Skip to content

Instantly share code, notes, and snippets.

@ChiChou

ChiChou/pwn2own.json

Created December 16, 2019 14:53
Show Gist options
  • Save ChiChou/ad9c4aa8546007b853a7a396ab4c12d3 to your computer and use it in GitHub Desktop.
Save ChiChou/ad9c4aa8546007b853a7a396ab4c12d3 to your computer and use it in GitHub Desktop.
Download ZIP
Pwn2Own bugs from ZDI offcial site
Raw
pwn2own.json
[
{
"idYear": "11",
"idBase": 249,
"zdiId": "ZDI-11-249",
"zdiCan": "ZDI-CAN-1159",
"affectedVendors": "Microsoft",
"cve": "CVE-2011-1347",
"publishDate": "2011-08-09",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Internet Explorer Protected Mode Bypass Vulnerability"
},
{
"idYear": "11",
"idBase": 198,
"zdiId": "ZDI-11-198",
"zdiCan": "ZDI-CAN-1158",
"affectedVendors": "Microsoft",
"cve": "CVE-2011-1346",
"publishDate": "2011-06-14",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Internet Explorer Uninitialized Variable Information Leak Vulnerability"
},
{
"idYear": "11",
"idBase": 135,
"zdiId": "ZDI-11-135",
"zdiCan": "ZDI-CAN-1168",
"affectedVendors": "WebKit",
"cve": "CVE-2011-1344",
"publishDate": "2011-04-14",
"lastUpdate": "",
"title": "(Pwn2Own) WebKit WBR Tag Removal Remote Code Execution Vulnerability"
},
{
"idYear": "11",
"idBase": 119,
"zdiId": "ZDI-11-119",
"zdiCan": "ZDI-CAN-1157",
"affectedVendors": "Microsoft",
"cve": "CVE-2011-1345",
"publishDate": "2011-04-12",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Internet Explorer onPropertyChange Remote Code Execution Vulnerability"
},
{
"idYear": "11",
"idBase": 109,
"zdiId": "ZDI-11-109",
"zdiCan": "ZDI-CAN-1156",
"affectedVendors": "Apple",
"cve": "CVE-2011-1417",
"publishDate": "2011-03-22",
"lastUpdate": "",
"title": "(Pwn2Own) Apple Safari OfficeArtBlip Parsing Remote Code Execution Vulnerability"
},
{
"idYear": "11",
"idBase": 104,
"zdiId": "ZDI-11-104",
"zdiCan": "ZDI-CAN-1107",
"affectedVendors": "WebKit",
"cve": "CVE-2011-1290",
"publishDate": "2011-04-14",
"lastUpdate": "",
"title": "(Pwn2Own) Webkit CSS Text Element Count Remote Code Execution Vulnerability"
},
{
"idYear": "12",
"idBase": 93,
"zdiId": "ZDI-12-093",
"zdiCan": "ZDI-CAN-1547",
"affectedVendors": "Microsoft",
"cve": "CVE-2012-1876",
"publishDate": "2012-06-12",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Internet Explorer Fixed Table Colspan Remote Code Execution Vulnerability"
},
{
"idYear": "12",
"idBase": 57,
"zdiId": "ZDI-12-057",
"zdiCan": "ZDI-CAN-1548",
"affectedVendors": "Adobe",
"cve": "",
"publishDate": "2012-04-09",
"lastUpdate": "",
"title": "(Pwn2Own) Adobe Flash Player NetStream addBytes Remote Code Execution Vulnerability"
},
{
"idYear": "13",
"idBase": 288,
"zdiId": "ZDI-13-288",
"zdiCan": "ZDI-CAN-1826",
"affectedVendors": "Adobe",
"cve": "CVE-2013-2555",
"publishDate": "2015-09-18",
"lastUpdate": "",
"title": "(Pwn2Own) Adobe Flash RTMP Parsing Remote Code Execution Vulnerability"
},
{
"idYear": "13",
"idBase": 287,
"zdiId": "ZDI-13-287",
"zdiCan": "ZDI-CAN-2052",
"affectedVendors": "Samsung",
"cve": "CVE-2013-7396",
"publishDate": "2013-12-31",
"lastUpdate": "",
"title": "(Mobile Pwn2Own) Samsung Apps/WatchON WebView JavaScript Bridge Remote Code Execution Vulnerability"
},
{
"idYear": "13",
"idBase": 286,
"zdiId": "ZDI-13-286",
"zdiCan": "ZDI-CAN-2071",
"affectedVendors": "Apple",
"cve": "CVE-2013-5228",
"publishDate": "2013-12-20",
"lastUpdate": "",
"title": "(Mobile Pwn2Own) Apple iOS Safari DocumentOrderedMap Remote Code Execution Vulnerability"
},
{
"idYear": "13",
"idBase": 211,
"zdiId": "ZDI-13-211",
"zdiCan": "ZDI-CAN-1658",
"affectedVendors": "Samsung",
"cve": "",
"publishDate": "2013-08-29",
"lastUpdate": "",
"title": "(0Day) (Mobile Pwn2Own) Polaris Viewer DOCX VML Shape Tag Remote Code Execution Vulnerability"
},
{
"idYear": "13",
"idBase": 193,
"zdiId": "ZDI-13-193",
"zdiCan": "ZDI-CAN-1871",
"affectedVendors": "Microsoft",
"cve": "",
"publishDate": "2013-08-13",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Internet Explorer Protected Mode Bypass Vulnerability"
},
{
"idYear": "13",
"idBase": 192,
"zdiId": "ZDI-13-192",
"zdiCan": "ZDI-CAN-1836",
"affectedVendors": "Microsoft",
"cve": "CVE-2013-2556",
"publishDate": "2013-08-13",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows Shared Data ASLR Security Feature Bypass Vulnerability"
},
{
"idYear": "13",
"idBase": 170,
"zdiId": "ZDI-13-170",
"zdiCan": "ZDI-CAN-1891",
"affectedVendors": "Microsoft",
"cve": "CVE-2013-1300",
"publishDate": "2013-07-26",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows NtUserMessageCall Privilege Escalation Vulnerability"
},
{
"idYear": "13",
"idBase": 106,
"zdiId": "ZDI-13-106",
"zdiCan": "ZDI-CAN-1840",
"affectedVendors": "Adobe",
"cve": "CVE-2013-2549, CVE-2013-2550",
"publishDate": "2013-05-30",
"lastUpdate": "",
"title": "(Pwn2Own) Adobe Reader Sandbox Bypass Remote Code Execution Vulnerability"
},
{
"idYear": "13",
"idBase": 102,
"zdiId": "ZDI-13-102",
"zdiCan": "ZDI-CAN-1828",
"affectedVendors": "Microsoft",
"cve": "CVE-2013-1298",
"publishDate": "2013-05-29",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Internet Explorer VML Parsing Remote Code Execution Vulnerabillity"
},
{
"idYear": "13",
"idBase": 90,
"zdiId": "ZDI-13-090",
"zdiCan": "ZDI-CAN-1825",
"affectedVendors": "Mozilla",
"cve": "CVE-2013-0787",
"publishDate": "2013-05-29",
"lastUpdate": "",
"title": "(Pwn2Own) Mozilla Firefox nsHTMLEditRules Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "13",
"idBase": 89,
"zdiId": "ZDI-13-089",
"zdiCan": "ZDI-CAN-1817",
"affectedVendors": "Oracle",
"cve": "CVE-2013-0401",
"publishDate": "2013-05-29",
"lastUpdate": "",
"title": "(Pwn2Own) Oracle Java DragAndDrop Sandbox Bypass Remote Code Execution Vulnerability"
},
{
"idYear": "13",
"idBase": 81,
"zdiId": "ZDI-13-081",
"zdiCan": "ZDI-CAN-1872",
"affectedVendors": "Microsoft",
"cve": "",
"publishDate": "2013-05-29",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Internet Explorer Protected Mode Bypass Vulnerability"
},
{
"idYear": "13",
"idBase": 78,
"zdiId": "ZDI-13-078",
"zdiCan": "ZDI-CAN-1829",
"affectedVendors": "Oracle",
"cve": "CVE-2013-1491",
"publishDate": "2013-05-10",
"lastUpdate": "",
"title": "(Pwn2Own) Oracle Java Font Handling Remote Code Execution Vulnerability"
},
{
"idYear": "13",
"idBase": 77,
"zdiId": "ZDI-13-077",
"zdiCan": "ZDI-CAN-1827",
"affectedVendors": "Oracle",
"cve": "CVE-2013-0402",
"publishDate": "2013-05-10",
"lastUpdate": "",
"title": "(Pwn2Own) Oracle Java FLV Parsing Remote Code Execution Vulnerability"
},
{
"idYear": "13",
"idBase": 76,
"zdiId": "ZDI-13-076",
"zdiCan": "ZDI-CAN-1823",
"affectedVendors": "Oracle",
"cve": "CVE-2013-1488",
"publishDate": "2013-05-10",
"lastUpdate": "",
"title": "(Pwn2Own) Oracle Java DriverManager Privilege Block Remote Code Execution Vulnerability"
},
{
"idYear": "13",
"idBase": 64,
"zdiId": "ZDI-13-064",
"zdiCan": "ZDI-CAN-1824",
"affectedVendors": "Google",
"cve": "CVE-2013-0912",
"publishDate": "2013-05-10",
"lastUpdate": "",
"title": "(Pwn2Own) Google Chrome Type Confusion Remote Code Execution Vulnerability"
},
{
"idYear": "13",
"idBase": 9,
"zdiId": "ZDI-13-009",
"zdiCan": "ZDI-CAN-1657",
"affectedVendors": "Apple, Apple",
"cve": "CVE-2012-3748",
"publishDate": "2013-02-01",
"lastUpdate": "",
"title": "(Mobile Pwn2Own) Apple Safari shiftCount/splice Remote Code Execution Vulnerability"
},
{
"idYear": "14",
"idBase": 390,
"zdiId": "ZDI-14-390",
"zdiCan": "ZDI-CAN-2222",
"affectedVendors": "Apple",
"cve": "CVE-2014-1314",
"publishDate": "2014-12-02",
"lastUpdate": "",
"title": "(Pwn2Own) Apple OS X WindowsServer Sandbox Escape Vulnerability"
},
{
"idYear": "14",
"idBase": 292,
"zdiId": "ZDI-14-292",
"zdiCan": "ZDI-CAN-2236",
"affectedVendors": "Microsoft",
"cve": "CVE-2014-2819",
"publishDate": "2014-08-07",
"lastUpdate": "",
"title": "(0Day) (Pwn2Own) Microsoft Internet Explorer PresentationHost.exe Protected Mode Bypass Vulnerability"
},
{
"idYear": "14",
"idBase": 270,
"zdiId": "ZDI-14-270",
"zdiCan": "ZDI-CAN-2209",
"affectedVendors": "Microsoft",
"cve": "CVE-2014-1762",
"publishDate": "2014-07-30",
"lastUpdate": "",
"title": "(0Day) (Pwn2Own\\Pwn4Fun) Microsoft Internet Explorer localhost Protected Mode Bypass Vulnerability"
},
{
"idYear": "14",
"idBase": 221,
"zdiId": "ZDI-14-221",
"zdiCan": "ZDI-CAN-2231",
"affectedVendors": "Microsoft",
"cve": "CVE-2014-2780",
"publishDate": "2014-07-09",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows DirectShow Privilege Escalation Vulnerability"
},
{
"idYear": "14",
"idBase": 220,
"zdiId": "ZDI-14-220",
"zdiCan": "ZDI-CAN-2228",
"affectedVendors": "Microsoft",
"cve": "CVE-2014-1767",
"publishDate": "2014-07-09",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows AFD.SYS Dangling Pointer Privilege Escalation Vulnerability"
},
{
"idYear": "14",
"idBase": 219,
"zdiId": "ZDI-14-219",
"zdiCan": "ZDI-CAN-2226",
"affectedVendors": "Microsoft",
"cve": "CVE-2014-1765",
"publishDate": "2014-07-09",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Internet Explorer CAttrArray Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "14",
"idBase": 218,
"zdiId": "ZDI-14-218",
"zdiCan": "ZDI-CAN-2224",
"affectedVendors": "Microsoft",
"cve": "CVE-2014-2781",
"publishDate": "2014-07-09",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft On-Screen Keyboard Privilege Escalation Vulnerability"
},
{
"idYear": "14",
"idBase": 217,
"zdiId": "ZDI-14-217",
"zdiCan": "ZDI-CAN-2212",
"affectedVendors": "Microsoft",
"cve": "CVE-2014-1763",
"publishDate": "2014-07-09",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Internet Explorer CSS Memory Corruption Vulnerability"
},
{
"idYear": "14",
"idBase": 192,
"zdiId": "ZDI-14-192",
"zdiCan": "ZDI-CAN-2227",
"affectedVendors": "Microsoft",
"cve": "CVE-2014-1766",
"publishDate": "2014-06-11",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Internet Explorer CDispNodeBase Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "14",
"idBase": 190,
"zdiId": "ZDI-14-190",
"zdiCan": "ZDI-CAN-2213",
"affectedVendors": "Microsoft",
"cve": "CVE-2014-1764",
"publishDate": "2014-06-11",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Internet Explorer Protected Mode Bypass Vulnerability"
},
{
"idYear": "14",
"idBase": 189,
"zdiId": "ZDI-14-189",
"zdiCan": "ZDI-CAN-2218",
"affectedVendors": "Microsoft",
"cve": "CVE-2014-2777",
"publishDate": "2014-06-11",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Internet Explorer Protected Mode Bypass Vulnerability"
},
{
"idYear": "14",
"idBase": 186,
"zdiId": "ZDI-14-186",
"zdiCan": "ZDI-CAN-2099",
"affectedVendors": "Microsoft",
"cve": "CVE-2014-1762",
"publishDate": "2014-06-11",
"lastUpdate": "",
"title": "(Pwn2Own\\Pwn4Fun) Microsoft Internet Explorer CDOMTextNode Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "14",
"idBase": 132,
"zdiId": "ZDI-14-132",
"zdiCan": "ZDI-CAN-2211",
"affectedVendors": "Adobe",
"cve": "CVE-2014-0512",
"publishDate": "2014-05-19",
"lastUpdate": "",
"title": "(Pwn2Own) Adobe Reader Sandbox Bypass Remote Code Execution Vulnerability"
},
{
"idYear": "14",
"idBase": 131,
"zdiId": "ZDI-14-131",
"zdiCan": "ZDI-CAN-2210",
"affectedVendors": "Adobe",
"cve": "CVE-2014-0511",
"publishDate": "2014-05-19",
"lastUpdate": "",
"title": "(Pwn2Own) Adobe Reader PDF417 Barcode Parsing Integer Overflow Remote Code Execution Vulnerability"
},
{
"idYear": "14",
"idBase": 130,
"zdiId": "ZDI-14-130",
"zdiCan": "ZDI-CAN-2235",
"affectedVendors": "Adobe",
"cve": "CVE-2014-0510",
"publishDate": "2014-05-19",
"lastUpdate": "",
"title": "(Pwn2Own) Adobe Flash Display Object Memory Corruption Remote Code Execution Vulnerability"
},
{
"idYear": "14",
"idBase": 121,
"zdiId": "ZDI-14-121",
"zdiCan": "ZDI-CAN-2208",
"affectedVendors": "Apple",
"cve": "CVE-2014-1318",
"publishDate": "2014-05-02",
"lastUpdate": "",
"title": "(Pwn2Own\\Pwn4Fun) Apple OS X Graphics Driver Memory Corruption Remote Code Execution Vulnerability"
},
{
"idYear": "14",
"idBase": 120,
"zdiId": "ZDI-14-120",
"zdiCan": "ZDI-CAN-2207",
"affectedVendors": "Apple",
"cve": "CVE-2014-1320",
"publishDate": "2014-05-02",
"lastUpdate": "",
"title": "(Pwn2Own\\Pwn4Fun) Apple OS X IOKit Kernel Information Disclosure Vulnerability"
},
{
"idYear": "14",
"idBase": 92,
"zdiId": "ZDI-14-092",
"zdiCan": "ZDI-CAN-2216",
"affectedVendors": "Adobe",
"cve": "CVE-2014-0506",
"publishDate": "2014-04-11",
"lastUpdate": "",
"title": "(Pwn2Own) Adobe Flash ExternalInterface Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "14",
"idBase": 91,
"zdiId": "ZDI-14-091",
"zdiCan": "ZDI-CAN-2221",
"affectedVendors": "Apple",
"cve": "CVE-2014-1303",
"publishDate": "2014-04-11",
"lastUpdate": "",
"title": "(Pwn2Own) Apple Safari Heap Buffer Overflow Remote Code Execution Vulnerability"
},
{
"idYear": "14",
"idBase": 90,
"zdiId": "ZDI-14-090",
"zdiCan": "ZDI-CAN-2206",
"affectedVendors": "Apple",
"cve": "CVE-2014-1300",
"publishDate": "2014-04-11",
"lastUpdate": "",
"title": "(Pwn2Own\\Pwn4Fun) Apple Webkit JSStringJoiner Memory Corruption Remote Code Execution Vulnerability"
},
{
"idYear": "14",
"idBase": 89,
"zdiId": "ZDI-14-089",
"zdiCan": "ZDI-CAN-2234",
"affectedVendors": "Google",
"cve": "CVE-2014-1715",
"publishDate": "2014-04-11",
"lastUpdate": "",
"title": "(Pwn2Own) Google Chrome Directory Traversal Sandbox Escape Vulnerability"
},
{
"idYear": "14",
"idBase": 88,
"zdiId": "ZDI-14-088",
"zdiCan": "ZDI-CAN-2233",
"affectedVendors": "Google",
"cve": "CVE-2014-1705",
"publishDate": "2014-04-11",
"lastUpdate": "",
"title": "(Pwn2Own) Google Chrome V8 Arbitrary Memory Read/Write Remote Code Execution Vulnerability"
},
{
"idYear": "14",
"idBase": 87,
"zdiId": "ZDI-14-087",
"zdiCan": "ZDI-CAN-2230",
"affectedVendors": "Google",
"cve": "CVE-2014-1714",
"publishDate": "2014-04-11",
"lastUpdate": "",
"title": "(Pwn2Own) Google Chrome Clipboard Sandbox Escape Vulnerability"
},
{
"idYear": "14",
"idBase": 86,
"zdiId": "ZDI-14-086",
"zdiCan": "ZDI-CAN-2229",
"affectedVendors": "Google",
"cve": "CVE-2014-1713",
"publishDate": "2014-04-11",
"lastUpdate": "",
"title": "(Pwn2Own) Google Chrome Blink Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "14",
"idBase": 85,
"zdiId": "ZDI-14-085",
"zdiCan": "ZDI-CAN-2225",
"affectedVendors": "Mozilla",
"cve": "CVE-2014-1514",
"publishDate": "2014-04-11",
"lastUpdate": "",
"title": "(Pwn2Own) Mozilla Firefox TypedArrayObject Out-Of-Bounds Write Remote Code Execution Vulnerability"
},
{
"idYear": "14",
"idBase": 84,
"zdiId": "ZDI-14-084",
"zdiCan": "ZDI-CAN-2220",
"affectedVendors": "Mozilla",
"cve": "CVE-2014-1513",
"publishDate": "2014-04-11",
"lastUpdate": "",
"title": "(Pwn2Own) Mozilla Firefox ArrayBuffer Out-Of-Bounds Read/Write Remote Code Execution Vulnerability"
},
{
"idYear": "14",
"idBase": 83,
"zdiId": "ZDI-14-083",
"zdiCan": "ZDI-CAN-2219",
"affectedVendors": "Mozilla",
"cve": "CVE-2014-1512",
"publishDate": "2014-04-11",
"lastUpdate": "",
"title": "(Pwn2Own) Mozilla Firefox TypeObject Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "14",
"idBase": 82,
"zdiId": "ZDI-14-082",
"zdiCan": "ZDI-CAN-2215",
"affectedVendors": "Mozilla",
"cve": "CVE-2014-1511",
"publishDate": "2014-04-11",
"lastUpdate": "",
"title": "(Pwn2Own) Mozilla Firefox Pop-Up Blocker Bypass Vulnerability"
},
{
"idYear": "14",
"idBase": 81,
"zdiId": "ZDI-14-081",
"zdiCan": "ZDI-CAN-2214",
"affectedVendors": "Mozilla",
"cve": "CVE-2014-1510",
"publishDate": "2014-04-11",
"lastUpdate": "",
"title": "(Pwn2Own) Mozilla Firefox Privileged Content Loading Remote Code Execution Vulnerability"
},
{
"idYear": "15",
"idBase": 457,
"zdiId": "ZDI-15-457",
"zdiCan": "ZDI-CAN-2835",
"affectedVendors": "Microsoft",
"cve": "",
"publishDate": "2015-10-07",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows secdrv.sys Uninitialized Buffer Privilege Escalation Vulnerability"
},
{
"idYear": "15",
"idBase": 446,
"zdiId": "ZDI-15-446",
"zdiCan": "ZDI-CAN-2817",
"affectedVendors": "Adobe",
"cve": "CVE-2015-6678",
"publishDate": "2015-09-21",
"lastUpdate": "",
"title": "(Pwn2Own) Adobe Flash Player DefineText Buffer Overflow Remote Code Execution Vulnerability"
},
{
"idYear": "15",
"idBase": 388,
"zdiId": "ZDI-15-388",
"zdiCan": "ZDI-CAN-2818",
"affectedVendors": "Microsoft",
"cve": "CVE-2015-2455",
"publishDate": "2015-08-11",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows TrueType Fonts Out-Of-Bounds Write Remote Code Execution Vulnerability"
},
{
"idYear": "15",
"idBase": 387,
"zdiId": "ZDI-15-387",
"zdiCan": "ZDI-CAN-2824",
"affectedVendors": "Microsoft",
"cve": "CVE-2015-2435",
"publishDate": "2015-08-11",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows TrueType Font Pool Overflow Remote Code Execution Vulnerability"
},
{
"idYear": "15",
"idBase": 371,
"zdiId": "ZDI-15-371",
"zdiCan": "ZDI-CAN-3105",
"affectedVendors": "Adobe",
"cve": "CVE-2015-5107",
"publishDate": "2015-07-29",
"lastUpdate": "",
"title": "(Pwn2Own) Adobe Reader makeMeasurement Information Disclosure Vulnerability"
},
{
"idYear": "15",
"idBase": 370,
"zdiId": "ZDI-15-370",
"zdiCan": "ZDI-CAN-3104",
"affectedVendors": "Adobe",
"cve": "CVE-2015-5106",
"publishDate": "2015-07-29",
"lastUpdate": "",
"title": "(Pwn2Own) Adobe Reader Portfolio Preview Privilege Escalation Vulnerability"
},
{
"idYear": "15",
"idBase": 369,
"zdiId": "ZDI-15-369",
"zdiCan": "ZDI-CAN-2822",
"affectedVendors": "Adobe",
"cve": "CVE-2015-5109",
"publishDate": "2015-07-29",
"lastUpdate": "",
"title": "(Pwn2Own) Adobe Reader opendoc Broker Message Integer Overflow Remote Code Execution Vulnerability"
},
{
"idYear": "15",
"idBase": 368,
"zdiId": "ZDI-15-368",
"zdiCan": "ZDI-CAN-2821",
"affectedVendors": "Adobe",
"cve": "CVE-2015-5110",
"publishDate": "2015-07-29",
"lastUpdate": "",
"title": "(Pwn2Own) Adobe Reader makeMeasurement Stack Buffer Overflow Remote Code Execution Vulnerability"
},
{
"idYear": "15",
"idBase": 359,
"zdiId": "ZDI-15-359",
"zdiCan": "ZDI-CAN-2619",
"affectedVendors": "Microsoft",
"cve": "",
"publishDate": "2015-07-20",
"lastUpdate": "",
"title": "(0Day) (Mobile Pwn2Own) Microsoft Internet Explorer CTableLayout::AddRow Out-Of-Bounds Memory Access Vulnerability"
},
{
"idYear": "15",
"idBase": 339,
"zdiId": "ZDI-15-339",
"zdiCan": "ZDI-CAN-2827",
"affectedVendors": "Microsoft",
"cve": "CVE-2015-2371",
"publishDate": "2015-07-14",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows Installer Local Elevation of Privilege Vulnerability"
},
{
"idYear": "15",
"idBase": 302,
"zdiId": "ZDI-15-302",
"zdiCan": "ZDI-CAN-2823",
"affectedVendors": "Adobe",
"cve": "CVE-2015-5108",
"publishDate": "2015-07-14",
"lastUpdate": "",
"title": "(Pwn2Own) Adobe Reader array_push_slowly Integer Overflow Remote Code Execution Vulnerability"
},
{
"idYear": "15",
"idBase": 295,
"zdiId": "ZDI-15-295",
"zdiCan": "ZDI-CAN-2829",
"affectedVendors": "Microsoft",
"cve": "CVE-2015-1743",
"publishDate": "2015-07-09",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Internet Explorer ActiveX Install Broker Sandbox Escape Vulnerability"
},
{
"idYear": "15",
"idBase": 258,
"zdiId": "ZDI-15-258",
"zdiCan": "ZDI-CAN-2837",
"affectedVendors": "Apple",
"cve": "",
"publishDate": "2015-06-24",
"lastUpdate": "",
"title": "(Pwn2Own) Apple OS X XSS Sandbox Bypass Vulnerability"
},
{
"idYear": "15",
"idBase": 257,
"zdiId": "ZDI-15-257",
"zdiCan": "ZDI-CAN-2614",
"affectedVendors": "Samsung",
"cve": "CVE-2015-4033",
"publishDate": "2015-06-24",
"lastUpdate": "",
"title": "(0Day) (Mobile Pwn2Own) Samsung SBeam Image Remote Information Disclosure Vulnerability"
},
{
"idYear": "15",
"idBase": 256,
"zdiId": "ZDI-15-256",
"zdiCan": "ZDI-CAN-2613",
"affectedVendors": "Samsung",
"cve": "CVE-2015-4034",
"publishDate": "2015-06-24",
"lastUpdate": "",
"title": "(0Day) (Mobile Pwn2Own) Samsung Galaxy S5 MethodSpec Deserialization of Untrusted Data Remote Code Execution Vulnerability"
},
{
"idYear": "15",
"idBase": 252,
"zdiId": "ZDI-15-252",
"zdiCan": "ZDI-CAN-2828",
"affectedVendors": "Microsoft",
"cve": "CVE-2015-1745",
"publishDate": "2015-06-11",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Internet Explorer mergeAttributes Uninitialized Data Remote Code Execution Vulnerability"
},
{
"idYear": "15",
"idBase": 251,
"zdiId": "ZDI-15-251",
"zdiCan": "ZDI-CAN-2832",
"affectedVendors": "Microsoft",
"cve": "CVE-2015-1748",
"publishDate": "2015-06-11",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Internet Explorer Protocol Handler Sandbox Escape Vulnerability"
},
{
"idYear": "15",
"idBase": 250,
"zdiId": "ZDI-15-250",
"zdiCan": "ZDI-CAN-2831",
"affectedVendors": "Microsoft",
"cve": "CVE-2015-1747",
"publishDate": "2015-06-11",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Internet Explorer DataView Memory Corruption Remote Code Execution Vulnerability"
},
{
"idYear": "15",
"idBase": 216,
"zdiId": "ZDI-15-216",
"zdiCan": "ZDI-CAN-2820",
"affectedVendors": "Adobe",
"cve": "CVE-2015-3085",
"publishDate": "2015-05-12",
"lastUpdate": "",
"title": "(Pwn2Own) Adobe Flash Player BrokerCreateFile Broker Method Path Traversal Sandbox Escape Vulnerability"
},
{
"idYear": "15",
"idBase": 189,
"zdiId": "ZDI-15-189",
"zdiCan": "ZDI-CAN-2834",
"affectedVendors": "Microsoft",
"cve": "CVE-2015-1674",
"publishDate": "2015-05-12",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows CNG Information Disclosure Vulnerability"
},
{
"idYear": "15",
"idBase": 160,
"zdiId": "ZDI-15-160",
"zdiCan": "ZDI-CAN-2618",
"affectedVendors": "Amazon",
"cve": "",
"publishDate": "2015-04-29",
"lastUpdate": "",
"title": "(Mobile Pwn2Own) Amazon App Store HTTPS Downgrade Vulnerability"
},
{
"idYear": "15",
"idBase": 159,
"zdiId": "ZDI-15-159",
"zdiCan": "ZDI-CAN-2632",
"affectedVendors": "Amazon",
"cve": "",
"publishDate": "2015-04-29",
"lastUpdate": "",
"title": "(Mobile Pwn2Own) Amazon App Store JavaScript Bridge Remote Code Execution Vulnerability"
},
{
"idYear": "15",
"idBase": 158,
"zdiId": "ZDI-15-158",
"zdiCan": "ZDI-CAN-2617",
"affectedVendors": "Amazon",
"cve": "",
"publishDate": "2015-04-29",
"lastUpdate": "",
"title": " (Mobile Pwn2Own) Amazon App Store Search String Cross-Site Scripting Vulnerability"
},
{
"idYear": "15",
"idBase": 137,
"zdiId": "ZDI-15-137",
"zdiCan": "ZDI-CAN-2833",
"affectedVendors": "Google",
"cve": "CVE-2015-1234",
"publishDate": "2015-04-15",
"lastUpdate": "",
"title": "(Pwn2Own) Google Chrome pnacl Shared Memory Time-Of-Check/Time-Of-Use Remote Code Execution Vulnerability"
},
{
"idYear": "15",
"idBase": 134,
"zdiId": "ZDI-15-134",
"zdiCan": "ZDI-CAN-2819",
"affectedVendors": "Adobe",
"cve": "CVE-2015-0349",
"publishDate": "2015-04-15",
"lastUpdate": "",
"title": " (Pwn2Own) Adobe Flash Player AS3 ConvolutionFilter Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "15",
"idBase": 123,
"zdiId": "ZDI-15-123",
"zdiCan": "ZDI-CAN-2836",
"affectedVendors": "Apple",
"cve": "CVE-2015-1069",
"publishDate": "2015-04-08",
"lastUpdate": "",
"title": "(Pwn2Own) Apple Safari Uninitialized Buffer Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "15",
"idBase": 110,
"zdiId": "ZDI-15-110",
"zdiCan": "ZDI-CAN-2826",
"affectedVendors": "Mozilla",
"cve": "CVE-2015-0816",
"publishDate": "2015-04-03",
"lastUpdate": "",
"title": "(Pwn2Own) Mozilla Firefox resource: URL Remote Code Execution Vulnerability"
},
{
"idYear": "15",
"idBase": 109,
"zdiId": "ZDI-15-109",
"zdiCan": "ZDI-CAN-2830",
"affectedVendors": "Mozilla",
"cve": "CVE-2015-0817",
"publishDate": "2015-04-03",
"lastUpdate": "",
"title": " (Pwn2Own) Mozilla Firefox Bounds Check Elimination Remote Code Execution Vulnerability"
},
{
"idYear": "15",
"idBase": 108,
"zdiId": "ZDI-15-108",
"zdiCan": "ZDI-CAN-2825",
"affectedVendors": "Mozilla",
"cve": "CVE-2015-0818",
"publishDate": "2015-04-03",
"lastUpdate": "",
"title": "(Pwn2Own) Mozilla Firefox SVG DOMAttrModified Same-Origin Policy Bypass Vulnerability"
},
{
"idYear": "15",
"idBase": 93,
"zdiId": "ZDI-15-093",
"zdiCan": "ZDI-CAN-2620",
"affectedVendors": "Google",
"cve": "CVE-2014-7912",
"publishDate": "2015-03-12",
"lastUpdate": "",
"title": "(Mobile Pwn2Own) Google Android DHCP Parsing Remote Code Execution Vulnerability"
},
{
"idYear": "15",
"idBase": 92,
"zdiId": "ZDI-15-092",
"zdiCan": "ZDI-CAN-2616",
"affectedVendors": "Google",
"cve": "CVE-2014-7914",
"publishDate": "2015-03-12",
"lastUpdate": "",
"title": "(Mobile Pwn2Own) Google Android Bluetooth Forced Pairing Vulnerability"
},
{
"idYear": "15",
"idBase": 10,
"zdiId": "ZDI-15-010",
"zdiCan": "ZDI-CAN-2612",
"affectedVendors": "Apple",
"cve": "CVE-2014-8840",
"publishDate": "2015-01-27",
"lastUpdate": "",
"title": "(Mobile Pwn2Own) Apple iOS SSL Sandbox Bypass Vulnerability"
},
{
"idYear": "15",
"idBase": 9,
"zdiId": "ZDI-15-009",
"zdiCan": "ZDI-CAN-2611",
"affectedVendors": "Apple",
"cve": "CVE-2014-4477",
"publishDate": "2015-01-27",
"lastUpdate": "",
"title": "(Mobile Pwn2Own) Apple Safari Set Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "16",
"idBase": 372,
"zdiId": "ZDI-16-372",
"zdiCan": "ZDI-CAN-3622",
"affectedVendors": "Microsoft",
"cve": "CVE-2016-3231",
"publishDate": "2016-06-22",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows Diagnostics Hub Standard Collector Directory Traversal Privilege Escalation Vulnerability"
},
{
"idYear": "16",
"idBase": 361,
"zdiId": "ZDI-16-361",
"zdiCan": "ZDI-CAN-3605",
"affectedVendors": "Apple",
"cve": "CVE-2016-1796",
"publishDate": "2016-05-27",
"lastUpdate": "",
"title": "(Pwn2Own) Apple OS X libATSServer Heap-based Buffer Overflow Remote Code Execution Vulnerability"
},
{
"idYear": "16",
"idBase": 360,
"zdiId": "ZDI-16-360",
"zdiCan": "ZDI-CAN-3606",
"affectedVendors": "Apple",
"cve": "CVE-2016-1797",
"publishDate": "2016-05-27",
"lastUpdate": "",
"title": "(Pwn2Own) Apple OS X fontd Sandbox Escape Vulnerability"
},
{
"idYear": "16",
"idBase": 358,
"zdiId": "ZDI-16-358",
"zdiCan": "ZDI-CAN-3611",
"affectedVendors": "Apple",
"cve": "CVE-2016-1804",
"publishDate": "2016-05-26",
"lastUpdate": "",
"title": "(Pwn2Own) Apple OS X WindowServer Use-After-Free Privilege Escalation Vulnerability"
},
{
"idYear": "16",
"idBase": 352,
"zdiId": "ZDI-16-352",
"zdiCan": "ZDI-CAN-3610",
"affectedVendors": "Apple",
"cve": "CVE-2016-1859",
"publishDate": "2016-05-20",
"lastUpdate": "",
"title": "(Pwn2Own) Apple Safari GraphicsContext Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "16",
"idBase": 346,
"zdiId": "ZDI-16-346",
"zdiCan": "ZDI-CAN-3607",
"affectedVendors": "Apple",
"cve": "CVE-2016-1806",
"publishDate": "2016-05-19",
"lastUpdate": "",
"title": "(Pwn2Own) Apple OS X SubmitDiagInfo Arbitrary Directory Creation Privilege Escalation Vulnerability"
},
{
"idYear": "16",
"idBase": 345,
"zdiId": "ZDI-16-345",
"zdiCan": "ZDI-CAN-3620",
"affectedVendors": "Apple",
"cve": "CVE-2016-1815",
"publishDate": "2016-05-19",
"lastUpdate": "",
"title": "(Pwn2Own) Apple OS X IntelAccelerator Out-Of-Bounds Indexing Privilege Escalation Vulnerability"
},
{
"idYear": "16",
"idBase": 343,
"zdiId": "ZDI-16-343",
"zdiCan": "ZDI-CAN-3619",
"affectedVendors": "Apple",
"cve": "CVE-2016-1857",
"publishDate": "2016-05-19",
"lastUpdate": "",
"title": "(Pwn2Own) Apple Safari ArrayStorage DFG Optimization Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "16",
"idBase": 342,
"zdiId": "ZDI-16-342",
"zdiCan": "ZDI-CAN-3604",
"affectedVendors": "Apple",
"cve": "CVE-2016-1856",
"publishDate": "2016-05-19",
"lastUpdate": "",
"title": "(Pwn2Own) Apple Safari TextTrack Object Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "16",
"idBase": 284,
"zdiId": "ZDI-16-284",
"zdiCan": "ZDI-CAN-3627",
"affectedVendors": "Microsoft",
"cve": "CVE-2016-0176",
"publishDate": "2016-05-10",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows dxgkrnl Kernel Driver Buffer Overflow Privilege Escalation Vulnerability"
},
{
"idYear": "16",
"idBase": 283,
"zdiId": "ZDI-16-283",
"zdiCan": "ZDI-CAN-3626",
"affectedVendors": "Microsoft",
"cve": "CVE-2016-0193",
"publishDate": "2016-05-10",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Edge JavaScript fill Out-Of-Bounds Access Remote Code Execution Vulnerability"
},
{
"idYear": "16",
"idBase": 282,
"zdiId": "ZDI-16-282",
"zdiCan": "ZDI-CAN-3621",
"affectedVendors": "Microsoft",
"cve": "CVE-2016-0191",
"publishDate": "2016-05-10",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Edge JavaScript concat Method Uninitialized Memory Remote Code Execution Vulnerability"
},
{
"idYear": "16",
"idBase": 281,
"zdiId": "ZDI-16-281",
"zdiCan": "ZDI-CAN-3618",
"affectedVendors": "Microsoft",
"cve": "CVE-2016-0175",
"publishDate": "2016-05-10",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows PFFOBJ::bDeleteLoadRef Font Use-After-Free Privilege Escalation Vulnerability"
},
{
"idYear": "16",
"idBase": 280,
"zdiId": "ZDI-16-280",
"zdiCan": "ZDI-CAN-3617",
"affectedVendors": "Microsoft",
"cve": "CVE-2016-0174",
"publishDate": "2016-05-10",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows NtGdiGetEmbUFI Information Disclosure Vulnerability"
},
{
"idYear": "16",
"idBase": 279,
"zdiId": "ZDI-16-279",
"zdiCan": "ZDI-CAN-3615",
"affectedVendors": "Microsoft",
"cve": "CVE-2016-0173",
"publishDate": "2016-05-10",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows win32kfull.sys Surface Object Use-After-Free Privilege Escalation Vulnerability"
},
{
"idYear": "16",
"idBase": 278,
"zdiId": "ZDI-16-278",
"zdiCan": "ZDI-CAN-3609",
"affectedVendors": "Microsoft",
"cve": "CVE-2016-0196",
"publishDate": "2016-05-10",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows xxxEndDeferWindowPosEx Window Use-After-Free Privilege Escalation Vulnerability"
},
{
"idYear": "16",
"idBase": 228,
"zdiId": "ZDI-16-228",
"zdiCan": "ZDI-CAN-3616",
"affectedVendors": "Adobe",
"cve": "CVE-2016-1018",
"publishDate": "2016-04-08",
"lastUpdate": "",
"title": "(Pwn2Own) Adobe Flash JPEG-XR Parsing Stack Buffer Overflow Remote Code Execution Vulnerability"
},
{
"idYear": "16",
"idBase": 227,
"zdiId": "ZDI-16-227",
"zdiCan": "ZDI-CAN-3608",
"affectedVendors": "Adobe",
"cve": "CVE-2016-1015",
"publishDate": "2016-04-08",
"lastUpdate": "",
"title": "(Pwn2Own) Adobe Flash AS2 NetConnection Type Confusion Remote Code Execution Vulnerability"
},
{
"idYear": "16",
"idBase": 226,
"zdiId": "ZDI-16-226",
"zdiCan": "ZDI-CAN-3613",
"affectedVendors": "Adobe",
"cve": "CVE-2016-1016",
"publishDate": "2016-04-08",
"lastUpdate": "",
"title": "(Pwn2Own) Adobe Flash AS2 Transform matrix Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "16",
"idBase": 225,
"zdiId": "ZDI-16-225",
"zdiCan": "ZDI-CAN-3614",
"affectedVendors": "Adobe",
"cve": "CVE-2016-1017",
"publishDate": "2016-04-08",
"lastUpdate": "",
"title": "(Pwn2Own) Adobe Flash AS2 LoadVars decode Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "17",
"idBase": 487,
"zdiId": "ZDI-17-487",
"zdiCan": "ZDI-CAN-4612",
"affectedVendors": "Microsoft",
"cve": "CVE-2017-8465",
"publishDate": "2017-07-12",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows NtUserLinkDpiCursor Use-After-Free Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 476,
"zdiId": "ZDI-17-476",
"zdiCan": "ZDI-CAN-4577",
"affectedVendors": "Microsoft",
"cve": "CVE-2017-8590",
"publishDate": "2017-07-11",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows CLFS Driver Uninitialized Memory Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 474,
"zdiId": "ZDI-17-474",
"zdiCan": "ZDI-CAN-4633",
"affectedVendors": "Microsoft",
"cve": "CVE-2017-8580",
"publishDate": "2017-07-31",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows Palette Object Use-After-Free Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 473,
"zdiId": "ZDI-17-473",
"zdiCan": "ZDI-CAN-4624",
"affectedVendors": "Microsoft",
"cve": "CVE-2017-8578",
"publishDate": "2017-07-11",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows PlgBlt Integer Overflow Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 472,
"zdiId": "ZDI-17-472",
"zdiCan": "ZDI-CAN-4621",
"affectedVendors": "Microsoft",
"cve": "CVE-2017-8577",
"publishDate": "2017-07-11",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows GDI Region Object Uninitialized Memory Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 471,
"zdiId": "ZDI-17-471",
"zdiCan": "ZDI-CAN-4576",
"affectedVendors": "Microsoft",
"cve": "CVE-2017-8486",
"publishDate": "2017-07-11",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows win32kfull CopyOutputString Out-Of-Bounds Read Information Disclosure Vulnerability"
},
{
"idYear": "17",
"idBase": 470,
"zdiId": "ZDI-17-470",
"zdiCan": "ZDI-CAN-4626",
"affectedVendors": "Microsoft",
"cve": "CVE-2017-8467",
"publishDate": "2017-07-11",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows fnHKINLPRECT Untrusted Pointer Dereference Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 469,
"zdiId": "ZDI-17-469",
"zdiCan": "ZDI-CAN-4630",
"affectedVendors": "Microsoft",
"cve": "CVE-2017-8579",
"publishDate": "2017-07-11",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows D3DKMTCreateAllocation Buffer Overflow Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 464,
"zdiId": "ZDI-17-464",
"zdiCan": "ZDI-CAN-4611",
"affectedVendors": "Microsoft",
"cve": "CVE-2017-0236",
"publishDate": "2017-07-10",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Chakra ArrayBuffer Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "17",
"idBase": 463,
"zdiId": "ZDI-17-463",
"zdiCan": "ZDI-CAN-4603",
"affectedVendors": "Microsoft",
"cve": "CVE-2017-8575",
"publishDate": "2017-07-10",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows basicrender WarpKMEscape Information Disclosure Vulnerability"
},
{
"idYear": "17",
"idBase": 462,
"zdiId": "ZDI-17-462",
"zdiCan": "ZDI-CAN-4587",
"affectedVendors": "Google",
"cve": "CVE-2017-5053",
"publishDate": "2017-07-10",
"lastUpdate": "",
"title": "(Pwn2Own) Google Chrome Array indexOf Out-Of-Bounds Access Remote Code Execution Vulnerability"
},
{
"idYear": "17",
"idBase": 451,
"zdiId": "ZDI-17-451",
"zdiCan": "ZDI-CAN-4602",
"affectedVendors": "Microsoft",
"cve": "CVE-2017-8553",
"publishDate": "2017-06-27",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows XPS Document Writer Uninitialized Memory Information Disclosure Vulnerability"
},
{
"idYear": "17",
"idBase": 450,
"zdiId": "ZDI-17-450",
"zdiCan": "ZDI-CAN-4604",
"affectedVendors": "Microsoft",
"cve": "CVE-2017-8576",
"publishDate": "2017-06-27",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows WarpKMSubmitCommandVirtual Uninitialized Memory Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 404,
"zdiId": "ZDI-17-404",
"zdiCan": "ZDI-CAN-4619",
"affectedVendors": "Microsoft",
"cve": "CVE-2017-8466",
"publishDate": "2017-06-13",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows NtUserLinkDpiCursor Use-After-Free Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 403,
"zdiId": "ZDI-17-403",
"zdiCan": "ZDI-CAN-4590",
"affectedVendors": "Microsoft",
"cve": "CVE-2017-8468",
"publishDate": "2017-06-13",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows NtUserLinkDpiCursor Use-After-Free Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 402,
"zdiId": "ZDI-17-402",
"zdiCan": "ZDI-CAN-4608",
"affectedVendors": "Microsoft",
"cve": "CVE-2017-8465",
"publishDate": "2017-06-13",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows NtUserLinkDpiCursor Use-After-Free Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 400,
"zdiId": "ZDI-17-400",
"zdiCan": "ZDI-CAN-4622",
"affectedVendors": "Microsoft",
"cve": "CVE-2017-0296",
"publishDate": "2017-06-13",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Windows TdxCreateTransportAddress Buffer Overflow Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 370,
"zdiId": "ZDI-17-370",
"zdiCan": "ZDI-CAN-4583",
"affectedVendors": "Apple",
"cve": "",
"publishDate": "2017-05-30",
"lastUpdate": "",
"title": "(Pwn2Own) Apple macOS nsurlstoraged Null Pointer Dereference Denial of Service Vulnerability"
},
{
"idYear": "17",
"idBase": 369,
"zdiId": "ZDI-17-369",
"zdiCan": "ZDI-CAN-4596",
"affectedVendors": "Apple",
"cve": "CVE-2017-7002",
"publishDate": "2017-05-30",
"lastUpdate": "",
"title": "(Pwn2Own) Apple Safari WebSQL matchinfo Type Confusion Remote Code Execution Vulnerability"
},
{
"idYear": "17",
"idBase": 368,
"zdiId": "ZDI-17-368",
"zdiCan": "ZDI-CAN-4595",
"affectedVendors": "Apple",
"cve": "CVE-2017-7001",
"publishDate": "2017-05-30",
"lastUpdate": "",
"title": "(Pwn2Own) Apple Safari WebSQL offsets Type Confusion Remote Code Execution Vulnerability"
},
{
"idYear": "17",
"idBase": 367,
"zdiId": "ZDI-17-367",
"zdiCan": "ZDI-CAN-4594",
"affectedVendors": "Apple",
"cve": "CVE-2017-7000",
"publishDate": "2017-05-30",
"lastUpdate": "",
"title": "(Pwn2Own) Apple Safari WebSQL snippet Type Confusion Remote Code Execution Vulnerability"
},
{
"idYear": "17",
"idBase": 366,
"zdiId": "ZDI-17-366",
"zdiCan": "ZDI-CAN-4591",
"affectedVendors": "Apple",
"cve": "CVE-2017-6983",
"publishDate": "2017-05-30",
"lastUpdate": "",
"title": "(Pwn2Own) Apple Safari WebSQL optimize Type Confusion Remote Code Execution Vulnerability"
},
{
"idYear": "17",
"idBase": 364,
"zdiId": "ZDI-17-364",
"zdiCan": "ZDI-CAN-4610",
"affectedVendors": "Apple",
"cve": "CVE-2017-2543",
"publishDate": "2017-05-18",
"lastUpdate": "",
"title": "(Pwn2Own) Apple macOS AppleMultitouchDevice Use-After-Free Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 363,
"zdiId": "ZDI-17-363",
"zdiCan": "ZDI-CAN-4609",
"affectedVendors": "Apple",
"cve": "CVE-2017-2542",
"publishDate": "2017-05-18",
"lastUpdate": "",
"title": "(Pwn2Own) Apple macOS AppleMultitouchDevice Uninitialized Memory Information Disclosure Vulnerability"
},
{
"idYear": "17",
"idBase": 362,
"zdiId": "ZDI-17-362",
"zdiCan": "ZDI-CAN-4598",
"affectedVendors": "Apple",
"cve": "CVE-2017-2538",
"publishDate": "2017-05-18",
"lastUpdate": "",
"title": "(Pwn2Own) Apple Safari ProcessingInstruction Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "17",
"idBase": 361,
"zdiId": "ZDI-17-361",
"zdiCan": "ZDI-CAN-4597",
"affectedVendors": "Apple",
"cve": "CVE-2017-2539",
"publishDate": "2017-05-18",
"lastUpdate": "",
"title": "(Pwn2Own) Apple Safari WebGLRenderingContextBase drawElements Out-Of-Bounds Read Information Disclosure Vulnerability"
},
{
"idYear": "17",
"idBase": 360,
"zdiId": "ZDI-17-360",
"zdiCan": "ZDI-CAN-4593",
"affectedVendors": "Apple",
"cve": "CVE-2017-6991",
"publishDate": "2017-05-18",
"lastUpdate": "",
"title": "(Pwn2Own) Apple Safari WebSQL Type Confusion Information Disclosure Vulnerability"
},
{
"idYear": "17",
"idBase": 359,
"zdiId": "ZDI-17-359",
"zdiCan": "ZDI-CAN-4617",
"affectedVendors": "Apple",
"cve": "CVE-2017-2546",
"publishDate": "2017-05-18",
"lastUpdate": "",
"title": "(Pwn2Own) Apple macOS smbfs Out-Of-Bounds Access Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 358,
"zdiId": "ZDI-17-358",
"zdiCan": "ZDI-CAN-4582",
"affectedVendors": "Apple",
"cve": "CVE-2017-2536",
"publishDate": "2017-05-18",
"lastUpdate": "",
"title": "(Pwn2Own) Apple Safari Spread Operator Integer Overflow Remote Code Execution Vulnerability"
},
{
"idYear": "17",
"idBase": 357,
"zdiId": "ZDI-17-357",
"zdiCan": "ZDI-CAN-4580",
"affectedVendors": "Apple",
"cve": "CVE-2017-2533",
"publishDate": "2017-05-18",
"lastUpdate": "",
"title": "(Pwn2Own) Apple macOS diskarbitrationd Time-Of-Check/Time-Of-Use Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 356,
"zdiId": "ZDI-17-356",
"zdiCan": "ZDI-CAN-4579",
"affectedVendors": "Apple",
"cve": "CVE-2017-2535",
"publishDate": "2017-05-18",
"lastUpdate": "",
"title": "(Pwn2Own) Apple macOS authd Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 355,
"zdiId": "ZDI-17-355",
"zdiCan": "ZDI-CAN-4624",
"affectedVendors": "Apple",
"cve": "CVE-2017-2548",
"publishDate": "2017-05-18",
"lastUpdate": "",
"title": "(Pwn2Own) Apple macOS WindowServer XSetWindowListBrightness Out-Of-Bounds Access Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 354,
"zdiId": "ZDI-17-354",
"zdiCan": "ZDI-CAN-4623",
"affectedVendors": "Apple",
"cve": "CVE-2017-2547",
"publishDate": "2017-05-18",
"lastUpdate": "",
"title": "(Pwn2Own) Apple Safari B3 Optimization Out-Of-Bounds Access Remote Code Execution Vulnerability"
},
{
"idYear": "17",
"idBase": 353,
"zdiId": "ZDI-17-353",
"zdiCan": "ZDI-CAN-4592",
"affectedVendors": "Apple",
"cve": "CVE-2017-2537",
"publishDate": "2017-05-18",
"lastUpdate": "",
"title": "(Pwn2Own) Apple macOS WindowServer Dragging Space Use-After-Free Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 352,
"zdiId": "ZDI-17-352",
"zdiCan": "ZDI-CAN-4615",
"affectedVendors": "Apple",
"cve": "CVE-2017-6990",
"publishDate": "2017-05-18",
"lastUpdate": "",
"title": "(Pwn2Own) Apple macOS HFS Uninitialized Memory Information Disclosure Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 351,
"zdiId": "ZDI-17-351",
"zdiCan": "ZDI-CAN-4614",
"affectedVendors": "Apple",
"cve": "CVE-2017-2545",
"publishDate": "2017-05-15",
"lastUpdate": "",
"title": "(Pwn2Own) Apple macOS IOGraphic Use-After-Free Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 350,
"zdiId": "ZDI-17-350",
"zdiCan": "ZDI-CAN-4613",
"affectedVendors": "Apple",
"cve": "CVE-2017-2544",
"publishDate": "2017-05-15",
"lastUpdate": "",
"title": "(Pwn2Own) Apple Safari Array concat Integer Overflow Remote Code Execution Vulnerability"
},
{
"idYear": "17",
"idBase": 349,
"zdiId": "ZDI-17-349",
"zdiCan": "ZDI-CAN-4600",
"affectedVendors": "Apple",
"cve": "CVE-2017-2541",
"publishDate": "2017-05-15",
"lastUpdate": "",
"title": "(Pwn2Own) Apple macOS WindowServer _XGetWindowMovementGroup Stack-based Buffer Overflow Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 348,
"zdiId": "ZDI-17-348",
"zdiCan": "ZDI-CAN-4599",
"affectedVendors": "Apple",
"cve": "CVE-2017-2540",
"publishDate": "2017-05-15",
"lastUpdate": "",
"title": "(Pwn2Own) Apple macOS WindowServer _XGetConnectionPSN Information Disclosure Vulnerability"
},
{
"idYear": "17",
"idBase": 347,
"zdiId": "ZDI-17-347",
"zdiCan": "ZDI-CAN-4581",
"affectedVendors": "Apple",
"cve": "CVE-2017-2534, CVE-2017-6977",
"publishDate": "2017-05-15",
"lastUpdate": "",
"title": "(Pwn2Own) Apple macOS speechsynthesisd Unsigned Dylib Loading Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 329,
"zdiId": "ZDI-17-329",
"zdiCan": "ZDI-CAN-4629",
"affectedVendors": "Microsoft",
"cve": "CVE-2017-0240",
"publishDate": "2017-05-10",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Edge AudioBuffer Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "17",
"idBase": 328,
"zdiId": "ZDI-17-328",
"zdiCan": "ZDI-CAN-4628",
"affectedVendors": "Microsoft",
"cve": "CVE-2017-0240",
"publishDate": "2017-05-10",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Edge AudioBuffer Use-After-Free Information Disclosure Vulnerability"
},
{
"idYear": "17",
"idBase": 327,
"zdiId": "ZDI-17-327",
"zdiCan": "ZDI-CAN-4625",
"affectedVendors": "Microsoft",
"cve": "CVE-2017-0238",
"publishDate": "2017-05-10",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Chakra Array unshift Heap-based Buffer Overflow Remote Code Execution Vulnerability"
},
{
"idYear": "17",
"idBase": 326,
"zdiId": "ZDI-17-326",
"zdiCan": "ZDI-CAN-4618",
"affectedVendors": "Microsoft",
"cve": "CVE-2017-0228",
"publishDate": "2017-05-10",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Chakra Array Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "17",
"idBase": 325,
"zdiId": "ZDI-17-325",
"zdiCan": "ZDI-CAN-4585",
"affectedVendors": "Microsoft",
"cve": "CVE-2017-0233",
"publishDate": "2017-05-10",
"lastUpdate": "2018-03-06",
"title": "(Pwn2Own) Microsoft Edge WriteClassesOfCategory DLL Planting Sandbox Escape Vulnerability"
},
{
"idYear": "17",
"idBase": 324,
"zdiId": "ZDI-17-324",
"zdiCan": "ZDI-CAN-4584",
"affectedVendors": "Microsoft",
"cve": "CVE-2017-0234",
"publishDate": "2017-05-10",
"lastUpdate": "",
"title": "(Pwn2Own) Microsoft Edge ArrayBuffer Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "17",
"idBase": 321,
"zdiId": "ZDI-17-321",
"zdiCan": "ZDI-CAN-4578",
"affectedVendors": "Apple",
"cve": "CVE-2017-2491",
"publishDate": "2017-05-04",
"lastUpdate": "",
"title": "(Pwn2Own) Apple Safari String replace Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "17",
"idBase": 282,
"zdiId": "ZDI-17-282",
"zdiCan": "ZDI-CAN-4589",
"affectedVendors": "Adobe",
"cve": "CVE-2017-3057",
"publishDate": "2017-08-01",
"lastUpdate": "",
"title": "(Pwn2Own) Adobe Reader DC Collab documentToStream Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "17",
"idBase": 281,
"zdiId": "ZDI-17-281",
"zdiCan": "ZDI-CAN-4588",
"affectedVendors": "Adobe",
"cve": "CVE-2017-3056",
"publishDate": "2017-08-01",
"lastUpdate": "",
"title": "(Pwn2Own) Adobe Reader DC util streamFromString Uninitialized Memory Information Disclosure Vulnerability"
},
{
"idYear": "17",
"idBase": 280,
"zdiId": "ZDI-17-280",
"zdiCan": "ZDI-CAN-4575",
"affectedVendors": "Adobe",
"cve": "CVE-2017-3055",
"publishDate": "2017-04-11",
"lastUpdate": "",
"title": "(Pwn2Own) Adobe Reader DC JPEG2000 Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability"
},
{
"idYear": "17",
"idBase": 279,
"zdiId": "ZDI-17-279",
"zdiCan": "ZDI-CAN-4607",
"affectedVendors": "Adobe",
"cve": "CVE-2017-3063",
"publishDate": "2017-08-01",
"lastUpdate": "",
"title": "(Pwn2Own) Adobe Flash NetStream Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "17",
"idBase": 278,
"zdiId": "ZDI-17-278",
"zdiCan": "ZDI-CAN-4601",
"affectedVendors": "Adobe",
"cve": "CVE-2017-3062",
"publishDate": "2017-04-11",
"lastUpdate": "",
"title": "(Pwn2Own) Adobe Flash TextField Attribute Array Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "17",
"idBase": 240,
"zdiId": "ZDI-17-240",
"zdiCan": "ZDI-CAN-4586",
"affectedVendors": "Linux",
"cve": "CVE-2017-7184",
"publishDate": "2017-03-30",
"lastUpdate": "",
"title": "(Pwn2Own) Linux Kernel XFRM Out-Of-Bounds Access Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 239,
"zdiId": "ZDI-17-239",
"zdiCan": "ZDI-CAN-4632",
"affectedVendors": "VMware",
"cve": "CVE-2017-4904",
"publishDate": "2017-03-30",
"lastUpdate": "",
"title": "(Pwn2Own) VMware Workstation Uninitialized Memory Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 238,
"zdiId": "ZDI-17-238",
"zdiCan": "ZDI-CAN-4631",
"affectedVendors": "VMware",
"cve": "CVE-2017-4905",
"publishDate": "2017-03-30",
"lastUpdate": "",
"title": "(Pwn2Own) VMware Workstation Uninitialized Memory Information Disclosure Vulnerability"
},
{
"idYear": "17",
"idBase": 237,
"zdiId": "ZDI-17-237",
"zdiCan": "ZDI-CAN-4627",
"affectedVendors": "VMware",
"cve": "CVE-2017-4903",
"publishDate": "2017-03-30",
"lastUpdate": "",
"title": "(Pwn2Own) VMware Workstation SVGA Uninitialized Memory Privilege Escalation Vulnerability"
},
{
"idYear": "17",
"idBase": 234,
"zdiId": "ZDI-17-234",
"zdiCan": "ZDI-CAN-4620",
"affectedVendors": "Mozilla",
"cve": "CVE-2017-5428",
"publishDate": "2017-03-30",
"lastUpdate": "",
"title": "(Pwn2Own) Mozilla Firefox createImageBitmap Integer Overflow Remote Code Execution Vulnerability"
},
{
"idYear": "18",
"idBase": 880,
"zdiId": "ZDI-18-880",
"zdiCan": "ZDI-CAN-5360",
"affectedVendors": "Google",
"cve": "",
"publishDate": "2018-08-02",
"lastUpdate": "2018-08-02",
"title": "(Pwn2Own) Google Android UserCallActivity Null Pointer Dereference Denial of Service Vulnerability"
},
{
"idYear": "18",
"idBase": 879,
"zdiId": "ZDI-18-879",
"zdiCan": "ZDI-CAN-5347",
"affectedVendors": "Huawei",
"cve": "CVE-2018-7931",
"publishDate": "2018-08-02",
"lastUpdate": "2018-08-02",
"title": "(Pwn2Own) Huawei App Market Whitelist Bypass Privilege Escalation Vulnerability"
},
{
"idYear": "18",
"idBase": 878,
"zdiId": "ZDI-18-878",
"zdiCan": "ZDI-CAN-5349",
"affectedVendors": "Huawei",
"cve": "CVE-2017-15309",
"publishDate": "2018-08-02",
"lastUpdate": "2018-08-02",
"title": "(Pwn2Own) Huawei Reader FileName Directory Traversal Privilege Escalation Vulnerability"
},
{
"idYear": "18",
"idBase": 876,
"zdiId": "ZDI-18-876",
"zdiCan": "ZDI-CAN-5351",
"affectedVendors": "Huawei",
"cve": "CVE-2017-15308",
"publishDate": "2018-08-02",
"lastUpdate": "2018-08-02",
"title": "(Pwn2Own) Huawei Reader Insecure Plugin Loading Privilege Escalation Vulnerability"
},
{
"idYear": "18",
"idBase": 875,
"zdiId": "ZDI-18-875",
"zdiCan": "ZDI-CAN-5348",
"affectedVendors": "Huawei",
"cve": "CVE-2018-7932",
"publishDate": "2018-08-02",
"lastUpdate": "2018-08-02",
"title": "(Pwn2Own) Huawei App Market JavaScript Bridge Privilege Escalation Vulnerability"
},
{
"idYear": "18",
"idBase": 874,
"zdiId": "ZDI-18-874",
"zdiCan": "ZDI-CAN-5350",
"affectedVendors": "Huawei",
"cve": "CVE-2017-15309",
"publishDate": "2018-08-02",
"lastUpdate": "2018-08-02",
"title": "(Pwn2Own) Huawei Reader onChapPack Directory Traversal File Deletion Vulnerability"
},
{
"idYear": "18",
"idBase": 783,
"zdiId": "ZDI-18-783",
"zdiCan": "ZDI-CAN-5818",
"affectedVendors": "Oracle",
"cve": "CVE-2018-2860",
"publishDate": "2018-07-26",
"lastUpdate": "2018-07-26",
"title": "(Pwn2Own) Oracle Virtualbox HGCM Out-Of-Bounds Write Privilege Escalation Vulnerability "
},
{
"idYear": "18",
"idBase": 782,
"zdiId": "ZDI-18-782",
"zdiCan": "ZDI-CAN-5817",
"affectedVendors": "Oracle",
"cve": "CVE-2018-2860",
"publishDate": "2018-07-26",
"lastUpdate": "2018-07-26",
"title": "(Pwn2Own) Oracle Virtualbox HGCM Out-Of-Bounds Read Information Disclosure Vulnerability"
},
{
"idYear": "18",
"idBase": 781,
"zdiId": "ZDI-18-781",
"zdiCan": "ZDI-CAN-5828",
"affectedVendors": "Apple",
"cve": "CVE-2018-4199",
"publishDate": "2018-07-26",
"lastUpdate": "2018-12-20",
"title": "(Pwn2Own) Apple Safari SVG Heap-based Buffer Overflow Remote Code Execution Vulnerability"
},
{
"idYear": "18",
"idBase": 612,
"zdiId": "ZDI-18-612",
"zdiCan": "ZDI-CAN-5814",
"affectedVendors": "Microsoft",
"cve": "CVE-2018-1025",
"publishDate": "2018-07-12",
"lastUpdate": "2018-07-12",
"title": "(Pwn2Own) Microsoft Edge WebGL ImageData Use-After-Free Information Disclosure Vulnerability"
},
{
"idYear": "18",
"idBase": 573,
"zdiId": "ZDI-18-573",
"zdiCan": "ZDI-CAN-5823",
"affectedVendors": "Microsoft",
"cve": "CVE-2018-8164",
"publishDate": "2018-06-08",
"lastUpdate": "2018-06-08",
"title": "(Pwn2Own) Microsoft Windows D3DKMTCreateDCFromMemory Memory Corruption Privilege Escalation Vulnerability"
},
{
"idYear": "18",
"idBase": 572,
"zdiId": "ZDI-18-572",
"zdiCan": "ZDI-CAN-5816",
"affectedVendors": "Microsoft",
"cve": "CVE-2018-8165",
"publishDate": "2018-06-08",
"lastUpdate": "2018-06-08",
"title": "(Pwn2Own) Microsoft Windows DirectX Integer Overflow Privilege Escalation Vulnerability"
},
{
"idYear": "18",
"idBase": 571,
"zdiId": "ZDI-18-571",
"zdiCan": "ZDI-CAN-5815",
"affectedVendors": "Microsoft",
"cve": "CVE-2018-8179",
"publishDate": "2018-06-08",
"lastUpdate": "2018-06-08",
"title": "(Pwn2Own) Microsoft Edge WebRTC Parameters Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "18",
"idBase": 562,
"zdiId": "ZDI-18-562",
"zdiCan": "ZDI-CAN-5361",
"affectedVendors": "Samsung",
"cve": "CVE-2018-11614",
"publishDate": "2018-06-07",
"lastUpdate": "2018-06-07",
"title": "(Pwn2Own) Samsung Members Intent Proxy Privilege Escalation Vulnerability"
},
{
"idYear": "18",
"idBase": 561,
"zdiId": "ZDI-18-561",
"zdiCan": "ZDI-CAN-5358",
"affectedVendors": "Samsung",
"cve": "CVE-2018-10501",
"publishDate": "2018-06-07",
"lastUpdate": "2018-06-07",
"title": "(Pwn2Own) Samsung Notes ZIP File Directory Traversal File Write Vulnerability"
},
{
"idYear": "18",
"idBase": 560,
"zdiId": "ZDI-18-560",
"zdiCan": "ZDI-CAN-5359",
"affectedVendors": "Samsung",
"cve": "CVE-2018-10502",
"publishDate": "2018-06-07",
"lastUpdate": "2018-06-07",
"title": "(Pwn2Own) Samsung Galaxy Apps Staging Mode Privilege Escalation Vulnerability"
},
{
"idYear": "18",
"idBase": 263,
"zdiId": "ZDI-18-263",
"zdiCan": "ZDI-CAN-5822",
"affectedVendors": "Mozilla",
"cve": "CVE-2018-5146",
"publishDate": "2018-03-23",
"lastUpdate": "2018-03-23",
"title": "(Pwn2Own) Mozilla Firefox libvorbis OGG Decoding Out-Of-Bounds Write Remote Code Execution Vulnerability"
},
{
"idYear": "18",
"idBase": 156,
"zdiId": "ZDI-18-156",
"zdiCan": "ZDI-CAN-5367",
"affectedVendors": "Apple",
"cve": "CVE-2017-7171",
"publishDate": "2018-02-07",
"lastUpdate": "2018-02-07",
"title": "(Pwn2Own) Apple iOS backboardd Untrusted Pointer Dereference Privilege Escalation Vulnerability"
},
{
"idYear": "18",
"idBase": 155,
"zdiId": "ZDI-18-155",
"zdiCan": "ZDI-CAN-5366",
"affectedVendors": "Apple",
"cve": "CVE-2017-13885",
"publishDate": "2018-02-07",
"lastUpdate": "2018-02-07",
"title": "(Pwn2Own) Apple Safari DFG JIT Type Confusion Remote Code Execution Vulnerability"
},
{
"idYear": "18",
"idBase": 153,
"zdiId": "ZDI-18-153",
"zdiCan": "ZDI-CAN-5353",
"affectedVendors": "Apple",
"cve": "CVE-2017-13884",
"publishDate": "2018-02-07",
"lastUpdate": "2018-02-07",
"title": "(Pwn2Own) Apple Safari DFG JIT Type Confusion Remote Code Execution Vulnerability"
},
{
"idYear": "18",
"idBase": 152,
"zdiId": "ZDI-18-152",
"zdiCan": "ZDI-CAN-5352",
"affectedVendors": "Apple",
"cve": "CVE-2017-7165",
"publishDate": "2018-02-07",
"lastUpdate": "2018-02-07",
"title": "(Pwn2Own) Apple Safari HTMLButtonElement Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "18",
"idBase": 151,
"zdiId": "ZDI-18-151",
"zdiCan": "ZDI-CAN-5345",
"affectedVendors": "Apple",
"cve": "CVE-2017-7172",
"publishDate": "2018-02-07",
"lastUpdate": "2018-02-07",
"title": "(Pwn2Own) Apple Safari UIProcess Out-Of-Bounds Access Privilege Escalation Vulnerability"
},
{
"idYear": "18",
"idBase": 150,
"zdiId": "ZDI-18-150",
"zdiCan": "ZDI-CAN-5344",
"affectedVendors": "Apple",
"cve": "CVE-2017-7160",
"publishDate": "2018-02-07",
"lastUpdate": "2018-02-07",
"title": "(Pwn2Own) Apple Safari FTL JIT Integer Overflow Remote Code Execution Vulnerability"
},
{
"idYear": "18",
"idBase": 149,
"zdiId": "ZDI-18-149",
"zdiCan": "ZDI-CAN-5343",
"affectedVendors": "Apple",
"cve": "CVE-2017-7162",
"publishDate": "2018-02-07",
"lastUpdate": "2018-02-07",
"title": "(Pwn2Own) Apple iOS backboardd Double Free Privilege Escalation Vulnerability"
},
{
"idYear": "18",
"idBase": 148,
"zdiId": "ZDI-18-148",
"zdiCan": "ZDI-CAN-5342",
"affectedVendors": "Apple",
"cve": "CVE-2017-13866",
"publishDate": "2018-02-07",
"lastUpdate": "2018-02-07",
"title": "(Pwn2Own) Apple Safari DFG JIT Type Confusion Remote Code Execution Vulnerability"
},
{
"idYear": "18",
"idBase": 147,
"zdiId": "ZDI-18-147",
"zdiCan": "ZDI-CAN-5341",
"affectedVendors": "Apple",
"cve": "CVE-2017-7171",
"publishDate": "2018-02-07",
"lastUpdate": "2018-02-07",
"title": "(Pwn2Own) Apple iOS backboardd Untrusted Pointer Dereference Privilege Escalation Vulnerability"
},
{
"idYear": "18",
"idBase": 146,
"zdiId": "ZDI-18-146",
"zdiCan": "ZDI-CAN-5340",
"affectedVendors": "Apple",
"cve": "CVE-2017-13870",
"publishDate": "2018-02-07",
"lastUpdate": "2018-02-07",
"title": "(Pwn2Own) Apple Safari MutationObserver Use-After-Free Remote Code Execution Vulnerability"
},
{
"idYear": "18",
"idBase": 1450,
"zdiId": "ZDI-18-1450",
"zdiCan": "ZDI-CAN-5785",
"affectedVendors": "Samsung",
"cve": "CVE-2018-14319",
"publishDate": "2019-03-04",
"lastUpdate": "2019-03-05",
"title": "(Pwn2Own) Samsung Galaxy S8 Shannon Stack-based Buffer Overflow Remote Code Execution Vulnerability"
},
{
"idYear": "18",
"idBase": 1340,
"zdiId": "ZDI-18-1340",
"zdiCan": "ZDI-CAN-5827",
"affectedVendors": "Apple",
"cve": "CVE-2018-4196",
"publishDate": "2018-11-05",
"lastUpdate": "2018-12-20",
"title": "(Pwn2Own) Apple macOS Dock Service DSSetDesktopForDisplayAndSpace Uninitialized Pointer Privilege Escalation Vulnerability"
},
{
"idYear": "18",
"idBase": 1339,
"zdiId": "ZDI-18-1339",
"zdiCan": "ZDI-CAN-5821",
"affectedVendors": "Apple",
"cve": "CVE-2018-4237",
"publishDate": "2018-11-05",
"lastUpdate": "2018-11-05",
"title": "(Pwn2Own) Apple macOS task_set_special_port Port Overwrite Privilege Escalation Vulnerability"
},
{
"idYear": "18",
"idBase": 1338,
"zdiId": "ZDI-18-1338",
"zdiCan": "ZDI-CAN-5820",
"affectedVendors": "Apple",
"cve": "CVE-2018-4404",
"publishDate": "2018-11-05",
"lastUpdate": "2018-11-05",
"title": "(Pwn2Own) Apple macOS launchd Improper Access Check Privilege Escalation Vulnerability"
},
{
"idYear": "18",
"idBase": 1321,
"zdiId": "ZDI-18-1321",
"zdiCan": "ZDI-CAN-5819",
"affectedVendors": "Apple",
"cve": "CVE-2018-4233",
"publishDate": "2018-10-30",
"lastUpdate": "2018-10-30",
"title": "(Pwn2Own) Apple Safari CreateThis Type Confusion Remote Code Execution Vulnerability"
},
{
"idYear": "19",
"idBase": 921,
"zdiId": "ZDI-19-921",
"zdiCan": "ZDI-CAN-8378",
"affectedVendors": "Google",
"cve": "CVE-2019-13698",
"publishDate": "2019-10-29",
"lastUpdate": "",
"title": "(Pwn2Own) Google Chromium RegExpReplace Type Confusion Remote Code Execution Vulnerability"
},
{
"idYear": "19",
"idBase": 782,
"zdiId": "ZDI-19-782",
"zdiCan": "ZDI-CAN-8375",
"affectedVendors": "Mozilla",
"cve": "CVE-2019-9812",
"publishDate": "2019-09-05",
"lastUpdate": "",
"title": "(Pwn2Own) Mozilla Firefox sync Universal Cross-Site Scripting Sandbox Escape Vulnerability"
},
{
"idYear": "19",
"idBase": 668,
"zdiId": "ZDI-19-668",
"zdiCan": "ZDI-CAN-8572",
"affectedVendors": "Oracle",
"cve": "CVE-2019-2859",
"publishDate": "2019-07-22",
"lastUpdate": "",
"title": "(Pwn2Own) Oracle VirtualBox vusbUrbSubmitCtrl Use-After-Free Privilege Escalation Vulnerability"
},
{
"idYear": "19",
"idBase": 660,
"zdiId": "ZDI-19-660",
"zdiCan": "ZDI-CAN-7483",
"affectedVendors": "Xiaomi",
"cve": "CVE-2019-13322 ",
"publishDate": "2019-07-12",
"lastUpdate": "",
"title": "(Pwn2Own) Xiaomi Mi6 Browser miui.share APK Download Remote Code Execution Vulnerability"
},
{
"idYear": "19",
"idBase": 560,
"zdiId": "ZDI-19-560",
"zdiCan": "ZDI-CAN-8369",
"affectedVendors": "Microsoft",
"cve": "CVE-2019-1041",
"publishDate": "2019-06-11",
"lastUpdate": "2019-06-14",
"title": "(Pwn2Own) Microsoft Windows DirectComposition PropertySet Out-Of-Bounds Write Privilege Escalation Vulnerability"
},
{
"idYear": "19",
"idBase": 425,
"zdiId": "ZDI-19-425",
"zdiCan": "ZDI-CAN-8363",
"affectedVendors": "Oracle",
"cve": "CVE-2019-2722",
"publishDate": "2019-04-29",
"lastUpdate": "2019-06-14",
"title": "(Pwn2Own) Oracle VirtualBox e1000 Integer Overflow Privilege Escalation Vulnerability"
},
{
"idYear": "19",
"idBase": 424,
"zdiId": "ZDI-19-424",
"zdiCan": "ZDI-CAN-8362",
"affectedVendors": "Oracle",
"cve": "CVE-2019-2723",
"publishDate": "2019-04-29",
"lastUpdate": "2019-06-14",
"title": "(Pwn2Own) Oracle VirtualBox e1000 Race Condition Privilege Escalation Vulnerability"
},
{
"idYear": "19",
"idBase": 423,
"zdiId": "ZDI-19-423",
"zdiCan": "ZDI-CAN-8361",
"affectedVendors": "Oracle",
"cve": "CVE-2019-2723",
"publishDate": "2019-04-29",
"lastUpdate": "2019-06-14",
"title": "(Pwn2Own) Oracle VirtualBox OHCI Integer Overflow Information Disclosure Vulnerability"
},
{
"idYear": "19",
"idBase": 421,
"zdiId": "ZDI-19-421",
"zdiCan": "ZDI-CAN-8372",
"affectedVendors": "VMware",
"cve": "CVE-2019-5518",
"publishDate": "2019-04-17",
"lastUpdate": "2019-06-14",
"title": "(Pwn2Own) VMware Workstation UHCI Out-Of-Bounds Access Privilege Escalation Vulnerability"
},
{
"idYear": "19",
"idBase": 420,
"zdiId": "ZDI-19-420",
"zdiCan": "ZDI-CAN-8364",
"affectedVendors": "VMware",
"cve": "CVE-2019-5519",
"publishDate": "2019-04-17",
"lastUpdate": "2019-06-14",
"title": "(Pwn2Own) VMware Workstation UHCI Race Condition Privilege Escalation Vulnerability"
},
{
"idYear": "19",
"idBase": 368,
"zdiId": "ZDI-19-368",
"zdiCan": "ZDI-CAN-7478",
"affectedVendors": "Xiaomi",
"cve": "CVE-2018-6064",
"publishDate": "2019-04-17",
"lastUpdate": "2019-06-14",
"title": "(Pwn2Own) Xiaomi Mi6 V8 CollectValuesOrEntriesImpl Type Confusion Remote Code Execution Vulnerability"
},
{
"idYear": "19",
"idBase": 367,
"zdiId": "ZDI-19-367",
"zdiCan": "ZDI-CAN-7482",
"affectedVendors": "Xiaomi",
"cve": "CVE-2018-6065",
"publishDate": "2019-04-15",
"lastUpdate": "2019-06-14",
"title": "(Pwn2Own) Xiaomi Mi6 Browser CalculateInstanceSizeHelper Integer Overflow Remote Code Execution Vulnerability"
},
{
"idYear": "19",
"idBase": 366,
"zdiId": "ZDI-19-366",
"zdiCan": "ZDI-CAN-7466",
"affectedVendors": "Xiaomi",
"cve": "CVE-2019-6743",
"publishDate": "2019-04-15",
"lastUpdate": "2019-06-14",
"title": "(Pwn2Own) Xiaomi Mi6 Browser WebAssembly.Instance Out-Of-Bounds Write Remote Code Execution Vulnerability"
},
{
"idYear": "19",
"idBase": 365,
"zdiId": "ZDI-19-365",
"zdiCan": "ZDI-CAN-8373",
"affectedVendors": "Mozilla",
"cve": "CVE-2019-9813",
"publishDate": "2019-04-15",
"lastUpdate": "2019-06-14",
"title": "(Pwn2Own) Mozilla Firefox IonMonkey Optimizer Type Confusion Remote Code Execution Vulnerability"
},
{
"idYear": "19",
"idBase": 364,
"zdiId": "ZDI-19-364",
"zdiCan": "ZDI-CAN-8368",
"affectedVendors": "Mozilla",
"cve": "CVE-2019-9810",
"publishDate": "2019-04-15",
"lastUpdate": "2019-06-14",
"title": "(Pwn2Own) Mozilla Firefox Array.slice Out-Of-Bounds Write Remote Code Execution Vulnerability"
},
{
"idYear": "19",
"idBase": 285,
"zdiId": "ZDI-19-285",
"zdiCan": "ZDI-CAN-7484",
"affectedVendors": "Xiaomi",
"cve": "",
"publishDate": "2019-03-15",
"lastUpdate": "2019-06-14",
"title": "(Pwn2Own) Xiaomi Mi6 Browser market.install apkPath Command Injection Remote Code Execution Vulnerability"
},
{
"idYear": "19",
"idBase": 284,
"zdiId": "ZDI-19-284",
"zdiCan": "ZDI-CAN-7468",
"affectedVendors": "Xiaomi",
"cve": "",
"publishDate": "2019-03-15",
"lastUpdate": "2019-06-14",
"title": "(Pwn2Own) Xiaomi Mi6 Browser Redirect Improper Authorization Remote Code Execution Vulnerability"
},
{
"idYear": "19",
"idBase": 283,
"zdiId": "ZDI-19-283",
"zdiCan": "ZDI-CAN-7469",
"affectedVendors": "Xiaomi",
"cve": "",
"publishDate": "2019-03-15",
"lastUpdate": "2019-06-14",
"title": "(Pwn2Own) Xiaomi Mi6 Browser downloadAndInstallApk Improper Authorization Remote Code Execution Vulnerability"
},
{
"idYear": "19",
"idBase": 282,
"zdiId": "ZDI-19-282",
"zdiCan": "ZDI-CAN-7471",
"affectedVendors": "Google",
"cve": "",
"publishDate": "2019-03-15",
"lastUpdate": "2019-06-14",
"title": "(Pwn2Own) Google Android Contacts Incorrect Permission Assignment Privilege Escalation Vulnerability"
},
{
"idYear": "19",
"idBase": 281,
"zdiId": "ZDI-19-281",
"zdiCan": "ZDI-CAN-7470",
"affectedVendors": "Xiaomi",
"cve": "",
"publishDate": "2019-03-15",
"lastUpdate": "2019-06-14",
"title": "(Pwn2Own) Xiaomi Mi6 Captive Portal Whitelist Bypass Remote Code Execution Vulnerability"
},
{
"idYear": "19",
"idBase": 255,
"zdiId": "ZDI-19-255",
"zdiCan": "ZDI-CAN-7477",
"affectedVendors": "Samsung",
"cve": "CVE-2019-6742",
"publishDate": "2019-03-05",
"lastUpdate": "2019-06-14",
"title": "(Pwn2Own) Samsung Galaxy S9 GameServiceReceiver Unsafe Updates Validation Remote Code Execution Vulnerability"
},
{
"idYear": "19",
"idBase": 254,
"zdiId": "ZDI-19-254",
"zdiCan": "ZDI-CAN-7476",
"affectedVendors": "Samsung",
"cve": "CVE-2019-6741",
"publishDate": "2019-03-05",
"lastUpdate": "2019-06-14",
"title": "(Pwn2Own) Samsung Galaxy S9 Untrusted Site Redirection Remote Code Execution Vulnerability"
},
{
"idYear": "19",
"idBase": 253,
"zdiId": "ZDI-19-253",
"zdiCan": "ZDI-CAN-7472",
"affectedVendors": "Samsung",
"cve": "CVE-2019-6740",
"publishDate": "2019-03-05",
"lastUpdate": "2019-06-14",
"title": "(Pwn2Own) Samsung Galaxy S9 ASN.1 Heap-based Buffer Overflow Remote Code Execution Vulnerability"
},
{
"idYear": "19",
"idBase": 131,
"zdiId": "ZDI-19-131",
"zdiCan": "ZDI-CAN-7479",
"affectedVendors": "Apple",
"cve": "CVE-2019-6216",
"publishDate": "2019-01-25",
"lastUpdate": "2019-06-14",
"title": "(Pwn2Own) Apple Safari Global RegExp JIT Type Confusion Remote Code Execution Vulnerability"
},
{
"idYear": "19",
"idBase": 126,
"zdiId": "ZDI-19-126",
"zdiCan": "ZDI-CAN-7480",
"affectedVendors": "Apple",
"cve": "CVE-2019-6202",
"publishDate": "2019-01-24",
"lastUpdate": "2019-06-14",
"title": "(Pwn2Own) Apple iOS mediaserverd cypc Out-Of-Bounds Access Privilege Escalation Vulnerability"
},
{
"idYear": "19",
"idBase": 125,
"zdiId": "ZDI-19-125",
"zdiCan": "ZDI-CAN-7474",
"affectedVendors": "Apple",
"cve": "CVE-2019-6221",
"publishDate": "2019-01-24",
"lastUpdate": "2019-06-14",
"title": "(Pwn2Own) Apple iOS mediaserverd crte Out-Of-Bounds Access Privilege Escalation Vulnerability"
},
{
"idYear": "19",
"idBase": 124,
"zdiId": "ZDI-19-124",
"zdiCan": "ZDI-CAN-7473",
"affectedVendors": "Apple",
"cve": "CVE-2019-6217",
"publishDate": "2019-01-24",
"lastUpdate": "2019-06-14",
"title": "(Pwn2Own) Apple Safari RegExp JIT Type Confusion Remote Code Execution Vulnerability"
}
]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment