Zero Day Initiative Upcoming Advisories

ZDI: Upcoming Advisories Upcoming Advisories

  • ZDI-CAN-11063: Parallels
    on July 15, 2020 at 5:00 am

    A CVSS score 6.5 (AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N) severity vulnerability discovered by ‘[email protected]’ was reported to the affected vendor on: 2020-07-15, 0 days ago. The vendor is given until 2020-11-12 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-10424: Google
    on July 15, 2020 at 5:00 am

    A CVSS score 4.3 (AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) severity vulnerability discovered by ‘Edward Flanker’ was reported to the affected vendor on: 2020-07-15, 0 days ago. The vendor is given until 2020-11-12 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11098: WECON
    on July 15, 2020 at 5:00 am

    A CVSS score 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by ‘Tran Van Khang – khangkito of VinCSS (Member of Vingroup)’ was reported to the affected vendor on: 2020-07-15, 0 days ago. The vendor is given until 2020-11-12 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11097: WECON
    on July 15, 2020 at 5:00 am

    A CVSS score 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by ‘Tran Van Khang – khangkito of VinCSS (Member of Vingroup)’ was reported to the affected vendor on: 2020-07-15, 0 days ago. The vendor is given until 2020-11-12 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11116: Apple
    on July 15, 2020 at 5:00 am

    A CVSS score 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by ‘Brendan Draper (@6r3nd4n)’ was reported to the affected vendor on: 2020-07-15, 0 days ago. The vendor is given until 2020-11-12 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11100: WECON
    on July 15, 2020 at 5:00 am

    A CVSS score 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by ‘Tran Van Khang – khangkito of VinCSS (Member of Vingroup)’ was reported to the affected vendor on: 2020-07-15, 0 days ago. The vendor is given until 2020-11-12 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11123: Apple
    on July 15, 2020 at 5:00 am

    A CVSS score 7.8 (AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H) severity vulnerability discovered by ‘ABC Research s.r.o.’ was reported to the affected vendor on: 2020-07-15, 0 days ago. The vendor is given until 2020-11-12 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11122: Apple
    on July 15, 2020 at 5:00 am

    A CVSS score 7.8 (AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H) severity vulnerability discovered by ‘ABC Research s.r.o.’ was reported to the affected vendor on: 2020-07-15, 0 days ago. The vendor is given until 2020-11-12 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11185: WECON
    on July 15, 2020 at 5:00 am

    A CVSS score 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by ‘Francis Provencher {PRL}’ was reported to the affected vendor on: 2020-07-15, 0 days ago. The vendor is given until 2020-11-12 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11124: Apple
    on July 15, 2020 at 5:00 am

    A CVSS score 7.8 (AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H) severity vulnerability discovered by ‘ABC Research s.r.o.’ was reported to the affected vendor on: 2020-07-15, 0 days ago. The vendor is given until 2020-11-12 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11186: WECON
    on July 15, 2020 at 5:00 am

    A CVSS score 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by ‘Natnael Samson (@NattiSamson)’ was reported to the affected vendor on: 2020-07-15, 0 days ago. The vendor is given until 2020-11-12 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11187: WECON
    on July 15, 2020 at 5:00 am

    A CVSS score 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by ‘Natnael Samson (@NattiSamson)’ was reported to the affected vendor on: 2020-07-15, 0 days ago. The vendor is given until 2020-11-12 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11207: Apple
    on July 15, 2020 at 5:00 am

    A CVSS score 7.8 (AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H) severity vulnerability discovered by ‘ABC Research s.r.o.’ was reported to the affected vendor on: 2020-07-15, 0 days ago. The vendor is given until 2020-11-12 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11363: Parallels
    on July 15, 2020 at 5:00 am

    A CVSS score 6.0 (AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N) severity vulnerability discovered by ‘grigoritchy’ was reported to the affected vendor on: 2020-07-15, 0 days ago. The vendor is given until 2020-11-12 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11549: Google
    on July 15, 2020 at 5:00 am

    A CVSS score 6.5 (AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N) severity vulnerability discovered by ‘Echo Duan and Jesse Chang of TrendMicro of mobilesecurityresearch of MARS team’ was reported to the affected vendor on: 2020-07-15, 0 days ago. The vendor is given until 2020-11-12 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11257: Qognify
    on July 14, 2020 at 5:00 am

    A CVSS score 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) severity vulnerability discovered by ‘Joachim Kerschbaumer (@joachimk)’ was reported to the affected vendor on: 2020-07-14, 1 days ago. The vendor is given until 2020-11-11 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11286: SAP
    on July 10, 2020 at 5:00 am

    A CVSS score 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by ‘Francis Provencher {PRL}’ was reported to the affected vendor on: 2020-07-10, 5 days ago. The vendor is given until 2020-11-07 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11290: SAP
    on July 10, 2020 at 5:00 am

    A CVSS score 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by ‘Francis Provencher {PRL}’ was reported to the affected vendor on: 2020-07-10, 5 days ago. The vendor is given until 2020-11-07 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11289: SAP
    on July 10, 2020 at 5:00 am

    A CVSS score 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by ‘Francis Provencher {PRL}’ was reported to the affected vendor on: 2020-07-10, 5 days ago. The vendor is given until 2020-11-07 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11340: SAP
    on July 10, 2020 at 5:00 am

    A CVSS score 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by ‘Francis Provencher {PRL}’ was reported to the affected vendor on: 2020-07-10, 5 days ago. The vendor is given until 2020-11-07 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11307: Apple
    on July 10, 2020 at 5:00 am

    A CVSS score 4.3 (AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) severity vulnerability discovered by ‘Mickey Jin of Trend Micro Mobile Security Research Team’ was reported to the affected vendor on: 2020-07-10, 5 days ago. The vendor is given until 2020-11-07 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11285: SAP
    on July 10, 2020 at 5:00 am

    A CVSS score 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by ‘Francis Provencher {PRL}’ was reported to the affected vendor on: 2020-07-10, 5 days ago. The vendor is given until 2020-11-07 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11446: Microsoft
    on July 10, 2020 at 5:00 am

    A CVSS score 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by ‘kdot’ was reported to the affected vendor on: 2020-07-10, 5 days ago. The vendor is given until 2020-11-07 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11474: Adobe
    on July 10, 2020 at 5:00 am

    A CVSS score 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by ‘Tran Van Khang – khangkito of VinCSS (Member of Vingroup)’ was reported to the affected vendor on: 2020-07-10, 5 days ago. The vendor is given until 2020-11-07 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11467: SAP
    on July 10, 2020 at 5:00 am

    A CVSS score 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by ‘Francis Provencher {PRL}’ was reported to the affected vendor on: 2020-07-10, 5 days ago. The vendor is given until 2020-11-07 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11477: Adobe
    on July 10, 2020 at 5:00 am

    A CVSS score 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by ‘Tran Van Khang – khangkito of VinCSS (Member of Vingroup)’ was reported to the affected vendor on: 2020-07-10, 5 days ago. The vendor is given until 2020-11-07 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11484: SAP
    on July 10, 2020 at 5:00 am

    A CVSS score 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by ‘Francis Provencher {PRL}’ was reported to the affected vendor on: 2020-07-10, 5 days ago. The vendor is given until 2020-11-07 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11499: SAP
    on July 10, 2020 at 5:00 am

    A CVSS score 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by ‘Francis Provencher {PRL}’ was reported to the affected vendor on: 2020-07-10, 5 days ago. The vendor is given until 2020-11-07 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11076: NETGEAR
    on July 10, 2020 at 5:00 am

    A CVSS score 8.8 (AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) severity vulnerability discovered by ‘Shaunak Mirani’ was reported to the affected vendor on: 2020-07-10, 5 days ago. The vendor is given until 2020-11-07 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

  • ZDI-CAN-11283: SAP
    on July 10, 2020 at 5:00 am

    A CVSS score 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by ‘Francis Provencher {PRL}’ was reported to the affected vendor on: 2020-07-10, 5 days ago. The vendor is given until 2020-11-07 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

Share This Information.

Leave a Reply

Your email address will not be published. Required fields are marked *