Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2021/09/16 12:0 a.m.•54 views

Adobe Acrobat Pro DC DocMedia Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processin...

7.8CVSS4AI score0.1134EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/11 12:0 a.m.•55 views

Microsoft Excel XLS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

8.8CVSS5.5AI score0.53178EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/09 12:0 a.m.•54 views

(0Day) Delta Industrial Automation DOPSoft XLS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS4.8AI score0.77892EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/08/09 12:0 a.m.•54 views

(0Day) Delta Industrial Automation DOPSoft XLS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS4.8AI score0.77892EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/07/22 12:0 a.m.•54 views

Oracle Business Intelligence SchedulerConfigPage11g JNDI Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle Business Intelligence. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of the SchedulerConfigPage11g class. The issue results from the...

8.8CVSS3.2AI score0.34677EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•54 views

Siemens JT2Go J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K...

7.8CVSS4.1AI score0.01574EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•54 views

Siemens JT2Go GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GIF...

7.8CVSS4.3AI score0.01856EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•54 views

Siemens JT2Go JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT...

7.8CVSS4.1AI score0.01574EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/05/13 12:0 a.m.•54 views

Microsoft Windows win32kfull Palette Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

8.8CVSS4.7AI score0.0101EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/29 12:0 a.m.•54 views

Microsoft Windows win32kfull MulStrokeAndFillPath Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull.sys...

7.8CVSS6.1AI score0.01441EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/29 12:0 a.m.•54 views

Microsoft Windows win32kfull MulTransparentBlt Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull.sys...

7.8CVSS6.1AI score0.01441EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/23 12:0 a.m.•54 views

Autodesk FBX Review FBX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk FBX Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5AI score0.01778EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/23 12:0 a.m.•54 views

Autodesk FBX Review FBX File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autodesk FBX Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.3AI score0.01778EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/23 12:0 a.m.•54 views

Autodesk FBX Review FBX File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk FBX Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5.4AI score0.02281EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/15 12:0 a.m.•54 views

Parallels Desktop Toolgate Directory Traversal Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgat...

8.2CVSS3.3AI score0.00542EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/26 12:0 a.m.•54 views

NETGEAR ProSAFE Network Management System ConfigFileController realName Directory Traversal Information Disclosure and Denial-of-Service Vulnerability

This vulnerability allows remote attackers to disclose sensitive information and delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed...

8.3CVSS2.6AI score0.73318EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/26 12:0 a.m.•54 views

NETGEAR ProSAFE Network Management System MFileUploadController Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MFileUploadController class. The issue results from the la...

9.8CVSS2.8AI score0.08167EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/18 12:0 a.m.•54 views

Adobe Acrobat Reader DC URI Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

3.3CVSS2.2AI score0.01808EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/09 12:0 a.m.•54 views

Micro Focus Operations Bridge Reporter userName Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Reporter. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the userName parameter provided to the...

9.8CVSS2.7AI score0.9674EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2020/11/10 12:0 a.m.•54 views

Cisco WebEx Network Recording Player ARF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco WebEx Network Recording Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

7.8CVSS5.7AI score0.02432EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/01 12:0 a.m.•54 views

Trend Micro Antivirus for Mac Symbolic Link Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Antivirus for Mac. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS4.7AI score0.00621EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/21 12:0 a.m.•54 views

Hewlett Packard Enterprise Universal API Framework uaf_token SQL Injection Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Hewlett Packard Enterprise Universal API Framework. Authentication is not required to exploit this vulnerability. The specific flaw exists within the connections resource. A crafted...

5.3CVSS1.7AI score0.00946EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•54 views

Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database...

7.8CVSS4AI score0.04266EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/05 12:0 a.m.•54 views

Apple macOS ImageIO EXR Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the ImageIO...

7.8CVSS6.3AI score0.01246EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•54 views

Oracle VirtualBox VBoxSVGA Type Confusion Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the SVGA...

7.5CVSS4AI score0.00567EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•54 views

(Pwn2Own) OPC Foundation UA .NET Standard CreateSessionRequest Race Condition Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of sessions. The issue results from the lack ...

5.3CVSS0.7AI score0.0258EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/04/17 12:0 a.m.•54 views

Microsoft Windows URL Moniker Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. Interaction with a particular library is required to exploit this vulnerability but specific attack vectors may vary. The specific flaw exists within the implementation o...

2.6CVSS4.4AI score0.0556EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/12/20 12:0 a.m.•54 views

QNAP QTS authLogin Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of QNAP QTS. Authentication is not required to exploit this vulnerability. The specific flaw exists within authLogin.cgi. When parsing the X-Forwarded-For header, the process does not properly validat...

10CVSS5.5AI score0.03284EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2017/10/11 12:0 a.m.•54 views

Microsoft Office Excel xls File Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

2.6CVSS1.3AI score0.0556EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/18 12:0 a.m.•54 views

(Pwn2Own) Apple Safari Spread Operator Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

6.8CVSS3.1AI score0.10478EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/18 12:0 a.m.•54 views

(Pwn2Own) Apple macOS WindowServer XSetWindowListBrightness Out-Of-Bounds Access Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the WindowServer...

4.4CVSS4.1AI score0.01169EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/21 12:0 a.m.•54 views

Microsoft Windows DrawIconEx Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the code in the...

6.9CVSS4.4AI score0.01858EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/09 12:0 a.m.•54 views

Trend Micro Deep Discovery Email Inspector screenshot Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Deep Discovery Email Inspector. Authentication is not required to exploit this vulnerability. The specific flaw exists within screenshot.php. The issue results from the lack of proper...

10CVSS7.1AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/01 12:0 a.m.•54 views

Trend Micro SafeSync for Enterprise mount_iscsi_device Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro SafeSync for Enterprise. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

9CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/02/16 12:0 a.m.•54 views

Adobe Acrobat Reader DC Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF...

6.8CVSS5.3AI score0.02861EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/12/13 12:0 a.m.•54 views

Apple Safari RenderObject Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS1.1AI score0.01834EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/02/18 12:0 a.m.•54 views

Joyent SmartOS dtrace Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose information on vulnerable installations of Joyent SmartOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the dtrace...

6.9CVSS5.9AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/02/05 12:0 a.m.•54 views

Advantech WebAccess webvrpcs Service ViewSrv.dll Path BwBuildPath Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x27B1 IOCTL in the ViewSrv subsystem. A stack-based buffer...

9.3CVSS4.6AI score0.16655EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2016/02/05 12:0 a.m.•54 views

Advantech WebAccess Dashboard Viewer saveGeneralFile Arbitrary File Creation Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WebAccess Dashboard Viewer. Insufficient validation within the SaveGeneralFile...

10CVSS6AI score0.77044EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2015/08/11 12:0 a.m.•54 views

(Pwn2Own) Microsoft Windows TrueType Fonts Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing...

10CVSS6.4AI score0.37429EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2015/05/12 12:0 a.m.•54 views

Microsoft Windows VBScript Regular Expression Information Disclosure Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how VBScript...

5CVSS6.5AI score0.16265EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/06/04 12:0 a.m.•54 views

Samsung iPOLiS Device Manager XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 FrameAdvanceReader Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung iPOLiS Device Manager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.5CVSS6.6AI score0.05595EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2014/04/10 12:0 a.m.•54 views

WellinTech KingScada AEserver.exe Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WellinTech KingScada. Authentication is not required to exploit this vulnerability. The specific flaw exists within the protocol parsing code contained in kxNetDispose.dll. The parent service is...

10CVSS7.3AI score0.1602EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2012/08/22 12:0 a.m.•54 views

Microsoft Internet Explorer MSADO CacheSize Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS1.9AI score0.54372EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/05/09 12:0 a.m.•54 views

Mozilla Firefox nsTreeRange Dangling Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Firefox...

9CVSS2.3AI score0.70005EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2011/04/01 12:0 a.m.•54 views

RealNetworks Helix Server x-wap-profile Format String Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Helix Server products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the rmserver.exe process. This process is active by default on all Helix Server...

10CVSS5AI score0.04145EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2010/10/12 12:0 a.m.•54 views

Sun Java Web Start BasicServiceImpl Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Sun Java Runtime. User interaction is required in that a target must visit a malicious page. The specific flaw exists within the com.sun.jnlp.BasicServiceImpl class. By abusing how Web Start...

10CVSS7.1AI score0.8425EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2007/04/17 12:0 a.m.•54 views

IBM Tivoli Monitoring Express Universal Agent Heap Overflow Vunlerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Monitoring Express. Authentication is not required to exploit this vulnerability. The specific flaws exist in the Tivoli Universal Agent Primary Service TCP 10110, Monitoring Agent for...

10CVSS5.3AI score0.07735EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/11/02 12:0 a.m.•53 views

(0Day) Microsoft Exchange ChainedSerializationBinder Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the ChainedSerializationBinder class. The issue results from the lack of proper validatio...

7.5CVSS7.7AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/08/29 12:0 a.m.•53 views

Apache ActiveMQ NMS Body Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apache ActiveMQ NMS. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the Body...

8.1CVSS7.3AI score
Exploits0References1
Total number of security vulnerabilities5000