Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2020/12/07 12:0 a.m.•32 views

(0Day) Realtek RTL8811AU Wi-Fi Driver rtwlane Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of the Realtek RTL8811AU Wi-Fi driver. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of 802.11 frames. The issue results from the...

8CVSS1.5AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/10/28 12:0 a.m.•32 views

Micro Focus Operations Bridge Manager LicensingService Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS3.6AI score0.7699EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/28 12:0 a.m.•32 views

Micro Focus Operations Bridge Manager BundleService Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS3.5AI score0.7699EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/22 12:0 a.m.•32 views

Oracle WebLogic Server T3 Protocol Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle WebLogic Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the T3 protocol. Crafted data in a T3 protocol message can trigge...

9.8CVSS4AI score0.30081EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/22 12:0 a.m.•32 views

Oracle VirtualBox Shader Bytecode Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

5.3CVSS2.8AI score0.00714EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/22 12:0 a.m.•32 views

Oracle WebLogic Server T3 Protocol Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle WebLogic. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the T3 protocol. Crafted data in a T3 protocol message can trigger the...

9.8CVSS4.1AI score0.03752EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/25 12:0 a.m.•32 views

Trend Micro OfficeScan ServerMigrationTool DAT File Parsing Double Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro OfficeScan ServerMigrationTool. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exist...

7.8CVSS3.5AI score0.02382EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/17 12:0 a.m.•32 views

Schneider Electric APC Easy UPS Online FileUploadServlet processRequest Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric APC Easy UPS Online. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FileUploadServlet class. When parsing the filename parameter,...

9.8CVSS4.5AI score0.01659EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/11 12:0 a.m.•32 views

Canonical Ubuntu apport Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Canonical Ubuntu. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the apport package...

7CVSS3.6AI score0.00498EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/10 12:0 a.m.•32 views

Delta Industrial Automation TPEditor TPE File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation TPEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

7.8CVSS5.1AI score0.01872EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/04 12:0 a.m.•32 views

Foxit PhantomPDF SetLocalDescription Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS1.3AI score0.04074EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/22 12:0 a.m.•32 views

Adobe Prelude MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Prelude. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of MP...

7.8CVSS4.2AI score0.03966EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/20 12:0 a.m.•32 views

Oracle VirtualBox virtio-net Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6CVSS2.9AI score0.00553EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/16 12:0 a.m.•32 views

Advantech iView UserServlet getAllUsersAccountInfo Improper Access Control Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UserServlet class. The issue results from the lack of proper access control...

7.5CVSS2.8AI score0.01745EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/16 12:0 a.m.•32 views

Advantech iView DeviceTreeTable getInventoryReportData SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the getInventoryReportData method of the DeviceTreeTable clas...

9.8CVSS3.4AI score0.04922EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/16 12:0 a.m.•32 views

Microsoft Windows mf3216 EMF EMR_SETDIBITSTODEVICE Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.6AI score0.01651EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/06/30 12:0 a.m.•32 views

VMware Workstation SVGA3D Command Heap Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS4.8AI score0.00498EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/06/25 12:0 a.m.•32 views

(0Day) CentOS Web Panel ajax_dashboard service_start Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxdashboard.php. When parsing the servicestart parameter, the process does not proper...

9.8CVSS6.1AI score0.08411EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•32 views

Advantech WebAccess/SCADA DATACORE IOCTL 0x00005241 Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of IOCTL 0x00005241 in DATACORE.exe. The issue results from...

9.8CVSS3.7AI score0.09076EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/30 12:0 a.m.•32 views

LAquis SCADA LGX File Insufficient UI Warning Arbitrary File Creation Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

7.8CVSS1.7AI score0.00832EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/28 12:0 a.m.•32 views

Adobe Bridge TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of TIF...

7.8CVSS4.3AI score0.02815EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/23 12:0 a.m.•32 views

Microsoft Windows gdi32full StretchDIBitsImpl Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.1AI score0.01855EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•32 views

Oracle E-Business Suite Human Resources Organization Hierarchy Viewer OrgServer SQL Injection Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Oracle E-Business Suite Human Resources. Authentication is required to exploit this vulnerability. The specific flaw exists within the Organization Hierarchy Viewer. The issue results from the lack of...

8.1CVSS2AI score0.4654EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•32 views

Foxit PhantomPDF SetFieldValue Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of t...

7.8CVSS2.2AI score0.04689EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•32 views

Foxit PhantomPDF U3DBrowser U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U...

7.8CVSS3.8AI score0.04826EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•32 views

Cisco UCS Director saveWindowsNetworkConfig Directory Traversal Denial-of-Service Vulnerability

This vulnerability allows remote attackers to overwrite arbitrary files on affected installations of Cisco UCS Director. Authentication is not required to exploit this vulnerability. The specific flaw exists within the saveWindowsNetworkConfig method. The issue results from the lack of proper...

8.2CVSS3.3AI score0.23056EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•32 views

Eaton HMiSoft VU3 File Parsing wMailBlindCopyToLen Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Eaton HMiSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the...

7.8CVSS5.1AI score0.00805EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/09 12:0 a.m.•32 views

Fuji Electric V-Server Lite VPR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric V-Server Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.6AI score0.00805EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•32 views

(0Day) Advantech WebAccess IOCTL 0x2711 BwPSLink Arbitrary File Deletion Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on affected installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of IOCTL 0x2711, which can be used to invoke BwPSLink.exe. The issue...

8.2CVSS0.5AI score0.01009EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/03/12 12:0 a.m.•32 views

Microsoft Windows AppX Deployment Service Link Resolution Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

6.1CVSS4.5AI score0.00949EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/03/12 12:0 a.m.•32 views

Microsoft Windows CreateXlateObject Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS5.3AI score0.00962EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/03/05 12:0 a.m.•32 views

IBM Spectrum Protect Plus hostname Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IBM Spectrum Protect Plus. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Administrative Console Framework service. When parsing the hostname...

9.8CVSS5.2AI score0.71094EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/02/20 12:0 a.m.•32 views

Microsoft Windows NtUserResolveDesktopForWOW Heap-based Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the function...

8.8CVSS5.7AI score0.01297EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/02/12 12:0 a.m.•32 views

Adobe FrameMaker BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe FrameMaker. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BM...

7.8CVSS4.9AI score0.0391EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/02/11 12:0 a.m.•32 views

Foxit PhantomPDF AcroForm addWatermarkFromText Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS2.4AI score0.19457EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/02/11 12:0 a.m.•32 views

Foxit PhantomPDF JPEG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of...

7.8CVSS4.7AI score0.06055EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/02/04 12:0 a.m.•32 views

(0Day) Hewlett Packard Enterprise Intelligent Management Center ictExpertCSVDownload Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

8.8CVSS3.6AI score0.06613EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/02/04 12:0 a.m.•32 views

(0Day) Hewlett Packard Enterprise Intelligent Management Center deviceThresholdConfig Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

8.8CVSS3AI score0.03213EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/02/04 12:0 a.m.•32 views

(0Day) Hewlett Packard Enterprise Intelligent Management Center forwardredirect Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

8.8CVSS3.1AI score0.03213EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/02/04 12:0 a.m.•32 views

(0Day) Hewlett Packard Enterprise Intelligent Management Center sshConfig Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

8.8CVSS3AI score0.0326EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/01/17 12:0 a.m.•32 views

Microsoft Windows WIA Junction Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Windows Image...

7.8CVSS6.2AI score0.01055EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/01/15 12:0 a.m.•32 views

Oracle VirtualBox VBoxVHWAHandleTable Out-Of-Bounds Access Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

8.2CVSS3.5AI score0.00452EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/11/13 12:0 a.m.•32 views

Microsoft Windows Kernel Type 1 Font Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

8.6CVSS3.1AI score0.09071EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/10/04 12:0 a.m.•32 views

Foxit PhantomPDF Dwg2Pdf DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of...

7.8CVSS4.6AI score0.06837EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2019/10/01 12:0 a.m.•32 views

Foxit Reader TIF File ConvertToPDF Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of TIF...

7.8CVSS2.9AI score0.03852EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/10/01 12:0 a.m.•32 views

Foxit Reader AcroForm Field Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

7.8CVSS2.7AI score0.03852EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/09/17 12:0 a.m.•32 views

QuickTime get_by_tree Memory Corruption Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AudioCodecs...

5.3CVSS2AI score0.01934EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/09/11 12:0 a.m.•32 views

Delta Industrial Automation TPEditor TPE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation TPEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

7.8CVSS4.6AI score0.01906EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/09/11 12:0 a.m.•32 views

Microsoft Windows user32 Cursor Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3AI score0.01618EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/09/10 12:0 a.m.•32 views

Apple macOS AMDRadeonX4000 Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple MacOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

5.6CVSS3.2AI score0.00283EPSS
Exploits0References1
Total number of security vulnerabilities5000