ZDI-22-1216: (0Day) NIKON NIS-Elements Viewer PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer. User interaction is required to exploit this vulnerability in...
ZDI-22-1217: (0Day) NIKON NIS-Elements Viewer BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer. User interaction is required to exploit this vulnerability in...
ZDI-22-1218: (0Day) NIKON NIS-Elements Viewer TIF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer. User interaction is required to exploit this vulnerability in...
ZDI-22-1219: (0Day) NIKON NIS-Elements Viewer TIF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer. User interaction is required to exploit this vulnerability in...
ZDI-22-1189: Trend Micro Apex One Origin Validation Error Denial-of-Service Vulnerability
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain...
ZDI-22-1190: Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability...
ZDI-22-1191: Trend Micro Apex One Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute...
CVE-2020-19587
Cross Site Scripting (XSS) vulnerability in configMap parameters in Yellowfin Business Intelligence 7.3 allows remote attackers to run arbitrary code via MIAdminStyles.i4 Admin UI. Read...
CVE-2020-19586
Incorrect Access Control issue in Yellowfin Business Intelligence 7.3 allows remote attackers to escalate privilege via MIAdminStyles.i4 Admin UI. Read More
Wormable Flaw, 0days Lead Sept. 2022 Patch Tuesday
This month’s Patch Tuesday offers a little something for everyone, including security updates for a zero-day flaw in Microsoft Windows that is under active attack,...