Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2021/04/29 12:0 a.m.•56 views

Microsoft Windows win32kfull MulFillPath Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull.sys...

7.8CVSS6AI score0.01441EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/26 12:0 a.m.•56 views

Foxit Studio Photo CMP File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5.4AI score0.02761EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/26 12:0 a.m.•56 views

NETGEAR ProSAFE Network Management System ReportTemplateController Directory Traversal Denial-of-Service Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within th...

7.1CVSS3.1AI score0.73766EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/10 12:0 a.m.•57 views

Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Marvell QConvergeConsole. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getFileUploadBytes method of the FlashValidatorServiceImpl class. T...

7.5CVSS2.4AI score0.03217EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/06/15 12:0 a.m.•56 views

(0Day) NETGEAR R6700 httpd Firmware Upload Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue...

8.8CVSS7.2AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/03/25 12:0 a.m.•56 views

(Pwn2Own) TP-Link Archer A7 SSH Port Forwarding Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of TP-Link Archer A7 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SSH port forwarding requests during initial setup. The...

5.9CVSS1.4AI score0.02457EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2019/11/13 12:0 a.m.•56 views

VMware Workstation e1000 Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

8.2CVSS3.6AI score0.01412EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/08/22 12:0 a.m.•56 views

Microsoft Chakra Array.reverse Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra as well as Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The...

6.8CVSS2.9AI score0.15139EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2017/08/24 12:0 a.m.•56 views

Microsoft Edge DOMAttrModified Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of t...

6.8CVSS7.9AI score0.51465EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2015/12/02 12:0 a.m.•56 views

Unitronics UniDownloader IPWorksSSL.HTTPS.1 ActiveX Control SSLCertHandle Property Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Unitronics UniDownloader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.8CVSS9.3AI score0.04734EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/05/10 12:0 a.m.•56 views

(Pwn2Own) Google Chrome Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage of...

6.8CVSS3.2AI score0.04267EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/02/01 12:0 a.m.•56 views

Oracle Java Runtime Environment MethodHandle Security Manager Bypass Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific bypass exists...

7.5CVSS4.4AI score0.97612EPSS
Exploits38References1
Zero Day Initiative
Zero Day Initiative
•added 2011/10/15 12:0 a.m.•56 views

Microsoft Internet Explorer SetExpandedClipRect Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

7.5CVSS2.6AI score0.71802EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2011/02/03 12:0 a.m.•56 views

BMC Perform Agent Service Daemon BGS_MULTIPLE_READS Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of BMC Perform Agent. Authentication is not required to exploit this vulnerability. The specific flaw exists within the service daemon which listens by default on TCP port 6768. When processing the...

10CVSS7.9AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2008/10/14 12:0 a.m.•56 views

Microsoft Office Excel BIFF File Format Parsing Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. Exploitation requires that the victim to open the malformed BIFF .xls document. The specific flaw exists within the parsing of the BIFF file format used by Microsoft Excel...

9.3CVSS5AI score0.52318EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2024/05/19 12:0 a.m.•55 views

(Pwn2Own) QNAP TS-464 authLogin SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of QNAP TS-464 NAS devices. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the authLogin...

8.8CVSS7.8AI score0.18677EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/04/23 12:0 a.m.•55 views

Ivanti Avalanche copyFile Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The specific flaw exists within the copyFile method. The issue results from the lack of proper validation of a user-supplie...

8.8CVSS8.9AI score0.68104EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/03/12 12:0 a.m.•55 views

NI LabVIEW VI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI LabVIEW. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of VI files...

7.8CVSS7AI score0.00591EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/08/15 12:0 a.m.•55 views

(Pwn2Own) Adobe Acrobat Reader DC Protected API Restrictions Bypass Vulnerability

This vulnerability allows remote attackers to bypass JavaScript API restrictions on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS7.9AI score0.04613EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/25 12:0 a.m.•55 views

Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS6.8AI score0.00284EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/12/22 12:0 a.m.•55 views

Linux Kernel ksmbd Out-Of-Bounds Read Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Linux Kernel. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of SMB2TREECONNECT commands. The issue results from the lack of prop...

6.5CVSS1.6AI score0.58461EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/11/22 12:0 a.m.•55 views

Microsoft Exchange DumpDataReader Exposed Dangerous Function Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the DumpDataReader class. The issue results from the exposure of a dangerous...

4.3CVSS1.2AI score0.9997EPSS
Exploits11References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/21 12:0 a.m.•55 views

(Pwn2Own) Kepware KEPServerEX Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lack of proper...

9.8CVSS5.9AI score0.03402EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/23 12:0 a.m.•55 views

(Pwn2Own) AVEVA Edge Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of APP...

7.8CVSS2.9AI score0.00647EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/18 12:0 a.m.•55 views

Microsoft Windows win32kfull Bitmap Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

8.8CVSS4.6AI score0.06478EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/18 12:0 a.m.•55 views

(Pwn2Own) Microsoft Windows win32kbase Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kbase.sys...

8.8CVSS5.2AI score0.04354EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/07/12 12:0 a.m.•55 views

Microsoft Windows win32kfull UMPDDrvStretchBlt Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull...

8.8CVSS5.5AI score0.06092EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/04/05 12:0 a.m.•55 views

Autodesk Navisworks Freedom DWF File Parsing Double Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks Freedom. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4.4AI score0.01041EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/16 12:0 a.m.•55 views

Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.8CVSS5.8AI score0.00469EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•55 views

Bentley MicroStation CONNECT JT File Parsing Double Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS3.8AI score0.01937EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/13 12:0 a.m.•55 views

Open Design Alliance (ODA) Drawings Explorer JPG File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open Design Alliance ODA Drawings Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exist...

7.8CVSS7.8AI score0.01127EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/11/08 12:0 a.m.•55 views

Schneider Electric C-Bus Toolkit CONFIG SAVE Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric C-Bus Toolkit. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS9AI score0.01855EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/10/21 12:0 a.m.•55 views

Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the CMTP module. The...

7.5CVSS3.7AI score0.002EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/10/14 12:0 a.m.•55 views

Microsoft Windows storport Integer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the storport.sys...

8.8CVSS5.9AI score0.00807EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/09/20 12:0 a.m.•55 views

SolarWinds Network Performance Monitor FromJson Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor. Authentication is required to exploit this vulnerability. The specific flaw exists within the SolarWinds.Serialization library. The issue results from the lack...

9.8CVSS3.6AI score0.94431EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2021/09/16 12:0 a.m.•55 views

Adobe Acrobat Reader DC AcroForm buttonGetCaption Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS2.1AI score0.64297EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/09 12:0 a.m.•55 views

(0Day) Delta Industrial Automation DOPSoft XLS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS4.8AI score0.77892EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/08/09 12:0 a.m.•55 views

Apple macOS CoreGraphics JPG File Parsing Out-of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the CoreGraphics library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsi...

7.8CVSS5.5AI score0.01204EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/09 12:0 a.m.•55 views

Apple macOS AppKit PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the AppKit library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

3.3CVSS3.6AI score0.01204EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/22 12:0 a.m.•55 views

Oracle Business Intelligence UploadFndDBCPage Arbitrary File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle Business Intelligence. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of the UploadFndDBCPage class. The issue results from the lack o...

8.8CVSS3.6AI score0.03119EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•55 views

Siemens JT2Go PAR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PAR...

7.8CVSS5.6AI score0.02132EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/15 12:0 a.m.•55 views

Adobe Bridge PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of PDF...

7.8CVSS4.4AI score0.02762EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/15 12:0 a.m.•55 views

Adobe Bridge PostScript Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processin...

3.3CVSS1.7AI score0.01805EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/07 12:0 a.m.•55 views

Siemens Simcenter Femap modfem File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.7AI score0.01336EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/06/10 12:0 a.m.•55 views

(0Day) D-Link DAP-1330 lighttpd http_parse_request Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the HNAPAUTH HTTP header. The issue results from the...

8.8CVSS3.1AI score0.02333EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/06/07 12:0 a.m.•55 views

OpenText Brava! Desktop PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

3.3CVSS2.6AI score0.01422EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/05/20 12:0 a.m.•55 views

Apple macOS KTX Image DecodeRow Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the DecodeRow...

4.3CVSS3.2AI score0.01142EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/05/13 12:0 a.m.•55 views

Adobe Illustrator DOCX File Parsing Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Illustrator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion o...

7.8CVSS5AI score0.0388EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/05/13 12:0 a.m.•55 views

Microsoft Windows WalletService Directory Junction Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within WalletService. By...

7.8CVSS5.9AI score0.01136EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/29 12:0 a.m.•55 views

Microsoft Windows win32kfull MulStretchBlt Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull.sys...

7.8CVSS6AI score0.01441EPSS
Exploits0References1
Total number of security vulnerabilities5000