Year: 2023
ZDI-23-742: (0Day) Wacom Drivers for Windows Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Drivers for Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
ZDI-23-741: (0Day) Wacom Drivers for Windows Incorrect Permission Assignment Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Drivers for Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
NVIDIA CEO Tells NTU Grads to Run, Not Walk — But Be Prepared to Stumble
“You are running for food, or you are running from becoming food. And often times, you can’t tell which. Either way, run.” NVIDIA founder and CEO Jensen Huang today urged graduates of National Taiwan University to run hard to seize the unprecedented opportunities that AI will present, but embrace the inevitable failures along the way. …
NVIDIA CEO Tells NTU Grads to Run, Not Walk — But Be Prepared to StumbleRead More
ZDI-23-740: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-23-739: Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-23-738: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-23-737: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
Exploiting the Sonos One Speaker Three Different Ways: A Pwn2Own Toronto Highlight
During Pwn2Own Toronto 2022, three different teams successfully exploited the Sonos One Speaker. In total, $105,000 was awarded to the three teams, with the team of Toan Pham and Tri Dang from Qrious Secure winning $60,000 since their entry was first on the schedule. Part of Pwn2Own competitions involves a random drawing for order. Not …
Exploiting the Sonos One Speaker Three Different Ways: A Pwn2Own Toronto HighlightRead More
Cool It: Team Tackles the Thermal Challenge Data Centers Face
Two years after he spoke at a conference detailing his ambitious vision for cooling tomorrow’s data centers, Ali Heydari and his team won a $5 million grant to go build it. It was the largest of 15 awards in May from the U.S. Department of Energy. The DoE program, called COOLERCHIPS, received more than 100 …
Cool It: Team Tackles the Thermal Challenge Data Centers FaceRead More
Butterfly Effects: Digital Artist Uses AI to Engage Exhibit Goers
For about six years, AI has been an integral part of the artwork of Dominic Harris, a London-based digital artist who’s about to launch his biggest exhibition to date. “I use it for things like giving butterflies a natural sense of movement,” said Harris, whose typical canvas is an interactive computer display. Using a rack …
Butterfly Effects: Digital Artist Uses AI to Engage Exhibit GoersRead More
