Month: September 2023
ZDI-23-1494: Apple Safari TypedArray copyWithin Integer Underflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-23-1493: G Data Total Security GDBackupSvc Service Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of G Data Total Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
ZDI-23-1492: Linux Kernel XFRM Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.
ZDI-23-1491: Linux Kernel Netfilter Xtables Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.
Heeding Huang’s Law: Video Shows How Engineers Keep the Speedups Coming
In a talk, now available online, NVIDIA Chief Scientist Bill Dally describes a tectonic shift in how computer performance gets delivered in a post-Moore’s law era. Each new processor requires ingenuity and effort inventing and validating fresh ingredients, he said in a recent keynote address at Hot Chips, an annual gathering of chip and systems …
Heeding Huang’s Law: Video Shows How Engineers Keep the Speedups ComingRead More
Kicking Games Up a Notch: Startup Sports Vision AI to Broadcast Athletics Across the Globe
Pixellot is scoring with vision AI — making it easier for organizations to deliver real-time sports broadcasting and analytics to viewers across the globe. A member of the NVIDIA Metropolis vision AI partner ecosystem, the company based near Tel Aviv offers an AI-powered platform that automates the capturing, streaming and analysis of sporting events. It’s …
Kicking Games Up a Notch: Startup Sports Vision AI to Broadcast Athletics Across the GlobeRead More
V for Victory: ‘Cyberpunk 2077: Phantom Liberty’ Comes to GeForce NOW
The wait is over. GeForce NOW Ultimate members can experience Cyberpunk 2077: Phantom Liberty on GOG.com at full GeForce RTX 4080 quality, with support for NVIDIA DLSS 3.5 technology. It’s part of an action-packed GFN Thursday, with 26 more games joining the cloud gaming platform’s library, including Quake II from id Software. A New Look …
V for Victory: ‘Cyberpunk 2077: Phantom Liberty’ Comes to GeForce NOWRead More
ZDI-23-1479: (0Day) Control Web Panel wloggui Command Injection Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Control Web Panel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
ZDI-23-1478: (0Day) Control Web Panel Missing Authentication Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Control Web Panel. Authentication is not required to exploit this vulnerability.
ZDI-23-1477: (0Day) Control Web Panel dns_zone_editor Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Control Web Panel. Authentication is required to exploit this vulnerability.
NEWS
-
How AI Is Personalizing Customer Service Experiences Across Industries
September 7, 2024Customer service departments across industries are facing increased call volumes, high customer service agent turnover, talent shortages and shifting customer expectations. Customers expect both self-help options and real-time, person-to-person support. These expectations for seamless, personalized experiences extend across digital communication... -
ZDI-24-1195: Malwarebytes Antimalware Link Following Local Privilege Escalation Vulnerability
September 6, 2024This vulnerability allows local attackers to escalate privileges on affected installations of Malwarebytes Antimalware. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a... -
ZDI-24-1193: Delta Electronics DIAScreen DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
September 6, 2024This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI...