CVE

Zero Day Initiative CVE Feb 12

ZDI-26-093: Schneider Electric EcoStruxure Power Build SSD File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interactio...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-092: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interactio...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-091: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interactio...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-090: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interactio...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-089: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interactio...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-088: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interactio...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-087: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interactio...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-086: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interactio...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-085: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interactio...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-084: Schneider Electric EcoStruxure Power Build SSD File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interactio...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Microsoft Feb 12

ZDI-26-083: Microsoft Windows searchConnector-ms NTLM Response Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose NTLM responses on affected installations of Microsoft Windows. User interaction is required to exploit...

1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Microsoft Feb 12

ZDI-26-082: Microsoft Exchange InterceptorSmtpAgent Reliance on Untrusted Inputs Security Feature Bypass Vulnerability

This vulnerability allows remote attackers to bypass a security feature on affected installations of Microsoft Exchange. Authentication is not required to ex...

1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Microsoft Feb 12

ZDI-26-081: Microsoft Windows win32kfull Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Ivanti Feb 12

ZDI-26-080: Ivanti Endpoint Manager AuthHelper Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Endpoint Manager. Authentication is not required to e...

T1556 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Ivanti Feb 12

ZDI-26-079: Ivanti Endpoint Manager ROI SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is required to expl...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-078: Deciso OPNsense diag_backup.php filename Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deciso OPNsense. Authentication is required to ex...

T1190 T1059 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-077: GFI Archiver MArc.Store Missing Authorization Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of GFI Archiver. Authentication is not required to exploit this...

T1556 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-076: GFI Archiver MArc.Store Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GFI Archiver. Although authentication is required to exploi...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-075: GFI Archiver MArc.Core Missing Authorization Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of GFI Archiver. Authentication is not required to exploit this...

T1556 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-074: GFI Archiver MArc.Core Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GFI Archiver. Although authentication is required to exploi...

T1190 1 IOC

Zero Day Initiative →