漏洞通報
Trend Micro Apex One Security Agent Time-Of-Check Time-Of-Use Local Privilege Vulnerability
CVSS 7.8
Reported by Lays
Trend Micro Apex One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability
CVSS 7.8
Reported by Lays
Zyxel Firewall Pre-Authentication Format String Remote Code Execution Vulnerability
CVSS 8.1
Reported by Lays & atdog
Zyxel Firewall Post-Authentication Format String Remote Code Execution Vulnerability
CVSS 5.7
Reported by Lays & atdog
Zyxel Firewall Post-Authentication Command Injection Remote Code Execution Vulnerability
CVSS 7.2
Reported by Lays & atdog
Zyxel Firewall Remote Kernel DoS Vulnerability
CVSS 6.5
Reported by Lays & atdog
Trend Micro Apex One Security Agent Exposed Dangerous Function Local Privilege Escalation Vulnerability
CVSS 7.8
Reported by Lays
Windows Kernel Denial of Service Vulnerability
CVSS 5.5
Reported by Lays
Zyxel Firewall Pre-Authentication DoS Vulnerability
CVSS 7.5
Reported by Lays & atdog
Trend Micro Apex One Security Agent Plug-in Manager Origin Validation Error Local Privilege Escalation Vulnerability
CVSS 7.8
Reported by Lays
Trend Micro Apex One Security Agent Plug-in Manager Origin Validation Error Local Privilege Escalation Vulnerability
CVSS 7.8
Reported by Lays
Trend Micro Apex One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability
CVSS 7.8
Reported by Lays
Trend Micro Apex One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability
CVSS 7.8
Reported by Lays
Trend Micro Apex One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability
CVSS 7.8
Reported by Lays
Trend Micro Apex One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability
CVSS 7.8
Reported by Lays
Trend Micro Apex One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability
CVSS 7.8
Reported by Lays
Trend Micro Apex One Security Agent Origin Validation Error Local Privilege Escalation Vulnerability
CVSS 7.8
Reported by Lays
Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability
CVSS 7.8
Reported by Lays
ASUSTOR Data Master (ADM) Pre-Authentication Command Injection Remote Code Execution Vulnerability
CVSS 8.8
Reported by atdog & Lays
ASUSTOR Data Master (ADM) Pre-Authentication Arbitrary File Creation Vulnerability
CVSS 8.5
Reported by atdog & Lays
ASUSTOR Data Master (ADM) Pre-Authentication Arbitrary File Deletion Vulnerability
CVSS 8.5
Reported by atdog & Lays
Zyxel Firewall Pre-Authentication Command Injection Remote Code Execution Vulnerability
CVSS 8.8
Reported by atdog & Lays
Zyxel Firewall Pre-Authentication Format String Remote Code Execution Vulnerability
CVSS 8.8
Reported by atdog & Lays
Zyxel Firewall Pre-Authentication Command Injection Remote Code Execution Vulnerability
CVSS 8.8
Reported by atdog
Trend Micro Apex One Security Agent Exposed Dangerous Function Local Privilege Escalation Vulnerability
CVSS 7.8
Reported by Lays
Trend Micro Apex One Security Agent Exposed Dangerous Function Local Privilege Escalation Vulnerability
CVSS 7.8
Reported by Lays
Trend Micro Apex One Security Agent Exposed Dangerous Function Local Privilege Escalation Vulnerability
CVSS 7.8
Reported by Lays
Trend Micro Apex One Security Agent Untrusted Search Path Local Privilege Escalation Vulnerability
CVSS 7.8
Reported by Lays
Trend Micro Apex One Security Agent Untrusted Search Path Local Privilege Escalation Vulnerability
CVSS 7.8
Reported by Lays
Zyxel Firewall Pre-Authentication Buffer Overflow Remote Code Execution Vulnerability
CVSS 9.8
Reported by Lays & atdog
Zyxel Firewall Pre-Authentication Buffer Overflow Remote Code Execution Vulnerability
CVSS 9.8
Reported by Lays & atdog
Trend Micro Apex One Security Agent Time-of-Check Time-of-Use LPE Vulnerability
CVSS 7.8
Reported by Lays
Zyxel Firewall Pre-Authentication Command Injection Remote Code Execution Vulnerability
CVSS 9.8
Reported by Lays & atdog
Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability
CVSS 7.8
Reported by Lays
Trend Micro Apex One Security Agent Directory Traversal Local Privilege Escalation Vulnerability
CVSS 7.8
Reported by Lays
Trend Micro Apex One Security Agent Improper Certification Validation Local Privilege Escalation Vulnerability
CVSS 7.8
Reported by Lays
Zyxel Firewall Post-Authentication Command Injection Remote Code Execution Vulnerability
CVSS 7.2
Reported by atdog
Trend Micro Apex One Incorrect Permission Assignment Privilege Escalation Vulnerability
CVSS 7.8
Reported by Lays
Synology DiskStation Manager Command Injection
CVSS 8.8
Reported by ddaa
Synology DiskStation Manager Buffer Overflow
CVSS 9.8
Reported by ddaa
Heap buffer overflow in Blink in Google Chrome
CVSS 9.6
Reported by Lays
Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability
CVSS 7.8
Reported by Lays
Trend Micro Apex One Incorrect Permission Assignment Privilege Escalation Vulnerability
CVSS 7.8
Reported by Lays
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVSS 8.2
Reported by Lays
Trend Micro Apex One Incorrect Permission Assignment Privilege Escalation Vulnerability
CVSS 7.8
Reported by Lays
Trend Micro Apex One Improper Access Control Privilege Escalation Vulnerability
CVSS 7.8
Reported by Lays
NETGEAR R7800 udchpd DHCP_REQUEST Command Injection Remote Code Execution Vulnerability
CVSS 8.8
Reported by atdog
Western Digital MyCloud PR4100 nasAdmin Authentication Bypass Vulnerability
CVSS 9.8
Reported by Lays
SVE-2020-16712 Arbitrary Code Execution in Secure Bootloader
CVSS 9.8
Reported by Jeffxx
SVE-2019-16587, SVE-2019-16588, SVE-2019-16589: Arbitrary code execution in Fingerprint Trustlet
CVSS 9.8
Reported by Lays
SVE-2019-15872 Improper aligned size check leads buffer overflow in secure bootloader
CVSS 9.8
Reported by Jeffxx
SVE-2019-14575 Brute force attack on screen lock password
CVSS 9.8
Reported by Jeffxx
LNK Remote Code Execution Vulnerability
CVSS 8.8
Reported by Lays
LNK Remote Code Execution Vulnerability
CVSS 8.8
Reported by Lays
SVE-2019-14891: Missing Param Type check in SEM Trustlet
CVSS 9.8
Reported by atdog
SVE-2019-14665: Stack overflow in HDCP Trustlet
CVSS 9.8
Reported by Jeffxx
SVE-2019-14651, SVE-2019-14666: Arbitrary memory overwrite and stack overflow in SEM Trustlet
CVSS 9.8
Reported by atdog
Stack-based overflow vulnerability in the logMess function in Open TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2018-10387 and CVE-2019-12567.
CVSS 9.8
Reported by ddaa
Stack-based overflow vulnerability in the logMess function in Open TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2018-10387 and CVE-2019-12568.
CVSS 9.8
Reported by ddaa
Jet Database Engine Remote Code Execution Vulnerability
CVSS 8.8
Reported by Lays
LNK Remote Code Execution Vulnerability
CVSS 8.8
Reported by Lays
LNK Remote Code Execution Vulnerability
CVSS 8.8
Reported by Lays
Jet Database Engine Remote Code Execution Vulnerability
CVSS 8.8
Reported by Lays
Format string vulnerability in the logMess function in TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet.
CVSS 9.8
Reported by ddaa
Format string vulnerability in the logMess function in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet.
CVSS 9.8
Reported by ddaa
Heap-based overflow vulnerability in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or possibly execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2008-2161.
CVSS 9.8
Reported by ddaa
SVE-2017-10733: Stack overflow in Trustlet
CVSS 8.1
Reported by atdog
Pre-Authentication Remote Code Execution
CVSS 8.8
Reported by Lays
SVE-2017-10598: Arbitrary Code Execution in the Samsung Bootloader
CVSS 8.4
Reported by atdog
Synology DiskStation Manager XSS
CVSS 6.5
Reported by Lays