Leed
1.14.0 dev

Se souvenir de moi

Raccourcis clavier

  • m marque l’élément sélectionné comme lu / non lu
  • l marque l’élément précédent comme non lu
  • s marque l’élément sélectionné comme favori / non favori
  • n élément suivant (sans l’ouvrir)
  • v ouvre l’URL de l’élément sélectionné
  • p élément précédent (sans l’ouvrir)
  • espace élément suivant (et l’ouvrir)
  • k élément précédent (et l’ouvrir)
  • o ou enter ouvrir l’élément sélectionné
  • j change le mode d'affichage de l'article (titre, réduit, complet)
  • h afficher/masquer le panneau d’aide

ZDI: Published Advisories :

The following is a list of publicly disclosed vulnerabilities discovered by Zero Day Initiative researchers. While the affected vendor is working on a patch for these vulnerabilities, Trend Micro customers are protected from exploitation by security filters delivered ahead of public disclosure. All security vulnerabilities that are acquired by the Zero Day Initiative are handled according to the ZDI Disclosure Policy.
Voir les Non lu | Plus vieux en premier

ZDI-24-1196: Adobe Acrobat Reader DC Doc Object Use-After-Free Information Disclosure Vulnerability

ZDI: Published Advisories le 09/09/2024 à 07:00:00 - Favoriser ||  Lu/Non lu

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 3.3. The following CVEs are assigned: CVE-2024-45107.

ZDI-24-1195: Malwarebytes Antimalware Link Following Local Privilege Escalation Vulnerability

ZDI: Published Advisories le 05/09/2024 à 07:00:00 - Favoriser ||  Lu/Non lu

This vulnerability allows local attackers to escalate privileges on affected installations of Malwarebytes Antimalware. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.0. The following CVEs are assigned: CVE-2024-6260.

ZDI-24-1193: Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

ZDI: Published Advisories le 05/09/2024 à 07:00:00 - Favoriser ||  Lu/Non lu

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-7502.

ZDI-24-1194: Linux Kernel Plan 9 File System Race Condition Local Privilege Escalation Vulnerability

ZDI: Published Advisories le 05/09/2024 à 07:00:00 - Favoriser ||  Lu/Non lu

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-39463.

ZDI-24-1189: (0Day) Visteon Infotainment App SoC Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability

ZDI: Published Advisories le 30/08/2024 à 07:00:00 - Favoriser ||  Lu/Non lu

This vulnerability allows local attackers to escalate privileges on affected installations of Visteon Infotainment systems. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-8357.