ZDI-23-703: Linux Kernel ksmbd Session Setup Memory Leak Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability, but...
ZDI-23-704: Linux Kernel ksmbd Session User Object Race Condition Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability, but only...
ZDI-23-705: Linux Kernel ksmbd Session Race Condition Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability, but only...
ZDI-23-706: Linux Kernel ksmbd Session Race Condition Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability, but only...
ZDI-23-707: Linux Kernel vmwgfx Driver Race Condition Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged...
ZDI-23-708: Linux Kernel vmwgfx Driver Double Free Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code...
ZDI-23-709: (Pwn2Own) Prosys OPC UA Simulation Server Resource Exhaustion Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Prosys OPC UA Simulation Server. Authentication is not required to exploit...
ZDI-23-710: (0Day) (Pwn2Own) Mikrotik RouterOS RADVD Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Mikrotik RouterOS. Authentication is not required to exploit this vulnerability. Read More
ZDI-23-639: Schneider Electric APC Easy UPS Online Incorrect Permission Assignment Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Schneider Electric APC Easy UPS Online. An attacker must first obtain the ability...
ZDI-23-640: PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that...