Code Execution Vulnerability |
| ZDI-20-696 |
ZDI-CAN-10693 |
Microsoft |
CVE-2020-1238 |
8.8 |
2020-06-09 |
|
Microsoft Windows Media Foundation Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-695 |
ZDI-CAN-10654 |
Microsoft |
CVE-2020-1238 |
8.8 |
2020-06-09 |
|
Microsoft Windows Media Foundation Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-694 |
ZDI-CAN-10589 |
Microsoft |
CVE-2020-1181 |
8.8 |
2020-06-09 |
|
Microsoft SharePoint Server Web Part Remote Code Execution Vulnerability |
| ZDI-20-693 |
ZDI-CAN-10512 |
Microsoft |
CVE-2020-1232 |
4.3 |
2020-06-09 |
|
Microsoft Windows Media Player DTS Stream Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-692 |
ZDI-CAN-10033 |
Microsoft |
CVE-2020-1207 |
8.8 |
2020-06-09 |
|
Microsoft Windows win32kfull PDEVOBJ Use-After-Free Privilege Escalation Vulnerability |
| ZDI-20-691 |
ZDI-CAN-11127 |
ManageEngine |
CVE-2020-13818 |
7.5 |
2020-06-09 |
|
ManageEngine OpManager OpmSkipFilter Directory Traversal Information Disclosure Vulnerability |
| ZDI-20-690 |
ZDI-CAN-10756 |
IBM |
CVE-2020-4449 |
7.5 |
2020-06-05 |
|
IBM WebSphere Application Server IIOP Deserialization of Untrusted Data Information Disclosure Vulnerability |
| ZDI-20-689 |
ZDI-CAN-10749 |
IBM |
CVE-2020-4450 |
9.8 |
2020-06-05 |
|
IBM WebSphere Application Server IIOP Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-688 |
ZDI-CAN-10732 |
IBM |
CVE-2020-4448 |
9.8 |
2020-06-05 |
2020-09-21 |
IBM WebSphere UploadFileArgument Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-687 |
ZDI-CAN-10278 |
Inductive Automation |
CVE-2020-12000 |
9.8 |
2020-06-01 |
|
(Pwn2Own) Inductive Automation Ignition ServerMessageHeader Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-686 |
ZDI-CAN-10276 |
Inductive Automation |
CVE-2020-10644 |
9.8 |
2020-06-01 |
2021-06-29 |
(Pwn2Own) Inductive Automation Ignition getDiffs Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-685 |
ZDI-CAN-10275 |
Inductive Automation |
CVE-2020-12004 |
5.3 |
2020-06-01 |
2021-06-29 |
(Pwn2Own) Inductive Automation Ignition getDiffs Missing Authentication for Critical Function Information Disclosure Vulnerability |
| ZDI-20-684 |
ZDI-CAN-10007 |
NEC |
CVE-2020-10917 |
9.8 |
2020-06-01 |
|
NEC ESMPRO Manager RMI Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-683 |
ZDI-CAN-10077 |
Apple |
CVE-2020-9841 |
5.3 |
2020-05-28 |
|
Apple macOS SkyLight Integer Overflow Privilege Escalation Vulnerability |
| ZDI-20-682 |
ZDI-CAN-10504 |
Apple |
CVE-2020-9800 |
8.8 |
2020-05-28 |
|
Apple Safari HasIndexedProperty Type Confusion Remote Code Execution Vulnerability |
| ZDI-20-681 |
ZDI-CAN-10777 |
Apple |
CVE-2020-9839 |
7.8 |
2020-05-28 |
|
(Pwn2Own) Apple macOS cfprefsd Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-20-680 |
ZDI-CAN-10775 |
Apple |
CVE-2020-9856 |
5.3 |
2020-05-28 |
|
(Pwn2Own) Apple macOS Core Virtual Machine Service Heap-based Buffer Overflow Vulnerability |
| ZDI-20-679 |
ZDI-CAN-10774 |
Apple |
CVE-2020-9801 |
5.3 |
2020-05-28 |
|
(Pwn2Own) Apple Safari Symbolic Link Arbitrary Application Execution Vulnerability |
| ZDI-20-678 |
ZDI-CAN-10329 |
Trend Micro |
CVE-2020-8604 |
7.5 |
2020-05-27 |
2020-05-28 |
Trend Micro InterScan Web Security Virtual Appliance Apache Solr Directory Traversal Information Disclosure Vulnerability |
| ZDI-20-677 |
ZDI-CAN-10117 |
Trend Micro |
CVE-2020-8606 |
9.8 |
2020-05-27 |
2020-05-28 |
Trend Micro InterScan Web Security Virtual Appliance Apache Solr Authentication Bypass Vulnerability |
| ZDI-20-676 |
ZDI-CAN-10095 |
Trend Micro |
CVE-2020-8605 |
8.8 |
2020-05-27 |
2020-05-28 |
Trend Micro InterScan Web Security Virtual Appliance Command Injection Remote Code Execution Vulnerability |
| ZDI-20-675 |
ZDI-CAN-10088 |
Trend Micro |
CVE-2020-8603 |
6.3 |
2020-05-27 |
2020-05-28 |
Trend Micro InterScan Web Security Virtual Appliance Cross-Site Scripting Vulnerability |
| ZDI-20-674 |
ZDI-CAN-10652 |
Apple |
CVE-2020-9815 |
7.8 |
2020-05-27 |
|
Apple macOS AudioToolboxCore CAF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-673 |
ZDI-CAN-10651 |
Apple |
CVE-2020-9816 |
7.8 |
2020-05-27 |
|
Apple macOS libFontParser Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-672 |
ZDI-CAN-10773 |
Apple |
CVE-2020-9850 |
7.3 |
2020-05-27 |
|
(Pwn2Own) Apple Safari In Operator JIT Type Confusion Remote Code Execution Vulnerability |
| ZDI-20-671 |
ZDI-CAN-10581 |
Apple |
CVE-2020-9791 |
3.3 |
2020-05-27 |
|
Apple macOS AudioToolboxCore AIFF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-670 |
ZDI-CAN-10871 |
Adobe |
CVE-2020-9617 |
3.3 |
2020-05-25 |
|
Adobe Premiere Rush MOV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-669 |
ZDI-CAN-10867 |
Adobe |
CVE-2020-9616 |
3.3 |
2020-05-25 |
|
Adobe Premiere Pro MOV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-668 |
ZDI-CAN-10879 |
Adobe |
CVE-2020-9586 |
7.8 |
2020-05-25 |
|
Adobe Character Animator EPS BoundingBox Element Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-667 |
ZDI-CAN-10855 |
Adobe |
CVE-2020-9618 |
3.3 |
2020-05-25 |
|
Adobe Audition MOV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-666 |
ZDI-CAN-10037 |
Microsoft |
|
7.0 |
2020-05-19 |
2020-07-20 |
(0Day) Microsoft Windows WLAN Connection Profile Missing Authentication Privilege Escalation Vulnerability |
| ZDI-20-665 |
ZDI-CAN-10016 |
Microsoft |
CVE-2020-0916 |
7.0 |
2020-05-19 |
|
(0Day) Microsoft Windows splwow64 Untrusted Pointer Dereference Privilege Escalation Vulnerability |
| ZDI-20-664 |
ZDI-CAN-10012 |
Microsoft |
CVE-2020-0915 |
2.5 |
2020-05-19 |
|
(0Day) Microsoft Windows splwow64 Untrusted Pointer Dereference Information Disclosure Vulnerability |
| ZDI-20-663 |
ZDI-CAN-9851 |
Microsoft |
CVE-2020-0986 |
7.0 |
2020-05-19 |
|
(0Day) Microsoft Windows splwow64 Untrusted Pointer Dereference Privilege Escalation Vulnerability |
| ZDI-20-662 |
ZDI-CAN-10014 |
Microsoft |
CVE-2020-0915 |
7.0 |
2020-05-19 |
|
(0Day) Microsoft Windows splwow64 Untrusted Pointer Dereference Privilege Escalation Vulnerability |
| ZDI-20-661 |
ZDI-CAN-10850 |
FreeBSD |
CVE-2020-7455 |
4.1 |
2020-05-19 |
|
FreeBSD Kernel NAT Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-660 |
ZDI-CAN-10849 |
FreeBSD |
CVE-2020-7454 |
9.8 |
2020-05-19 |
|
FreeBSD Kernel NAT Out-Of-Bounds Access Remote Code Execution Vulnerability |
| ZDI-20-659 |
ZDI-CAN-10624 |
FreeBSD |
CVE-2020-7454 |
9.8 |
2020-05-19 |
|
FreeBSD Kernel NAT Out-Of-Bounds Access Remote Code Execution Vulnerability |
| ZDI-20-658 |
ZDI-CAN-10287 |
Schneider Electric |
CVE-2020-7493 |
7.8 |
2020-05-14 |
2021-06-29 |
Schneider Electric EcoStruxure Operator Terminal Expert VXDZ File Parsing Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-657 |
ZDI-CAN-10280 |
Schneider Electric |
CVE-2020-7495 |
7.8 |
2020-05-14 |
|
(Pwn2Own) Schneider Electric EcoStructure Operator Terminal Expert ZIP Path Traversal Remote Code Execution Vulnerability |
| ZDI-20-656 |
ZDI-CAN-10279 |
Schneider Electric |
CVE-2020-7494 |
7.8 |
2020-05-14 |
|
(Pwn2Own) Schneider Electric EcoStructure Operator Terminal Expert VXDZ Arbitrary Library Load Remote Code Execution Vulnerability |
| ZDI-20-655 |
ZDI-CAN-10017 |
Advantech |
CVE-2020-12019 |
7.8 |
2020-05-14 |
|
(0Day) Advantech WebAccess Node Incorrect Permission Assignment Privilege Escalation Vulnerability |
| ZDI-20-654 |
ZDI-CAN-9779 |
Advantech |
CVE-2020-12019 |
9.8 |
2020-05-14 |
|
(0Day) Advantech WebAccess Node DATACORE Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-653 |
ZDI-CAN-10822 |
Adobe |
CVE-2020-9612 |
7.0 |
2020-05-12 |
|
Adobe Acrobat Reader DC JPEG2000 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-652 |
ZDI-CAN-10106 |
Adobe |
CVE-2020-9597 |
7.8 |
2020-05-12 |
|
Adobe Acrobat Reader DC JPEG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-651 |
ZDI-CAN-10784 |
Adobe |
CVE-2020-9606 |
7.3 |
2020-05-12 |
2020-08-18 |
(Pwn2Own) Adobe Acrobat Reader DC Field Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-650 |
ZDI-CAN-11085 |
Eaton |
CVE-2020-6652 |
7.8 |
2020-05-12 |
2020-05-12 |
Eaton Intelligent Power Manager mc2 Incorrect Privilege Assignment Privilege Escalation Vulnerability |
| ZDI-20-649 |
ZDI-CAN-9854 |
Eaton |
CVE-2020-6651 |
8.8 |
2020-05-12 |
|
Eaton Intelligent Power Manager mc2 Command Injection Remote Code Execution Vulnerability |
| ZDI-20-648 |
ZDI-CAN-10124 |
Microsoft |
CVE-2020-1102 |
8.8 |
2020-05-12 |
|
Microsoft SharePoint Shared Forms Incomplete Blacklist Remote Code Execution Vulnerability |
| ZDI-20-647 |
ZDI-CAN-10743 |
Microsoft |
CVE-2020-0987 |
4.3 |
2020-05-12 |
|
Microsoft Windows EMF EMR_SETDIBITSTODEVICE Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-646 |
ZDI-CAN-10785 |
Microsoft |
CVE-2020-1135 |
8.8 |
2020-05-12 |
|
(Pwn2Own) Microsoft Windows DirectComposition SetReferenceArrayProperty Use-After-Free Privilege Escalation Vulnerability |
| ZDI-20-645 |
ZDI-CAN-10397 |
Microsoft |
CVE-2020-1062 |
8.8 |
2020-05-12 |
|
Microsoft Internet Explorer JScript Garbage Collection Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-644 |
ZDI-CAN-10566 |
Microsoft |
CVE-2020-1126 |
8.8 |
2020-05-12 |
|
Microsoft Windows Media Player HEVC Stream Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-643 |
ZDI-CAN-10569 |
Microsoft |
CVE-2020-1126 |
8.8 |
2020-05-12 |
|
Microsoft Windows Media Player HEVC Stream Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-642 |
ZDI-CAN-10516 |
Microsoft |
CVE-2020-1028 |
8.8 |
2020-05-12 |
|
Microsoft Windows Media Player HEVC Stream Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-641 |
ZDI-CAN-10381 |
Microsoft |
CVE-2020-1096 |
9.6 |
2020-05-12 |
|
Microsoft Windows PDF Library DirectWrite Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-640 |
ZDI-CAN-10039 |
Microsoft |
CVE-2020-1051 |
7.8 |
2020-05-12 |
|
Microsoft Windows JET Database Engine Memory Corruption Remote Code Execution Vulnerability |
| ZDI-20-639 |
ZDI-CAN-10103 |
Microsoft |
CVE-2020-1150 |
7.5 |
2020-05-12 |
|
Microsoft Internet Explorer CWMPErrorDlg Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-638 |
ZDI-CAN-10064 |
Microsoft |
CVE-2020-1176 |
7.8 |
2020-05-12 |
|
Microsoft Windows JET Database Engine Memory Corruption Remote Code Execution Vulnerability |
| ZDI-20-637 |
ZDI-CAN-10056 |
Microsoft |
CVE-2020-1174 |
7.8 |
2020-05-12 |
|
Microsoft Windows JET Database Engine Memory Corruption Remote Code Execution Vulnerability |
| ZDI-20-636 |
ZDI-CAN-10060 |
Microsoft |
CVE-2020-1175 |
7.8 |
2020-05-12 |
|
Microsoft Windows JET Database Engine Memory Corruption Remote Code Execution Vulnerability |
| ZDI-20-635 |
ZDI-CAN-10026 |
Advantech |
CVE-2020-10638 |
8.1 |
2020-05-08 |
|
Advantech WebAccess/SCADA BwBacNetJ Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-634 |
ZDI-CAN-10080 |
Advantech |
CVE-2020-12002 |
8.1 |
2020-05-08 |
|
Advantech WebAccess/SCADA BwBacNetJ Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-633 |
ZDI-CAN-10079 |
Advantech |
CVE-2020-12002 |
8.1 |
2020-05-08 |
|
Advantech WebAccess/SCADA BwBacNetJ Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-632 |
ZDI-CAN-10325 |
Advantech |
|
9.8 |
2020-05-08 |
|
Advantech WebAccess IOCTL 0x2711 bwscrp Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-631 |
ZDI-CAN-9892 |
Advantech |
CVE-2020-10638 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA BwWebSvc IOCTL 0x00013c80 Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-630 |
ZDI-CAN-9896 |
Advantech |
CVE-2020-12018 |
7.5 |
2020-05-08 |
|
Advantech WebAccess/SCADA DrawSrv IOCTL 0x00002722 Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-629 |
ZDI-CAN-9940 |
Advantech |
|
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA DATACORE IOCTL 0x5217 Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-628 |
ZDI-CAN-9903 |
Advantech |
CVE-2020-12018 |
7.5 |
2020-05-08 |
|
Advantech WebAccess/SCADA ViewSrv IOCTL 0x00002722 Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-627 |
ZDI-CAN-9899 |
Advantech |
CVE-2020-12026 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA DrawSrv IOCTL 0x0000277d Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-626 |
ZDI-CAN-9907 |
Advantech |
CVE-2020-12026 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA ViewSrv IOCTL 0x0000277d Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-625 |
ZDI-CAN-10339 |
Advantech |
CVE-2020-12002 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA SyntecUA Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-624 |
ZDI-CAN-10338 |
Advantech |
CVE-2020-12002 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA OPCUA Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-623 |
ZDI-CAN-10337 |
Advantech |
CVE-2020-10638 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA ModDuDrv Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-622 |
ZDI-CAN-10086 |
Advantech |
CVE-2020-12002 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA GpsET200 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-621 |
ZDI-CAN-10085 |
Advantech |
CVE-2020-10638 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA BwTCPIP Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-620 |
ZDI-CAN-10081 |
Advantech |
CVE-2020-10638 |
8.1 |
2020-05-08 |
|
Advantech WebAccess/SCADA BwTCPIP Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-619 |
ZDI-CAN-10025 |
Advantech |
CVE-2020-12002 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA BacNetDrvJ Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-618 |
ZDI-CAN-9891 |
Advantech |
CVE-2020-10638 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA BwWebSvc IOCTL 0x00013c84 Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-617 |
ZDI-CAN-9890 |
Advantech |
CVE-2020-10638 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA BwWebSvc IOCTL 0x00013c7b Integer Overflow Remote Code Execution Vulnerability |
| ZDI-20-616 |
ZDI-CAN-9889 |
Advantech |
CVE-2020-10638 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA BwWebSvc IOCTL 0x00013c77 Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-615 |
ZDI-CAN-9884 |
Advantech |
CVE-2020-12014 |
7.5 |
2020-05-08 |
|
Advantech WebAccess/SCADA BwWebSvc IOCTL 0x00013c76 IOCTL 0x00013c77 SQL Injection Information Disclosure Vulnerability |
| ZDI-20-614 |
ZDI-CAN-9883 |
Advantech |
CVE-2020-12014 |
7.5 |
2020-05-08 |
|
Advantech WebAccess/SCADA BwWebSvc IOCTL 0x00013c74 IOCTL 0x00013c75 SQL Injection Information Disclosure Vulnerability |
| ZDI-20-613 |
ZDI-CAN-9882 |
Advantech |
CVE-2020-12014 |
7.5 |
2020-05-08 |
|
Advantech WebAccess/SCADA BwWebSvc IOCTL 0x00013c71 SQL Injection Information Disclosure Vulnerability |
| ZDI-20-612 |
ZDI-CAN-9948 |
Advantech |
|
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA DATACORE IOCTL 0x5218 Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-611 |
ZDI-CAN-9947 |
Advantech |
|
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA DATACORE IOCTL 0x521B Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-610 |
ZDI-CAN-9941 |
Advantech |
|
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA DATACORE IOCTL 0x520B Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-609 |
ZDI-CAN-9939 |
Advantech |
|
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA DATACORE IOCTL 0x5213 Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-608 |
ZDI-CAN-9938 |
Advantech |
|
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA DATACORE IOCTL 0x5208 Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-607 |
ZDI-CAN-9936 |
Advantech |
|
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA DATACORE IOCTL 0x5209 Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-606 |
ZDI-CAN-9935 |
Advantech |
|
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA DATACORE IOCTL 0x520B Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-605 |
ZDI-CAN-9901 |
Advantech |
CVE-2020-12006 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA DrawSrv IOCTL 0x00002711 Command Injection Remote Code Execution Vulnerability |
| ZDI-20-604 |
ZDI-CAN-9898 |
Advantech |
CVE-2020-10638 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA DrawSrv IOCTL 0x00002774 Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-603 |
ZDI-CAN-9897 |
Advantech |
CVE-2020-10638 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA DrawSrv IOCTL 0x00002723 Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-602 |
ZDI-CAN-9895 |
Advantech |
CVE-2020-10638 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA DrawSrv IOCTL 0x00002775 Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-601 |
ZDI-CAN-9998 |
Advantech |
CVE-2020-10638 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA DATACORE IOCTL 0x0000791d Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-600 |
ZDI-CAN-9997 |
Advantech |
CVE-2020-10638 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA DATACORE IOCTL 0x0000791e Integer Overflow Remote Code Execution Vulnerability |
| ZDI-20-599 |
ZDI-CAN-9994 |
Advantech |
CVE-2020-10638 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA DATACORE IOCTL 0x0000791c Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-598 |
ZDI-CAN-9988 |
Advantech |
CVE-2020-12022 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA DATACORE IOCTL 0x0000521e Improper Validation of Array Index Remote Code Execution Vulnerability |
| ZDI-20-597 |
ZDI-CAN-9985 |
Advantech |
CVE-2020-10638 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA DATACORE IOCTL 0x00005226 Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-596 |
ZDI-CAN-9908 |
Advantech |
CVE-2020-10638 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA ViewSrv IOCTL 0x00002775 Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-595 |
ZDI-CAN-9905 |
Advantech |
CVE-2020-12006 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA ViewSrv IOCTL 0x00002711 Command Injection Remote Code Execution Vulnerability |
| ZDI-20-594 |
ZDI-CAN-9904 |
Advantech |
CVE-2020-10638 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA ViewSrv IOCTL 0x00002774 Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-593 |
ZDI-CAN-9902 |
Advantech |
CVE-2020-10638 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA ViewSrv IOCTL 0x00002723 Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-592 |
ZDI-CAN-9906 |
Advantech |
CVE-2020-12002 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA DATACORE IOCTL 0x00005227 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-591 |
ZDI-CAN-9996 |
Advantech |
CVE-2020-12002 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA DATACORE IOCTL 0x0000791e Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-590 |
ZDI-CAN-9987 |
Advantech |
CVE-2020-12002 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA DATACORE IOCTL 0x00005241 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-589 |
ZDI-CAN-9995 |
Advantech |
CVE-2020-12006 |
9.8 |
2020-05-08 |
|
Advantech WebAccess/SCADA DATACORE IOCTL 0x0000791e Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-588 |
ZDI-CAN-10377 |
Schneider Electric |
CVE-2020-10626 |
7.8 |
2020-05-06 |
|
Schneider Electric EcoStruxure IT Gateway Improper Access Control Privilege Escalation Vulnerability |
| ZDI-20-587 |
ZDI-CAN-9859 |
Apple |
CVE-2020-3915 |
7.8 |
2020-05-06 |
|
Apple macOS printtool Daemon Improper Input Validation Privilege Escalation Vulnerability |
| ZDI-20-586 |
ZDI-CAN-9973 |
Trading Technologies |
|
9.8 |
2020-05-06 |
|
Trading Technologies X_TRADER remove_park Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-585 |
ZDI-CAN-9972 |
Trading Technologies |
|
9.8 |
2020-05-06 |
|
Trading Technologies X_TRADER disconnect_proxy_site Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-584 |
ZDI-CAN-9971 |
Trading Technologies |
|
9.8 |
2020-05-06 |
|
Trading Technologies X_TRADER block_proxy_site Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-583 |
ZDI-CAN-9970 |
Trading Technologies |
|
9.8 |
2020-05-06 |
|
Trading Technologies X_TRADER unblock_proxy_site Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-582 |
ZDI-CAN-10783 |
Oracle |
CVE-2020-2575 |
7.8 |
2020-04-30 |
|
(Pwn2Own) Oracle VirtualBox OHCI Uninitialized Variable Privilege Escalation Vulnerability |
| ZDI-20-581 |
ZDI-CAN-10782 |
Oracle |
CVE-2020-2894 |
5.5 |
2020-04-30 |
|
(Pwn2Own) Oracle VirtualBox E1000 IP Checksum Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-580 |
ZDI-CAN-10035 |
Adobe |
CVE-2020-9568 |
7.8 |
2020-04-30 |
|
Adobe Bridge DCM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-20-579 |
ZDI-CAN-10090 |
Adobe |
CVE-2020-3765 |
7.8 |
2020-04-30 |
2020-07-20 |
Adobe After Effects MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-578 |
ZDI-CAN-10402 |
Microsoft |
CVE-2020-0744 |
3.3 |
2020-04-30 |
|
Microsoft Windows user32 DIB Scaling Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-577 |
ZDI-CAN-10321 |
LAquis |
CVE-2020-10622 |
5.5 |
2020-04-30 |
|
LAquis SCADA LGX File Insufficient UI Warning Information Disclosure Vulnerability |
| ZDI-20-576 |
ZDI-CAN-10320 |
LAquis |
CVE-2020-10622 |
5.5 |
2020-04-30 |
|
LAquis SCADA LGX File Insufficient UI Warning Information Disclosure Vulnerability |
| ZDI-20-575 |
ZDI-CAN-10319 |
LAquis |
CVE-2020-10618 |
7.8 |
2020-04-30 |
|
LAquis SCADA LGX File Insufficient UI Warning Arbitrary File Creation Vulnerability |
| ZDI-20-574 |
ZDI-CAN-10316 |
LAquis |
CVE-2020-10618 |
7.8 |
2020-04-30 |
|
LAquis SCADA LGX File Insufficient UI Warning Arbitrary File Creation Vulnerability |
| ZDI-20-573 |
ZDI-CAN-10197 |
LAquis |
CVE-2020-10618 |
7.8 |
2020-04-30 |
|
LAquis SCADA LGX File Insufficient UI Warning Arbitrary File Creation Vulnerability |
| ZDI-20-572 |
ZDI-CAN-10318 |
LAquis |
CVE-2020-10618 |
7.8 |
2020-04-30 |
|
LAquis SCADA LGX File Insufficient UI Warning Arbitrary File Creation Vulnerability |
| ZDI-20-571 |
ZDI-CAN-10317 |
LAquis |
CVE-2020-10618 |
7.8 |
2020-04-30 |
|
LAquis SCADA LGX File Insufficient UI Warning Arbitrary File Creation Vulnerability |
| ZDI-20-570 |
ZDI-CAN-10492 |
Oracle |
CVE-2020-2883 |
9.8 |
2020-04-30 |
|
Oracle WebLogic Server T3 Protocol Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-569 |
ZDI-CAN-10018 |
Adobe |
CVE-2020-9553 |
3.3 |
2020-04-30 |
|
Adobe Bridge TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-568 |
ZDI-CAN-10048 |
Adobe |
CVE-2020-9565 |
7.8 |
2020-04-28 |
|
Adobe Bridge PostScript callothersubr Command Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-567 |
ZDI-CAN-10066 |
Adobe |
CVE-2020-9567 |
3.3 |
2020-04-28 |
|
Adobe Bridge TTF File Parsing Use-After-Free Information Disclosure Vulnerability |
| ZDI-20-566 |
ZDI-CAN-10067 |
Adobe |
CVE-2020-9554 |
7.8 |
2020-04-28 |
|
Adobe Bridge GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-565 |
ZDI-CAN-10052 |
Adobe |
CVE-2020-9555 |
7.8 |
2020-04-28 |
2021-03-02 |
Adobe Bridge EPS BoundingBox Element Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-564 |
ZDI-CAN-10049 |
Adobe |
CVE-2020-9556 |
7.8 |
2020-04-28 |
2021-03-02 |
Adobe Bridge PostScript put Command Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-563 |
ZDI-CAN-10040 |
Adobe |
CVE-2020-9557 |
7.8 |
2020-04-28 |
|
Adobe Bridge PostScript blend Command Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-562 |
ZDI-CAN-10041 |
Adobe |
CVE-2020-9558 |
3.3 |
2020-04-28 |
|
Adobe Bridge PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-561 |
ZDI-CAN-10042 |
Adobe |
CVE-2020-9560 |
7.8 |
2020-04-28 |
|
Adobe Bridge PostScript drop Command Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-560 |
ZDI-CAN-10043 |
Adobe |
CVE-2020-9559 |
7.8 |
2020-04-28 |
|
Adobe Bridge PostScript load Command Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-559 |
ZDI-CAN-10044 |
Adobe |
CVE-2020-9561 |
7.8 |
2020-04-28 |
|
Adobe Bridge PostScript callothersubr Command Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-558 |
ZDI-CAN-10045 |
Adobe |
CVE-2020-9562 |
7.8 |
2020-04-28 |
|
Adobe Bridge PCX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-557 |
ZDI-CAN-10046 |
Adobe |
CVE-2020-9563 |
7.8 |
2020-04-28 |
|
Adobe Bridge PostScript CharString Directory Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-556 |
ZDI-CAN-10047 |
Adobe |
CVE-2020-9564 |
7.8 |
2020-04-28 |
|
Adobe Bridge PostScript hsbw Command Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-555 |
ZDI-CAN-10109 |
Adobe |
CVE-2020-9569 |
7.8 |
2020-04-28 |
|
Adobe Bridge TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-554 |
ZDI-CAN-10094 |
Adobe |
CVE-2020-9566 |
7.8 |
2020-04-28 |
|
Adobe Bridge PostScript File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-553 |
ZDI-CAN-10003 |
TP-Link |
CVE-2020-10916 |
8.0 |
2020-04-28 |
|
TP-Link TL-WA855RE login.json Improper Authentication Privilege Escalation Vulnerability |
| ZDI-20-552 |
ZDI-CAN-10378 |
Microsoft |
CVE-2020-0744 |
3.3 |
2020-04-23 |
|
Microsoft Windows gdi32full StretchDIBitsImpl Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-551 |
ZDI-CAN-10410 |
Oracle |
CVE-2020-2911 |
7.5 |
2020-04-20 |
|
Oracle VirtualBox vmsvga3dSetLightData Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-20-550 |
ZDI-CAN-10096 |
Oracle |
CVE-2020-2701 |
7.5 |
2020-04-20 |
2021-03-02 |
Oracle VirtualBox xHCI Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-20-549 |
ZDI-CAN-10301 |
Triangle MicroWorks |
CVE-2020-10611 |
9.8 |
2020-04-16 |
|
(Pwn2Own) Triangle MicroWorks SCADA Data Gateway DNP3 Type Confusion Remote Code Execution Vulnerability |
| ZDI-20-548 |
ZDI-CAN-10300 |
Triangle MicroWorks |
CVE-2020-10613 |
5.3 |
2020-04-16 |
|
(Pwn2Own) Triangle MicroWorks SCADA Data Gateway DNP3 Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-547 |
ZDI-CAN-10266 |
Triangle MicroWorks |
CVE-2020-10615 |
9.8 |
2020-04-16 |
2020-04-16 |
(Pwn2Own) Triangle Microworks SCADA Data Gateway DNP3 GET_FILE_INFO Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-546 |
ZDI-CAN-10401 |
Veeam |
CVE-2020-10915 |
9.8 |
2020-04-16 |
2020-05-14 |
Veeam ONE HandshakeResult Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-545 |
ZDI-CAN-10400 |
Veeam |
CVE-2020-10914 |
9.8 |
2020-04-16 |
2020-05-14 |
Veeam ONE PerformHandshake Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-544 |
ZDI-CAN-9604 |
Cisco |
CVE-2020-3249 |
8.2 |
2020-04-16 |
|
Cisco UCS Director saveWindowsNetworkConfig Directory Traversal Denial-of-Service Vulnerability |
| ZDI-20-543 |
ZDI-CAN-9596 |
Cisco |
CVE-2020-3248 |
9.8 |
2020-04-16 |
|
Cisco UCS Director saveStaticConfig Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-542 |
ZDI-CAN-9565 |
Cisco |
CVE-2020-3240 |
9.8 |
2020-04-16 |
|
Cisco UCS Director ScriptModuleAddJarPage Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-541 |
ZDI-CAN-9593 |
Cisco |
CVE-2020-3247 |
9.8 |
2020-04-16 |
|
Cisco UCS Director CopyFileRunnable run Symlink Following Remote Code Execution Vulnerability |
| ZDI-20-540 |
ZDI-CAN-9559 |
Cisco |
CVE-2020-3243 |
9.8 |
2020-04-16 |
|
Cisco UCS Director isEnableRestKeyAccessCheckForUser Authentication Bypass Vulnerability |
| ZDI-20-539 |
ZDI-CAN-9586 |
Cisco |
CVE-2020-3239 |
9.8 |
2020-04-16 |
|
Cisco UCS Director ApplianceStorageUtil unzip Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-538 |
ZDI-CAN-9557 |
Cisco |
CVE-2020-3250 |
7.5 |
2020-04-16 |
|
Cisco UCS Director downloadFile Directory Traversal Information Disclosure Vulnerability |
| ZDI-20-537 |
ZDI-CAN-9644 |
Amazon |
|
8.8 |
2020-04-16 |
|
(Pwn2Own) Amazon Echo Show Integer Overflow Remote Code Execution Vulnerability |
| ZDI-20-536 |
ZDI-CAN-10295 |
OPC Foundation |
CVE-2020-8867 |
5.3 |
2020-04-16 |
2021-06-29 |
(Pwn2Own) OPC Foundation UA .NET Standard CreateSessionRequest Race Condition Denial-of-Service Vulnerability |
| ZDI-20-535 |
ZDI-CAN-10650 |
Foxit |
CVE-2020-10907 |
7.8 |
2020-04-16 |
|
Foxit Reader XFA Widget Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-534 |
ZDI-CAN-10614 |
Foxit |
CVE-2020-10906 |
7.8 |
2020-04-16 |
|
Foxit Reader resetForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-533 |
ZDI-CAN-10568 |
Foxit |
CVE-2020-10905 |
3.3 |
2020-04-16 |
|
Foxit PhantomPDF U3D File Parsing vertex Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-532 |
ZDI-CAN-10464 |
Foxit |
CVE-2020-10904 |
7.8 |
2020-04-16 |
|
Foxit PhantomPDF U3DBrowser U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-531 |
ZDI-CAN-10463 |
Foxit |
CVE-2020-10903 |
3.3 |
2020-04-16 |
|
Foxit PhantomPDF U3DBrowser U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-530 |
ZDI-CAN-10462 |
Foxit |
CVE-2020-10902 |
7.8 |
2020-04-16 |
|
Foxit PhantomPDF U3DBrowser U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-529 |
ZDI-CAN-10461 |
Foxit |
CVE-2020-10901 |
3.3 |
2020-04-16 |
|
Foxit PhantomPDF U3DBrowser U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-528 |
ZDI-CAN-10142 |
Foxit |
CVE-2020-10900 |
7.8 |
2020-04-16 |
|
Foxit Reader AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-527 |
ZDI-CAN-10132 |
Foxit |
CVE-2020-10899 |
7.8 |
2020-04-16 |
|
Foxit Reader XFA Template Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-526 |
ZDI-CAN-10195 |
Foxit |
CVE-2020-10898 |
7.8 |
2020-04-16 |
|
Foxit PhantomPDF U3DBrowser U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-525 |
ZDI-CAN-10193 |
Foxit |
CVE-2020-10897 |
7.8 |
2020-04-16 |
|
Foxit PhantomPDF U3DBrowser U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-524 |
ZDI-CAN-10192 |
Foxit |
CVE-2020-10896 |
7.8 |
2020-04-16 |
|
Foxit PhantomPDF U3DBrowser U3D File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-523 |
ZDI-CAN-10191 |
Foxit |
CVE-2020-10895 |
7.8 |
2020-04-16 |
|
Foxit PhantomPDF U3DBrowser U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-522 |
ZDI-CAN-10190 |
Foxit |
CVE-2020-10894 |
3.3 |
2020-04-16 |
|
Foxit PhantomPDF U3DBrowser U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-521 |
ZDI-CAN-10189 |
Foxit |
CVE-2020-10893 |
7.8 |
2020-04-16 |
|
Foxit PhantomPDF U3DBrowser U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-520 |
ZDI-CAN-9946 |
Foxit |
CVE-2020-10913 |
7.8 |
2020-04-16 |
|
Foxit PhantomPDF OCRAndExportToExcel Type Confusion Remote Code Execution Vulnerability |
| ZDI-20-519 |
ZDI-CAN-9945 |
Foxit |
CVE-2020-10912 |
7.8 |
2020-04-16 |
|
Foxit PhantomPDF SetFieldValue Type Confusion Remote Code Execution Vulnerability |
| ZDI-20-518 |
ZDI-CAN-9944 |
Foxit |
CVE-2020-10911 |
7.8 |
2020-04-16 |
|
Foxit PhantomPDF GetFieldValue Type Confusion Remote Code Execution Vulnerability |
| ZDI-20-517 |
ZDI-CAN-9943 |
Foxit |
CVE-2020-10910 |
7.8 |
2020-04-16 |
|
Foxit PhantomPDF RotatePage Type Confusion Remote Code Execution Vulnerability |
| ZDI-20-516 |
ZDI-CAN-9942 |
Foxit |
CVE-2020-10909 |
7.8 |
2020-04-16 |
|
Foxit PhantomPDF AddWatermark Type Confusion Remote Code Execution Vulnerability |
| ZDI-20-515 |
ZDI-CAN-9865 |
Foxit |
CVE-2020-10908 |
7.8 |
2020-04-16 |
|
Foxit PhantomPDF Export Type Confusion Remote Code Execution Vulnerability |
| ZDI-20-514 |
ZDI-CAN-9831 |
Foxit |
CVE-2020-10891 |
7.8 |
2020-04-16 |
|
Foxit PhantomPDF Save Type Confusion Remote Code Execution Vulnerability |
| ZDI-20-513 |
ZDI-CAN-9830 |
Foxit |
CVE-2020-10892 |
7.8 |
2020-04-16 |
|
Foxit PhantomPDF CombineFiles Arbitrary File Write Remote Code Execution Vulnerability |
| ZDI-20-512 |
ZDI-CAN-9829 |
Foxit |
CVE-2020-10890 |
7.8 |
2020-04-16 |
|
Foxit PhantomPDF ConvertToPDF Arbitrary File Write Remote Code Execution Vulnerability |
| ZDI-20-511 |
ZDI-CAN-9828 |
Foxit |
CVE-2020-10889 |
7.8 |
2020-04-16 |
|
Foxit PhantomPDF DuplicatePages Type Confusion Remote Code Execution Vulnerability |
| ZDI-20-510 |
ZDI-CAN-10742 |
Oracle |
CVE-2020-2907 |
7.5 |
2020-04-16 |
|
Oracle VirtualBox VBoxSVGA Type Confusion Privilege Escalation Vulnerability |
| ZDI-20-509 |
ZDI-CAN-10719 |
Oracle |
CVE-2020-2907 |
7.5 |
2020-04-16 |
|
Oracle VirtualBox VBoxSVGA Type Confusion Privilege Escalation Vulnerability |
| ZDI-20-508 |
ZDI-CAN-10416 |
Oracle |
CVE-2020-2929 |
7.8 |
2020-04-16 |
|
Oracle VirtualBox SLiRP Networking Out-Of-Bounds Access Remote Code Execution Vulnerability |
| ZDI-20-507 |
ZDI-CAN-10423 |
Oracle |
CVE-2020-2758 |
8.2 |
2020-04-16 |
|
Oracle VirtualBox VBoxVGA VBoxVHWASurfaceBase Use-After-Free Privilege Escalation Vulnerability |
| ZDI-20-506 |
ZDI-CAN-10422 |
Oracle |
CVE-2020-2748 |
3.2 |
2020-04-16 |
|
Oracle VirtualBox vmsvgaR3FifoUpdateCursor Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-505 |
ZDI-CAN-9334 |
Oracle |
CVE-2020-2950 |
9.8 |
2020-04-16 |
|
Oracle Business Intelligence AMF Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-504 |
ZDI-CAN-10341 |
Oracle |
CVE-2020-2883 |
9.8 |
2020-04-16 |
|
Oracle WebLogic Server T3 Protocol Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-503 |
ZDI-CAN-10466 |
Oracle |
CVE-2020-2956 |
8.1 |
2020-04-16 |
|
Oracle E-Business Suite Human Resources Organization Hierarchy Viewer PosServer SQL Injection Privilege Escalation Vulnerability |
| ZDI-20-502 |
ZDI-CAN-10465 |
Oracle |
CVE-2020-2882 |
8.1 |
2020-04-16 |
|
Oracle E-Business Suite Human Resources Organization Hierarchy Viewer OrgServer SQL Injection Privilege Escalation Vulnerability |
| ZDI-20-501 |
ZDI-CAN-10179 |
Oracle |
CVE-2020-2908 |
7.5 |
2020-04-16 |
2021-03-02 |
Oracle VirtualBox Virtual USB Numeric Truncation Privilege Escalation Vulnerability |
| ZDI-20-500 |
ZDI-CAN-10023 |
Oracle |
CVE-2020-2743 |
6.0 |
2020-04-16 |
2021-03-02 |
Oracle VirtualBox xHCI Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-499 |
ZDI-CAN-10022 |
Oracle |
CVE-2020-2742 |
8.2 |
2020-04-16 |
2021-03-02 |
Oracle VirtualBox xHCI Integer Overflow Privilege Escalation Vulnerability |
| ZDI-20-498 |
ZDI-CAN-9113 |
Oracle |
CVE-2020-2741 |
6.0 |
2020-04-16 |
|
Oracle VirtualBox shader_glsl_get_register_name Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-497 |
ZDI-CAN-9960 |
Oracle |
CVE-2020-2902 |
8.8 |
2020-04-16 |
|
Oracle VirtualBox D3D9 Shader Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-496 |
ZDI-CAN-9402 |
Intel |
CVE-2020-0557 |
8.8 |
2020-04-15 |
2021-06-29 |
Intel Wi-Fi Link Driver Netwtw06 Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-495 |
ZDI-CAN-9376 |
Intel |
CVE-2020-0558 |
8.8 |
2020-04-15 |
2021-06-29 |
Intel Wi-Fi Link Driver Netwtw06 Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-494 |
ZDI-CAN-9277 |
Intel |
CVE-2020-0558 |
8.8 |
2020-04-15 |
|
Intel Wi-Fi Link Driver Netwtw04 Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-493 |
ZDI-CAN-10473 |
Eaton |
CVE-2020-10637 |
3.3 |
2020-04-15 |
|
Eaton HMiSoft VU3 File Parsing wTextLen Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-492 |
ZDI-CAN-10417 |
Eaton |
CVE-2020-10637 |
3.3 |
2020-04-15 |
|
Eaton HMiSoft VU3 File Parsing wDescribeLen Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-491 |
ZDI-CAN-10421 |
Eaton |
CVE-2020-10637 |
3.3 |
2020-04-15 |
|
Eaton HMiSoft VU3 File Parsing Giffile Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-490 |
ZDI-CAN-10411 |
Eaton |
CVE-2020-10637 |
3.3 |
2020-04-15 |
|
Eaton HMiSoft VU3 File Parsing Base64TextLen Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-489 |
ZDI-CAN-10340 |
Eaton |
CVE-2020-10639 |
7.8 |
2020-04-15 |
|
Eaton HMiSoft VU3 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-488 |
ZDI-CAN-10167 |
Eaton |
CVE-2020-10639 |
7.8 |
2020-04-15 |
|
Eaton HMiSoft VU3 File Parsing LinkSize Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-487 |
ZDI-CAN-10166 |
Eaton |
CVE-2020-10639 |
7.8 |
2020-04-15 |
|
Eaton HMiSoft VU3 File Parsing LinkSize Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-486 |
ZDI-CAN-10165 |
Eaton |
CVE-2020-10639 |
7.8 |
2020-04-15 |
|
Eaton HMiSoft VU3 File Parsing GifName Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-485 |
ZDI-CAN-10164 |
Eaton |
CVE-2020-10639 |
7.8 |
2020-04-15 |
|
Eaton HMiSoft VU3 File Parsing wTitleTextLen Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-484 |
ZDI-CAN-10162 |
Eaton |
CVE-2020-10639 |
7.8 |
2020-04-15 |
|
Eaton HMiSoft VU3 File Parsing wMailBlindCopyToLen Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-483 |
ZDI-CAN-10161 |
Eaton |
CVE-2020-10639 |
7.8 |
2020-04-15 |
|
Eaton HMiSoft VU3 File Parsing wMessageLen Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-482 |
ZDI-CAN-10160 |
Eaton |
CVE-2020-10639 |
7.8 |
2020-04-15 |
|
Eaton HMiSoft VU3 File Parsing wMailToLen Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-481 |
ZDI-CAN-10159 |
Eaton |
CVE-2020-10639 |
7.8 |
2020-04-15 |
|
Eaton HMiSoft VU3 File Parsing wMailCopyToLen Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-480 |
ZDI-CAN-10158 |
Eaton |
CVE-2020-10639 |
7.8 |
2020-04-15 |
|
Eaton HMiSoft VU3 File Parsing wMailContentLen Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-479 |
ZDI-CAN-10157 |
Eaton |
CVE-2020-10639 |
7.8 |
2020-04-15 |
|
Eaton HMiSoft VU3 File Parsing wTextLen Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-478 |
ZDI-CAN-10153 |
Eaton |
CVE-2020-10639 |
7.8 |
2020-04-15 |
|
Eaton HMiSoft VU3 File Parsing wTDateLen Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-477 |
ZDI-CAN-10152 |
Eaton |
CVE-2020-10639 |
7.8 |
2020-04-15 |
|
Eaton HMiSoft VU3 File Parsing wTTimeLen Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-476 |
ZDI-CAN-10151 |
Eaton |
CVE-2020-10639 |
7.8 |
2020-04-15 |
|
Eaton HMiSoft VU3 File Parsing wKPFStringLen Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-475 |
ZDI-CAN-10163 |
Eaton |
CVE-2020-10639 |
7.8 |
2020-04-15 |
|
Eaton HMiSoft VU3 File Parsing wKPFStringLen Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-474 |
ZDI-CAN-10150 |
Eaton |
CVE-2020-10639 |
7.8 |
2020-04-15 |
|
Eaton HMiSoft VU3 File Parsing wTitleLen Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-473 |
ZDI-CAN-10149 |
Eaton |
CVE-2020-10639 |
7.8 |
2020-04-15 |
|
Eaton HMiSoft VU3 File Parsing wKPFString Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-472 |
ZDI-CAN-10148 |
Eaton |
CVE-2020-10639 |
7.8 |
2020-04-15 |
|
Eaton HMiSoft VU3 File Parsing LinkSize Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-471 |
ZDI-CAN-10145 |
Eaton |
CVE-2020-10639 |
7.8 |
2020-04-15 |
|
Eaton HMiSoft VU3 File Parsing wTextLen Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-470 |
ZDI-CAN-10638 |
Microsoft |
CVE-2020-0906 |
7.8 |
2020-04-15 |
|
Microsoft Excel XLS File Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-469 |
ZDI-CAN-10140 |
Microsoft |
CVE-2020-0906 |
3.3 |
2020-04-15 |
|
Microsoft Excel XLSM File Use-After-Free Information Disclosure Vulnerability |
| ZDI-20-468 |
ZDI-CAN-10027 |
Microsoft |
CVE-2020-0932 |
8.8 |
2020-04-15 |
2020-10-27 |
Microsoft SharePoint TypeConverter Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-467 |
ZDI-CAN-10403 |
Microsoft |
CVE-2020-0821 |
3.3 |
2020-04-15 |
|
Microsoft Windows user32 Icon Extraction Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-466 |
ZDI-CAN-10054 |
Microsoft |
CVE-2020-0953 |
7.8 |
2020-04-15 |
|
Microsoft Windows JET Database Engine Memory Corruption Remote Code Execution Vulnerability |
| ZDI-20-465 |
ZDI-CAN-10089 |
Microsoft |
CVE-2020-0931 |
8.8 |
2020-04-15 |
|
Microsoft SharePoint Scorecards Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-464 |
ZDI-CAN-10062 |
Microsoft |
CVE-2020-0960 |
7.8 |
2020-04-15 |
|
Microsoft Windows JET Database Engine Memory Corruption Remote Code Execution Vulnerability |
| ZDI-20-463 |
ZDI-CAN-10061 |
Microsoft |
CVE-2020-0959 |
7.8 |
2020-04-15 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-462 |
ZDI-CAN-10058 |
Microsoft |
CVE-2020-0953 |
7.8 |
2020-04-15 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-461 |
ZDI-CAN-10063 |
Microsoft |
CVE-2020-0992 |
7.8 |
2020-04-15 |
|
Microsoft Windows JET Database Engine Memory Corruption Remote Code Execution Vulnerability |
| ZDI-20-460 |
ZDI-CAN-9968 |
Microsoft |
CVE-2020-0992 |
7.0 |
2020-04-15 |
|
Microsoft Windows JET Database Engine Integer Underflow Remote Code Execution Vulnerability |
| ZDI-20-459 |
ZDI-CAN-9934 |
Microsoft |
CVE-2020-0956 |
8.8 |
2020-04-15 |
|
Microsoft Windows Palette Object Use-After-Free Privilege Escalation Vulnerability |
| ZDI-20-458 |
ZDI-CAN-10057 |
Microsoft |
CVE-2020-0988 |
7.8 |
2020-04-15 |
|
Microsoft Windows JET Database Engine Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-457 |
ZDI-CAN-10059 |
Microsoft |
CVE-2020-0994 |
7.8 |
2020-04-15 |
|
Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-456 |
ZDI-CAN-9748 |
Microsoft |
CVE-2020-0821 |
3.3 |
2020-04-15 |
|
Microsoft Windows KERNELBASE Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-455 |
ZDI-CAN-10068 |
Adobe |
CVE-2020-3809 |
3.3 |
2020-04-15 |
|
Adobe After Effects TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-454 |
ZDI-CAN-10137 |
Fuji Electric |
|
7.8 |
2020-04-09 |
|
Fuji Electric V-Server Lite VPR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-453 |
ZDI-CAN-10138 |
Fuji Electric |
|
7.8 |
2020-04-09 |
|
Fuji Electric V-Server Lite VPR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-452 |
ZDI-CAN-10120 |
Fuji Electric |
CVE-2020-10646 |
7.8 |
2020-04-09 |
|
Fuji Electric V-Server Lite VPR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-451 |
ZDI-CAN-10119 |
Fuji Electric |
CVE-2020-10646 |
7.8 |
2020-04-09 |
|
Fuji Electric V-Server Lite VPR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-450 |
ZDI-CAN-10176 |
Advantech |
CVE-2020-12010 |
8.2 |
2020-04-08 |
|
(0Day) Advantech WebAccess IOCTL 0x2738 Arbitrary File Deletion Vulnerability |
| ZDI-20-449 |
ZDI-CAN-10174 |
Advantech |
CVE-2020-12010 |
8.2 |
2020-04-08 |
|
(0Day) Advantech WebAccess IOCTL 0x2711 BwFLApp Arbitrary File Deletion Vulnerability |
| ZDI-20-448 |
ZDI-CAN-10173 |
Advantech |
CVE-2020-12010 |
8.2 |
2020-04-08 |
|
(0Day) Advantech WebAccess IOCTL 0x2711 BwPSLink Arbitrary File Deletion Vulnerability |
| ZDI-20-447 |
ZDI-CAN-10170 |
Advantech |
CVE-2020-12010 |
8.2 |
2020-04-08 |
|
(0Day) Advantech WebAccess IOCTL 0x2711 BwPFile Arbitrary File Deletion Vulnerability |
| ZDI-20-446 |
ZDI-CAN-10175 |
Advantech |
CVE-2020-12010 |
8.2 |
2020-04-08 |
|
(0Day) Advantech WebAccess webvrpc IOCTL 0x2715 Arbitrary File Deletion Vulnerability |
| ZDI-20-445 |
ZDI-CAN-9827 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS addLinkMonitor SQL Injection Information Disclosure Vulnerability |
| ZDI-20-444 |
ZDI-CAN-9826 |
Advantech |
CVE-2020-10603 |
8.8 |
2020-04-08 |
|
Advantech WebAccess/NMS DatabaseMgmtResource OS Command Injection Remote Code Execution Vulnerability |
| ZDI-20-443 |
ZDI-CAN-9825 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS getTrunkNumber SQL Injection Information Disclosure Vulnerability |
| ZDI-20-442 |
ZDI-CAN-9824 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-441 |
ZDI-CAN-9823 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-440 |
ZDI-CAN-9822 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-439 |
ZDI-CAN-9821 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-438 |
ZDI-CAN-9820 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-437 |
ZDI-CAN-9819 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-436 |
ZDI-CAN-9818 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-435 |
ZDI-CAN-9817 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-434 |
ZDI-CAN-9816 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-433 |
ZDI-CAN-9815 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-432 |
ZDI-CAN-9814 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-431 |
ZDI-CAN-9813 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-430 |
ZDI-CAN-9812 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-429 |
ZDI-CAN-9810 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-428 |
ZDI-CAN-9807 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-427 |
ZDI-CAN-9806 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-426 |
ZDI-CAN-9805 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-425 |
ZDI-CAN-9804 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-424 |
ZDI-CAN-9803 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-423 |
ZDI-CAN-9802 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-422 |
ZDI-CAN-9801 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-421 |
ZDI-CAN-9800 |
Advantech |
CVE-2020-10623 |
6.5 |
2020-04-08 |
|
Advantech WebAccess/NMS setDevicechoose SQL Injection Information Disclosure Vulnerability |
| ZDI-20-420 |
ZDI-CAN-9799 |
Advantech |
CVE-2020-10623 |
6.5 |
2020-04-08 |
|
Advantech WebAccess/NMS getFWUpgradeInfo SQL Injection Information Disclosure Vulnerability |
| ZDI-20-419 |
ZDI-CAN-9793 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-418 |
ZDI-CAN-9778 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-417 |
ZDI-CAN-9777 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-416 |
ZDI-CAN-9776 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-415 |
ZDI-CAN-9775 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-414 |
ZDI-CAN-9769 |
Advantech |
CVE-2020-10625 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS UsersInputAction Missing Authentication for Critical Function Authentication Bypass Vulnerability |
| ZDI-20-413 |
ZDI-CAN-9764 |
Advantech |
CVE-2020-10623 |
6.5 |
2020-04-08 |
|
Advantech WebAccess/NMS getSyslogUiList SQL Injection Information Disclosure Vulnerability |
| ZDI-20-412 |
ZDI-CAN-9765 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DeviceData Performance SQL Injection Information Disclosure Vulnerability |
| ZDI-20-411 |
ZDI-CAN-9760 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS MibBrowser SQL Injection Information Disclosure Vulnerability |
| ZDI-20-410 |
ZDI-CAN-9759 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS MibBrowser SQL Injection Information Disclosure Vulnerability |
| ZDI-20-409 |
ZDI-CAN-9701 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS single-vlan-info SQL Injection Information Disclosure Vulnerability |
| ZDI-20-408 |
ZDI-CAN-9700 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-407 |
ZDI-CAN-9699 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-406 |
ZDI-CAN-9693 |
Advantech |
CVE-2020-10621 |
9.8 |
2020-04-08 |
|
Advantech WebAccess/NMS ProfileResource Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-20-405 |
ZDI-CAN-9692 |
Advantech |
CVE-2020-10621 |
9.8 |
2020-04-08 |
|
Advantech WebAccess/NMS DBBackupResource Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-20-404 |
ZDI-CAN-9629 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-403 |
ZDI-CAN-9628 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-402 |
ZDI-CAN-9627 |
Advantech |
CVE-2020-10621 |
9.8 |
2020-04-08 |
|
Advantech WebAccess/NMS ConfigRestoreAction Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-20-401 |
ZDI-CAN-9623 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-400 |
ZDI-CAN-9614 |
Advantech |
CVE-2020-10621 |
9.8 |
2020-04-08 |
|
Advantech WebAccess/NMS DBBackupRestoreAction Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-20-399 |
ZDI-CAN-9613 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-398 |
ZDI-CAN-9605 |
Advantech |
|
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS AccesslogAction SQL Injection Information Disclosure Vulnerability |
| ZDI-20-397 |
ZDI-CAN-9602 |
Advantech |
CVE-2020-10621 |
9.8 |
2020-04-08 |
|
Advantech WebAccess/NMS SupportDeviceaddAction Arbitrary File Upload Remote Code Execution Vulnerability |
| ZDI-20-396 |
ZDI-CAN-9601 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-395 |
ZDI-CAN-9589 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-394 |
ZDI-CAN-9588 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability |
| ZDI-20-393 |
ZDI-CAN-9587 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS forcedScanDevice SQL Injection Information Disclosure Vulnerability |
| ZDI-20-392 |
ZDI-CAN-9585 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS FwStatusReportAction SQL Injection Information Disclosure Vulnerability |
| ZDI-20-391 |
ZDI-CAN-9584 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS FwStatusReportAction SQL Injection Information Disclosure Vulnerability |
| ZDI-20-390 |
ZDI-CAN-9583 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS TopogroupeditAction SQL Injection Information Disclosure Vulnerability |
| ZDI-20-389 |
ZDI-CAN-9582 |
Advantech |
CVE-2020-10621 |
9.8 |
2020-04-08 |
|
Advantech WebAccess/NMS FwUpgradeAction Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-20-388 |
ZDI-CAN-9581 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS TopogroupeditAction SQL Injection Information Disclosure Vulnerability |
| ZDI-20-387 |
ZDI-CAN-9580 |
Advantech |
CVE-2020-10621 |
9.8 |
2020-04-08 |
|
Advantech WebAccess/NMS extProgramAction Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-20-386 |
ZDI-CAN-9579 |
Advantech |
CVE-2020-10621 |
9.8 |
2020-04-08 |
|
Advantech WebAccess/NMS extProgramAction Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-20-385 |
ZDI-CAN-9578 |
Advantech |
CVE-2020-10621 |
9.8 |
2020-04-08 |
|
Advantech WebAccess/NMS LicenseImportAction Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-20-384 |
ZDI-CAN-9577 |
Advantech |
CVE-2020-10631 |
9.1 |
2020-04-08 |
|
Advantech WebAccess/NMS download.jsp Directory Traversal Information Disclosure and Denial-of-Service Vulnerability |
| ZDI-20-383 |
ZDI-CAN-9576 |
Advantech |
CVE-2020-10621 |
9.8 |
2020-04-08 |
|
Advantech WebAccess/NMS FwUpgradeAction Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-20-382 |
ZDI-CAN-9575 |
Advantech |
CVE-2020-10629 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS MibbrowserTrapAddAction XML External Entity Reference Information Disclosure Vulnerability |
| ZDI-20-381 |
ZDI-CAN-9574 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS reflashEventLog SQL Injection Information Disclosure Vulnerability |
| ZDI-20-380 |
ZDI-CAN-9573 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS Login SQL Injection Information Disclosure Vulnerability |
| ZDI-20-379 |
ZDI-CAN-9572 |
Advantech |
CVE-2020-10619 |
8.2 |
2020-04-08 |
|
Advantech WebAccess/NMS saveBackgroundAction Directory Traversal Denial-of-Service Vulnerability |
| ZDI-20-378 |
ZDI-CAN-9571 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS saveBackground SQL Injection Information Disclosure Vulnerability |
| ZDI-20-377 |
ZDI-CAN-9570 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS EMSgroupAction SQL Injection Information Disclosure Vulnerability |
| ZDI-20-376 |
ZDI-CAN-9569 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS mibBrowserSetAction SQL Injection Information Disclosure Vulnerability |
| ZDI-20-375 |
ZDI-CAN-9568 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS searchDevice SQL Injection Information Disclosure Vulnerability |
| ZDI-20-374 |
ZDI-CAN-9567 |
Advantech |
CVE-2020-10617 |
7.5 |
2020-04-08 |
|
Advantech WebAccess/NMS Login isAccessDenied SQL Injection Information Disclosure Vulnerability |
| ZDI-20-373 |
ZDI-CAN-9566 |
Advantech |
CVE-2020-10621 |
9.8 |
2020-04-08 |
|
Advantech WebAccess/NMS saveBackground Unrestricted File Upload Remote Code Execution Vulnerability |
| ZDI-20-372 |
ZDI-CAN-9598 |
Adobe |
CVE-2020-3766 |
7.8 |
2020-04-07 |
|
Adobe Acrobat Pro DC Genuine Software Service Incorrect Permission Assignment Privilege Escalation Vulnerability |
| ZDI-20-371 |
ZDI-CAN-9757 |
Schneider Electric |
CVE-2020-7478 |
7.5 |
2020-04-03 |
|
Schneider Electric IGSS IGSSupdateservice Directory Traversal Information Disclosure Vulnerability |
| ZDI-20-370 |
ZDI-CAN-9758 |
Schneider Electric |
CVE-2020-7479 |
7.8 |
2020-04-03 |
|
Schneider Electric IGSS IGSSupdateservice Improper Access Control Privilege Escalation Vulnerability |
| ZDI-20-369 |
ZDI-CAN-9345 |
VMware |
|
6.3 |
2020-04-03 |
|
VMware Workstation OVF NTLM Challenge Response Information Disclosure Vulnerability |
| ZDI-20-368 |
ZDI-CAN-9770 |
Corel |
|
7.8 |
2020-04-02 |
|
(0Day) Corel PaintShop Pro PNG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-367 |
ZDI-CAN-9772 |
Corel |
|
7.8 |
2020-04-02 |
|
(0Day) Corel PaintShop Pro TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-366 |
ZDI-CAN-9771 |
Corel |
|
7.8 |
2020-04-02 |
2021-03-02 |
(0Day) Corel PaintShop Pro TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-365 |
ZDI-CAN-9698 |
Corel |
|
7.8 |
2020-04-02 |
|
(0Day) Corel PaintShop Pro PNG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-364 |
ZDI-CAN-9697 |
Corel |
|
7.8 |
2020-04-02 |
|
(0Day) Corel PaintShop Pro TIF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-363 |
ZDI-CAN-9696 |
Corel |
|
7.8 |
2020-04-02 |
|
(0Day) Corel PaintShop Pro TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-362 |
ZDI-CAN-9695 |
Corel |
|
7.8 |
2020-04-02 |
|
(0Day) Corel PaintShop Pro GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-361 |
ZDI-CAN-9694 |
Corel |
|
7.8 |
2020-04-02 |
|
(0Day) Corel PaintShop Pro PNG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-360 |
ZDI-CAN-9639 |
Corel |
|
7.8 |
2020-04-02 |
|
(0Day) Corel PaintShop Pro TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-359 |
ZDI-CAN-9638 |
Corel |
|
7.8 |
2020-04-02 |
|
(0Day) Corel PaintShop Pro TIF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-358 |
ZDI-CAN-9637 |
Corel |
|
7.8 |
2020-04-02 |
|
(0Day) Corel PaintShop Pro PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-357 |
ZDI-CAN-9636 |
Corel |
|
7.8 |
2020-04-02 |
|
(0Day) Corel PaintShop Pro PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-356 |
ZDI-CAN-9635 |
Corel |
|
7.8 |
2020-04-02 |
|
(0Day) Corel PaintShop Pro PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-355 |
ZDI-CAN-9634 |
Corel |
|
7.8 |
2020-04-02 |
|
(0Day) Corel PaintShop Pro PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-354 |
ZDI-CAN-9633 |
Corel |
|
7.8 |
2020-04-02 |
|
(0Day) Corel PaintShop Pro J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-353 |
ZDI-CAN-9632 |
Corel |
|
7.8 |
2020-04-02 |
|
(0Day) Corel PaintShop Pro J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-352 |
ZDI-CAN-9631 |
Corel |
|
3.3 |
2020-04-02 |
|
(0Day) Corel PaintShop Pro PSD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-351 |
ZDI-CAN-9630 |
Corel |
|
3.3 |
2020-04-02 |
|
(0Day) Corel PaintShop Pro J2K File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-350 |
ZDI-CAN-10780 |
Linux |
CVE-2020-8835 |
8.8 |
2020-03-31 |
|
(Pwn2Own) Linux Kernel eBPF Improper Input Validation Privilege Escalation Vulnerability |
| ZDI-20-349 |
ZDI-CAN-9950 |
IBM |
CVE-2020-4240 |
6.5 |
2020-03-31 |
|
IBM Spectrum Protect Plus plugin Directory Traversal File Creation Vulnerability |
| ZDI-20-348 |
ZDI-CAN-9958 |
IBM |
CVE-2020-4241 |
8.8 |
2020-03-31 |
|
IBM Spectrum Protect Plus uploadHttpsCertificate Command Injection Remote Code Execution Vulnerability |
| ZDI-20-347 |
ZDI-CAN-9957 |
IBM |
CVE-2020-4242 |
8.8 |
2020-03-31 |
|
IBM Spectrum Protect Plus uploadLdapCertificate Command Injection Remote Code Execution Vulnerability |
| ZDI-20-346 |
ZDI-CAN-9953 |
IBM |
CVE-2020-4208 |
7.3 |
2020-03-31 |
|
IBM Spectrum Protect Plus serveradmin Authentication Bypass Vulnerability |
| ZDI-20-345 |
ZDI-CAN-9952 |
IBM |
CVE-2020-4209 |
5.4 |
2020-03-31 |
|
IBM Spectrum Protect Plus uploadHttpsCertificate Directory Traversal File Creation Vulnerability |
| ZDI-20-344 |
ZDI-CAN-9951 |
IBM |
CVE-2020-4209 |
5.4 |
2020-03-31 |
|
IBM Spectrum Protect Plus uploadLdapCertificate Directory Traversal File Creation Vulnerability |
| ZDI-20-343 |
ZDI-CAN-9949 |
IBM |
CVE-2020-4214 |
8.2 |
2020-03-31 |
|
IBM Spectrum Protect Plus cleanupUpdateImage Arbitrary Directory Deletion Vulnerability |
| ZDI-20-342 |
ZDI-CAN-9753 |
IBM |
CVE-2020-4206 |
8.8 |
2020-03-31 |
|
IBM Spectrum Protect Plus timezone Command Injection Remote Code Execution Vulnerability |
| ZDI-20-341 |
ZDI-CAN-9855 |
Apple |
CVE-2020-3897 |
6.3 |
2020-03-26 |
|
Apple Safari Object Transition Cache Type Confusion Remote Code Execution Vulnerability |
| ZDI-20-340 |
ZDI-CAN-9664 |
TP-Link |
CVE-2020-10888 |
5.9 |
2020-03-25 |
|
(Pwn2Own) TP-Link Archer A7 SSH Port Forwarding Authentication Bypass Vulnerability |
| ZDI-20-339 |
ZDI-CAN-9662 |
TP-Link |
CVE-2020-10886 |
8.1 |
2020-03-25 |
|
(Pwn2Own) TP-Link Archer A7 tmpServer Command Injection Remote Code Execution Vulnerability |
| ZDI-20-338 |
ZDI-CAN-9663 |
TP-Link |
CVE-2020-10887 |
8.1 |
2020-03-25 |
|
(Pwn2Own) TP-Link Archer A7 Protection Mechanism Failure Firewall Bypass Vulnerability |
| ZDI-20-337 |
ZDI-CAN-9661 |
TP-Link |
CVE-2020-10885 |
8.1 |
2020-03-25 |
|
(Pwn2Own) TP-Link Archer A7 DNS Response Improper Input Validation Remote Code Execution Vulnerability |
| ZDI-20-336 |
ZDI-CAN-9652 |
TP-Link |
CVE-2020-10884 |
8.1 |
2020-03-25 |
|
(Pwn2Own) TP-Link Archer A7 tdpServer Use of Hard-coded Cryptographic Key Remote Code Execution Vulnerability |
| ZDI-20-335 |
ZDI-CAN-9651 |
TP-Link |
CVE-2020-10883 |
5.3 |
2020-03-25 |
|
(Pwn2Own) TP-Link Archer A7 File System Incorrect Permission Assignment for Critical Resource Privilege Escalation Vulnerability |
| ZDI-20-334 |
ZDI-CAN-9650 |
TP-Link |
CVE-2020-10882 |
8.8 |
2020-03-25 |
|
(Pwn2Own) TP-Link Archer A7 tdpServer Command Injection Remote Code Execution Vulnerability |
| ZDI-20-333 |
ZDI-CAN-9660 |
TP-Link |
CVE-2020-10881 |
9.8 |
2020-03-25 |
|
(Pwn2Own) TP-Link Archer A7 DNS Response Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-332 |
ZDI-CAN-9808 |
Adobe |
CVE-2020-3764 |
7.8 |
2020-03-24 |
|
Adobe Media Encoder CC MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-331 |
ZDI-CAN-10070 |
Adobe |
CVE-2020-3764 |
7.8 |
2020-03-24 |
|
Adobe Media Encoder 3GP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-330 |
ZDI-CAN-10126 |
Adobe |
CVE-2020-3802 |
7.8 |
2020-03-19 |
|
Adobe Acrobat Reader DC XFA Template Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-329 |
ZDI-CAN-9984 |
Adobe |
CVE-2020-9552 |
7.8 |
2020-03-19 |
|
Adobe Bridge XD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-328 |
ZDI-CAN-9705 |
Adobe |
CVE-2020-9551 |
7.8 |
2020-03-19 |
|
Adobe Bridge CC GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-327 |
ZDI-CAN-9599 |
Adobe |
CVE-2020-3766 |
8.4 |
2020-03-19 |
|
Adobe Acrobat Pro DC Genuine Software Service Incorrect Permission Assignment Privilege Escalation Vulnerability |
| ZDI-20-326 |
ZDI-CAN-9597 |
Adobe |
CVE-2020-3766 |
8.4 |
2020-03-19 |
|
Adobe Acrobat Pro DC Genuine Software Service Incorrect Permission Assignment Privilege Escalation Vulnerability |
| ZDI-20-325 |
ZDI-CAN-9484 |
Adobe |
CVE-2020-3791 |
3.3 |
2020-03-19 |
|
Adobe Photoshop Type 1 Font Parsing Charstring Out-of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-324 |
ZDI-CAN-10034 |
Adobe |
CVE-2020-3790 |
7.8 |
2020-03-19 |
|
Adobe Photoshop DCM File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-20-323 |
ZDI-CAN-10050 |
Adobe |
CVE-2020-3782 |
3.3 |
2020-03-19 |
|
Adobe Photoshop TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-322 |
ZDI-CAN-10051 |
Adobe |
CVE-2020-3781 |
3.3 |
2020-03-19 |
|
Adobe Photoshop TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-321 |
ZDI-CAN-10053 |
Adobe |
CVE-2020-3780 |
7.8 |
2020-03-19 |
|
Adobe Photoshop EPS BoundingBox Element Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-320 |
ZDI-CAN-10065 |
Adobe |
CVE-2020-3779 |
7.8 |
2020-03-19 |
|
Adobe Photoshop GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-319 |
ZDI-CAN-10019 |
Adobe |
CVE-2020-3778 |
3.3 |
2020-03-19 |
|
Adobe Photoshop TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-318 |
ZDI-CAN-9989 |
Adobe |
CVE-2020-3773 |
7.8 |
2020-03-19 |
|
Adobe Photoshop U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-317 |
ZDI-CAN-10013 |
Adobe |
CVE-2020-3772 |
7.8 |
2020-03-19 |
|
Adobe Photoshop U3D File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-316 |
ZDI-CAN-9809 |
Adobe |
CVE-2020-3771 |
3.3 |
2020-03-19 |
|
Adobe Photoshop DCM Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-315 |
ZDI-CAN-9926 |
Adobe |
CVE-2020-3770 |
7.8 |
2020-03-19 |
|
Adobe Photoshop PCX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-314 |
ZDI-CAN-9645 |
Samsung |
|
8.8 |
2020-03-18 |
|
(Pwn2Own) Samsung Q60 Smart QLED TV JavaScript Integer Overflow Remote Code Execution Vulnerability |
| ZDI-20-313 |
ZDI-CAN-10131 |
Microsoft |
|
7.8 |
2020-03-18 |
|
Microsoft Windows AppX Deployment Service Hard Link Privilege Escalation Vulnerability |
| ZDI-20-312 |
ZDI-CAN-9931 |
Foxit |
CVE-2020-8870 |
7.8 |
2020-03-18 |
|
Foxit Studio Photo GetTIFPalette TIF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-311 |
ZDI-CAN-9881 |
Foxit |
CVE-2020-8869 |
7.8 |
2020-03-18 |
|
Foxit Studio Photo TIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-310 |
ZDI-CAN-10420 |
Delta Industrial Automation |
CVE-2020-6976 |
3.3 |
2020-03-17 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Giffile Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-309 |
ZDI-CAN-10413 |
Delta Industrial Automation |
CVE-2020-7002 |
7.8 |
2020-03-17 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-308 |
ZDI-CAN-10141 |
Delta Industrial Automation |
CVE-2020-7002 |
7.8 |
2020-03-17 |
|
Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing GifName Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-307 |
ZDI-CAN-10073 |
Trend Micro |
CVE-2020-8600 |
8.6 |
2020-03-17 |
|
Trend Micro Worry-Free Business Security Directory Traversal Authentication Bypass Vulnerability |
| ZDI-20-306 |
ZDI-CAN-9880 |
Foxit |
CVE-2020-8883 |
3.3 |
2020-03-16 |
|
Foxit Studio Photo EPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-305 |
ZDI-CAN-9811 |
Foxit |
CVE-2020-8882 |
7.8 |
2020-03-16 |
|
Foxit Studio Photo PSD File Parsing Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-20-304 |
ZDI-CAN-9774 |
Foxit |
CVE-2020-8881 |
7.8 |
2020-03-16 |
|
Foxit Studio Photo TIF File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-303 |
ZDI-CAN-9773 |
Foxit |
CVE-2020-8880 |
7.8 |
2020-03-16 |
|
Foxit Studio Photo TIF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-302 |
ZDI-CAN-9626 |
Foxit |
CVE-2020-8879 |
3.3 |
2020-03-16 |
|
Foxit Studio Photo PSD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-301 |
ZDI-CAN-9625 |
Foxit |
CVE-2020-8878 |
7.8 |
2020-03-16 |
|
Foxit Studio Photo PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-300 |
ZDI-CAN-9624 |
Foxit |
CVE-2020-8877 |
3.3 |
2020-03-16 |
2020-03-17 |
Foxit Studio Photo PSD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-299 |
ZDI-CAN-10099 |
VMware |
CVE-2020-3948 |
7.8 |
2020-03-13 |
2021-03-02 |
VMware Workstation Virtual Printer External Control of File Name Privilege Escalation Vulnerability |
| ZDI-20-298 |
ZDI-CAN-9292 |
VMware |
CVE-2020-3947 |
7.8 |
2020-03-13 |
|
VMware Workstation vmnetdhcp Use-After-Free Privilege Escalation Vulnerability |
| ZDI-20-297 |
ZDI-CAN-10029 |
Parallels |
CVE-2020-8876 |
6.5 |
2020-03-13 |
|
Parallels Desktop OS X Host Kernel Module Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-296 |
ZDI-CAN-10028 |
Parallels |
CVE-2020-8875 |
8.8 |
2020-03-13 |
|
Parallels Desktop OS X Host Kernel Module Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-20-295 |
ZDI-CAN-10032 |
Parallels |
CVE-2020-8874 |
7.5 |
2020-03-13 |
2021-03-02 |
Parallels Desktop xHCI Integer Overflow Privilege Escalation Vulnerability |
| ZDI-20-294 |
ZDI-CAN-10031 |
Parallels |
CVE-2020-8873 |
8.2 |
2020-03-13 |
2021-03-02 |
Parallels Desktop xHCI Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-20-293 |
ZDI-CAN-9428 |
Parallels |
CVE-2020-8872 |
6.0 |
2020-03-13 |
2021-03-02 |
Parallels Desktop xHCI Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-292 |
ZDI-CAN-9403 |
Parallels |
CVE-2020-8871 |
8.2 |
2020-03-13 |
2021-03-02 |
Parallels Desktop VGA Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-20-291 |
ZDI-CAN-9460 |
SAP |
CVE-2020-6208 |
8.2 |
2020-03-12 |
|
SAP Crystal Reports RPT File Parsing Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-290 |
ZDI-CAN-9553 |
Quest |
CVE-2020-8868 |
9.8 |
2020-03-12 |
|
Quest Foglight Evolve CommandLineService Use of Hard-coded Credentials Remote Code Execution Vulnerability |
| ZDI-20-289 |
ZDI-CAN-9665 |
Xiaomi |
CVE-2020-9530 |
8.8 |
2020-03-12 |
|
(Pwn2Own) Xiaomi Mi9 Browser manualUpgradeInfo Improper Control of Generation of Code Remote Code Execution Vulnerability |
| ZDI-20-288 |
ZDI-CAN-9657 |
Xiaomi |
CVE-2020-9531 |
5.3 |
2020-03-12 |
|
(Pwn2Own) Xiaomi GetApps Intent Privilege Escalation Vulnerability |
| ZDI-20-287 |
ZDI-CAN-9656 |
Xiaomi |
CVE-2020-9531 |
5.5 |
2020-03-12 |
|
(Pwn2Own) Xiaomi Mi9 Browser Untrusted Site Redirection Remote Code Execution Vulnerability |
| ZDI-20-286 |
ZDI-CAN-9646 |
Xiaomi |
|
8.8 |
2020-03-12 |
|
(Pwn2Own) Xiaomi Mi9 Browser ParseFormalParameterList Improper Input Validation Remote Code Execution Vulnerability |
| ZDI-20-285 |
ZDI-CAN-10525 |
Microsoft |
CVE-2020-0807 |
8.8 |
2020-03-12 |
|
Microsoft Windows Media Player AVI Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-284 |
ZDI-CAN-9959 |
Microsoft |
CVE-2020-0851 |
7.8 |
2020-03-12 |
|
Microsoft Word HTML Rendering Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-283 |
ZDI-CAN-9875 |
Microsoft |
CVE-2020-0887 |
8.8 |
2020-03-12 |
|
Microsoft Windows Printer Device Context Use-After-Free Privilege Escalation Vulnerability |
| ZDI-20-282 |
ZDI-CAN-9691 |
Microsoft |
CVE-2020-0841 |
6.1 |
2020-03-12 |
|
Microsoft Windows DiagTrack Service Hard Link Denial-of-Service Vulnerability |
| ZDI-20-281 |
ZDI-CAN-9502 |
Microsoft |
CVE-2020-0840 |
7.8 |
2020-03-12 |
|
Microsoft Windows AppX Deployment Service Hard Link Escalation of Privilege Vulnerability |
| ZDI-20-280 |
ZDI-CAN-9858 |
Microsoft |
CVE-2020-0788 |
8.8 |
2020-03-12 |
|
Microsoft Windows CreateXlateObject Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-20-279 |
ZDI-CAN-9857 |
Microsoft |
CVE-2020-0788 |
8.8 |
2020-03-12 |
|
Microsoft Windows CreateXlateObject Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-20-278 |
ZDI-CAN-9856 |
Microsoft |
CVE-2020-0788 |
8.8 |
2020-03-12 |
|
Microsoft Windows ulGetNearestIndexFromColorref Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-20-277 |
ZDI-CAN-9473 |
Microsoft |
CVE-2020-0776 |
6.1 |
2020-03-12 |
|
Microsoft Windows AppX Deployment Service Link Resolution Denial-of-Service Vulnerability |
| ZDI-20-276 |
ZDI-CAN-10469 |
Horde |
CVE-2020-8865 |
6.3 |
2020-03-10 |
|
Horde Groupware Webmail Edition edit Page Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-275 |
ZDI-CAN-10125 |
Horde |
CVE-2020-8866 |
4.3 |
2020-03-10 |
|
Horde Groupware Webmail Edition add Page Unrestricted File Upload Arbitrary File Creation Vulnerability |
| ZDI-20-274 |
ZDI-CAN-9956 |
IBM |
CVE-2020-4210 |
9.8 |
2020-03-05 |
|
IBM Spectrum Protect Plus changeAdministratorPassword Command Injection Remote Code Execution Vulnerability |
| ZDI-20-273 |
ZDI-CAN-9955 |
IBM |
CVE-2020-4211 |
9.8 |
2020-03-05 |
|
IBM Spectrum Protect Plus hostname Command Injection Remote Code Execution Vulnerability |
| ZDI-20-272 |
ZDI-CAN-9954 |
IBM |
CVE-2020-4212 |
9.8 |
2020-03-05 |
|
IBM Spectrum Protect Plus hfpackage Command Injection Remote Code Execution Vulnerability |
| ZDI-20-271 |
ZDI-CAN-9752 |
IBM |
CVE-2020-4222 |
9.8 |
2020-03-05 |
|
IBM Spectrum Protect Plus password Command Injection Remote Code Execution Vulnerability |
| ZDI-20-270 |
ZDI-CAN-9750 |
IBM |
CVE-2020-4213 |
9.8 |
2020-03-05 |
|
IBM Spectrum Protect Plus username Command Injection Remote Code Execution Vulnerability |
| ZDI-20-269 |
ZDI-CAN-9491 |
Cisco |
CVE-2020-3127 |
7.8 |
2020-03-05 |
|
Cisco WebEx Network Recording Player ARF File Uninitialized Pointer Remote Code Execution Vulnerability |
| ZDI-20-268 |
ZDI-CAN-9471 |
D-Link |
CVE-2020-8864 |
8.8 |
2020-02-24 |
|
D-Link Multiple Routers HNAP strncmp Incorrect Comparison Authentication Bypass Vulnerability |
| ZDI-20-267 |
ZDI-CAN-9470 |
D-Link |
CVE-2020-8863 |
8.8 |
2020-02-24 |
|
D-Link Multiple Routers HNAP PrivateLogin Incorrect Implementation of Authentication Algorithm Authentication Bypass Vulnerability |
| ZDI-20-266 |
ZDI-CAN-10082 |
D-Link |
CVE-2020-8862 |
8.8 |
2020-02-21 |
|
D-Link DAP-2610 Router login Incorrect Comparison Authentication Bypass Vulnerability |
| ZDI-20-265 |
ZDI-CAN-9554 |
D-Link |
CVE-2020-8861 |
8.8 |
2020-02-21 |
|
D-Link DAP-1330 HNAP Incorrect Implementation of Authentication Algorithm Authentication Bypass Vulnerability |
| ZDI-20-264 |
ZDI-CAN-9304 |
WECON |
|
7.8 |
2020-02-20 |
|
(0Day) WECON LeviStudioU MulStatus szFilename Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-263 |
ZDI-CAN-9290 |
WECON |
|
7.8 |
2020-02-20 |
|
(0Day) WECON LeviStudioU G_bmp szFilename Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-262 |
ZDI-CAN-9280 |
WECON |
|
7.8 |
2020-02-20 |
|
(0Day) WECON LeviStudioU G_bmp szFilename Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-261 |
ZDI-CAN-9309 |
Rockwell Automation |
CVE-2020-6967 |
9.8 |
2020-02-20 |
|
(0Day) Rockwell Automation FactoryTalk RNADiagnosticsSrv Deserialization Of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-260 |
ZDI-CAN-8315 |
AMD |
|
6.2 |
2020-02-20 |
|
(0Day) AMD Radeon Divide By Zero Denial of Service Vulnerability |
| ZDI-20-259 |
ZDI-CAN-10076 |
Microsoft |
CVE-2020-0792 |
8.8 |
2020-02-20 |
|
Microsoft Windows NtUserResolveDesktopForWOW Heap-based Buffer Overflow Privilege Escalation Vulnerability |
| ZDI-20-258 |
ZDI-CAN-9615 |
Microsoft |
CVE-2020-0688 |
8.8 |
2020-02-20 |
|
Microsoft Exchange Server Exchange Control Panel Fixed Cryptographic Key Remote Code Execution Vulnerability |
| ZDI-20-257 |
ZDI-CAN-9538 |
Microsoft |
CVE-2020-0668 |
7.8 |
2020-02-20 |
2020-03-09 |
Microsoft Windows Service Tracing Arbitrary File Move Privilege Escalation Vulnerability |
| ZDI-20-256 |
ZDI-CAN-9666 |
Samsung |
|
8.4 |
2020-02-20 |
2020-02-21 |
(Pwn2Own) Samsung Galaxy S10 IndexedDB Use-After-Free Sandbox Escape Vulnerability |
| ZDI-20-255 |
ZDI-CAN-9658 |
Samsung |
CVE-2020-8860 |
7.1 |
2020-02-20 |
2020-02-21 |
(Pwn2Own) Samsung Galaxy S10 Call Control Setup Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-254 |
ZDI-CAN-9655 |
Samsung |
|
8.4 |
2020-02-20 |
2020-02-21 |
(Pwn2Own) Samsung Galaxy S10 FileWriter Use-After-Free Sandbox Escape Vulnerability |
| ZDI-20-253 |
ZDI-CAN-9654 |
Samsung |
|
6.3 |
2020-02-20 |
2020-02-21 |
(Pwn2Own) Samsung Galaxy S10 Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-252 |
ZDI-CAN-10115 |
ELOG |
CVE-2020-8859 |
5.3 |
2020-02-12 |
|
ELOG Electronic Logbook drop-count Null Pointer Dereference Denial-of-Service Vulnerability |
| ZDI-20-251 |
ZDI-CAN-9454 |
Adobe |
CVE-2020-3740 |
7.8 |
2020-02-12 |
|
Adobe FrameMaker TIF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-20-250 |
ZDI-CAN-9453 |
Adobe |
CVE-2020-3739 |
7.8 |
2020-02-12 |
|
Adobe FrameMaker IFF File Parsing Memory Corruption Remote Code Execution Vulnerability |
| ZDI-20-249 |
ZDI-CAN-9617 |
Adobe |
CVE-2020-3748 |
7.8 |
2020-02-12 |
|
Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-248 |
ZDI-CAN-9432 |
Adobe |
CVE-2020-3738 |
7.8 |
2020-02-12 |
|
Adobe FrameMaker TIF File Parsing Type Confusion Remote Code Execution Vulnerability |
| ZDI-20-247 |
ZDI-CAN-9436 |
Adobe |
CVE-2020-3737 |
7.8 |
2020-02-12 |
|
Adobe FrameMaker TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-246 |
ZDI-CAN-9445 |
Adobe |
CVE-2020-3736 |
7.8 |
2020-02-12 |
|
Adobe FrameMaker GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-245 |
ZDI-CAN-9446 |
Adobe |
CVE-2020-3735 |
7.8 |
2020-02-12 |
|
Adobe FrameMaker PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-244 |
ZDI-CAN-9447 |
Adobe |
CVE-2020-3734 |
7.8 |
2020-02-12 |
|
Adobe FrameMaker TGA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-243 |
ZDI-CAN-9442 |
Adobe |
CVE-2020-3733 |
7.8 |
2020-02-12 |
|
Adobe FrameMaker BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-242 |
ZDI-CAN-9444 |
Adobe |
CVE-2020-3732 |
7.8 |
2020-02-12 |
|
Adobe FrameMaker IFF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-241 |
ZDI-CAN-9443 |
Adobe |
CVE-2020-3731 |
7.8 |
2020-02-12 |
|
Adobe FrameMaker CEL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-240 |
ZDI-CAN-9439 |
Adobe |
CVE-2020-3730 |
7.8 |
2020-02-12 |
|
Adobe FrameMaker RGB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-239 |
ZDI-CAN-9430 |
Adobe |
CVE-2020-3729 |
7.8 |
2020-02-12 |
|
Adobe FrameMaker PCX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-238 |
ZDI-CAN-9435 |
Adobe |
CVE-2020-3728 |
7.8 |
2020-02-12 |
|
Adobe FrameMaker PIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-237 |
ZDI-CAN-9437 |
Adobe |
CVE-2020-3727 |
7.8 |
2020-02-12 |
|
Adobe FrameMaker PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-236 |
ZDI-CAN-9438 |
Adobe |
CVE-2020-3726 |
7.8 |
2020-02-12 |
|
Adobe FrameMaker BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-235 |
ZDI-CAN-9440 |
Adobe |
CVE-2020-3725 |
7.8 |
2020-02-12 |
|
Adobe FrameMaker RGB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-234 |
ZDI-CAN-9441 |
Adobe |
CVE-2020-3724 |
7.8 |
2020-02-12 |
|
Adobe FrameMaker RGB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-233 |
ZDI-CAN-9429 |
Adobe |
CVE-2020-3723 |
7.8 |
2020-02-12 |
|
Adobe FrameMaker TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-232 |
ZDI-CAN-9431 |
Adobe |
CVE-2020-3722 |
7.8 |
2020-02-12 |
|
Adobe FrameMaker BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-231 |
ZDI-CAN-9433 |
Adobe |
CVE-2020-3721 |
7.8 |
2020-02-12 |
|
Adobe FrameMaker TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-230 |
ZDI-CAN-9434 |
Adobe |
CVE-2020-3720 |
7.8 |
2020-02-12 |
|
Adobe FrameMaker PIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-229 |
ZDI-CAN-9418 |
Symantec |
CVE-2020-5826 |
5.5 |
2020-02-11 |
|
Symantec Endpoint Protection AvHostPlugin Out-of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-228 |
ZDI-CAN-9397 |
Symantec |
CVE-2020-5825 |
7.1 |
2020-02-11 |
|
Symantec Endpoint Protection AvHostPlugin Missing Authentication Arbitrary File Move Vulnerability |
| ZDI-20-227 |
ZDI-CAN-9404 |
Symantec |
CVE-2020-5825 |
5.5 |
2020-02-11 |
|
Symantec Endpoint Protection AvHostPlugin Missing Authentication Denial-of-Service Vulnerability |
| ZDI-20-226 |
ZDI-CAN-9396 |
Symantec |
CVE-2020-5825 |
6.1 |
2020-02-11 |
|
Symantec Endpoint Protection AvHostPlugin Missing Authentication Arbitrary File Rename Vulnerability |
| ZDI-20-225 |
ZDI-CAN-9537 |
Symantec |
CVE-2020-5831 |
3.3 |
2020-02-11 |
|
Symantec Endpoint Protection Manager secars Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-224 |
ZDI-CAN-9536 |
Symantec |
CVE-2020-5830 |
3.3 |
2020-02-11 |
|
Symantec Endpoint Protection Manager secars Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-223 |
ZDI-CAN-9535 |
Symantec |
CVE-2020-5829 |
3.3 |
2020-02-11 |
|
Symantec Endpoint Protection Manager secars Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-222 |
ZDI-CAN-9534 |
Symantec |
CVE-2020-5828 |
3.3 |
2020-02-11 |
|
Symantec Endpoint Protection Manager secars Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-221 |
ZDI-CAN-9395 |
Symantec |
CVE-2020-5824 |
5.5 |
2020-02-11 |
|
Symantec Endpoint Protection AvHostPlugin Missing Authentication Denial-of-Service Vulnerability |
| ZDI-20-220 |
ZDI-CAN-9459 |
Symantec |
CVE-2020-5827 |
3.3 |
2020-02-11 |
|
Symantec Endpoint Protection Manager secars Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-219 |
ZDI-CAN-9450 |
Symantec |
CVE-2020-5823 |
7.8 |
2020-02-11 |
|
Symantec Endpoint Protection ccJobMgr Missing Authentication Privilege Escalation Vulnerability |
| ZDI-20-218 |
ZDI-CAN-9426 |
Symantec |
CVE-2020-5822 |
7.8 |
2020-02-11 |
|
Symantec Endpoint Protection ccSvc Missing Authentication Privilege Escalation Vulnerability |
| ZDI-20-217 |
ZDI-CAN-9420 |
Symantec |
CVE-2020-5820 |
7.8 |
2020-02-11 |
|
Symantec Endpoint Protection AvHostPlugin Out-Of-Bounds Write Privilege Escalation Vulnerability |
| ZDI-20-216 |
ZDI-CAN-9383 |
Apple |
CVE-2020-3877 |
7.5 |
2020-02-11 |
|
Apple Messages HandwritingProvider Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-215 |
ZDI-CAN-9595 |
Apple |
CVE-2020-3839 |
7.1 |
2020-02-11 |
|
Apple macOS IO80211Family Stack-based Buffer Overflow Information Disclosure Vulnerability |
| ZDI-20-214 |
ZDI-CAN-9552 |
Moxa |
CVE-2020-8858 |
8.8 |
2020-02-11 |
2020-04-01 |
Moxa MGate 5105-MB-EIP DestIP Command Injection Remote Code Execution Vulnerability |
| ZDI-20-213 |
ZDI-CAN-9862 |
Foxit |
CVE-2020-8857 |
7.8 |
2020-02-11 |
|
Foxit Reader Annotations AcroForm Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-212 |
ZDI-CAN-9640 |
Foxit |
CVE-2020-8856 |
7.8 |
2020-02-11 |
|
Foxit PhantomPDF AcroForm addWatermarkFromText Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-211 |
ZDI-CAN-9560 |
Foxit |
CVE-2020-8855 |
7.8 |
2020-02-11 |
|
Foxit PhantomPDF fxhtml2pdf Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-210 |
ZDI-CAN-9606 |
Foxit |
CVE-2020-8854 |
7.8 |
2020-02-11 |
|
Foxit PhantomPDF JPEG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-209 |
ZDI-CAN-9591 |
Foxit |
CVE-2020-8853 |
7.8 |
2020-02-11 |
|
Foxit PhantomPDF HTML2PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-208 |
ZDI-CAN-9416 |
Foxit |
CVE-2020-8852 |
3.3 |
2020-02-11 |
|
Foxit Reader JPEG2000 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-207 |
ZDI-CAN-9406 |
Foxit |
CVE-2020-8851 |
7.8 |
2020-02-11 |
2020-11-17 |
Foxit Reader JPEG2000 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-206 |
ZDI-CAN-9415 |
Foxit |
CVE-2020-8850 |
7.8 |
2020-02-11 |
2020-04-01 |
Foxit Reader JPEG2000 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-205 |
ZDI-CAN-9413 |
Foxit |
CVE-2020-8849 |
7.8 |
2020-02-11 |
2020-04-01 |
Foxit Reader JPEG2000 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-204 |
ZDI-CAN-9407 |
Foxit |
CVE-2020-8848 |
7.8 |
2020-02-11 |
2020-11-17 |
Foxit Reader JPEG2000 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-203 |
ZDI-CAN-9414 |
Foxit |
CVE-2020-8847 |
7.8 |
2020-02-11 |
2020-04-01 |
Foxit Reader JPEG2000 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-202 |
ZDI-CAN-9400 |
Foxit |
CVE-2020-8846 |
7.8 |
2020-02-11 |
2020-02-18 |
Foxit PhantomPDF text Field Object Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-201 |
ZDI-CAN-9358 |
Foxit |
CVE-2020-8845 |
7.8 |
2020-02-11 |
|
Foxit PhantomPDF AcroForm addWatermarkFromText Use-After-Free Remote Code Execution Vulnerability |
| ZDI-20-200 |
ZDI-CAN-9102 |
Foxit |
CVE-2020-8844 |
7.8 |
2020-02-11 |
|
Foxit Reader ConvertToPDF JPEG Parsing Integer Overflow Remote Code Execution Vulnerability |
| ZDI-20-199 |
ZDI-CAN-9549 |
Google |
CVE-2019-14088 |
7.8 |
2020-02-07 |
|
Google Android V4l2 cam_actuator_driver_cmd Use-After-Free Privilege Escalation Vulnerability |
| ZDI-20-198 |
ZDI-CAN-8956 |
Bitdefender |
CVE-2020-8095 |
6.1 |
2020-02-05 |
|
Bitdefender Total Security Link Resolution Denial-of-Service Vulnerability |
| ZDI-20-197 |
ZDI-CAN-9015 |
Hewlett Packard Enterprise |
CVE-2020-7176 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center viewTaskResultDetailFact Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-196 |
ZDI-CAN-9013 |
Hewlett Packard Enterprise |
CVE-2020-7188 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center userSelectPagingContent Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-195 |
ZDI-CAN-9014 |
Hewlett Packard Enterprise |
CVE-2020-7185 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center tvxlanLegend Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-194 |
ZDI-CAN-9012 |
Hewlett Packard Enterprise |
CVE-2020-7177 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center wmiConfigContent Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-193 |
ZDI-CAN-9011 |
Hewlett Packard Enterprise |
CVE-2020-7183 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center forwardredirect Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-192 |
ZDI-CAN-9010 |
Hewlett Packard Enterprise |
CVE-2020-7184 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center viewBatchTaskResultDetailFact Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-191 |
ZDI-CAN-9009 |
Hewlett Packard Enterprise |
CVE-2020-7186 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center powershellConfigContent Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-190 |
ZDI-CAN-9008 |
Hewlett Packard Enterprise |
CVE-2020-7181 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center smsRulesDownload Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-189 |
ZDI-CAN-9007 |
Hewlett Packard Enterprise |
CVE-2020-7179 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center thirdPartyPerfSelectTask Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-188 |
ZDI-CAN-8997 |
Hewlett Packard Enterprise |
CVE-2020-7187 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center reportpage index Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-187 |
ZDI-CAN-9006 |
Hewlett Packard Enterprise |
CVE-2020-7182 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center sshConfig Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-186 |
ZDI-CAN-9005 |
Hewlett Packard Enterprise |
CVE-2020-7194 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center perfAddorModDeviceMonitor Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-185 |
ZDI-CAN-8998 |
Hewlett Packard Enterprise |
CVE-2020-7163 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center navigationTo Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-184 |
ZDI-CAN-8990 |
Hewlett Packard Enterprise |
CVE-2020-7170 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center select Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-183 |
ZDI-CAN-8979 |
Hewlett Packard Enterprise |
CVE-2020-7165 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-182 |
ZDI-CAN-8978 |
Hewlett Packard Enterprise |
CVE-2020-7160 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center iccSelectDeviceSeries Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-181 |
ZDI-CAN-8977 |
Hewlett Packard Enterprise |
CVE-2020-7175 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center iccSelectDymicParam Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-180 |
ZDI-CAN-8996 |
Hewlett Packard Enterprise |
CVE-2020-7158 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center perfSelectTask Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-179 |
ZDI-CAN-9004 |
Hewlett Packard Enterprise |
CVE-2020-7168 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center selectUserGroup Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-178 |
ZDI-CAN-8958 |
Hewlett Packard Enterprise |
CVE-2020-7173 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center actionSelectContent Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-177 |
ZDI-CAN-9003 |
Hewlett Packard Enterprise |
CVE-2020-7164 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center operationSelect Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-176 |
ZDI-CAN-9002 |
Hewlett Packard Enterprise |
CVE-2020-7161 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center reportTaskSelect Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-175 |
ZDI-CAN-9001 |
Hewlett Packard Enterprise |
CVE-2020-7174 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center soapConfigContent Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-174 |
ZDI-CAN-9000 |
Hewlett Packard Enterprise |
CVE-2020-7172 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center templateSelect Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-173 |
ZDI-CAN-8999 |
Hewlett Packard Enterprise |
CVE-2020-7167 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center quickTemplateSelect Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-172 |
ZDI-CAN-8995 |
Hewlett Packard Enterprise |
CVE-2020-7171 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center guiDataDetail Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-171 |
ZDI-CAN-8994 |
Hewlett Packard Enterprise |
CVE-2020-7169 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center ictExpertCSVDownload Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-170 |
ZDI-CAN-8993 |
Hewlett Packard Enterprise |
CVE-2020-7166 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center operatorGroupTreeSelectContent Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-169 |
ZDI-CAN-8992 |
Hewlett Packard Enterprise |
CVE-2020-7162 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center operatorGroupSelectContent Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-168 |
ZDI-CAN-8991 |
Hewlett Packard Enterprise |
CVE-2020-7157 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center selViewNavContent Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-167 |
ZDI-CAN-8984 |
Hewlett Packard Enterprise |
CVE-2020-7178 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center mediaForAction Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-166 |
ZDI-CAN-8983 |
Hewlett Packard Enterprise |
CVE-2020-7180 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center ictExpertDownload Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-165 |
ZDI-CAN-8980 |
Hewlett Packard Enterprise |
CVE-2020-7153 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center iccSelectDevType Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-164 |
ZDI-CAN-8985 |
Hewlett Packard Enterprise |
CVE-2020-7152 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center faultParasSet Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-163 |
ZDI-CAN-8986 |
Hewlett Packard Enterprise |
CVE-2020-7156 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center faultInfo_content Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-162 |
ZDI-CAN-8989 |
Hewlett Packard Enterprise |
CVE-2020-7155 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center select Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-161 |
ZDI-CAN-8988 |
Hewlett Packard Enterprise |
CVE-2020-7151 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center faultTrapGroupSelect Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-160 |
ZDI-CAN-8987 |
Hewlett Packard Enterprise |
CVE-2020-7150 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center faultStatChooseFaultType Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-159 |
ZDI-CAN-8982 |
Hewlett Packard Enterprise |
CVE-2020-7154 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center ifViewSelectPage Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-158 |
ZDI-CAN-8981 |
Hewlett Packard Enterprise |
CVE-2020-7149 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center ictExpertCSVDownload Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-157 |
ZDI-CAN-8976 |
Hewlett Packard Enterprise |
CVE-2020-7193 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center ictExpertCSVDownload Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-156 |
ZDI-CAN-8975 |
Hewlett Packard Enterprise |
CVE-2020-7195 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center iccSelectRules Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-155 |
ZDI-CAN-8974 |
Hewlett Packard Enterprise |
CVE-2020-7189 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center faultFlashEventSelectFact Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-154 |
ZDI-CAN-8973 |
Hewlett Packard Enterprise |
CVE-2020-7190 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center deviceSelect Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-153 |
ZDI-CAN-8972 |
Hewlett Packard Enterprise |
CVE-2020-7191 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center devSoftSel Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-152 |
ZDI-CAN-8969 |
Hewlett Packard Enterprise |
CVE-2020-7192 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center deviceThresholdConfig Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-151 |
ZDI-CAN-8966 |
Hewlett Packard Enterprise |
CVE-2020-7144 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center compareFilesResult Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-150 |
ZDI-CAN-8962 |
Hewlett Packard Enterprise |
CVE-2020-7148 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center deploySelectSoftware Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-149 |
ZDI-CAN-8961 |
Hewlett Packard Enterprise |
CVE-2020-7147 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center deploySelectBootrom Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-148 |
ZDI-CAN-8960 |
Hewlett Packard Enterprise |
CVE-2020-7146 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center devGroupSelect Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-147 |
ZDI-CAN-8959 |
Hewlett Packard Enterprise |
CVE-2020-7159 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center customTemplateSelect Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-146 |
ZDI-CAN-8957 |
Hewlett Packard Enterprise |
CVE-2020-7145 |
8.8 |
2020-02-04 |
2021-03-02 |
(0Day) Hewlett Packard Enterprise Intelligent Management Center choosePerfView Expression Language Injection Remote Code Execution Vulnerability |
| ZDI-20-145 |
ZDI-CAN-9401 |
Adobe |
CVE-2019-16451 |
7.8 |
2020-02-03 |
|
Adobe Acrobat Pro DC TTF Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| ZDI-20-144 |
ZDI-CAN-9399 |
Apple |
CVE-2019-8835 |
4.3 |
2020-01-27 |
|
Apple Safari SimpleLineLayout Use-After-Free Information Disclosure Vulnerability |
| ZDI-20-143 |
ZDI-CAN-9969 |
Microsoft |
CVE-2020-0635 |
7.8 |
2020-01-17 |
|
Microsoft Windows WIA Junction Privilege Escalation Vulnerability |
| ZDI-20-142 |
ZDI-CAN-9797 |
Oracle |
CVE-2020-2727 |
6.0 |
2020-01-15 |
|
Oracle VirtualBox e1000 Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-141 |
ZDI-CAN-9796 |
Oracle |
CVE-2020-2726 |
7.5 |
2020-01-15 |
|
Oracle VirtualBox SCSI Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-20-140 |
ZDI-CAN-9141 |
Oracle |
CVE-2020-2705 |
6.5 |
2020-01-15 |
|
Oracle VirtualBox VMSVGA Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-139 |
ZDI-CAN-9112 |
Oracle |
CVE-2020-2704 |
6.5 |
2020-01-15 |
|
Oracle VirtualBox VMSVGA Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-138 |
ZDI-CAN-9794 |
Oracle |
CVE-2020-2702 |
7.5 |
2020-01-15 |
|
Oracle VirtualBox xHCI Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-20-137 |
ZDI-CAN-9763 |
Oracle |
CVE-2020-2701 |
7.5 |
2020-01-15 |
|
Oracle VirtualBox xHCI Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-20-136 |
ZDI-CAN-9590 |
Oracle |
CVE-2020-2698 |
7.5 |
2020-01-15 |
|
Oracle VirtualBox xHCI Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability |
| ZDI-20-135 |
ZDI-CAN-9457 |
Oracle |
CVE-2020-2693 |
5.3 |
2020-01-15 |
|
Oracle VirtualBox e1000 Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-134 |
ZDI-CAN-9117 |
Oracle |
CVE-2020-2692 |
6.5 |
2020-01-15 |
|
Oracle VirtualBox VMSVGA Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-133 |
ZDI-CAN-9116 |
Oracle |
CVE-2020-2691 |
6.5 |
2020-01-15 |
|
Oracle VirtualBox VMSVGA Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-132 |
ZDI-CAN-9115 |
Oracle |
CVE-2020-2690 |
6.5 |
2020-01-15 |
|
Oracle VirtualBox VMSVGA Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-131 |
ZDI-CAN-9114 |
Oracle |
CVE-2020-2689 |
6.5 |
2020-01-15 |
|
Oracle VirtualBox VMSVGA Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-130 |
ZDI-CAN-9389 |
Oracle |
CVE-2020-2682 |
8.2 |
2020-01-15 |
|
Oracle VirtualBox VBoxVHWAHandleTable Out-Of-Bounds Access Privilege Escalation Vulnerability |
| ZDI-20-129 |
ZDI-CAN-9109 |
Oracle |
CVE-2020-2681 |
6.5 |
2020-01-15 |
|
Oracle VirtualBox VMSVGA Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-128 |
ZDI-CAN-9020 |
Oracle |
CVE-2020-2555 |
9.8 |
2020-01-15 |
|
Oracle WebLogic Server T3 Protocol Deserialization of Untrusted Data Remote Code Execution Vulnerability |
| ZDI-20-127 |
ZDI-CAN-9427 |
Microsoft |
CVE-2020-0652 |
7.8 |
2020-01-15 |
|
Microsoft Office Graph Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| ZDI-20-126 |
ZDI-CAN-9641 |
Sony |
CVE-2017-5030 |
6.3 |
2020-01-15 |
2020-02-21 |
(Pwn2Own) Sony X800G Smart TV Vewd Out-Of-Bounds Read Remote Code Execution Vulnerability |
| ZDI-20-125 |
ZDI-CAN-9382 |
Microsoft |
CVE-2020-0634 |
8.8 |
2020-01-15 |
|
Microsoft Windows CLFS Use-After-Free Privilege Escalation Vulnerability |
| ZDI-20-124 |
ZDI-CAN-9377 |
Microsoft |
CVE-2020-0616 |
7.3 |
2020-01-15 |
|
Microsoft Windows Device Management Enrollment Service Hard Link Denial-of-Service Vulnerability |
| ZDI-20-123 |
ZDI-CAN-9423 |
Microsoft |
CVE-2020-0615 |
8.4 |
2020-01-15 |
|
Microsoft Windows CLFS Driver Out-Of-Bounds Read Information Disclosure Vulnerability |
| ZDI-20-122 |
ZDI-CAN-9421 |
Microsoft |
CVE-2020-0639 |
8.4 |
2020-01-15 |
|
Microsoft Windows CLFS Driver Integer Overflow Information Disclosure Vulnerability |
| ZDI-20-121 |
ZDI-CAN-9341 |
Cisco |
CVE-2019-15984 |
6.5 |
2020-01-03 |
|
Cisco Data Center Network Manager getLanSwitchDataLength SQL Injection Information Disclosure Vulnerability |
| ZDI-20-120 |
ZDI-CAN-9248 |
Cisco |
CVE-2019-15983 |
7.5 |
2020-01-03 |
|
Cisco Data Center Network Manager getTopologyVlanList XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-20-119 |
ZDI-CAN-9285 |
Cisco |
CVE-2019-15983 |
6.5 |
2020-01-03 |
|
Cisco Data Center Network Manager CablePlans XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-20-118 |
ZDI-CAN-9469 |
Cisco |
CVE-2019-15980 |
6.5 |
2020-01-03 |
|
Cisco Data Center Network Manager getDeployContent Directory Traversal Information Disclosure Vulnerability |
| ZDI-20-117 |
ZDI-CAN-9425 |
Cisco |
CVE-2019-15983 |
7.5 |
2020-01-03 |
|
Cisco Data Center Network Manager addGroupNavigation XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-20-116 |
ZDI-CAN-9353 |
Cisco |
CVE-2019-15984 |
7.2 |
2020-01-03 |
|
Cisco Data Center Network Manager checkLinkUUID SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-115 |
ZDI-CAN-9340 |
Cisco |
CVE-2019-15984 |
7.5 |
2020-01-03 |
|
Cisco Data Center Network Manager getSwitchsDataLength SQL Injection Information Disclosure Vulnerability |
| ZDI-20-114 |
ZDI-CAN-9247 |
Cisco |
CVE-2019-15983 |
7.5 |
2020-01-03 |
|
Cisco Data Center Network Manager getInventoryIslList XML External Entity Processing Information Disclosure Vulnerability |
| ZDI-20-113 |
ZDI-CAN-9361 |
Cisco |
CVE-2019-15984 |
7.2 |
2020-01-03 |
|
Cisco Data Center Network Manager getSwitchName SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-112 |
ZDI-CAN-9360 |
Cisco |
CVE-2019-15984 |
4.9 |
2020-01-03 |
|
Cisco Data Center Network Manager getRpmJobLength SQL Injection Information Disclosure Vulnerability |
| ZDI-20-111 |
ZDI-CAN-9356 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getConfigTemplateFileName SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-110 |
ZDI-CAN-9352 |
Cisco |
CVE-2019-15984 |
7.2 |
2020-01-03 |
|
Cisco Data Center Network Manager getSwitchDbIdBySerialNumber SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-109 |
ZDI-CAN-9351 |
Cisco |
CVE-2019-15984 |
4.9 |
2020-01-03 |
|
Cisco Data Center Network Manager getGirTaskLength SQL Injection Information Disclosure Vulnerability |
| ZDI-20-108 |
ZDI-CAN-9350 |
Cisco |
CVE-2019-15984 |
4.9 |
2020-01-03 |
|
Cisco Data Center Network Manager getVpcCount SQL Injection Information Disclosure Vulnerability |
| ZDI-20-107 |
ZDI-CAN-9349 |
Cisco |
CVE-2019-15984 |
4.9 |
2020-01-03 |
|
Cisco Data Center Network Manager getJobLength SQL Injection Information Disclosure Vulnerability |
| ZDI-20-106 |
ZDI-CAN-9348 |
Cisco |
CVE-2019-15984 |
4.9 |
2020-01-03 |
|
Cisco Data Center Network Manager getZoneDataLength SQL Injection Information Disclosure Vulnerability |
| ZDI-20-105 |
ZDI-CAN-9347 |
Cisco |
CVE-2019-15984 |
4.9 |
2020-01-03 |
|
Cisco Data Center Network Manager getVsanDataLength SQL Injection Information Disclosure Vulnerability |
| ZDI-20-104 |
ZDI-CAN-9342 |
Cisco |
CVE-2019-15984 |
7.5 |
2020-01-03 |
|
Cisco Data Center Network Manager getSanSwitchDataLength SQL Injection Information Disclosure Vulnerability |
| ZDI-20-103 |
ZDI-CAN-9305 |
Cisco |
CVE-2019-15982 |
7.2 |
2020-01-03 |
|
Cisco Data Center Network Manager AFW Image Upload Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-102 |
ZDI-CAN-9286 |
Cisco |
CVE-2019-15978 |
7.2 |
2020-01-03 |
|
Cisco Data Center Network Manager createLanFabric Command Injection Remote Code Execution Vulnerability |
| ZDI-20-101 |
ZDI-CAN-9288 |
Cisco |
CVE-2019-15980 |
7.2 |
2020-01-03 |
|
Cisco Data Center Network Manager writeToFile Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-100 |
ZDI-CAN-9235 |
Cisco |
CVE-2019-15979 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager importTS Command Injection Remote Code Execution Vulnerability |
| ZDI-20-099 |
ZDI-CAN-9301 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getDiscoveredDeviceCount groupId SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-098 |
ZDI-CAN-9300 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getDiscoveredDeviceCount hostname SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-097 |
ZDI-CAN-9289 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getDiscoveredDeviceCount switchIdList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-096 |
ZDI-CAN-9283 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager setVxlanProperties SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-095 |
ZDI-CAN-9267 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager createSite SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-094 |
ZDI-CAN-9266 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager createSite getIp SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-093 |
ZDI-CAN-9234 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager checkDiscoveryEthSwCandidates4List SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-092 |
ZDI-CAN-9218 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getN3KBufferStatList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-091 |
ZDI-CAN-9217 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getEndDeviceStatListWithVsan SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-090 |
ZDI-CAN-9216 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getNpvLinkStatJoinList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-089 |
ZDI-CAN-9215 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getFlowStatList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-088 |
ZDI-CAN-9214 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getTaskList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-087 |
ZDI-CAN-9210 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager modifyGroupName SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-086 |
ZDI-CAN-9209 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-085 |
ZDI-CAN-9208 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-084 |
ZDI-CAN-9207 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getVpcCount SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-083 |
ZDI-CAN-9203 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getLanSwitchBandwidthStatList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-082 |
ZDI-CAN-9202 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getSanSwitchBandwidthStatList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-081 |
ZDI-CAN-9201 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getAllVpcs SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-080 |
ZDI-CAN-9200 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getLanEthernetStatListES SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-079 |
ZDI-CAN-9199 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getSanIslStatList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-078 |
ZDI-CAN-9198 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getPortGroupStatList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-077 |
ZDI-CAN-9197 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getLanIslStatList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-076 |
ZDI-CAN-9196 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getNpvLinkStatList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-075 |
ZDI-CAN-9195 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getLanIslStatJoinList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-074 |
ZDI-CAN-9194 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getLanGigEStatList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-073 |
ZDI-CAN-9193 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getSanGigEStatList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-072 |
ZDI-CAN-9192 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getSanIslStatJoinList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-071 |
ZDI-CAN-9189 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getLanSwitchListWithoutUsedPorts SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-070 |
ZDI-CAN-9188 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getLanStatEntities SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-069 |
ZDI-CAN-9187 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getSanStatEntities SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-068 |
ZDI-CAN-9186 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getOidSanStatList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-067 |
ZDI-CAN-9185 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getOidLanStatList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-066 |
ZDI-CAN-9180 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getPortGroupMember SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-065 |
ZDI-CAN-9170 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getHostEnclList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-064 |
ZDI-CAN-9169 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getSanZoneList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-063 |
ZDI-CAN-9168 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getVsanList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-062 |
ZDI-CAN-9167 |
Cisco |
CVE-2019-15985 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getEndPortConnectionsForStorageSystem SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-061 |
ZDI-CAN-9166 |
Cisco |
CVE-2019-15985 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getEndPortConnectionsForStorageEnclosure SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-060 |
ZDI-CAN-9165 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getVmHostData SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-059 |
ZDI-CAN-9127 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getDeployerTaskDetails SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-058 |
ZDI-CAN-9124 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getJobList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-057 |
ZDI-CAN-9164 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getVsanListForEnclosures SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-056 |
ZDI-CAN-9163 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getAllGroups SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-055 |
ZDI-CAN-9134 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getZoneListByZoneNameAndParentId SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-054 |
ZDI-CAN-9129 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getSanIslListWithPM SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-053 |
ZDI-CAN-9128 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getEndDeviceList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-052 |
ZDI-CAN-9060 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getSwitches SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-051 |
ZDI-CAN-9068 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getSwitches SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-050 |
ZDI-CAN-9058 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getModulesBySwitch SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-049 |
ZDI-CAN-9224 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getLanIslStatListES SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-048 |
ZDI-CAN-9057 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getModules SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-047 |
ZDI-CAN-9059 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getNpvLinks SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-046 |
ZDI-CAN-9125 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getBackupStatusCount SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-045 |
ZDI-CAN-9225 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getSanIslStatListESBySQL SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-044 |
ZDI-CAN-9223 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getFlowStatListES SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-043 |
ZDI-CAN-9220 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getSanGigEStatListES SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-042 |
ZDI-CAN-9219 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getCustomPGStatList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-041 |
ZDI-CAN-9222 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getEndDeviceStatListESBySQL SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-040 |
ZDI-CAN-9221 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getIslListWithPMForTopology SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-039 |
ZDI-CAN-9181 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getHostEnclList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-038 |
ZDI-CAN-9182 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getLanSwitchList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-037 |
ZDI-CAN-9184 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getLanIslList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-036 |
ZDI-CAN-9074 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getisls SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-035 |
ZDI-CAN-9073 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getInterfacesBySwitch SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-034 |
ZDI-CAN-9072 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getHostEnclList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-033 |
ZDI-CAN-9067 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getHostEnclList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-032 |
ZDI-CAN-9065 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getEndPorts SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-031 |
ZDI-CAN-9061 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getLicenses SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-030 |
ZDI-CAN-9064 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getAllTemplate SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-029 |
ZDI-CAN-9063 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getRPMTasks SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-028 |
ZDI-CAN-9040 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getJobExecutionDetails SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-027 |
ZDI-CAN-9062 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager DeviceModuleRest getDeviceModulesupport SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-026 |
ZDI-CAN-9070 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getSyslogEventList SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-025 |
ZDI-CAN-9053 |
Cisco |
CVE-2019-15984 |
6.5 |
2020-01-03 |
|
Cisco Data Center Network Manager VirtualPortChannel getDomain SQL Injection Information Disclosure Vulnerability |
| ZDI-20-024 |
ZDI-CAN-9069 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getHostEnclDataLength SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-023 |
ZDI-CAN-9052 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getVpcPeerHistory SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-022 |
ZDI-CAN-9051 |
Cisco |
CVE-2019-15984 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager getVpcHistory SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-021 |
ZDI-CAN-9050 |
Cisco |
CVE-2019-15984 |
7.2 |
2020-01-03 |
|
Cisco Data Center Network Manager getAllVpc SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-020 |
ZDI-CAN-9043 |
Cisco |
CVE-2019-15984 |
7.2 |
2020-01-03 |
|
Cisco Data Center Network Manager deleteVpcHistory SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-019 |
ZDI-CAN-9042 |
Cisco |
CVE-2019-15984 |
7.2 |
2020-01-03 |
|
Cisco Data Center Network Manager getSMUTasks SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-018 |
ZDI-CAN-9041 |
Cisco |
CVE-2019-15984 |
7.2 |
2020-01-03 |
|
Cisco Data Center Network Manager ImageManagement SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-017 |
ZDI-CAN-9030 |
Cisco |
CVE-2019-15984 |
7.2 |
2020-01-03 |
|
Cisco Data Center Network Manager getTokenInfo SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-016 |
ZDI-CAN-9029 |
Cisco |
CVE-2019-15984 |
7.2 |
2020-01-03 |
|
Cisco Data Center Network Manager persistUserInfo SQL Injection Remote Code Execution Vulnerability |
| ZDI-20-015 |
ZDI-CAN-9139 |
Cisco |
CVE-2019-15981 |
6.5 |
2020-01-03 |
|
Cisco Data Center Network Manager readConfigFileFromDB Directory Traversal Information Disclosure Vulnerability |
| ZDI-20-014 |
ZDI-CAN-9130 |
Cisco |
CVE-2019-15981 |
7.1 |
2020-01-03 |
|
Cisco Data Center Network Manager ReportWS deleteReportTemplate Directory Traversal Denial-of-Service Vulnerability |
| ZDI-20-013 |
ZDI-CAN-9038 |
Cisco |
CVE-2019-15977 |
6.5 |
2020-01-03 |
|
Cisco Data Center Network Manager JBoss_4_2Encrypter Hardcoded Cryptographic Key Information Disclosure Vulnerability |
| ZDI-20-012 |
ZDI-CAN-9037 |
Cisco |
CVE-2019-15977 |
7.5 |
2020-01-03 |
|
Cisco Data Center Network Manager serverinfo Hardcoded Password Information Disclosure Vulnerability |
| ZDI-20-011 |
ZDI-CAN-9025 |
Cisco |
CVE-2019-15980 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager DbAdminRest installSwitchLicense Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-010 |
ZDI-CAN-9158 |
Cisco |
CVE-2019-15981 |
6.5 |
2020-01-03 |
|
Cisco Data Center Network Manager readConfigFileFromDBAsXML Directory Traversal Information Disclosure Vulnerability |
| ZDI-20-009 |
ZDI-CAN-9157 |
Cisco |
CVE-2019-15981 |
7.1 |
2020-01-03 |
|
Cisco Data Center Network Manager WebAnalysisWSService storeConfigToFS Directory Traversal Denial-of-Service Vulnerability |
| ZDI-20-008 |
ZDI-CAN-9140 |
Cisco |
CVE-2019-15976 |
9.8 |
2020-01-03 |
|
Cisco Data Center Network Manager SecurityManager Hard-coded Cryptographic Key Authentication Bypass Vulnerability |
| ZDI-20-007 |
ZDI-CAN-9035 |
Cisco |
CVE-2019-15980 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager reportTemplateUploadPolicy Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-006 |
ZDI-CAN-9027 |
Cisco |
CVE-2019-15980 |
6.5 |
2020-01-03 |
|
Cisco Data Center Network Manager ConfigArchiveRest getRestoreLog Directory Traversal Information Disclosure Vulnerability |
| ZDI-20-005 |
ZDI-CAN-9026 |
Cisco |
CVE-2019-15980 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager DbAdminRest runZoneMigrationForBrocade Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-004 |
ZDI-CAN-9024 |
Cisco |
CVE-2019-15980 |
8.8 |
2020-01-03 |
|
Cisco Data Center Network Manager DbAdminRest saveLicenseFileToServer Directory Traversal Remote Code Execution Vulnerability |
| ZDI-20-003 |
ZDI-CAN-9021 |
Cisco |
CVE-2019-15975 |
9.8 |
2020-01-03 |
|
Cisco Data Center Network Manager TrustedClientTokenValidator Hard-coded Cryptographic Key Authentication Bypass Vulnerability |
| ZDI-20-002 |
ZDI-CAN-9608 |
Microsoft |
|
3.1 |
2020-01-02 |
|
(0Day) Microsoft Outlook HTML Uninitialized Memory Information Disclosure Vulnerability |
| ZDI-20-001 |
ZDI-CAN-8185 |
Microsoft |
|
4.3 |
2020-01-02 |
|
(0Day) Microsoft Windows Media Player Mpeg Audio Codec Out-Of-Bounds Read Information Disclosure Vulnerability |
