ZDI: Upcoming Advisories

ZDI-CAN-25426: Amazon

ZDI: Upcoming Advisories
1 year 2 months ago
A CVSS score 9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Nitesh Surana (@_niteshsurana) of Trend Micro Research' was reported to the affected vendor on: 2024-10-03, 60 days ago. The vendor is given until 2025-01-31 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-25333: Adobe

ZDI: Upcoming Advisories
1 year 2 months ago
A CVSS score 7.3 AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2024-10-03, 60 days ago. The vendor is given until 2025-01-31 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-25351: PostHog

ZDI: Upcoming Advisories
1 year 2 months ago
A CVSS score 7.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N severity vulnerability discovered by 'Mehmet INCE (@mdisec) from PRODAFT.com' was reported to the affected vendor on: 2024-10-03, 12 days ago. The vendor is given until 2025-01-31 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-25498: AVG

ZDI: Upcoming Advisories
1 year 2 months ago
A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Vladislav Berghici of Trend Micro Research' was reported to the affected vendor on: 2024-10-03, 60 days ago. The vendor is given until 2025-01-31 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-25494: Google

ZDI: Upcoming Advisories
1 year 2 months ago
A CVSS score 7.5 AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Lucas Leong (@_wmliang_) of Trend Micro Zero Day Initiative' was reported to the affected vendor on: 2024-10-03, 60 days ago. The vendor is given until 2025-01-31 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-25352: PostHog

ZDI: Upcoming Advisories
1 year 2 months ago
A CVSS score 7.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N severity vulnerability discovered by 'Mehmet INCE (@mdisec) from PRODAFT.com' was reported to the affected vendor on: 2024-10-03, 60 days ago. The vendor is given until 2025-01-31 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-25358: PostHog

ZDI: Upcoming Advisories
1 year 2 months ago
A CVSS score 7.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N severity vulnerability discovered by 'Mehmet INCE (@mdisec) from PRODAFT.com' was reported to the affected vendor on: 2024-10-03, 60 days ago. The vendor is given until 2025-01-31 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-24936: Trend Micro

ZDI: Upcoming Advisories
1 year 2 months ago
A CVSS score 7.5 AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Poh Jia Hao of STAR Labs SG Pte. Ltd.' was reported to the affected vendor on: 2024-10-03, 60 days ago. The vendor is given until 2025-01-31 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-25368: PDF-XChange

ZDI: Upcoming Advisories
1 year 2 months ago
A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor on: 2024-10-01, 62 days ago. The vendor is given until 2025-01-29 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-25194: Autodesk

ZDI: Upcoming Advisories
1 year 2 months ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor on: 2024-10-01, 30 days ago. The vendor is given until 2025-01-29 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-25421: PDF-XChange

ZDI: Upcoming Advisories
1 year 2 months ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor on: 2024-10-01, 62 days ago. The vendor is given until 2025-01-29 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-25456: 7-Zip

ZDI: Upcoming Advisories
1 year 2 months ago
A CVSS score 7.0 AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Peter Girnus - Trend Micro Zero Day Initiative' was reported to the affected vendor on: 2024-10-01, 62 days ago. The vendor is given until 2025-01-29 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-25422: PDF-XChange

ZDI: Upcoming Advisories
1 year 2 months ago
A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor on: 2024-10-01, 62 days ago. The vendor is given until 2025-01-29 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-25168: Autodesk

ZDI: Upcoming Advisories
1 year 2 months ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor on: 2024-10-01, 30 days ago. The vendor is given until 2025-01-29 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-25405: PDF-XChange

ZDI: Upcoming Advisories
1 year 2 months ago
A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor on: 2024-10-01, 62 days ago. The vendor is given until 2025-01-29 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-25271: Autodesk

ZDI: Upcoming Advisories
1 year 2 months ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor on: 2024-10-01, 30 days ago. The vendor is given until 2025-01-29 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-25276: Ashlar-Vellum

ZDI: Upcoming Advisories
1 year 2 months ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor on: 2024-09-26, 67 days ago. The vendor is given until 2025-01-24 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-25336: Logsign

ZDI: Upcoming Advisories
1 year 2 months ago
A CVSS score 9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Abdessamad Lahlali and Smile Thanapattheerakul of Trend Micro' was reported to the affected vendor on: 2024-09-26, 67 days ago. The vendor is given until 2025-01-24 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

ZDI-CAN-25252: Ashlar-Vellum

ZDI: Upcoming Advisories
1 year 2 months ago
A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor on: 2024-09-26, 67 days ago. The vendor is given until 2025-01-24 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.
Checked
7 hours 58 minutes ago
The following is a list of vulnerabilities discovered by Zero Day Initiative researchers that are yet to be publicly disclosed. The affected vendor has been contacted on the specified date and while they work on a patch for these vulnerabilities, Trend Micro customers are protected from exploitation by IPS filters delivered ahead of public disclosure. Once the affected vendor patches the vulnerability, we publish an accompanying security advisory which describes the issue, including links to the vendor's fixes.
URL
http://www.zerodayinitiative.com/advisories/upcoming/
ZDI: Upcoming Advisories feed

Managed ad