Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2021/07/15 12:0 a.m.•55 views

Adobe Bridge PostScript Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processin...

3.3CVSS1.7AI score0.01805EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/07 12:0 a.m.•55 views

Siemens Simcenter Femap modfem File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.7AI score0.01336EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/06/07 12:0 a.m.•55 views

OpenText Brava! Desktop PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

3.3CVSS2.6AI score0.01422EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/05/13 12:0 a.m.•55 views

Microsoft Windows WalletService Directory Junction Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within WalletService. By...

7.8CVSS5.9AI score0.01136EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/22 12:0 a.m.•55 views

Oracle VirtualBox NAT Integer Underflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

7.5CVSS5.2AI score0.00791EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/21 12:0 a.m.•55 views

Parallels Desktop IDE Heap-based Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the IDE...

8.2CVSS4.9AI score0.00442EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/08 12:0 a.m.•55 views

Adobe Acrobat Reader DC Annotation page Property Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS2.3AI score0.03977EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/29 12:0 a.m.•55 views

Fuji Electric V-Server Lite VPR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric V-Server Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.7AI score0.02142EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/22 12:0 a.m.•55 views

Oracle Database Procedure Improper Privilege Management Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle Database. Authentication is required to exploit this vulnerability. The specific flaw exists within the execution of stored procedures. When executing stored procedures, the process does not...

8.8CVSS4.3AI score0.01673EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/12/15 12:0 a.m.•55 views

(0Day) Eaton EASYsoft E70 File Parsing Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Eaton EASYsoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of E70...

7.8CVSS5AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/10/19 12:0 a.m.•55 views

Microsoft Windows Camera Codec Pack Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS3.6AI score0.04865EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/13 12:0 a.m.•55 views

Microsoft Windows Print Spooler Directory Junction Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Print Spooler...

7.8CVSS6AI score0.14179EPSS
Exploits10References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/16 12:0 a.m.•55 views

Microsoft SharePoint Scorecards Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of controls in the Microsoft.PerformancePoint.Scorecards.Client...

8.8CVSS3.2AI score0.20265EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/16 12:0 a.m.•55 views

Microsoft Windows PFB Font File Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the parsing of...

7.8CVSS5AI score0.21367EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/08 12:0 a.m.•55 views

Adobe Reader DC XFA closeDoc Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS2.5AI score0.09523EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/08 12:0 a.m.•55 views

Microsoft Windows Jet Engine Library Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Microsoft...

5.1CVSS3.8AI score0.23659EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/03 12:0 a.m.•55 views

Mozilla Firefox ClearKeyDecryptor Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

5.1CVSS9.4AI score0.02067EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/30 12:0 a.m.•55 views

Apple Safari RenderBox Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within RenderBox objects...

6.8CVSS2.5AI score0.01949EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/11/08 12:0 a.m.•55 views

Microsoft Windows NtUserMagSetContextInformation Kernel State Corruption Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

6.9CVSS4.8AI score0.03019EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/07/21 12:0 a.m.•55 views

Oracle Java MethodHandles dropArguments Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation o...

6.8CVSS3.4AI score0.0669EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2015/12/08 12:0 a.m.•55 views

Autodesk Design Review GIF GlobalColorTable Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Autodesk Design Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS6.4AI score0.03751EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/09/02 12:0 a.m.•55 views

(0Day) Borland AccuRev Reprise License Server service_setup_doit Command Stack Buffer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Borland AccuRev. Authentication is not required to exploit this vulnerability. The specific flaw exists within the servicestartupdoit functionality of the Reprise License Manager service. The issue...

9.3CVSS7AI score0.19984EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2015/08/11 12:0 a.m.•55 views

Microsoft Internet Explorer Registry Link Elevation of Privilege Vulnerability

This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.9CVSS6.1AI score0.07101EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/05/06 12:0 a.m.•55 views

ManageEngine Applications Manager MaintenanceTaskAPIUtil resourceid SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ManageEngine Applications Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MaintenanceTaskAPIUtil class. The issue lies in the failure to...

10CVSS7.9AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2015/02/10 12:0 a.m.•55 views

(0Day) Persistent Systems Client Automation Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Persistent Systems Client Automation. Authentication is not required to exploit this vulnerability. The flaw exists within the radexecd.exe component which listens by default on TCP port 3465. When...

10CVSS7.4AI score0.75116EPSS
Exploits16References1
Zero Day Initiative
Zero Day Initiative
•added 2014/04/03 12:0 a.m.•55 views

Splunk collect file Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Splunk. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the advanced search...

9CVSS5.4AI score0.04804EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/02/13 12:0 a.m.•55 views

Microsoft Direct2D Graphics Component Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5.1CVSS6.4AI score0.18885EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2012/04/18 12:0 a.m.•55 views

Samba lsa_LookupNames Heap Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samba. Authentication is not required to exploit this vulnerability. The specific flaw exists within the way Samba handles lsaLookupNames requests. When parsing the data send in the request Samba...

10CVSS5.5AI score0.74034EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2011/10/27 12:0 a.m.•55 views

Apple QuickTime FLC Delta Decompression Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktim...

9CVSS3.3AI score0.05134EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/06/08 12:0 a.m.•55 views

Oracle Java ICC Profile Sequence Description 'pseq' Tag Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the way Java handles color profiles. When...

9CVSS4.5AI score0.06277EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/03/02 12:0 a.m.•55 views

Apple Webkit Error Message Mutation Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

9.7CVSS4.3AI score0.03964EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2010/04/05 12:0 a.m.•55 views

Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Runtime. Authentication is not required to exploit this vulnerability. The specific flaw exists within the code responsible for ensuring proper privileged execution of methods. If an...

10CVSS2.8AI score0.96319EPSS
Exploits5
Zero Day Initiative
Zero Day Initiative
•added 2025/07/17 12:0 a.m.•54 views

Cisco Identity Services Engine disableStrongSwanTunnel Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Identity Services Engine. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the disableStrongSwanTunnel method. The issue results...

7.2CVSS7.7AI score0.06551EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/12 12:0 a.m.•54 views

Microsoft Exchange DumpDataReader Deserialization of Untrusted Data Arbitrary File Write Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the lack of protection against deserialization of the DumpDataReader class. The issue...

6.5CVSS7AI score0.81713EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/08/15 12:0 a.m.•54 views

Microsoft Windows Error Reporting Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Furthermore, exploitation is possible only in...

7CVSS7.1AI score0.10996EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/02/09 12:0 a.m.•54 views

Microsoft Windows win32kfull Bitmap Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

8.8CVSS7.8AI score0.00448EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/02/09 12:0 a.m.•54 views

(Pwn2Own) Western Digital MyCloud PR4100 DDNS Response Processing Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Western Digital MyCloud PR4100. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DDNS responses. The issue results from the lack...

7.5CVSS2.2AI score0.01169EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/25 12:0 a.m.•54 views

TP-Link TL-WR841N ated_tp Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR841N routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ated...

6.4CVSS4AI score0.00603EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/03/07 12:0 a.m.•54 views

Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS7.6AI score0.01829EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/16 12:0 a.m.•54 views

Trend Micro Apex One Security Agent Resource Exhaustion Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Trend Micro Apex One Security Agent. Authentication is not required to exploit this vulnerability. The specific flaw exists within the logging of requests received on the management por...

5.3CVSS3.2AI score0.02299EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/15 12:0 a.m.•54 views

DevExpress SafeBinaryFormatter Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of DevExpress XtraReports. Authentication is required to exploit this vulnerability. The specific flaw exists within the SafeBinaryFormatter library. The issue results from the lack of proper validation...

8.8CVSS3.3AI score0.02899EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/02/01 12:0 a.m.•54 views

Samba AppleDouble Entry Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samba. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of AppleDouble entries. The issue results from the lack of proper validation of the...

9.8CVSS3.1AI score0.7372EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•54 views

Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.1AI score0.02016EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•54 views

Bentley MicroStation CONNECT JT File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4.4AI score0.02041EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•54 views

Bentley MicroStation CONNECT TIF File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.7AI score0.02005EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/09/16 12:0 a.m.•54 views

Microsoft PowerPoint PPT File Parsing Double Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft PowerPoint. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

7.8CVSS5.4AI score0.04878EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/09/16 12:0 a.m.•54 views

Adobe Acrobat Pro DC DocMedia Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processin...

7.8CVSS4AI score0.1134EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/11 12:0 a.m.•55 views

Microsoft Excel XLS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

8.8CVSS5.5AI score0.53178EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/11 12:0 a.m.•54 views

Apple macOS CoreText TTF Parsing Out-of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the CoreText library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

3.3CVSS3.6AI score0.01248EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/09 12:0 a.m.•54 views

(0Day) Delta Industrial Automation DOPSoft XLS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS5.7AI score0.01036EPSS
Exploits0
Total number of security vulnerabilities5000