Zero Day Initiative — FreeIntelHub

Zero Day Initiative CVE Feb 19

ZDI-26-119: GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerab...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 19

ZDI-26-118: GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerab...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Microsoft Feb 19

ZDI-26-117: RustDesk Client for Windows Transfer File Link Following Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of RustDesk Client for Windows. An attacker must first ...

1 IOC

Zero Day Initiative →

Zero Day Initiative CVE F5 Feb 19

ZDI-26-116: TensorFlow HDF5 Library Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of TensorFlow. An attacker must first obtain the ability to execut...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Fortinet Feb 19

ZDI-26-115: Fortinet FortiClient VPN FCConfig Utility Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Fortinet FortiClient VPN. An attacker must first obtain the abi...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 19

ZDI-26-114: Dassault Systèmes eDrawings Viewer EPRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is re...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 19

ZDI-26-113: Dassault Systèmes eDrawings Viewer EPRT File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is re...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 19

ZDI-26-112: Dassault Systèmes eDrawings Viewer EPRT File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is re...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 19

ZDI-26-111: MLflow Use of Default Password Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulne...

T1556 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 19

ZDI-26-110: Bosch Rexroth IndraWorks Print Settings File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bosch Rexroth IndraWorks. User interaction is required to e...

T1190 2 IOCs

Zero Day Initiative →

Zero Day Initiative CVE Feb 19

ZDI-26-109: Bosch Rexroth IndraWorks OPC.TestClient XML File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bosch Rexroth IndraWorks. User interaction is required to e...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 19

ZDI-26-108: Bosch Rexroth IndraWorks UA.TestClient XML File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bosch Rexroth IndraWorks. User interaction is required to e...

T1190 1 IOC

Zero Day Initiative →