ZDI-23-238: Unity Technologies Unity Editor DAE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unity Technologies Unity Editor. User interaction is required to exploit this vulnerability...
ZDI-23-239: Unity Technologies Unity Editor SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unity Technologies Unity Editor. User interaction is required to exploit this vulnerability...
ZDI-23-240: Unity Technologies Unity Editor FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unity Technologies Unity Editor. User interaction is required to exploit this vulnerability...
ZDI-23-241: Oracle WebLogic Server IIOP Protocol Deserialization of Untrusted Data Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Oracle WebLogic Server. Authentication is not required to exploit this vulnerability....
ZDI-23-242: Microsoft Windows http.sys Integer Overflow Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code...
ZDI-23-243: Microsoft Windows win32kfull Bitmap Use-After-Free Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code...
ZDI-23-244: TP-Link Archer AX21 tmpServer Command 0x422 Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer AX21 routers. Authentication is required to exploit this vulnerability. Read...
ZDI-23-245: TP-Link Archer AX21 tdpServer Logging Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer AX21 routers. Authentication is not required to exploit this vulnerability....
Two U.S. Men Charged in 2022 Hacking of DEA Portal
Two U.S. men have been charged with hacking into a U.S. Drug Enforcement Agency (DEA) online portal that taps into 16 different federal law enforcement...
Critical Patches Issued for Microsoft Products, March 14, 2023
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged...