Zero-day Tracker

Zero-day Tracker Security Advisories White Paper

010100000111010

000011010010011

111011000110000

011001010011111

000010101000101

001110010010001

100101110111110

100011011110100

101001101111000

111001110001000

110010101111100

110011100011100

000010101111110

011101001001000

101100011011010

000011011011100

111111001010011

010011001101001

100100011001100

110111001011101

101110000110001

010101100111101

001001000101001

101101011001001

101001000001001

010011001001101

000111001001100

001011000101110

110011001101001

001001101011000

011110110011110

111001101000001

001011010110010

100001001100101

000100011111111

010101001111100

000100111001110

001000010010011

110010100101111

111010001011011

001001011011010

110001101001001

001001111111110

110001010001110

101101010010001

0x7FC1E642CF762BA7

0x083401DA88AEE6B4

0x4690CA416B164AFB

0x41DE7A86210135E5

0x92858F1EF89BFA57

0x5F249CBFA5C8252E

0x216E2349764ADAD8

0x5F97A133792DBEF8

Zero-Day Tracker is built to help you understand a fully patched system and application cannot guarantee security. All the vulnerabilities listed below are the results of our researches and they have not been disclosed to the vendors or public. Though in the past we have clearly supported responsible disclosure of security vulnerability, now we no longer endorse it.

While we are trying to keep the information as accurate as possible, we cannot guarantee that these vulnerabilities are indeed zero-day since it is a known fact that they may have been circled around among the hackers for a long time.

The list below covers some of the vulnerabilities that we have in our lab and this list will be updated when we see fit.

	Date	Product	Versions	Type	Status
	2023	Soling edgeConnector	Current	Denial-of-Service	Killed
Vendor:Microworks Patch:Yes Platform:Windows Summary:- CVSS Score:- Credits:N/A
	2023	Triangle Works	Current	Pre-auth Code Execution	Killed
Vendor:Microworks Patch:Yes Platform:Windows Summary:- CVSS Score:- Credits:N/A
	2022	Windows LPE #2	Current	Local Privilege Escalation	Killed
Vendor:Microsoft Patch:Yes Platform:Windows Summary:- CVSS Score:- Credits:N/A
	2022	Windows LPE	Current	Local Privilege Escalation	Killed
Vendor:Microsoft Patch:Yes Platform:Windows Summary:- CVSS Score:- Credits:N/A
	2021	Yandex	Current	Theft of Sensitive Data	Killed
Vendor:Yandex Patch:No Platform:Android Summary:- CVSS Score:- Credits:z22
	2021	Yandex Browser	Current	Theft of Sensitive Data	Killed
Vendor:Yandex Patch:No Platform:Android Summary:- CVSS Score:- Credits:z22
	2021	ADManager Plus	Current	Code Execution #15	Active
Vendor:Manage Engine Patch:No Platform:Windows Summary:- CVSS Score:- Credits:bmtd
	2021	ADManager Plus	Current	Code Execution #14	Active
Vendor:Manage Engine Patch:No Platform:Windows Summary:- CVSS Score:- Credits:bmtd
	2021	ADManager Plus	< 7111	Code Execution #13	Killed
Vendor:Manage Engine Patch:Yes Platform:Windows Summary:- CVSS Score:- Credits:bmtd
	2021	ADManager Plus	< 7111	Authentication Bypass	Killed
Vendor:Manage Engine Patch:Yes Platform:Windows Summary:- CVSS Score:- Credits:haycIde
	2021	ADManager Plus	< 7111	Code Execution #12	Killed
Vendor:Manage Engine Patch:Yes Platform:Windows Summary:- CVSS Score:- Credits:m3
	2021	ADManager Plus	< 7111	Code Execution #11	Killed
Vendor:Manage Engine Patch:Yes Platform:Windows Summary:- CVSS Score:- Credits:m3
	2021	ADManager Plus	< 7111	Code Execution #10	Killed
Vendor:Manage Engine Patch:Yes Platform:Windows Summary:- CVSS Score:- Credits:m3
	2021	ADManager Plus	< 7111	Code Execution #9	Killed
Vendor:Manage Engine Patch:Yes Platform:Windows Summary:- CVSS Score:- Credits:m3
	2021	ADManager Plus	< 7111	Code Execution #8	Killed
Vendor:Manage Engine Patch:Yes Platform:Windows Summary:- CVSS Score:- Credits:m3
	2021	ADManager Plus	< 7111	Code Execution #7	Killed
Vendor:Manage Engine Patch:Yes Platform:Windows Summary:- CVSS Score:- Credits:qbao
	2021	ADManager Plus	< 7111	Code Execution #6	Killed
Vendor:Manage Engine Patch:Yes Platform:Windows Summary:- CVSS Score:- Credits:ncd
	2021	ADManager Plus	< 7111	Code Execution #5	Killed
Vendor:Manage Engine Patch:Yes Platform:Windows Summary:- CVSS Score:- Credits:ncd
	2021	ADManager Plus	< 7111	Code Execution #4	Killed
Vendor:Manage Engine Patch:Yes Platform:Windows Summary:- CVSS Score:- Credits:ncd
	2021	ADManager Plus	< 7111	Code Execution #3	Killed
Vendor:Manage Engine Patch:Yes Platform:Windows Summary:- CVSS Score:- Credits:ncd
	2021	ADManager Plus	< 7111	Code Execution #2	Killed
Vendor:Manage Engine Patch:Yes Platform:Windows Summary:- CVSS Score:- Credits:no3g
	2021	ADManager Plus	< 7111	Code Execution #1	Killed
Vendor:Manage Engine Patch:Yes Platform:Windows Summary:- CVSS Score:- Credits:z22
	2021	ADManager Plus	< 7111	Pre-auth Code Execution #3	Killed
Vendor:Manage Engine Patch:Yes Platform:Windows Summary:- CVSS Score:- Credits:bmtd
	2021	ADManager Plus	< 7111	Pre-auth Code Execution #2	Killed
Vendor:Manage Engine Patch:Yes Platform:Windows Summary:- CVSS Score:- Credits:bmtd
	2021	ADManager Plus	< 7111	Pre-auth Code Execution #1	Killed
Vendor:Manage Engine Patch:Yes Platform:Windows Summary:- CVSS Score:- Credits:bmtd
	2021	V Key App Protection	Current	Security Bypass	Active
Vendor:V-Key Patch:- Platform:iOS Summary:- CVSS Score:- Credits:haycIde \| bmtd
	2019	McAfee Total Protection	16	Privilege Escalation	Active
Vendor:McAfee Patch:No Platform:Windows Summary:- CVSS Score:- Credits:pdnv00 \| nixspl0it
	2017	MalwareBytes	3.0.6 - 3.2.x	Code Execution	Killed
Vendor:Malwarebytes Patch:Yes Platform:Windows Summary:- CVSS Score:- Credits:pdnv00 \| nixspl0it
	2017	Firefox Quantum	< 58	Code Execution	Killed
Vendor:Mozilla Patch:Yes Platform:Windows Summary:- CVSS Score:- Credits:pdnv00 \| nixspl0it
	2017	7z	> 16	Code Execution	Active
Vendor:7z Patch:No Platform:Windows/ Linux Summary:- CVSS Score:- Credits:pdnv00 \| nixspl0it
	2017	PeaZip	> 6.4	Code Execution	Active
Vendor:- Patch:No Platform:Windows Summary:- CVSS Score:- Credits:pdnv00 \| nixspl0it
	2017	PowerArchiver	> 16.1	Code Execution	Active
Vendor:- Patch:No Platform:Windows Summary:- CVSS Score:- Credits:pdnv00 \| nixspl0it
	2016	Internet Explorer	< 11	Code Execution	Active
Vendor:Microsoft Patch:No Platform:Windows Summary:- CVSS Score:- Credits:nixspl0it
	2015	Open WebMail	2.52	Local File Inclusion	Active
Vendor:Open WebMail Patch:No Platform:Linux Summary:- CVSS Score:- Credits:xelenonz
	2015	Open WebMail	2.52	Remote Code Execution	Active
Vendor:Open WebMail Patch:No Platform:Linux Summary:- CVSS Score:- Credits:xelenonz
	2015	Open WebMail	2.52	Privilege Escalation	Active
Vendor:Open WebMail Patch:No Platform:Linux Summary:- CVSS Score:- Credits:xelenonz
	2015	McAfee Agent ePO	N/A	Arbitrary File Reading	Killed
Vendor:McAfee Patch:Yes Platform:Windows Summary:- CVSS Score:- Credits:pdnv00
	2013	Freewill Gold Trading	N/A	Privilege Escalation	Killed
Vendor:Freewill Patch:Yes Platform:Linux Summary:- CVSS Score:- Credits:pdnv00
	2013	Freewill Gold Trading	N/A	Code Injection	Killed
Vendor:Freewill Patch:Yes Platform:Linux Summary:- CVSS Score:- Credits:xelenonz
	2013	SabwaMF	1.4	XML External Entity	Active
Vendor:Rooftop Patch:No Platform:Linux Summary:- CVSS Score:- Credits:xelenonz
	2009	CPanel	11.24.5-RELEASE	Arbitrary File Viewing	Killed
Vendor:cPanel Patch:Yes Platform:Linux Summary:- CVSS Score:- Credits:pdnv00
	2009	CPanel	11.24.5-RELEASE	Privilege Escalation	Killed
Vendor:cPanel Patch:Yes Platform:Linux Summary:- CVSS Score:- Credits:pdnv00
	2009	CPanel	11.24.5-RELEASE	Root Privilege Escalation	Killed
Vendor:cPanel Patch:Yes Platform:Linux Summary:- CVSS Score:- Credits:pdnv00
	2008	Belkin Router	F5D8233-4 V3, firmware 3.01.29	Admin Remote Access	Killed
Vendor:Belkin Patch:Yes Platform:Linux Summary:- CVSS Score:- Credits:pdnv00
	2007	PHP Groupware	N/A	Code Injection	Killed
Vendor:Portico Estate Patch:Yes Platform:Windows/ Linux Summary:- CVSS Score:- Credits:pdnv00
	2006	D-Link/Diphium Internet Hotspot (Embedded System)	Bonaire W-1300, firmware 1.5	Code Execution	Killed
Vendor:D-Link Patch:Yes Platform:Linux Summary:- CVSS Score:- Credits:pdnv00
	2005	Sawmill Log Analyzer	7.0.x -> 7.1.7	Arbitrary File Viewing	Killed
Vendor:Sawmill Patch:Yes Platform:Windows/ Linux Summary:- CVSS Score:- Credits:pdnv00
	2005	Sawmill Log Analyzer	7.0.x -> 7.1.6	Arbitrary Directory Browsing	Killed
Vendor:Sawmill Patch:Yes Platform:Windows/ Linux Summary:- CVSS Score:- Credits:pdnv00
	2005	Sawmill Log Analyzer	7.0.x -> 7.1.6	Code Execution	Killed
Vendor:Sawmill Patch:Yes Platform:Windows/ Linux Summary:- CVSS Score:- Credits:pdnv00

HackGrid - Cyber Range

Scarf - Supply Chain

ATTACK ALL AREAS

ASSESSMENT

ANALYSIS

REGULATORY COMPLIANCE

ATTACK ALL AREAS

ASSESSMENT

Zero-day Tracker

Regulatory Compliance

Products

Company

Contact