Zero Day Initiative

Zero Day Initiative CVE Feb 19

ZDI-26-113: Dassault Systèmes eDrawings Viewer EPRT File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is re...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 19

ZDI-26-112: Dassault Systèmes eDrawings Viewer EPRT File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is re...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 19

ZDI-26-111: MLflow Use of Default Password Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of MLflow. Authentication is not required to exploit this vulne...

T1556 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 19

ZDI-26-110: Bosch Rexroth IndraWorks Print Settings File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bosch Rexroth IndraWorks. User interaction is required to e...

T1190 2 IOCs

Zero Day Initiative →

Zero Day Initiative CVE Feb 19

ZDI-26-109: Bosch Rexroth IndraWorks OPC.TestClient XML File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bosch Rexroth IndraWorks. User interaction is required to e...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 19

ZDI-26-108: Bosch Rexroth IndraWorks UA.TestClient XML File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bosch Rexroth IndraWorks. User interaction is required to e...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 18

ZDI-26-107: Autodesk AutoCAD MODEL File Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit t...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 18

ZDI-26-106: Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit t...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 13

ZDI-26-105: MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to e...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 13

ZDI-26-104: Sante DICOM Viewer Pro DCM File Parsing Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exp...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Oracle Feb 13

ZDI-26-103: Oracle VirtualBox VMSVGA Out-Of-Bounds Access Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Oracle Feb 13

ZDI-26-102: Oracle VirtualBox VMSVGA Out-Of-Bounds Write Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Oracle Feb 13

ZDI-26-101: Oracle VirtualBox BusLogic Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the...

1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Oracle Feb 13

ZDI-26-100: Oracle VirtualBox LsiLogic Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the...

1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Oracle Feb 13

ZDI-26-099: Oracle VirtualBox VMSVGA Race Condition Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Oracle Feb 13

ZDI-26-098: Oracle VirtualBox VMSVGA Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Oracle Feb 13

ZDI-26-097: Oracle VirtualBox VMSVGA Heap-based Buffer Overflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 13

ZDI-26-096: Dassault Systèmes eDrawings Viewer EPRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is re...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 13

ZDI-26-095: Dassault Systèmes eDrawings Viewer EPRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is re...

T1190 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Feb 12

ZDI-26-094: Schneider Electric EcoStruxure Power Build SSD File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interactio...

T1190 1 IOC

Zero Day Initiative →