Zero Day Initiative — FreeIntelHub

Zero Day Initiative CVE Adobe 19h ago

ZDI-26-349: Adobe Acrobat Pro DC Annots.api Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to explo...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Adobe 19h ago

ZDI-26-348: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to ex...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Adobe 19h ago

ZDI-26-347: Adobe Acrobat Reader DC Multimedia Rendition Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to ex...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE 5d ago

ZDI-26-328: ASUS Business Manager Service Client-Side Authentication Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of ASUS Business Manager. An attacker must first obtain the abilit...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Microsoft 5d ago

ZDI-26-331: (Pwn2Own) Microsoft Edge Feedback Log File Handling Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Edge. User interaction is required to exploit thi...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Microsoft 5d ago

ZDI-26-330: (Pwn2Own) Microsoft Edge Navigation Handling Universal Cross-Site Scripting Vulnerability

This vulnerability allows remote attackers to execute arbitrary cross-origin script on affected installations of Microsoft Edge. User interaction is required...

1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Microsoft 5d ago

ZDI-26-329: (Pwn2Own) Microsoft Edge Origin Validation Error Security Bypass Vulnerability

This vulnerability allows remote attackers to access restricted functionality on affected installations of Microsoft Edge. User interaction is required to ex...

1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Linux Docker 6d ago

ZDI-26-327: Docker Desktop grpcfuse Kernel Module Uncontrolled Recursion Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Docker Desktop. An attacker must first obtain ...

1 IOC

Zero Day Initiative →

Zero Day Initiative CVE May 28

ZDI-26-326: TrendAI Vision One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of TrendAI Vision One Security Agent. An attacker must first obtai...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE May 28

ZDI-26-325: TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of TrendAI Vision One Security Agent. An attacker must first obtai...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE May 28

ZDI-26-324: TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of TrendAI Vision One Security Agent. An attacker must first obtai...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE May 28

ZDI-26-323: TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of TrendAI Vision One Security Agent. An attacker must first obtai...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE May 28

ZDI-26-322: TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of TrendAI Vision One Security Agent. An attacker must first obtai...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE May 28

ZDI-26-321: TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of TrendAI Vision One Security Agent. An attacker must first obtai...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE May 28

ZDI-26-320: TrendAI Vision One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of TrendAI Vision One Security Agent. An attacker must first obtai...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE May 21

ZDI-26-319: Progress Software Kemp LoadMaster addcountry Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software Kemp LoadMaster. Authentication is requir...

T1190 T1059 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE May 21

ZDI-26-318: Progress Software Kemp LoadMaster ssodomain_killsession Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software Kemp LoadMaster. Authentication is requir...

T1190 T1059 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Ivanti May 12

ZDI-26-308: Ivanti Endpoint Manager RemoteControlAuth Exposed Dangerous Method Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Endpoint Manager. Although authentication is...

1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Microsoft May 12

ZDI-26-310: Microsoft Windows splwow64 Race Condition Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Microsoft May 12

ZDI-26-309: Microsoft Windows Message Queueing Double Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows that run Message Queueing. An attacker must f...

T1548 T1068 1 IOC

Zero Day Initiative →