What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-03-23 12:00:00 | ZDI-17-1015: Microsoft Windows JavaScript Typed Array JIT Optimization Use-After-Free Remote Code Execution Vulnerability (lien direct) | ||||
|
2018-03-07 12:00:00 | ZDI-17-1014: Microsoft Windows Font Embedding Out-Of-Bounds Read Information Disclosure Vulnerability (lien direct) | ||||
|
2018-03-06 12:00:00 | ZDI-17-1010: Microsoft Windows Font Embedding Out-Of-Bounds Read Information Disclosure Vulnerability (lien direct) | ||||
|
2017-12-12 12:00:00 | ZDI-17-948: Microsoft Windows JavaScript Array JIT Optimization Type Confusion Remote Code Execution Vulnerability (lien direct) | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-12-12 12:00:00 | ZDI-17-946: Microsoft Windows VBScript VT_BSTR Use-After-Free Information Disclosure Vulnerability (lien direct) | This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-12-12 12:00:00 | ZDI-17-947: Microsoft Windows VBScript VT_BSTR Use-After-Free Information Disclosure Vulnerability (lien direct) | This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-12-12 12:00:00 | ZDI-17-945: Microsoft Windows VBScript Join Function Use-After-Free Information Disclosure Vulnerability (lien direct) | This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-12-06 12:00:00 | ZDI-17-935: Cisco WebEx Recorder and Player WRF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability (lien direct) | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Recorder and Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-12-06 12:00:00 | ZDI-17-937: Cisco WebEx Recorder and Player WRF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability (lien direct) | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Recorder and Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-12-06 12:00:00 | ZDI-17-933: Cisco WebEx Network Recording Player Command Injection Remote Code Execution Vulnerability (lien direct) | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Network Recording Player. Authentication is not required to exploit this vulnerability. |
|||
|
2017-12-06 12:00:00 | ZDI-17-931: Cisco WebEx Recorder and Player WRF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability (lien direct) | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Recorder and Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-12-06 12:00:00 | ZDI-17-934: Cisco WebEx Recorder and Player WRF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability (lien direct) | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Recorder and Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-12-06 12:00:00 | ZDI-17-932: Cisco WebEx ARF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability (lien direct) | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Network Recording Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-12-06 12:00:00 | ZDI-17-936: Cisco WebEx Recorder and Player WRF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability (lien direct) | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Recorder and Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-11-20 12:00:00 | ZDI-17-917: Microsoft Windows EngLockSurface Time-Of-Check Time-Of-Use Race Condition Information Disclosure Vulnerability (lien direct) | This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
|||
|
2017-11-20 12:00:00 | ZDI-17-918: Cisco Prime Network Analysis Module graph sfile Parameter Directory Traversal Arbitrary File Deletion Vulnerability (lien direct) | This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of Cisco Prime Network Analysis Module. Authentication is not required to exploit this vulnerability. |
|||
|
2017-10-11 12:00:00 | ZDI-17-847: Microsoft Office Excel xls File Out-Of-Bounds Read Information Disclosure Vulnerability (lien direct) | This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-10-11 12:00:00 | ZDI-17-848: Microsoft Chakra asm.js ArrayBuffer Use-After-Free Remote Code Execution Vulnerability (lien direct) | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-10-10 12:00:00 | ZDI-17-842: Microsoft Edge substringData Use-After-Free Information Disclosure Vulnerability (lien direct) | This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-10-10 12:00:00 | ZDI-17-843: Microsoft Windows SMB Out-Of-Bounds Read Denial of Service Vulnerability (lien direct) | This vulnerability allows remote attackers to create a denial-of-service on vulnerable installations of Microsoft Windows. Authentication is required to exploit this vulnerability, assuming the product is in its default configuration. |
|||
|
2017-10-10 12:00:00 | ZDI-17-841: Microsoft Windows Font Embedding Out-Of-Bounds Read Information Disclosure Vulnerability (lien direct) | This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-10-10 12:00:00 | ZDI-17-839: Microsoft Windows XLS File Heap-based Buffer Overflow Remote Code Execution Vulnerability (lien direct) | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-10-10 12:00:00 | ZDI-17-846: Microsoft Windows DNSAPI NSEC3_RecordRead Heap-based Buffer Overflow Remote Code Execution Vulnerability (lien direct) | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-10-10 12:00:00 | ZDI-17-844: Microsoft Chakra Array JIT Optimization Type Confusion Remote Code Execution Vulnerability (lien direct) | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-10-10 12:00:00 | ZDI-17-845: Microsoft Windows Submenu Use-After-Free Privilege Escalation Vulnerability (lien direct) | This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
|||
|
2017-10-10 12:00:00 | ZDI-17-840: Microsoft Windows XLS File Buffer Overflow Remote Code Execution Vulnerability (lien direct) | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-10-06 12:00:00 | ZDI-17-838: (0Day) Microsoft Windows WAV File Uninitialized Pointer Denial of Service Vulnerability (lien direct) | This vulnerability allows remote attackers to cause a denial-of-service condition on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-10-04 12:00:00 | ZDI-17-837: Cisco License Manager Server ReportCSV Directory Traversal Information Disclosure Vulnerability (lien direct) | This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Cisco License Manager Server. Authentication is not required to exploit this vulnerability. |
|||
|
2017-09-26 12:00:00 | ZDI-17-826: Dell EMC VNX Monitoring and Reporting RMI Registry Deserialization of Untrusted Data Denial of Service Vulnerability (lien direct) | This vulnerability allows remote attackers to create a denial of service on vulnerable installations of Dell EMC VNX Monitoring and Reporting. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. |
|||
|
2017-09-26 12:00:00 | ZDI-17-827: Dell EMC VNX Monitoring and Reporting Scheduler Directory Traversal Remote Code Execution Vulnerability (lien direct) | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Dell EMC VNX Monitoring and Reporting. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. |
|||
|
2017-09-12 12:00:00 | ZDI-17-729: Microsoft Windows PDF Library JPEG2000 Heap-based Buffer Overflow Remote Code Execution Vulnerability (lien direct) | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows PDF Library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-09-12 12:00:00 | ZDI-17-728: Microsoft Windows PDF Library JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability (lien direct) | This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows PDF Library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-09-12 12:00:00 | ZDI-17-731: Microsoft Chakra Array Type Confusion Remote Code Execution Vulnerability (lien direct) | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-09-12 12:00:00 | ZDI-17-726: Microsoft Internet Explorer JavaScript WeakMap Type Confusion Remote Code Execution Vulnerability (lien direct) | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-09-12 12:00:00 | ZDI-17-734: Microsoft Windows Uniscribe Bidirectional Text Out-Of-Bounds Read Information Disclosure Vulnerability (lien direct) | This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-09-12 12:00:00 | ZDI-17-730: Microsoft Office Word WordPerfect Document Converter Heap-based Buffer Overflow Remote Code Execution Vulnerability (lien direct) | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-09-12 12:00:00 | ZDI-17-733: Microsoft Windows win32kfull Integer Overflow Remote Code Execution Vulnerability (lien direct) | This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
|||
|
2017-09-12 12:00:00 | ZDI-17-727: Microsoft Office Excel xlsb File Heap-based Buffer Overflow Remote Code Execution Vulnerability (lien direct) | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-09-12 12:00:00 | ZDI-17-725: Microsoft Edge Undo Command Out-Of-Bounds Read Information Disclosure Vulnerability (lien direct) | This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-09-12 12:00:00 | ZDI-17-732: Microsoft Office PowerPoint ppt File Use-After-Free Remote Code Execution Vulnerability (lien direct) | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office PowerPoint. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-08-08 12:00:00 | ZDI-17-635: Microsoft Windows CLFS Driver Buffer Overflow Privilege Escalation Vulnerability (lien direct) | This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
|||
|
2017-08-08 12:00:00 | ZDI-17-637: Microsoft Edge XAML File Improper Access Control Privilege Escalation Vulnerability (lien direct) | This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Microsoft Edge. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
|||
|
2017-08-08 12:00:00 | ZDI-17-639: Microsoft Windows Error Reporting Manager Improper Access Control Privilege Escalation Vulnerability (lien direct) | This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute medium-privileged code on the target system in order to exploit this vulnerability. |
|||
|
2017-08-08 12:00:00 | ZDI-17-636: Microsoft Windows PDF Library JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability (lien direct) | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows PDF Library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-08-08 12:00:00 | ZDI-17-638: Microsoft Windows Jet Engine Library Stack-based Buffer Overflow Remote Code Execution Vulnerability (lien direct) | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-08-08 12:00:00 | ZDI-17-640: Microsoft Internet Explorer SVG Layout Uninitialized Memory Remote Code Execution Vulnerability (lien direct) | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-08-08 12:00:00 | ZDI-17-641: Microsoft Chakra eval Integer Overflow Remote Code Execution Vulnerability (lien direct) | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-08-02 12:00:00 | ZDI-17-523: Dell Storage Manager EmWebsiteServlet Directory Traversal Information Disclosure Vulnerability (lien direct) | This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Dell Storage Manager. Authentication is not required to exploit this vulnerability. |
|||
|
2017-07-14 12:00:00 | ZDI-17-488: Microsoft Windows OTL Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability (lien direct) | This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. |
|||
|
2017-07-12 12:00:00 | ZDI-17-487: (Pwn2Own) Microsoft Windows NtUserLinkDpiCursor Use-After-Free Privilege Escalation Vulnerability (lien direct) | This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
To see everything:
Our RSS (filtrered)
