Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2023/05/17 12:0 a.m.•65 views

Linux Kernel vmwgfx Driver Double Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

8.2CVSS6.8AI score0.00465EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/03/14 12:0 a.m.•65 views

PaperCut NG SecurityRequestFilter Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SecurityRequestFilter class. The issue results from improper implementation of the...

8.2CVSS8.7AI score0.77388EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2022/05/26 12:0 a.m.•65 views

Apple macOS ImageIO WebP File Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of...

7.8CVSS6.1AI score0.035EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2022/04/28 12:0 a.m.•65 views

Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS2.4AI score0.03361EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/12/19 12:0 a.m.•65 views

Apache Log4j StrSubstitutor Uncontrolled Recursion Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Apache Log4j. Authentication is not required to exploit this vulnerability. The specific flaw exists within the StrSubstitutor class. The issue results from the lack of proper validatio...

5.3CVSS2.9AI score0.99999EPSS
Exploits20References1
Zero Day Initiative
Zero Day Initiative
•added 2021/11/29 12:0 a.m.•65 views

Kaspersky Password Manager Improper Privilege Management Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Kaspersky Password Manager. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS7.4AI score0.00328EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/11 12:0 a.m.•65 views

Microsoft Windows storport Integer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the storport.sys...

8.8CVSS5.9AI score0.00556EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/09 12:0 a.m.•65 views

(0Day) Delta Industrial Automation DOPSoft XLS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS4.8AI score0.77892EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•65 views

Siemens JT2Go PAR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PAR...

7.8CVSS5.6AI score0.00653EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/15 12:0 a.m.•65 views

Adobe Bridge JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

7.8CVSS4.3AI score0.02762EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/15 12:0 a.m.•65 views

Adobe FrameMaker PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe FrameMaker. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

7.8CVSS4.3AI score0.02323EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/15 12:0 a.m.•65 views

Adobe Acrobat Reader DC PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS5.8AI score0.04942EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/05/20 12:0 a.m.•65 views

Apple macOS libFontParser OTF Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the GetFDIndex...

4.3CVSS3.4AI score0.01421EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/12 12:0 a.m.•65 views

Microsoft Windows win32kfull MulGradientFill Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull.sys...

7.8CVSS5.9AI score0.01441EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/04 12:0 a.m.•65 views

Cisco Multiple Routers DNIAPI Directory Traversal Arbitrary File Creation Vulnerability

This vulnerability allows network-adjacent attackers to create arbitrary files on affected installations of Cisco RV16x and RV26x routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 443 by default. When...

8.8CVSS2.4AI score0.0369EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/14 12:0 a.m.•65 views

Microsoft Windows av1decodermft_store MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of M...

7.8CVSS5.5AI score0.0147EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/10/22 12:0 a.m.•65 views

Foxit PhantomPDF HTML2PDF HTML Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

7.8CVSS1.9AI score0.05783EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/04/15 12:0 a.m.•65 views

(Pwn2Own) Mozilla Firefox IonMonkey Optimizer Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within IonMonkey. The...

8.8CVSS2.6AI score0.07387EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/30 12:0 a.m.•65 views

(Pwn2Own) Mozilla Firefox createImageBitmap Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS9.4AI score0.03158EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/01 12:0 a.m.•65 views

Trend Micro SafeSync for Enterprise dead_local_device Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro SafeSync for Enterprise. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

9CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/20 12:0 a.m.•65 views

Brocade Network Advisor FileReceiveServlet Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Brocade Network Advisor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FileReceiveServlet servlet. The issue results from the lack of proper...

10CVSS5.1AI score0.07131EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/12/15 12:0 a.m.•65 views

Foxit FoxitCloudUpdateService Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to elevate privileges on vulnerable installations of Foxit Reader. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FoxitCloudUpdateService service. An attacker can trigger a memory corruption condition by...

6.9CVSS7.3AI score0.00656EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/10/01 12:0 a.m.•65 views

Sophos Cyberoam sslvpn_liveuser_delete Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sophos Cyberoam. Authentication is required to exploit this vulnerability. The specific flaw exists within the sslvpnliveuserdelete opcode. The issue lies in the failure to properly sanitize...

9CVSS7AI score0.02318EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/06/11 12:0 a.m.•65 views

Microsoft Internet Explorer CTreePos Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS6.4AI score0.24458EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/01/10 12:0 a.m.•65 views

Hewlett-Packard Data Protector Backup Client Service vrda Remote Code Execution Vulnerability

This vulnerability allows remote attackers directory traversal on vulnerable installations of HP OpenView Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service OmniInet.exe. The Backup Client Service listens on TCP por...

10CVSS5.6AI score0.10436EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2012/12/21 12:0 a.m.•65 views

Microsoft Internet Explorer OnBeforeDeactivate Event Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS2.3AI score0.22344EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2010/04/05 12:0 a.m.•65 views

Sun Java Runtime CMM readMabCurveData Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the CMM module of the Sun JVM. This...

10CVSS3.4AI score0.149EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2022/05/09 12:0 a.m.•64 views

Cisco RV340 JSON RPC set-snmp Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling o...

4.3CVSS3.1AI score0.01923EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•64 views

Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.1AI score0.02041EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•64 views

Bentley MicroStation CONNECT JT File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4.4AI score0.02041EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/30 12:0 a.m.•64 views

NETGEAR Multiple Routers mini_httpd Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the minihttpd service, which listens on TCP port 80 by default. The...

8.8CVSS2.8AI score0.03075EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/15 12:0 a.m.•64 views

Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS2.8AI score0.03919EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/15 12:0 a.m.•64 views

Adobe Illustrator PostScript File Parsing Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Illustrator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS1.9AI score0.01834EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/15 12:0 a.m.•64 views

OpenText Brava! Desktop DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.6AI score0.01811EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/05/11 12:0 a.m.•64 views

Cisco RV340 set_snmp usmUserPrivKey Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of JSON-RPC requests. When parsing the usmUserPrivKey property,...

5.5CVSS4.4AI score0.01863EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/15 12:0 a.m.•64 views

Adobe Creative Cloud Improper Privilege Management Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Adobe Creative Cloud on Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.8CVSS4.2AI score0.02467EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/10/10 12:0 a.m.•64 views

Microsoft Windows SMB Out-Of-Bounds Read Denial of Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service on vulnerable installations of Microsoft Windows. Authentication is required to exploit this vulnerability, assuming the product is in its default configuration. The specific flaw exists within the srv driver. A crafted...

6.8CVSS4.2AI score0.14399EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/18 12:0 a.m.•64 views

(Pwn2Own) Apple macOS AppleMultitouchDevice Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the...

6.9CVSS3.8AI score0.0113EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/18 12:0 a.m.•64 views

(Pwn2Own) Apple macOS diskarbitrationd Time-Of-Check/Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the diskarbitrationd...

6.9CVSS4.1AI score0.0439EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/10 12:0 a.m.•64 views

Adobe Acrobat Reader DC app.launchURL Command Execution Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader DC. Authentication is not required to exploit this vulnerability. The specific flaw exists within handling URL's passed to app.launchURL. A specially crafted cURL passed to...

6.8CVSS3.9AI score0.06316EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/02/05 12:0 a.m.•64 views

Advantech WebAccess webvrpcs Service ViewDll.dll TagGroup strcpy Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x280B IOCTL in the DrawSrv subsystem. A stack-based buffer...

9.3CVSS4.5AI score0.16655EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2015/11/10 12:0 a.m.•64 views

AlienVault Unified Security Management Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges to root on vulnerable installations of AlienVault Unified Security Management. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the server and database. A local...

6.9CVSS7.5AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/06/30 12:0 a.m.•64 views

IBM Tivoli Storage Manager FastBack Server Opcode 1335 Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 1335. By sending a crafted packet on TCP...

10CVSS9.3AI score0.03254EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/05/12 12:0 a.m.•64 views

Adobe Acrobat Reader AFExactMatch Javascript API Restrictions Bypass Vulnerability

This vulnerability allows remote attackers to bypass API restrictions on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AFExactMatch...

6.8CVSS6.4AI score0.09917EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/05/21 12:0 a.m.•64 views

(0Day) Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS6.4AI score0.34773EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/04/25 12:0 a.m.•63 views

Microsoft Windows MHT File Mark-Of-The-Web Bypass Remote Code Execution Vulnerability

This vulnerability allows remote attackers to bypass the Mark-Of-The-Web security feature to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. T...

7.5CVSS5.4AI score0.00649EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/18 12:0 a.m.•63 views

(Pwn2Own) Microsoft Windows vhdmp Driver Improper Authorization Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the vhdmp.sys...

8.8CVSS6.1AI score0.05461EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/07/28 12:0 a.m.•63 views

VMware ESXi TCP/IP Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of VMware ESXi. Authentication is not required to exploit this vulnerability. The specific flaw exists within the TCP/IP kernel module. The issue results from the lack of proper validation of...

8.1CVSS3AI score
Exploits0References3
Zero Day Initiative
Zero Day Initiative
•added 2022/02/01 12:0 a.m.•63 views

(Pwn2Own) Samba fruit_pwrite Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samba. Authentication is not required to exploit this vulnerability. The specific flaw exists within the fruitpwrite function. The issue results from the lack of proper validation of the length of...

9.8CVSS4AI score0.7372EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•63 views

Bentley MicroStation CONNECT BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.7AI score0.02113EPSS
Exploits0References1
Total number of security vulnerabilities5000