ZDI-24-439: Microsoft Windows Bluetooth AVDTP Protocol Integer Underflow Remote Code Execution Vulnerability

News May 10, 2024
Comments Off on ZDI-24-439: Microsoft Windows Bluetooth AVDTP Protocol Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must connect a malicious Bluetooth device. The ZDI has assigned a CVSS rating of 7.6. The following CVEs are assigned: CVE-2023-24948.

ZDI-24-438: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

News May 10, 2024
Comments Off on ZDI-24-438: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-3298.

ZDI-24-437: Dassault Systèmes eDrawings Viewer DXF File Parsing Type Confusion Remote Code Execution Vulnerability

News May 10, 2024
Comments Off on ZDI-24-437: Dassault Systèmes eDrawings Viewer DXF File Parsing Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-3298.

ZDI-24-436: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

News May 10, 2024
Comments Off on ZDI-24-436: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-3298.

CVE-2024-21115: An Oracle VirtualBox LPE Used to Win Pwn2Own

News May 10, 2024
Comments Off on CVE-2024-21115: An Oracle VirtualBox LPE Used to Win Pwn2Own

In this guest blog from Pwn2Own winner Cody Gallagher, he details CVE-2024-21115 – an Out-of-Bounds (OOB) Write that occurs in Oracle VirtualBox that can be leveraged for privilege escalation. This bug was recently patched by Oracle in April. Cody has graciously provided this detailed write-up of the vulnerability and how he exploited it at the …

CVE-2024-21115: An Oracle VirtualBox LPE Used to Win Pwn2OwnRead More

Through the Wormhole: Media.Monks’ Vision for Enhancing Media and Marketing With AI

News May 10, 2024
Comments Off on Through the Wormhole: Media.Monks’ Vision for Enhancing Media and Marketing With AI

Meet Media.Monks’ Wormhole, an alien-like, conversational robot with a quirky personality and the ability to offer keen marketing expertise. Lewis Smithingham, senior vice president of innovation and special ops at Media.Monks, a global marketing and advertising company, discusses the creation of Wormhole and AI’s potential to enhance media and entertainment with host Noah Kravitz in …

Through the Wormhole: Media.Monks’ Vision for Enhancing Media and Marketing With AIRead More

‘Honkai: Star Rail’ Blasts Off on GeForce NOW

News May 10, 2024
Comments Off on ‘Honkai: Star Rail’ Blasts Off on GeForce NOW

Gear up, Trailblazers — Honkai: Star Rail lands on GeForce NOW this week, along with an in-game reward for members to celebrate the title’s launch in the cloud. Stream it today, along with five new games joining the GeForce NOW library of more than 1,900 titles this week. Five Stars Take a galactic journey in …

‘Honkai: Star Rail’ Blasts Off on GeForce NOWRead More

‘Get On the Train,’ NVIDIA CEO Says at ServiceNow’s Knowledge 2024

News May 9, 2024
Comments Off on ‘Get On the Train,’ NVIDIA CEO Says at ServiceNow’s Knowledge 2024

Now’s the time to hop aboard AI, NVIDIA founder and CEO Jensen Huang declared Wednesday as ServiceNow unveiled a demo of futuristic AI avatars together with NVIDIA during a keynote at the Knowledge 24 conference in Las Vegas. “If something is moving a million times faster every 10 years, what should you do?” Huang asked, …

‘Get On the Train,’ NVIDIA CEO Says at ServiceNow’s Knowledge 2024Read More

AI Decoded: New DaVinci Resolve Tools Bring RTX-Accelerated Renaissance to Editors

News May 9, 2024
Comments Off on AI Decoded: New DaVinci Resolve Tools Bring RTX-Accelerated Renaissance to Editors

AI tools accelerated by NVIDIA RTX have made it easier than ever to edit and work with video. Case in point: Blackmagic Design’s DaVinci Resolve 19 recently added AI features that make video editing workflows more streamlined. These new features — along with all its other AI-powered effects — get a big boost from optimization …

AI Decoded: New DaVinci Resolve Tools Bring RTX-Accelerated Renaissance to EditorsRead More

ZDI-24-427: Adobe Acrobat Reader DC AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability

News May 8, 2024
Comments Off on ZDI-24-427: Adobe Acrobat Reader DC AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-30306.