Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Zero Day Initiative
Zero Day Initiativeadded 2021/07/15 12:0 a.m.57 views

Adobe Acrobat Reader DC launchURL Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS2.7AI score0.11856EPSS
Exploits0References1
OSV
OSVadded 2019/06/17 8:15 p.m.1 views

CVE-2018-19445

A command injection can occur for specially crafted PDF files in Foxit Reader SDK ActiveX Professional 5.4.0.1031 when the JavaScript API app.launchURL is used. An attacker can leverage this to gain remote code execution...

7.8CVSS6AI score0.00922EPSS
Exploits1References1
CNVD
CNVDadded 2017/12/28 12:0 a.m.1 views

PDF-XChange Viewer 'launchURL' Function Arbitrary Code Execution Vulnerability

PDF-XChange Viewer is a free multifunctional PDF reader. An arbitrary code execution vulnerability exists in the 'launchURL' function in PDF-XChange Viewer version 2.5 Build 314.0. A remote attacker can exploit this vulnerability to execute arbitrary code with the help of a specially crafted PDF...

7.8CVSS8.2AI score0.01997EPSS
Exploits2References1
OSV
OSVadded 2017/12/27 5:29 p.m.0 views

CVE-2017-13056

The launchURL function in PDF-XChange Viewer 2.5 Build 314.0 might allow remote attackers to execute arbitrary code via a crafted PDF file...

7.8CVSS6.1AI score
Exploits0References1
OSV
OSVadded 2017/08/03 8:29 a.m.2 views

CVE-2017-7442

Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL calls with directory traversal sequences...

8.8CVSS6.1AI score0.70304EPSS
Exploits6References2
Cvelist
Cvelistadded 2017/08/03 8:0 a.m.23 views

CVE-2017-7442

Nitro Pro 11.0.3.173 allows remote attackers to execute arbitrary code via saveAs and launchURL calls with directory traversal sequences...

9.1AI score0.70304EPSS
Exploits6References2
Exploit DB
Exploit DBadded 2017/08/02 12:0 a.m.103 views

Nitro Pro PDF Reader 11.0.3.173 - Javascript API Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nitro Pro PDF Reader 11.0.3.173 Javascript API Remote Code Execution', 'Description' = %q This module exploits an unsafe Javascript API implemente...

8.8CVSS7.4AI score0.70304EPSS
Exploits6
seebug.org
seebug.orgadded 2010/01/18 12:0 a.m.26 views

Windows Media Player 11 ActiveX launchURL() files download

No description provided by source. !------- This is a vulnerability into Windows Media Player ActiveX launchURL function which someone can download what ever file into the vulnerable machine !!! Discovered and written by Jacky! Tested version: 11.0.5358.4827 Tested machine: Windows XP SP3 & Windo...

7.1AI score
Exploits0
0day.today
0day.todayadded 2010/01/17 12:0 a.m.56 views

Windows Media Player 11 ActiveX launchURL() files download

Exploit for unknown platform in category remote exploits ========================================================== Windows Media Player 11 ActiveX launchURL files download ========================================================== arg1='http://'; test.launchURLarg1; 0day.today 2018-01-01...

7.1AI score
Exploits0
Rows per page
Query Builder