Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2021/08/09 12:0 a.m.•65 views

(0Day) Delta Industrial Automation DOPSoft XLS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS4.8AI score0.77892EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•65 views

Siemens JT2Go BMP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

3.3CVSS2.8AI score0.01574EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•65 views

Siemens JT2Go PAR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PAR...

7.8CVSS5.6AI score0.00653EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/05/20 12:0 a.m.•65 views

Apple macOS libFontParser OTF Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the GetFDIndex...

4.3CVSS3.4AI score0.01421EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/05/11 12:0 a.m.•65 views

Foxit Reader browseForDoc Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the browseForDoc...

7.8CVSS3.3AI score0.05589EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/12 12:0 a.m.•65 views

Microsoft Windows win32kfull MulGradientFill Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull.sys...

7.8CVSS5.9AI score0.01441EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/10/22 12:0 a.m.•65 views

Foxit PhantomPDF HTML2PDF HTML Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

7.8CVSS1.9AI score0.05783EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/01 12:0 a.m.•65 views

Trend Micro SafeSync for Enterprise dead_local_device Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro SafeSync for Enterprise. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

9CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/20 12:0 a.m.•65 views

Brocade Network Advisor FileReceiveServlet Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Brocade Network Advisor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FileReceiveServlet servlet. The issue results from the lack of proper...

10CVSS5.1AI score0.07131EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/12/15 12:0 a.m.•65 views

Foxit FoxitCloudUpdateService Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to elevate privileges on vulnerable installations of Foxit Reader. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FoxitCloudUpdateService service. An attacker can trigger a memory corruption condition by...

6.9CVSS7.3AI score0.00656EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/10/14 12:0 a.m.•65 views

Microsoft Internet Explorer CDOMEvent Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS6.3AI score0.32854EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/10/01 12:0 a.m.•65 views

Sophos Cyberoam sslvpn_liveuser_delete Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sophos Cyberoam. Authentication is required to exploit this vulnerability. The specific flaw exists within the sslvpnliveuserdelete opcode. The issue lies in the failure to properly sanitize...

9CVSS7AI score0.02318EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/06/11 12:0 a.m.•65 views

Microsoft Internet Explorer CTreePos Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS6.4AI score0.24458EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/04/05 12:0 a.m.•65 views

Sun Java Runtime CMM readMabCurveData Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the CMM module of the Sun JVM. This...

10CVSS3.4AI score0.149EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/18 12:0 a.m.•64 views

(Pwn2Own) Microsoft Windows bthport Driver Improper Authorization Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the bthport.sys...

8.8CVSS6.1AI score0.0053EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•64 views

Bentley MicroStation CONNECT JT File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4.4AI score0.02041EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•64 views

Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.1AI score0.02041EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/12/19 12:0 a.m.•64 views

Apache Log4j StrSubstitutor Uncontrolled Recursion Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Apache Log4j. Authentication is not required to exploit this vulnerability. The specific flaw exists within the StrSubstitutor class. The issue results from the lack of proper validatio...

5.3CVSS2.9AI score0.99999EPSS
Exploits20References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/11 12:0 a.m.•64 views

Microsoft Windows storport Integer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the storport.sys...

8.8CVSS5.9AI score0.00556EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/15 12:0 a.m.•64 views

Adobe Acrobat Reader DC PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS5.8AI score0.04942EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/15 12:0 a.m.•64 views

Adobe FrameMaker PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe FrameMaker. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

7.8CVSS4.3AI score0.02323EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/15 12:0 a.m.•64 views

OpenText Brava! Desktop DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.6AI score0.01811EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/05/26 12:0 a.m.•64 views

(Pwn2Own) Microsoft Exchange Server Missing Check of Message Integrity Vulnerability

This vulnerability allows network-adjacent attackers to tamper with update data on affected installations of Microsoft Exchange Server. User interaction is required to exploit this vulnerability. The specific flaw exists within the handling of Exchange Server Help updates. The issue results from ...

3.5CVSS1.4AI score0.02627EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/05/11 12:0 a.m.•64 views

Cisco RV340 set_snmp usmUserPrivKey Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of JSON-RPC requests. When parsing the usmUserPrivKey property,...

5.5CVSS4.4AI score0.01863EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/15 12:0 a.m.•64 views

Adobe Creative Cloud Improper Privilege Management Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Adobe Creative Cloud on Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.8CVSS4.2AI score0.02467EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/04 12:0 a.m.•64 views

Cisco Multiple Routers DNIAPI Directory Traversal Arbitrary File Creation Vulnerability

This vulnerability allows network-adjacent attackers to create arbitrary files on affected installations of Cisco RV16x and RV26x routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 443 by default. When...

8.8CVSS2.4AI score0.0369EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/14 12:0 a.m.•64 views

Microsoft Windows av1decodermft_store MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of M...

7.8CVSS5.5AI score0.0147EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/04/15 12:0 a.m.•64 views

(Pwn2Own) Mozilla Firefox IonMonkey Optimizer Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within IonMonkey. The...

8.8CVSS2.6AI score0.07387EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/18 12:0 a.m.•64 views

(Pwn2Own) Apple macOS AppleMultitouchDevice Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the...

6.9CVSS3.8AI score0.0113EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/30 12:0 a.m.•64 views

(Pwn2Own) Mozilla Firefox createImageBitmap Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS9.4AI score0.03158EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/10 12:0 a.m.•64 views

Adobe Acrobat Reader DC app.launchURL Command Execution Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader DC. Authentication is not required to exploit this vulnerability. The specific flaw exists within handling URL's passed to app.launchURL. A specially crafted cURL passed to...

6.8CVSS3.9AI score0.06316EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/02/05 12:0 a.m.•64 views

Advantech WebAccess webvrpcs Service ViewDll.dll TagGroup strcpy Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x280B IOCTL in the DrawSrv subsystem. A stack-based buffer...

9.3CVSS4.5AI score0.16655EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2015/11/10 12:0 a.m.•64 views

AlienVault Unified Security Management Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges to root on vulnerable installations of AlienVault Unified Security Management. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the server and database. A local...

6.9CVSS7.5AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/06/30 12:0 a.m.•64 views

IBM Tivoli Storage Manager FastBack Server Opcode 1335 Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 1335. By sending a crafted packet on TCP...

10CVSS9.3AI score0.03254EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/05/21 12:0 a.m.•64 views

(0Day) Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS6.4AI score0.34773EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/01/10 12:0 a.m.•64 views

Hewlett-Packard Data Protector Backup Client Service vrda Remote Code Execution Vulnerability

This vulnerability allows remote attackers directory traversal on vulnerable installations of HP OpenView Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service OmniInet.exe. The Backup Client Service listens on TCP por...

10CVSS5.6AI score0.10436EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2012/12/21 12:0 a.m.•64 views

Microsoft Internet Explorer OnBeforeDeactivate Event Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS2.3AI score0.22344EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2024/04/25 12:0 a.m.•63 views

Microsoft Windows MHT File Mark-Of-The-Web Bypass Remote Code Execution Vulnerability

This vulnerability allows remote attackers to bypass the Mark-Of-The-Web security feature to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. T...

7.5CVSS5.4AI score0.00649EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/18 12:0 a.m.•63 views

(Pwn2Own) Microsoft Windows vhdmp Driver Improper Authorization Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the vhdmp.sys...

8.8CVSS6.1AI score0.05461EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/07/28 12:0 a.m.•63 views

VMware ESXi TCP/IP Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of VMware ESXi. Authentication is not required to exploit this vulnerability. The specific flaw exists within the TCP/IP kernel module. The issue results from the lack of proper validation of...

8.1CVSS3AI score
Exploits0References3
Zero Day Initiative
Zero Day Initiative
•added 2022/05/09 12:0 a.m.•63 views

Cisco RV340 JSON RPC set-snmp Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling o...

4.3CVSS3.1AI score0.01923EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/30 12:0 a.m.•63 views

NETGEAR Multiple Routers mini_httpd Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the minihttpd service, which listens on TCP port 80 by default. The...

8.8CVSS2.8AI score0.03075EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/09 12:0 a.m.•63 views

(0Day) Delta Industrial Automation DOPSoft XLS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS4.8AI score0.77892EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/07/22 12:0 a.m.•63 views

Oracle VirtualBox NAT Numeric Truncation Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

7.5CVSS3.9AI score0.00731EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/22 12:0 a.m.•63 views

MySQL InnoDB Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of MySQL. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of InnoDB commands. The issue results from the lack of proper validation of the...

8.1CVSS4.6AI score0.41478EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•63 views

Siemens JT2Go GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GIF...

7.8CVSS4.3AI score0.01574EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/15 12:0 a.m.•63 views

Adobe Bridge JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

7.8CVSS4.3AI score0.02762EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/15 12:0 a.m.•63 views

Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS2.8AI score0.03919EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/15 12:0 a.m.•63 views

Adobe Illustrator PostScript File Parsing Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Illustrator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS1.9AI score0.01834EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/15 12:0 a.m.•63 views

OpenText Brava! Desktop TIF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.7AI score0.01811EPSS
Exploits0
Total number of security vulnerabilities5000