This article contains Details of Google Project Zero from 2014 to mid 2020 which Google made public earlier this week
The spreadsheet is detail to track cases of zero-day exploits that were detected “in the wild” by Google project zero team. This means the vulnerability was detected in real attacks against users as a zero-day vulnerability (i.e. not known to the public or the vendor at the time of detection). The data is collected by Google from a range of public sources. Google include relevant links to third-party analysis and attribution, but they did this only for information; their inclusion does not mean they endorse or validate the content there.
The complete list Zero-Days found out by Google Project Zero
-
- CVE 2020-12271
- Sophos
- XG Firewall
- Logic/Design Flaw
- SQL injection in admin interface/user portal
- 2020-04-22
- 2020-04-25
- https://community.sophos.com/kb/en-us/135412
- https://news.sophos.com/en-us/2020/04/26/asnarok/
-
- CVE-2020-1027
- Microsoft
- Windows
- Memory Corruption
- Unspecified memory corruption in Windows Kernel
- 2020-03-23
- 2020-04-14
- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1027
- Google Project Zero & Google’s Threat Analysis Group
-
- CVE-2020-1020
- Microsoft
- Windows
- Memory Corruption
- Unspecified memory corruption in Adobe Type 1 PostScript format
- 2020-04-14
- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1020
- Google Project Zero & Google’s Threat Analysis Group
-
- CVE-2020-0938
- Microsoft
- Windows
- Memory Corruption
- Unspecified memory corruption in Adobe Type 1 PostScript format
- 2020-04-14
- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-0938
- Liubenjin and Zhiyi Zhang from Codesafe Team of Legendsec at Qi’anxin Group
-
- CVE-2020-6820
- Mozilla
- Firefox
- Memory Corruption
- Use-after-free when handling a ReadableStream
- 2020-04-03
- https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/
- Francisco Alonso @revskills working with Javier Marcos of @JMPSec
-
- CVE-2020-6819
- Mozilla
- Firefox
- Memory Corruption
- Use-after-free while running the nsDocShell destructor
- 2020-04-03
- https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/
- Francisco Alonso @revskills working with Javier Marcos of @JMPSec
-
- CVE-2020-8468
- TrendMicro
- Apex One/OfficeScan
- Logic/Design Flaw
- Content validation escape in agent client component
- 2020-03-16
- https://success.trendmicro.com/solution/000245571
- Trend Micro Research
-
- CVE-2020-8467
- TrendMicro
- Apex One/OfficeScan
- Unspecified
- Unspecified vulnerability in a migration tool component
- 2020-03-16
- https://success.trendmicro.com/solution/000245571
- Trend Micro Research
-
- CVE-2020-6418
- Chrome
- Memory Corruption
- Type confusion in v8
- 2020-02-24
- https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html
- Clement Lecigne of Google’s Threat Analysis Group
-
- CVE-2020-0674
- Microsoft
- Internet Explorer
- Memory Corruption
- Unspecified memory corruption in Internet Explorer
- 2020-02-11
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0674
- https://blogs.360.cn/post/apt-c-06_0day.html
- Dark Hotel
- https://blogs.360.cn/post/apt-c-06_0day.html
- “Yi Huang(@C0rk1_H) & Kang Yang(@dnpushme) of Qihoo 360 ATA
- Clément Lecigne of Google’s Threat Analysis Group”
-
- CVE-2019-17026
- Mozilla
- Firefox
- Memory Corruption
- Type confusion in IonMonkey JIT compiler
- 2020-01-08
- https://www.mozilla.org/en-US/security/advisories/mfsa2020-03/
- Dark Hotel
- https://blogs.360.cn/post/apt-c-06_0day.html
- Qihoo 360 ATA
-
- CVE-2019-1458
- Microsoft
- Windows
- Memory Corruption
- Memory corruption in window switching
- 2019-12-10
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1458
- https://securelist.com/windows-0-day-exploit-cve-2019-1458-used-in-operation-wizardopium/95432/
- WizardOpium
- https://securelist.com/windows-0-day-exploit-cve-2019-1458-used-in-operation-wizardopium/95432/
- Anton Ivanov and Alexey Kulaev of Kaspersky Lab
-
- CVE-2019-1429
- Microsoft
- Internet Explorer
- Memory Corruption
- Unspecified memory corruption in Internet Explorer
- 2019-11-12
- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1429
- Clément Lecigne of Google’s Threat Analysis Group & Ivan Fratric of Google Project Zero
-
- CVE-2019-13720
- Chrome
- Memory Corruption
- Use-after-free in audio
- 2019-10-31
- https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_31.html
- https://securelist.com/chrome-0-day-exploit-cve-2019-13720-used-in-operation-wizardopium/94866/
- WizardOpium
- https://securelist.com/chrome-0-day-exploit-cve-2019-13720-used-in-operation-wizardopium/94866/
- Anton Ivanov and Alexey Kulaev of Kaspersky Lab
-
- CVE-2019-18187
- Trend Micro
- OfficeScan
- Logic/Design Flaw
- Directory traversal in ZIP file extraction
- 2019-10-28
- https://success.trendmicro.com/solution/000151730
- Tick
- https://www.zdnet.com/article/trend-micro-antivirus-zero-day-used-in-mitsubishi-electric-hack/
- Trend Micro Research
-
- CVE-2019-2215
- Android
- Memory Corruption
- Use-after-free in Binder
- 2019-09-26
- 2019-10-06
- https://source.android.com/security/bulletin/2019-10-01.html#kernel-b
- https://bugs.chromium.org/p/project-zero/issues/detailid=1942
- NSO Group
- https://bugs.chromium.org/p/project-zero/issues/detailid=1942#c7
- Maddie Stone of Google Project Zero
-
- CVE-2019-1367
- Microsoft
- Internet Explorer
- Memory Corruption
- Unspecified memory corruption in Internet Explorer
- 2019-09-23
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1367
- Dark Hotel
- https://twitter.com/craiu/status/1176525773869649921
- Clément Lecigne of Google’s Threat Analysis Group
-
- CVE-2019-1132
- Microsoft
- Windows
- Memory Corruption
- Unspecified memory corruption in win32k
- 2019-07-09
- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1132
- https://www.welivesecurity.com/2019/07/10/windows-zero-day-cve-2019-1132-exploit/
- “Anton Cherepanov
- Senior Malware Researcher of ESET”
-
- CVE-2019-0880
- Microsoft
- Windows
- Logic/Design Flaw
- Sandbox escape in splwow64.exe
- 2019-07-09
- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0880
- “Gene Yoo of Resecurity
- Inc.”
-
- CVE-2019-11708
- Mozilla
- Firefox
- Logic/Design Flaw
- Sandbox escape in Prompt:Open
- 2019-06-20
- https://www.mozilla.org/en-US/security/advisories/mfsa2019-19/
- Coinbase Security
-
- CVE-2019-11707
- Mozilla
- Firefox
- Memory Corruption
- Type confusion in Array.pop
- 2019-06-18
- https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/
- “Samuel Groß of Google Project Zero
- Coinbase Security”
-
- CVE-2019-3568
- Memory Corruption
- Buffer overflow in SRTCP packets
- 2019-05-13
- https://www.facebook.com/security/advisories/cve-2019-3568
- https://research.checkpoint.com/the-nso-whatsapp-vulnerability-this-is-how-it-happened/
- NSO Group
- https://www.ft.com/content/4da1117e-756c-11e9-be7d-6d846537acab
-
- CVE-2019-0803
- Microsoft
- Windows
- Memory Corruption
- Unspecified memory corruption in win32k
- 2019-04-09
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0803
- Vasily Berdnikov & Boris Larin of Kaspersky Lab
-
- CVE-2019-0859
- Microsoft
- Windows
- Memory Corruption
- Use-after-free in CreateWindowEx
- 2019-03-17
- 2019-04-09
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0859
- https://securelist.com/new-win32k-zero-day-cve-2019-0859/90435/
- Donghai Zhu of Alibaba Cloud Intelligence Security Team
-
- CVE-2019-0703
- Microsoft
- Windows
- Information Leak
- Unspecified information leak vulnerability in SMB
- 2019-03-12
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0703
- APT3/Buckeye
- https://www.symantec.com/blogs/threat-intelligence/buckeye-windows-zero-day-exploit
- Piotr Krysiuk of Symantec & Andrew Burkhardt of MSRC Vulnerabilities & Mitigations Team
-
- CVE-2019-0808
- Microsoft
- Windows
- Memory Corruption
- NULL pointer dereference in win32k!xxxMNFindWindowFromPoint
- 2019-03-12
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0808
- https://blog.360totalsecurity.com/en/analysis-of-the-causes-of-cve-2019-0808-core-elevation-permission-vulnerability/
- Vasily Berdnikov & Boris Larin of Kaspersky Lab
-
- CVE-2019-0797
- Microsoft
- Windows
- Memory Corruption
- Race condition in NtDCompositionDestroyConnection
- 2019-02-22
- 2019-03-12
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0797
- https://securelist.com/cve-2019-0797-zero-day-vulnerability/89885/
- “FruityArmor/Stealth Falcon
- and Sandcat”
- https://securelist.com/cve-2019-0797-zero-day-vulnerability/89885/
- Clément Lecigne of Google’s Threat Analysis Group
-
- CVE-2019-5786
- Chrome
- Memory Corruption
- Use-after-free in FileReader
- 2019-03-01
- https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop.html
- https://blog.exodusintel.com/2019/03/20/cve-2019-5786-analysis-and-exploitation/
- Clement Lecigne of Google’s Threat Analysis Group
-
- CVE-2019-0676
- Microsoft
- Internet Explorer
- Information Leak
- Unspecified information leak vulnerability
- 2019-02-12
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0676
- Clement Lecigne of Google’s Threat Analysis Group
-
- CVE-2019-7286
- Apple
- iOS
- Memory Corruption
- Use-after-free in CFPrefsDaemon
- 2019-02-07
- https://support.apple.com/en-us/HT209520
- https://blog.zecops.com/vulnerabilities/analysis-and-reproduction-of-cve-2019-7286/
- “Clement Lecigne of Google Threat Analysis Group
- Ian Beer & Samuel Groß of Google Project Zero
- & an anonymous researcher”
-
- CVE-2019-7287
- Apple
- iOS
- Memory Corruption
- Buffer overflow in ProvInfoIOKitUserClient
- 2019-02-07
- https://support.apple.com/en-us/HT209520
- https://www.antid0te.com/blog/19-02-23-ios-kernel-cve-2019-7287-memory-corruption-vulnerability.html
- “Clement Lecigne of Google Threat Analysis Group
- Ian Beer & Samuel Groß of Google Project Zero
- & an anonymous researcher”
-
- CVE-2018-8653
- Microsoft
- Internet Explorer
- Memory Corruption
- Use-after-free in Enumerator
- 2018-12-19
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8653
- https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/ie-scripting-flaw-still-a-threat-to-unpatched-systems-analyzing-cve-2018-8653/
- Clement Lecigne of Google’s Threat Analysis Group
-
- CVE-2018-8611
- Microsoft
- Windows
- Memory Corruption
- Race condition in kernel transaction manager
- 2018-10-29
- 2018-12-11
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8611
- https://securelist.com/zero-day-in-windows-kernel-transaction-manager-cve-2018-8611/89253/
- “FruityArmor/Stealth Falcon
- and Sandcat”
- https://securelist.com/zero-day-in-windows-kernel-transaction-manager-cve-2018-8611/89253/
- Boris Larin (Oct0xor) & Igor Soumenkov (2igosha) of Kaspersky Lab
-
- CVE-2018-15982
- Adobe
- Flash
- Memory Corruption
- Use-after-free in TVSDK Metadata
- 2018-11-29
- 2018-12-05
- https://helpx.adobe.com/security/products/flash-player/apsb18-42.htmlred=a
- http://blogs.360.cn/post/PoisonNeedles_CVE-2018-15982_EN
- “Chenming Xu and Ed Miles of Gigamon ATR
- Yang Kang (@dnpushme) and Jinquan (@jq0904) of Qihoo 360 Core Security (@360CoreSec)
- He Zhiqiu
- Qu Yifan
- Bai Haowen
- Zeng Haitao and Gu Liang of 360 Threat Intelligence of 360 Enterprise Security Group
- b2ahex”
-
- CVE-2018-8589
- Microsoft
- Windows
- Memory Corruption
- Race condition in win32k!xxxMoveWindow
- 2018-10-17
- 2018-11-13
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8589
- https://securelist.com/a-new-exploit-for-zero-day-vulnerability-cve-2018-8589/88845/
- “FruityArmor/Stealth Falcon
- and Sandcat”
- https://securelist.com/zero-day-in-windows-kernel-transaction-manager-cve-2018-8611/89253/
- Boris Larin (Oct0xor) & Igor Soumenkov (2igosha) of Kaspersky Lab
-
- CVE-2018-8453
- Microsoft
- Windows
- Memory Corruption
- Use-after-free in win32kfull!xxxDestroyWindow
- 2018-08-17
- 2018-10-09
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8453
- https://securelist.com/cve-2018-8453-used-in-targeted-attacks/88151/
- FruityArmor/Stealth Falcon
- https://securelist.com/cve-2018-8453-used-in-targeted-attacks/88151/
- Kaspersky Lab
-
- CVE-2018-8373
- Microsoft
- VBScript
- Memory Corruption
- Use-after-free in VBScript AssignVar
- 2018-07-11
- 2018-08-14
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8373
- https://blog.trendmicro.com/trendlabs-security-intelligence/use-after-free-uaf-vulnerability-cve-2018-8373-in-vbscript-engine-affects-internet-explorer-to-run-shellcode/
- Elliot Cao of Trend Micro Security Research working with Trend Micro’s Zero Day Initiative (ZDI)
-
- CVE-2018-5002
- Adobe
- Flash
- Memory Corruption
- Out-of-bounds read/write in AVM li8 opcode
- 2018-06-07
- https://helpx.adobe.com/security/products/flash-player/apsb18-19.html
- https://s.tencent.com/research/report/489.html
- FruityArmor/Stealth Falcon
- https://twitter.com/craiu/status/1038046509793722368
- “Chenming Xu and Jason Jones of ICEBRG
- Bai Haowen
- Zeng Haitao and Huang Chaowen of 360 Threat Intelligence Center of 360 Enterprise Security Group
- and Yang Kang
- Hu Jiang
- Zhang Qing
- and Jin Quan of Qihoo 360 Core Security (@360CoreSec)
- Tencent PC Manager (http://guanjia.qq.com/) “
-
- CVE-2018-4990
- Adobe
- Reader
- Memory Corruption
- Out-of-bounds free in JPEG2000 CMAP
- 2018-05-14
- https://helpx.adobe.com/security/products/acrobat/apsb18-09.html
- https://srcincite.io/blog/2018/05/21/adobe-me-and-a-double-free.html
- “Anton Cherepanov of ESET & Matt Oh of Microsoft
- Ke Liu of Tencent’s Xuanwu LAB working via Trend Micro’s Zero Day Initiative”
-
- CVE-2018-8120
- Microsoft
- Windows
- Memory Corruption
- NULL pointer dereference in NtUserSetImeInfoEx
- 2018-05-08
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8120
- https://www.welivesecurity.com/2018/05/15/tale-two-zero-days/
- “Dan Lutas of Bitdefender
- Ding Maoyin of Qihoo 360 Core Security
- Anton Ivanov of Kaspersky Lab
- Song Shenlei of Qihoo 360 Core Security
- Anonymous working with Trend Micro’s Zero Day Initiative
- Simon Zuckerbraun working with Trend Micro’s Zero Day Initiative
- Yang Kang of Qihoo 360 Core Security
- Jinquan of Qihoo 360 Core Security
- Vladislav Stolyarov of Kaspersky Lab”
-
- CVE-2018-8174
- Microsoft
- VBScript
- Memory Corruption
- Use-after-free in VBScriptClass::Release
- 2018-05-08
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8174
- https://securelist.com/root-cause-analysis-of-cve-2018-8174/85486/
- “Anton Cherepanov
- Senior Malware Researcher of ESET”
-
- CVE-2018-4878
- Adobe
- Flash
- Memory Corruption
- Use-after-free in MediaPlayer DRM Listener
- 2018-02-06
- https://helpx.adobe.com/security/products/flash-player/apsb18-03.html
- http://blog.morphisec.com/cve-2018-4878-an-analysis-of-the-flash-player-hack
- ScarCruft/APT37/Reaper
- https://www.fireeye.com/blog/threat-research/2018/02/attacks-leveraging-adobe-zero-day.html
- KrCERT/CC
-
- CVE-2018-0802
- Microsoft
- Office
- Memory Corruption
- Buffer overflow in equation editor lfFaceName
- 2018-01-09
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0802
- https://www.freebuf.com/vuls/159789.html
- “Liang Yin of Tencent PC Manager
- Zhiyuan Zheng
- Yuki Chen of Qihoo 360 Vulcan Team
- Yang Kang
- Ding Maoyin and Song Shenlei
- and Jinquan of Qihoo 360 Core Security (@360CoreSec)
- Luka Treiber of 0patch Team – ACROS Security
- zhouat of Qihoo 360 Vulcan Team
- bee13oy of Qihoo 360 Vulcan Team
- Netanel Ben Simon and Omer Gull of Check Point Software Technologies”
-
- CVE-2017-11292
- Adobe
- Flash
- Memory Corruption
- Type confusion in TVSDK BufferControlParameters
- 2017-10-10
- 2017-10-16
- https://helpx.adobe.com/security/products/flash-player/apsb17-32.html
- https://securelist.com/blackoasis-apt-and-new-targeted-attacks-leveraging-zero-day-exploit/82732/
- BlackOasis
- https://securelist.com/blackoasis-apt-and-new-targeted-attacks-leveraging-zero-day-exploit/82732/
- Anton Ivanov of Kaspersky Labs
-
- CVE-2017-11826
- Microsoft
- Office
- Memory Corruption
- Memory corruption in Open XML format nested tags
- 2017-09-28
- 2017-10-10
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11826
- https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/analyzing-microsoft-office-zero-day-exploit-cve-2017-11826-memory-corruption-vulnerability/
- “Yang Kang
- Ding Maoyin and Song Shenlei of Qihoo 360 Core Security (@360CoreSec)”
-
- CVE-2017-8759
- Microsoft
- Office
- Logic/Design Flaw
- Code injection in SOAP WSDL parser
- 2017-09-12
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8759
- https://www.fireeye.com/blog/threat-research/2017/09/zero-day-used-to-distribute-finspy.html
- BlackOasis
- https://securelist.com/blackoasis-apt-and-new-targeted-attacks-leveraging-zero-day-exploit/82732/
- “Genwei Jiang and Dhanesh Kizhakkinan of FireEye
- Inc.”
-
- CVE-2017-8464
- Microsoft
- Windows
- Logic/Design Flaw
- Code injection in LNK file ExtraData parsing
- 2017-06-13
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8464
- http://www.vxjump.net/files/vuln_analysis/cve-2017-8464.txt
-
- CVE-2017-8543
- Microsoft
- Windows
- Memory Corruption
- Buffer overflow in Windows Search CTableVariant
- 2017-06-13
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8543
- https://mp.weixin.qq.com/s/X2JcKCpCH4exDoxMK5oN5Q
CVE-2017-0261 - Microsoft
- Office
- Memory Corruption
- Use-after free in EPS restore operator
- 2017-05-09
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0261
- https://www.fireeye.com/blog/threat-research/2017/05/eps-processing-zero-days.html
- Turla
- https://www.fireeye.com/blog/threat-research/2017/05/eps-processing-zero-days.html
-
- CVE-2017-0262
- Microsoft
- Office
- Memory Corruption
- Type Confusion in EPS forall operator
- 2017-05-09
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0262
- https://www.fireeye.com/blog/threat-research/2017/05/eps-processing-zero-days.html
- APT28/Sofacy/Pawn Storm/Fancy Bear/Sednit/STRONTIUM/Tsar Team
- https://www.fireeye.com/blog/threat-research/2017/05/eps-processing-zero-days.html
- “Mikhail Tsvetkov of Positive Technologies
- Dhanesh Kizhakkinan of FireEye Inc
- Thomas Dupuy and Jessy Campos of ESET”
-
- CVE-2017-0263
- Microsoft
- Windows
- Memory Corruption
- Use-after-free in win32k!xxxDestroyWindow
- 2017-05-09
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0263
- https://www.fireeye.com/blog/threat-research/2017/05/eps-processing-zero-days.html
- APT28/Sofacy/Pawn Storm/Fancy Bear/Sednit/STRONTIUM/Tsar Team
- https://www.fireeye.com/blog/threat-research/2017/05/eps-processing-zero-days.html
- “Thomas Dupuy and Jessy Campos of ESET
- Genwei Jiang of FireEye
- Inc.”
-
- CVE-2017-0222
- Microsoft
- Internet Explorer
- Memory Corruption
- Unspecified memory corruption in Internet Explorer
- 2017-05-09
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0222
- “Genwei Jiang of FireEye
- Inc.
- Steven Hunter of MSRC Vulnerabilities & Mitigations”
-
- CVE-2017-8291
- Ghostscript
- Ghostscript
- Memory Corruption
- Type confusion in rsdparams internal operator
- 2017-04-27
- https://bugs.ghostscript.com/show_bug.cgiid=697799
- https://git.ghostscript.com/p=ghostpdl.git;a=commitdiff;h=04b37bbce1
- https://web.archive.org/web/20170618201817/https://blog.hipchat.com/2017/04/24/hipchat-security-notice/
-
- CVE-2017-0210
- Microsoft
- Internet Explorer
- UXSS
- UXSS in htmlFile ActiveX control
- 2017-04-11
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0210
- https://blog.talosintelligence.com/2017/04/ms-tuesday.html
- “Ryan Hanson (@Ryhanson) of Optiv
- Microsoft MSRC Vulnerabilities and Mitigations Team
- Microsoft Office Security Team
- Genwei Jiang
- FLARE Team
- FireEye Inc
- Eduardo Braun Prado of SecuriTeam Secure Disclosure (SSD)”
-
- CVE-2017-0199
- Microsoft
- Office
- Logic/Design Flaw
- Logic/design flaw in embedded HTA documents
- 2017-04-11
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0199
- https://www.fireeye.com/blog/threat-research/2017/04/cve-2017-0199-hta-handler.html
- (FINSPY/LatentBot)
- https://www.fireeye.com/blog/threat-research/2017/04/cve-2017-0199_useda.html
-
- CVE-2017-1274
- IBM
- Domino
- Memory Corruption
- Buffer overflow in IMAP EXAMINE (EmphasisMine)
- 2017-03-20
- http://www-01.ibm.com/support/docview.wssuid=swg22002280
- Equation Group
- https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation
-
- CVE-2017-3881
- Cisco
- IOS
- Memory Corruption
- Buffer overflow in IOS Cluster Management Protocol
- 2017-03-17
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp
- https://artkond.com/2017/04/10/cisco-catalyst-remote-code-execution/
- Vault 7
- https://blogs.cisco.com/security/the-wikileaks-vault-7-leak-what-we-know-so-far
- Vault 7 Disclosure
-
- CVE-2017-0149
- Microsoft
- Internet Explorer
- Memory Corruption
- Memory corruption in VBScript rtJoin
- 2017-03-14
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-006
- https://twitter.com/jq0904/status/1062168435818283008
-
- CVE-2017-0022
- Microsoft
- XML Core Services
- Information Leak
- Information leak in MSXML version resource
- 2017-03-14
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-022
- https://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-0022-microsoft-patches-vulnerability-exploited-adgholas-neutrino/
- AdGholas/Neutrino
-
- CVE-2017-0005
- Microsoft
- Windows
- Memory Corruption
- Unspecified memory corruption in GDI
- 2017-03-14
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-013
- https://cloudblogs.microsoft.com/microsoftsecure/2017/03/27/detecting-and-mitigating-elevation-of-privilege-exploit-for-cve-2017-0005/
- ZIRCONIUM/APT31
- https://cloudblogs.microsoft.com/microsoftsecure/2017/03/27/detecting-and-mitigating-elevation-of-privilege-exploit-for-cve-2017-0005/
-
- CVE-2017-0143
- Microsoft
- Windows
- Memory Corruption
- Type confusion in SMB messages (EternalSynergy)
- 2017-03-14
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-010
- https://blogs.technet.microsoft.com/srd/2017/07/13/eternal-synergy-exploit-analysis/
- Equation Group
- https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation
-
- CVE-2017-0144
- Microsoft
- Windows
- Memory Corruption
- Buffer overflow in SMB File Extended Attributes (EternalBlue)
- 2017-03-14
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-010
- https://research.checkpoint.com/eternalblue-everything-know/
- Equation Group
- https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation
-
- CVE-2017-0145
- Microsoft
- Windows
- Memory Corruption
- Unspecified type confusion in SMB (EternalRomance)
- 2017-03-14
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-010
- https://www.microsoft.com/security/blog/2017/06/16/analysis-of-the-shadow-brokers-release-and-mitigation-with-windows-10-virtualization-based-security/
- Equation Group
- https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation
- Lockheed Martin Computer Incident Response Team
-
- CVE-2017-0146
- Microsoft
- Windows
- Memory Corruption
- Race condition in SMB transactions (EternalChampion)
- 2017-03-14
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-010
- https://blogs.technet.microsoft.com/srd/2017/06/29/eternal-champion-exploit-analysis/
- Equation Group
- https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation
- “Will Matcalf of Proofpoint
- Kafeine of Proofpoint
- Joseph C Chen of Trend Micro
- Brooks Li of Trend Micro”
-
- CVE-2017-0147
- Microsoft
- Windows
- Information Leak
- Information leak in SMB transactions (EternalChampion)
- 2017-03-14
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-010
- https://blogs.technet.microsoft.com/srd/2017/06/29/eternal-champion-exploit-analysis/
- Equation Group
- https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation
-
- CVE-2016-7892
- Adobe
- Flash
- Memory Corruption
- Unspecified use-after-free issue
- 2016-12-13
- https://helpx.adobe.com/security/products/flash-player/apsb16-39.html
- Anonymous researcher working with JPCERT/CA
-
- CVE-2016-9079
- Mozilla
- Firefox
- Memory Corruption
- Use-after-free in SVG Animation (Tor exploit)
- 2016-11-29
- 2016-11-30
- https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/
- https://bugzilla.mozilla.org/show_bug.cgiid=1321066
- Exodus Intel
- https://www.forbes.com/sites/thomasbrewster/2016/12/02/exodus-intel-the-company-that-exposed-tor-for-cops-child-porn-bust/
- Obscured Team
-
- CVE-2016-7256
- Microsoft
- Windows
- Memory Corruption
- Memory corruption on OpenType fonts CFF name index
- 2016-11-08
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-132
- https://asec.ahnlab.com/1050
- https://www.microsoft.com/security/blog/2017/01/13/hardening-windows-10-with-zero-day-exploit-mitigations/
- “Feike Hacquebord
- Peter Pi
- and Brooks Li of Trend Micro
- Neel Mehta and Billy Leonard of Google’s Threat Analysis Group”
-
- CVE-2016-7255
- Microsoft
- Windows Kernel
- Memory Corruption
- Memory corruption in NtUserSetWindowLongPtr
- 2016-10-21
- 2016-11-08
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-135
- https://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/
- APT28/Sofacy/Pawn Storm/Fancy Bear/Sednit/STRONTIUM/Tsar Team
- https://blog.trendmicro.com/trendlabs-security-intelligence/pawn-storm-ramps-up-spear-phishing-before-zero-days-get-patched/
- Kijong Son of KrCERT/CC in Korean Internet & Security Agency (KISA)
-
- CVE-2016-7855
- Adobe
- Flash
- Memory Corruption
- Unspecified use-after-free issue
- 2016-10-21
- 2016-10-26
- https://helpx.adobe.com/security/products/flash-player/apsb16-36.html
- https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html
- APT28/Sofacy/Pawn Storm/Fancy Bear/Sednit/STRONTIUM/Tsar Team
- https://blog.trendmicro.com/trendlabs-security-intelligence/pawn-storm-ramps-up-spear-phishing-before-zero-days-get-patched/
- Neel Mehta and Billy Leonard from Google’s Threat Analysis Group
-
- CVE-2016-5195
- Linux
- Kernel
- Memory Corruption
- Race condition in copy-on-write (DirtyCOW)
- 2016-10-18
- https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails
- Phil Oester
-
- CVE-2016-3298
- Microsoft
- Internet Explorer
- Information Leak
- Information leak in Microsoft.XMLDOM
- 2016-10-11
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-118
- https://blog.trendmicro.com/trendlabs-security-intelligence/cve-2016-3298-microsoft-fixes-another-ie-zero-day-used-in-adgholas/
- AdGholas/Neutrino
- https://www.proofpoint.com/us/threat-insight/post/microsoft-patches-CVE-2016-3298-second-information-disclosure-zero-day
-
- CVE-2016-3393
- Microsoft
- Windows
- Memory Corruption
- Memory corruption in TTF cjComputeGLYPHSET_MSFT_GENERAL
- 2016-10-11
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-120
- https://securelist.com/windows-zero-day-exploit-used-in-targeted-attacks-by-fruityarmor-apt/76396/
- FruityArmor/Stealth Falcon
- https://securelist.com/windows-zero-day-exploit-used-in-targeted-attacks-by-fruityarmor-apt/76396/
-
- CVE-2016-7193
- Microsoft
- Office
- Memory Corruption
- Memory corruption in dfrxst
- 2016-10-11
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-121
- https://paper.seebug.org/288/
-
- CVE-2016-3351
- Microsoft
- Internet Explorer
- Information Leak
- Information leak in a.mimeType
- 2016-09-13
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-104
- https://blog.trendmicro.com/trendlabs-security-intelligence/microsoft-patches-ieedge-zeroday-used-in-adgholas-malvertising-campaign/
- AdGholas
- https://www.proofpoint.com/us/threat-insight/post/Microsoft-Patches-Zero-Day-Exploited-By-AdGholas-GooNky-Malvertising
- “Kafeine
- Brooks Li ofTrend Micro”
-
- CVE-2016-4655
- Apple
- iOS
- Information Leak
- Information leak in kernel OSUnserializeBinary (Pegasus)
- 2016-08-15
- 2016-08-25
- https://support.apple.com/en-us/HT207107
- https://info.lookout.com/rs/051-ESQ-475/images/pegasus-exploits-technical-details.pdf
- NSO Group
- https://citizenlab.ca/2016/08/million-dollar-dissident-iphone-zero-day-nso-group-uae/
- Citizen Lab and Lookout
-
- CVE-2016-4656
- Apple
- iOS
- Memory Corruption
- Use-after-free in kernel OSUnserializeBinary (Pegasus)
- 2016-08-15
- 2016-08-25
- https://support.apple.com/en-us/HT207107
- https://info.lookout.com/rs/051-ESQ-475/images/pegasus-exploits-technical-details.pdf
- NSO Group
- https://citizenlab.ca/2016/08/million-dollar-dissident-iphone-zero-day-nso-group-uae/
- Citizen Lab and Lookout
-
- CVE-2016-4657
- Apple
- WebKit
- Memory Corruption
- Use-after-free in MarkedArgumentBuffer (Pegasus)
- 2016-08-15
- 2016-08-25
- https://support.apple.com/en-us/HT207107
- https://info.lookout.com/rs/051-ESQ-475/images/pegasus-exploits-technical-details.pdf
- NSO Group
- https://citizenlab.ca/2016/08/million-dollar-dissident-iphone-zero-day-nso-group-uae/
- Citizen Lab and Lookout
-
- CVE-2016-6366
- Cisco
- ASA
- Memory Corruption
- Buffer overflow in SNMP parsing (EXTRABACON)
- 2016-08-15
- 2016-08-17
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp
- https://blog.silentsignal.eu/2016/08/25/bake-your-own-extrabacon/
- Equation Group
- https://securelist.com/the-equation-giveaway/75812/
- Shadow Brokers
-
- CVE-2016-6367
- Cisco
- ASA
- Memory Corruption
- Buffer overflow in CLI parsing (EPICBANANA)
- 2016-08-15
- 2016-08-17
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-cli
- Equation Group
- https://securelist.com/the-equation-giveaway/75812/
- Shadow Brokers
-
- CVE-2016-4171
- Adobe
- Flash
- Memory Corruption
- Memory corruption in ExecPolicy metadata parsing
- 2016-06-15
- https://helpx.adobe.com/security/products/flash-player/apsb16-18.html
- https://securelist.com/operation-daybreak/75100/
- ScarCruft/APT37/Reaper
- https://securelist.com/operation-daybreak/75100/
- Anton Ivanov of Kaspersky
-
- CVE-2016-4117
- Adobe
- Flash
- Memory Corruption
- Type confusion in tvsdk DeleteRangeTimelineOperation
- 2016-05-08
- 2016-05-12
- https://helpx.adobe.com/security/products/flash-player/apsb16-15.html
- https://www.fireeye.com/blog/threat-research/2016/05/cve-2016-4117-flash-zero-day.html
- BlackOasis
- https://securelist.com/blackoasis-apt-and-new-targeted-attacks-leveraging-zero-day-exploit/82732/
- “Genwei Jiang of FireEye
- Inc”
-
- CVE-2016-0189
- Microsoft
- Internet Explorer
- Memory Corruption
- Memory corruption in VBScript AccessArray
- 2016-05-10
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-051
- https://theori.io/research/cve-2016-0189
- https://www.symantec.com/connect/blogs/internet-explorer-zero-day-exploit-used-targeted-attacks-south-korea
-
- CVE-2016-0162
- Microsoft
- Internet Explorer
- Information Leak
- Unspecified file detection issue
- 2016-04-12
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-037
- https://www.welivesecurity.com/2016/12/06/readers-popular-websites-targeted-stealthy-stegano-exploit-kit-hiding-pixels-malicious-ads/
- Stegano/Astrum
- https://www.welivesecurity.com/2016/12/06/readers-popular-websites-targeted-stealthy-stegano-exploit-kit-hiding-pixels-malicious-ads/
- “Dhanesh Kizhakkinan of FireEye
- Inc.”
-
- CVE-2016-0165
- Microsoft
- Windows Kernel
- Memory Corruption
- Buffer overflow in RGNMEMOBJ::vCreate
- 2016-04-12
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-039
- https://www.secureauth.com/blog/ms16-039-windows-10-64-bits-integer-overflow-exploitation-by-using-gdi-objects
- “Sebastian Apelt of Siberas working with Trend Micro’s Zero Day Initiative
- Anton Ivanov of Kaspersky Lab”
-
- CVE-2016-0167
- Microsoft
- Windows Kernel
- Memory Corruption
- Use-after-free in win32k!xxxMNDestroyHandler
- 2016-03-08
- 2016-04-12
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-039
- https://www.fireeye.com/blog/threat-research/2016/05/windows-zero-day-payment-cards.html
- FIN8
- https://www.fireeye.com/blog/threat-research/2016/05/windows-zero-day-payment-cards.html
- “Ladislav Janko
- working with ESET”
-
- CVE-2016-1019
- Adobe
- Flash
- Memory Corruption
- Type confusion in FileReference
- 2016-04-02
- 2016-04-07
- https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
- https://blog.trendmicro.com/trendlabs-security-intelligence/look-adobe-flash-player-cve-2016-1019-zero-day-vulnerability/
- Magnitude
- https://www.proofpoint.com/us/threat-insight/post/killing-zero-day-in-the-egg
- “Kafeine (EmergingThreats/Proofpoint)
- Genwei Jiang (FireEye
- Inc.)
- Clement Lecigne of Google”
-
- CVE-2016-1010
- Adobe
- Flash
- Memory Corruption
- Buffer overflow in BitmapData.copyPixels
- 2016-03-10
- https://helpx.adobe.com/security/products/flash-player/apsb16-08.html
- https://blog.trendmicro.com/trendlabs-security-intelligence/root-cause-analysis-recent-flash-zero-day-vulnerability-cve-2016-1010/
- ScarCruft/APT37/Reaper
- https://securelist.com/cve-2016-4171-adobe-flash-zero-day-used-in-targeted-attacks/75082/
- Anton Ivanov of Kaspersky Lab
-
- CVE-2016-0984
- Adobe
- Flash
- Memory Corruption
- Use-after-free in Sound.loadPCMFromByteArray
- 2016-01-11
- 2016-02-09
- https://helpx.adobe.com/security/products/flash-player/apsb16-04.html
- https://bugs.chromium.org/p/project-zero/issues/detailid=698&redir=1
- BlackOasis
- https://securelist.com/blackoasis-apt-and-new-targeted-attacks-leveraging-zero-day-exploit/82732/
- Natalie Silvanovich of Google Project Zero
-
- CVE-2016-0034
- Microsoft
- Silverlight
- Memory Corruption
- Memory corruption in BinaryReader
- 2015-11-25
- 2016-01-12
- https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2016/ms16-006
- https://securelist.com/blog/research/73255/the-mysterious-case-of-cve-2016-0034-the-hunt-for-a-microsoft-silverlight-0-day/
- HackingTeam
- https://web.archive.org/web/20150706010312/https://twitter.com/hackingteam
- Anton Ivanov and Costin Raiu of Kaspersky Lab
-
- CVE-2015-8651
- Adobe
- Flash
- Memory Corruption
- Integer overflow in domainMemory
- 2015-12-28
- https://helpx.adobe.com/security/products/flash-player/apsb16-01.html
- Dark Hotel
- https://web.archive.org/web/20160104165148/http://drops.wooyun.org/tips/11726
-
- CVE-2015-6175
- Microsoft
- Windows Kernel
- Memory Corruption
- Memory corruption in gpuenergydrv.sys
- 2015-12-08
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-135
- ChenDong Li of Tencent
-
- CVE-2015-4902
- Oracle
- Java
- Logic/Design Flaw
- Click-to-play bypass
- 2015-10-20
- https://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
- https://blog.trendmicro.com/trendlabs-security-intelligence/new-headaches-how-the-pawn-storm-zero-day-evaded-javas-click-to-play-protection/
- APT28/Sofacy/Pawn Storm/Fancy Bear/Sednit/STRONTIUM/Tsar Team
- https://blog.trendmicro.com/trendlabs-security-intelligence/new-headaches-how-the-pawn-storm-zero-day-evaded-javas-click-to-play-protection/
- Trend Micro
-
- CVE-2015-7645
- Adobe
- Flash
- Type Confusion
- Type confusion in IExternalizable.writeExternal
- 2015-10-13
- 2015-10-16
- https://helpx.adobe.com/security/products/flash-player/apsb15-27.html
- https://bugs.chromium.org/p/project-zero/issues/detailid=547
- APT28/Sofacy/Pawn Storm/Fancy Bear/Sednit/STRONTIUM/Tsar Team
- https://blog.trendmicro.com/trendlabs-security-intelligence/new-adobe-flash-zero-day-used-in-pawn-storm-campaign/
- “Peter Pi of Trend Micro
- Natalie Silvanovich of Google Project Zero”
-
- CVE-2015-2546
- Microsoft
- Windows Kernel
- Memory Corruption
- Use-after-free in xxxSendMessage (tagPOPUPMENU)
- 2015-09-08
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-097
- https://www.fireeye.com/content/dam/fireeye-www/blog/pdfs/twoforonefinal.pdf
- Genwei Jiang of FireEye
-
- CVE-2015-2545
- Microsoft
- Office
- Memory Corruption
- Use-after-free in EPS forall operator
- 2015-09-08
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-099
- https://www.fireeye.com/content/dam/fireeye-www/blog/pdfs/twoforonefinal.pdf
- Wang Yu of FireEye
-
- CVE-2015-2502
- Microsoft
- Internet Explorer
- Memory Corruption
- Use-after-free in CMarkup::ReparentTableSection
- 2015-08-18
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-093
- https://twitter.com/Laughing_Mantis/statuses/633839231840841728
- Clement Lecigne of Google
-
- CVE-2015-1642
- Microsoft
- Office
- Memory Corruption
- Use-after-free in CTaskSymbol
- 2015-02-27
- 2015-08-11
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081
- https://labs.mwrinfosecurity.com/advisories/2015/08/17/microsoft-office-ctasksymbol-use-after-free-vulnerability/
-
- CVE-2015-1769
- Microsoft
- Windows
- Logic/Design Flaw
- Symbolic link attack in Mount Manager
- 2015-08-11
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-085
- http://h3ysatan.blogspot.com/2016/01/cve-2015-1769-cve-2015-1769-mount.html
- “Fortinet’s FortiGuard Labs
- Yong Chuan Koh (@yongchuank) of MWR Labs
- s3tm3m@gmail.com working with VeriSign iDefense Labs”
-
- CVE-2015-2426
- Microsoft
- Windows
- Memory Corruption
- OpenType Font Driver buffer overflow in ZwGdiAddFontMemResourceEx
- 2015-07-05
- 2015-07-20
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-078
- http://blog.trendmicro.com/trendlabs-security-intelligence/hacking-team-leak-uncovers-another-windows-zero-day-ms-releases-patch/
- HackingTeam
- https://web.archive.org/web/20150706010312/https://twitter.com/hackingteam
- “Mateusz Jurczyk of Google Project Zero
- Genwei Jiang of FireEye
- Moony Li of TrendMicro”
-
- CVE-2015-5122
- Adobe
- Flash
- Use-after-free
- Use-after-free in TextBlock
- 2015-07-05
- 2015-07-14
- https://helpx.adobe.com/security/products/flash-player/apsb15-18.html
- https://blog.trendmicro.com/trendlabs-security-intelligence/another-zero-day-vulnerability-arises-from-hacking-team-data-leak/
- HackingTeam
- https://web.archive.org/web/20150706010312/https://twitter.com/hackingteam
- Trend Micro
-
- CVE-2015-5123
- Adobe
- Flash
- Use-after-free
- Use-after-free in BitmapData
- 2015-07-05
- 2015-07-14
- https://helpx.adobe.com/security/products/flash-player/apsb15-18.html
- https://blog.trendmicro.com/trendlabs-security-intelligence/new-zero-day-vulnerability-cve-2015-5123-in-adobe-flash-emerges-from-hacking-team-leak/
- HackingTeam
- https://web.archive.org/web/20150706010312/https://twitter.com/hackingteam
- “The Labs Team of iSIGHT Partners
- Edward Fjellskål of Telenor CERT”
-
- CVE-2015-2387
- Microsoft
- Windows Kernel
- Memory Corruption
- ATMFD.DLL named escape memory corruption
- 2015-07-05
- 2015-07-14
- https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2015/ms15-077
- https://blog.trendmicro.com/trendlabs-security-intelligence/a-look-at-the-open-type-font-manager-vulnerability-from-the-hacking-team-leak/
- HackingTeam
- https://web.archive.org/web/20150706010312/https://twitter.com/hackingteam
- “Bill Finlayson of Vectra Networks
- Dhanesh Kizhakkinan of FireEye
- Peter Pi of TrendMicro”
-
- CVE-2015-2425
- Microsoft
- Internet Explorer
- Use-after-free
- Use-after-free in MutationObserver
- 2015-07-05
- 2015-07-14
- https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2015/ms15-065
- https://blog.trendmicro.com/trendlabs-security-intelligence/gifts-from-hacking-team-continue-ie-zero-day-added-to-mix/
- HackingTeam
- https://web.archive.org/web/20150706010312/https://twitter.com/hackingteam
- Google Project Zero and Morgan Marquis-Boire
-
- CVE-2015-2424
- Microsoft
- Office
- Memory Corruption
- Heap corruption in Forms.Image.1
- 2015-06-30
- 2015-07-14
- https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2015/ms15-070
- https://web.archive.org/web/20150717041821/http://www.isightpartners.com/2015/07/microsoft-office-zero-day-cve-2015-2424-leveraged-by-tsar-team/
- APT28/Sofacy/Pawn Storm/Fancy Bear/Sednit/STRONTIUM/Tsar Team
- https://web.archive.org/web/20150717041821/http://www.isightpartners.com/2015/07/microsoft-office-zero-day-cve-2015-2424-leveraged-by-tsar-team/
- Peter Pi of TrendMicro and slipstream/RoL (@TheWack0lian)
-
- CVE-2015-2590
- Oracle
- Java
- Race Condition
- Race condition in ObjectInputStream.readSerialData
- 2015-07-14
- https://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- https://twitter.com/tiraniddo/status/621308239909646336
- APT28/Sofacy/Pawn Storm/Fancy Bear/Sednit/STRONTIUM/Tsar Team
- https://blog.trendmicro.com/trendlabs-security-intelligence/pawn-storm-update-trend-micro-discovers-new-java-zero-day-exploit/
- Dhanesh Kizhakkinan of FireEye
-
- CVE-2015-5119
- Adobe
- Flash
- Use-after-free
- Use-after-free in ByteArray ValueOf
- 2015-07-05
- 2015-07-08
- https://helpx.adobe.com/security/products/flash-player/apsb15-16.html
- https://blog.trendmicro.com/trendlabs-security-intelligence/unpatched-flash-player-flaws-more-pocs-found-in-hacking-team-leak/
- HackingTeam
- https://web.archive.org/web/20150706010312/https://twitter.com/hackingteam
- Google Project Zero and Morgan Marquis-Boire
-
- CVE-2015-3113
- Adobe
- Flash
- Memory Corruption
- Buffer overflow in FLV media parsing
- 2015-06-23
- https://helpx.adobe.com/security/products/flash-player/apsb15-14.html
- https://blog.trendmicro.com/trendlabs-security-intelligence/new-adobe-zero-day-shares-same-root-cause-as-older-flaws/
- APT3
- https://www.fireeye.com/blog/threat-research/2015/06/operation-clandestine-wolf-adobe-flash-zero-day.html
- FireEye
-
- CVE-2015-2360
- Microsoft
- Windows Kernel
- Memory Corruption
- Use-after-free on tagCLS object
- 2015-06-09
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-061
- https://blog.trendmicro.com/trendlabs-security-intelligence/analysis-of-cve-2015-2360-duqu-2-0-zero-day-vulnerability/
- Duqu/Unit 8200
- https://securelist.com/the-mystery-of-duqu-2-0-a-sophisticated-cyberespionage-actor-returns/70504/
- “Maxim Golovkin of Kaspersky Lab
- enSilo Research Team”
-
- CVE-2015-4495
- Mozilla
- Firefox
- Logic/Design Flaw
- Same-origin policy bypass in PDF reader
- 2015-08-05
- 2015-08-06
- https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/
- https://blog.mozilla.org/security/2015/08/06/firefox-exploit-found-in-the-wild/
- Cody Crews
-
- CVE-2015-1701
- Microsoft
- Windows Kernel
- Logic/Design Flaw
- CreateWindow callback validation error
- 2015-04-18
- 2015-05-12
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-051
- https://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.html
- APT28/Sofacy/Pawn Storm/Fancy Bear/Sednit/STRONTIUM/Tsar Team
- https://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.html
-
- CVE-2015-3043
- Adobe
- Flash
- Memory Corruption
- Buffer overflow in FLV media parsing
- 2015-04-13
- 2015-04-14
- https://helpx.adobe.com/security/products/flash-player/apsb15-06.html
- https://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.html
- APT28/Sofacy/Pawn Storm/Fancy Bear/Sednit/STRONTIUM/Tsar Team
- https://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.html
- The Labs Team of iSIGHT Partners
-
- CVE-2015-1641
- Microsoft
- Office
- Memory Corruption
- Type confusion in SmartTag element
- 2015-04-14
- https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2015/ms15-033
- https://paper.seebug.org/351/
- Anonymous
-
- CVE-2015-0071
- Microsoft
- Internet Explorer
- Information Leak
- Out-of-bounds read in Js::JavascriptRegExpConstructor::SetProperty
- 2015-02-10
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-009
- http://blog.trendmicro.com/trendlabs-security-intelligence/bypassing-aslr-with-cve-2015-0071-an-out-of-bounds-read-vulnerability/
- Codoso/APT19
- https://web.archive.org/web/20150213004519/http://www.isightpartners.com/2015/02/codoso/
- “Clement Lecigne of Google
- The Labs Team of iSIGHT Partners”
-
- CVE-2015-0313
- Adobe
- Flash
- Use-after-free
- Use-after-free in ByteArray::Clear
- 2015-01-14
- 2015-02-05
- https://helpx.adobe.com/security/products/flash-player/apsb15-04.html
- http://blog.trendmicro.com/trendlabs-security-intelligence/analyzing-cve-2015-0313-the-new-flash-player-zero-day/
- Hanjuan
- https://blog.trendmicro.com/trendlabs-security-intelligence/analyzing-cve-2015-0313-the-new-flash-player-zero-day/
- “Elia Florio and Dave Weston of Microsoft
- and Peter Pi of Trend Micro”
-
- CVE-2015-0311
- Adobe
- Flash
- Use-after-free
- Use-after-free in ByteArray::UncompressViaZlibVariant
- 2015-01-20
- 2015-01-27
- https://helpx.adobe.com/security/products/flash-player/apsb15-03.html
- https://blog.trendmicro.com/trendlabs-security-intelligence/analyzing-cve-2015-0311-flash-zero-day-vulnerability/
- Angler
- https://blog.trendmicro.com/trendlabs-security-intelligence/flash-greets-2015-with-new-zero-day/
- Kafeine of Malware don’t need Coffee and Jack Tang of Trend Micro
-
- CVE-2015-0310
- Adobe
- Flash
- Information Leak
- Out-of-bounds read in RegExp::exec
- 2015-01-16
- 2015-01-22
- https://helpx.adobe.com/security/products/flash-player/apsb15-02.html
- https://bugs.chromium.org/p/chromium/issues/detailid=442585
- Angler
- https://www.fireeye.com/blog/threat-research/2015/05/angler_ek_exploiting.html
- “Yang Dingning
- working with the Chromium Vulnerability Rewards Program
- Timo Hirvonen of F-Secure and Kafeine”
-
- CVE-2015-0016
- Microsoft
- Windows
- Logic/Design Flaw
- Improper path validation leads to IE sandbox escape
- 2015-01-13
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-004
- http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2015-0016-escaping-the-internet-explorer-sandbox/
- Liam O’Murchu of Symantec
-
- CVE-2014-9163
- Adobe
- Flash
- Memory Corruption
- Unspecified stack buffer overflow in Flash
- 2014-12-09
- https://helpx.adobe.com/security/products/flash-player/apsb14-27.html
- Codoso/APT19
- https://web.archive.org/web/20150213004519/http://www.isightpartners.com/2015/02/codoso/
- bilou working with HP’s Zero Day Initiative
-
- CVE-2014-6324
- Microsoft
- Windows
- Logic/Design Flaw
- Logic/design flaw in Kerberos KDC allowing remote domain controller escalation of privilege
- 2014-11-18
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-068
- https://blogs.technet.microsoft.com/srd/2014/11/18/additional-information-about-cve-2014-6324/
- “The Qualcomm Information Security & Risk Management team
- with special recognition for Tom Maddock”
-
- CVE-2014-6352
- Microsoft
- Office
- Logic/Design Flaw
- Logic/design flaw in Packager OLE class
- 2014-11-11
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-064
- https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/bypassing-microsofts-patch-for-the-sandworm-zero-day-even-editing-can-cause-harm/
- Vitaly Kamluk and Costin Raiu of Kaspersky Lab
-
- CVE-2014-4077
- Microsoft
- Windows
- Logic/Design Flaw
- Unspecified sandbox escape vulnerability in IME (Japanese)
- 2014-11-11
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-078
- “Drew Hintz Shane Huntley and Matty Pellegrino of Google Security Team”
-
- CVE-2014-4113
- Microsoft
- Windows
- Memory Corruption
- NULL pointer dereference in win32k!win32k!xxxHandleMenuMessages
- 2014-10-14
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-058
- https://www.fireeye.com/blog/threat-research/2014/10/two-targeted-attacks-two-new-zero-days.html
- HURRICANE PANDA
- https://www.crowdstrike.com/blog/crowdstrike-discovers-use-64-bit-zero-day-privilege-escalation-exploit-cve-2014-4113-hurricane-panda/
- James Forshaw of Context Information Security
-
- CVE-2014-4148
- Microsoft
- Windows
- Memory Corruption
- Unspecified memory corruption in TrueType fonts
- 2014-10-14
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-058
- https://www.fireeye.com/blog/threat-research/2014/10/two-targeted-attacks-two-new-zero-days.html
-
- CVE-2014-8439
- Adobe
- Flash
- Memory Corruption
- Unspecified memory corruption in Flash
- 2014-10-14
- https://helpx.adobe.com/security/products/flash-player/apsb14-22.html
- Angler
- https://www.f-secure.com/weblog/archives/00002768.html
- “FireEye
- Inc.”
-
- CVE-2014-4123
- Microsoft
- Internet Explorer
- Memory Corruption
- Unspecified sandbox escape vulnerability
- 2014-10-14
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-056
- iSIGHT Partners and researchers from ESET
-
- CVE-2014-4114
- Microsoft
- Office
- Logic/Design Flaw
- Logic/design flaw in Packager OLE class
- 2014-10-14
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-060
- https://blog.trendmicro.com/trendlabs-security-intelligence/an-analysis-of-windows-zero-day-vulnerability-cve-2014-4114-aka-sandworm/
- Sandworm/Black Energy
- https://web.archive.org/web/20141014083644/http://www.isightpartners.com/2014/10/cve-2014-4114/
- “CrowdStrike Intelligence Team & FireEye
- Inc.”
-
- CVE-2014-0546
- Adobe
- Reader
- Logic/Design Flaw
- Unspecified sandbox escape vulnerability
- 2014-08-12
- https://helpx.adobe.com/security/products/acrobat/apsb14-19.html
- Animal Farm
- https://securelist.com/the-mysterious-case-of-cve-2016-0034-the-hunt-for-a-microsoft-silverlight-0-day/73255/
- James Forshaw of Context Information Security
-
- CVE-2014-2817
- Microsoft
- Internet Explorer
- Logic/Design Flaw
- Sandbox escape in IIEAxInstallBrokerBrokerPtr
- 2014-08-12
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-051
- https://twitter.com/tiraniddo/status/522135160675127296
- Costin Raiu and Vitaly Kamluk of Kaspersky Labs