ZDI: Published Advisories :
The following is a list of publicly disclosed vulnerabilities discovered by Zero Day Initiative researchers. While the affected vendor is working on a patch for these vulnerabilities, Trend Micro customers are protected from exploitation by security filters delivered ahead of public disclosure. All security vulnerabilities that are acquired by the Zero Day Initiative are handled according to the ZDI Disclosure Policy. Voir les Non lu | Plus vieux en premierZDI-24-1196: Adobe Acrobat Reader DC Doc Object Use-After-Free Information Disclosure Vulnerability
ZDI: Published Advisories le 09/09/2024 à 07:00:00 - Favoriser || Lu/Non lu
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 3.3. The following CVEs are assigned: CVE-2024-45107.
Lu/Non lu Favoriser
ZDI-24-1195: Malwarebytes Antimalware Link Following Local Privilege Escalation Vulnerability
ZDI: Published Advisories le 05/09/2024 à 07:00:00 - Favoriser || Lu/Non lu
This vulnerability allows local attackers to escalate privileges on affected installations of Malwarebytes Antimalware. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.0. The following CVEs are assigned: CVE-2024-6260.
Lu/Non lu Favoriser
ZDI-24-1193: Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
ZDI: Published Advisories le 05/09/2024 à 07:00:00 - Favoriser || Lu/Non lu
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-7502.
Lu/Non lu Favoriser
ZDI-24-1194: Linux Kernel Plan 9 File System Race Condition Local Privilege Escalation Vulnerability
ZDI: Published Advisories le 05/09/2024 à 07:00:00 - Favoriser || Lu/Non lu
This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-39463.
Lu/Non lu Favoriser
ZDI-24-1189: (0Day) Visteon Infotainment App SoC Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability
ZDI: Published Advisories le 30/08/2024 à 07:00:00 - Favoriser || Lu/Non lu
This vulnerability allows local attackers to escalate privileges on affected installations of Visteon Infotainment systems. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-8357.