Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2021/04/22 12:0 a.m.•54 views

Oracle VirtualBox NAT Integer Underflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

7.5CVSS5.2AI score0.00791EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/15 12:0 a.m.•54 views

Parallels Desktop Toolgate Directory Traversal Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgat...

8.2CVSS3.3AI score0.00542EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/26 12:0 a.m.•54 views

NETGEAR ProSAFE Network Management System ConfigFileController realName Directory Traversal Information Disclosure and Denial-of-Service Vulnerability

This vulnerability allows remote attackers to disclose sensitive information and delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed...

8.3CVSS2.6AI score0.73318EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/26 12:0 a.m.•54 views

NETGEAR ProSAFE Network Management System MFileUploadController Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MFileUploadController class. The issue results from the la...

9.8CVSS2.8AI score0.08167EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/09 12:0 a.m.•54 views

Micro Focus Operations Bridge Reporter userName Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Reporter. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the userName parameter provided to the...

9.8CVSS2.7AI score0.9674EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/01 12:0 a.m.•54 views

Trend Micro Antivirus for Mac Symbolic Link Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Antivirus for Mac. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS4.7AI score0.00621EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/21 12:0 a.m.•54 views

Hewlett Packard Enterprise Universal API Framework uaf_token SQL Injection Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Hewlett Packard Enterprise Universal API Framework. Authentication is not required to exploit this vulnerability. The specific flaw exists within the connections resource. A crafted...

5.3CVSS1.7AI score0.00946EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/05 12:0 a.m.•54 views

Apple macOS ImageIO EXR Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the ImageIO...

7.8CVSS6.3AI score0.01246EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/16 12:0 a.m.•54 views

Microsoft Windows PFB Font File Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the parsing of...

7.8CVSS5AI score0.21367EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/04/17 12:0 a.m.•54 views

Microsoft Windows URL Moniker Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. Interaction with a particular library is required to exploit this vulnerability but specific attack vectors may vary. The specific flaw exists within the implementation o...

2.6CVSS4.4AI score0.0556EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/12/20 12:0 a.m.•54 views

QNAP QTS authLogin Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of QNAP QTS. Authentication is not required to exploit this vulnerability. The specific flaw exists within authLogin.cgi. When parsing the X-Forwarded-For header, the process does not properly validat...

10CVSS5.5AI score0.03284EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/08 12:0 a.m.•54 views

Microsoft Windows Jet Engine Library Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Microsoft...

5.1CVSS3.8AI score0.23659EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/18 12:0 a.m.•54 views

(Pwn2Own) Apple Safari Spread Operator Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

6.8CVSS3.1AI score0.10478EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/09 12:0 a.m.•54 views

Trend Micro Deep Discovery Email Inspector screenshot Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Deep Discovery Email Inspector. Authentication is not required to exploit this vulnerability. The specific flaw exists within screenshot.php. The issue results from the lack of proper...

10CVSS7.1AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/01 12:0 a.m.•54 views

Trend Micro SafeSync for Enterprise mount_iscsi_device Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro SafeSync for Enterprise. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

9CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/02/16 12:0 a.m.•54 views

Adobe Acrobat Reader DC Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF...

6.8CVSS5.3AI score0.02861EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/12/13 12:0 a.m.•54 views

Apple Safari RenderObject Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS1.1AI score0.01834EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/11/08 12:0 a.m.•54 views

Microsoft Windows NtUserMagSetContextInformation Kernel State Corruption Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

6.9CVSS4.8AI score0.03019EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/02/18 12:0 a.m.•54 views

Joyent SmartOS dtrace Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose information on vulnerable installations of Joyent SmartOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the dtrace...

6.9CVSS5.9AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/02/05 12:0 a.m.•54 views

Advantech WebAccess webvrpcs Service ViewSrv.dll Path BwBuildPath Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x27B1 IOCTL in the ViewSrv subsystem. A stack-based buffer...

9.3CVSS4.6AI score0.16655EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2016/02/05 12:0 a.m.•54 views

Advantech WebAccess Dashboard Viewer saveGeneralFile Arbitrary File Creation Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WebAccess Dashboard Viewer. Insufficient validation within the SaveGeneralFile...

10CVSS6AI score0.77044EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2015/05/06 12:0 a.m.•54 views

ManageEngine Applications Manager MaintenanceTaskAPIUtil resourceid SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ManageEngine Applications Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MaintenanceTaskAPIUtil class. The issue lies in the failure to...

10CVSS7.9AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2014/06/04 12:0 a.m.•54 views

Samsung iPOLiS Device Manager XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 FrameAdvanceReader Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung iPOLiS Device Manager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.5CVSS6.6AI score0.05595EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2014/04/10 12:0 a.m.•54 views

WellinTech KingScada AEserver.exe Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WellinTech KingScada. Authentication is not required to exploit this vulnerability. The specific flaw exists within the protocol parsing code contained in kxNetDispose.dll. The parent service is...

10CVSS7.3AI score0.1602EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2014/02/13 12:0 a.m.•54 views

Microsoft Direct2D Graphics Component Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5.1CVSS6.4AI score0.18885EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2011/06/08 12:0 a.m.•54 views

Oracle Java ICC Profile Sequence Description 'pseq' Tag Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the way Java handles color profiles. When...

9CVSS4.5AI score0.06277EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/05/09 12:0 a.m.•54 views

Mozilla Firefox nsTreeRange Dangling Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Firefox...

9CVSS2.3AI score0.70005EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2011/04/01 12:0 a.m.•54 views

RealNetworks Helix Server x-wap-profile Format String Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Helix Server products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the rmserver.exe process. This process is active by default on all Helix Server...

10CVSS5AI score0.04145EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2010/10/12 12:0 a.m.•54 views

Sun Java Web Start BasicServiceImpl Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Sun Java Runtime. User interaction is required in that a target must visit a malicious page. The specific flaw exists within the com.sun.jnlp.BasicServiceImpl class. By abusing how Web Start...

10CVSS7.1AI score0.8425EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2007/04/17 12:0 a.m.•54 views

IBM Tivoli Monitoring Express Universal Agent Heap Overflow Vunlerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Monitoring Express. Authentication is not required to exploit this vulnerability. The specific flaws exist in the Tivoli Universal Agent Primary Service TCP 10110, Monitoring Agent for...

10CVSS5.3AI score0.07735EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/11/02 12:0 a.m.•53 views

(0Day) Microsoft Exchange ChainedSerializationBinder Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the ChainedSerializationBinder class. The issue results from the lack of proper validatio...

7.5CVSS7.7AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/08/29 12:0 a.m.•53 views

Apache ActiveMQ NMS Body Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apache ActiveMQ NMS. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the Body...

8.1CVSS7.3AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/06/16 12:0 a.m.•53 views

(Pwn2Own) Microsoft SharePoint GenerateProxyAssembly Code Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the GenerateProxyAssemb...

8.8CVSS7.4AI score0.85395EPSS
Exploits7References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/17 12:0 a.m.•53 views

Linux Kernel ksmbd Tree Connection Race Condition Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability, but only systems with ksmbd enabled are vulnerable. The specific flaw exists within the processing of SMB2TREEDISCONNECT...

9.8CVSS7.4AI score0.02937EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/04/05 12:0 a.m.•53 views

Autodesk Navisworks Freedom DWFX File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks Freedom. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.5AI score0.0062EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/02 12:0 a.m.•53 views

Sante DICOM Viewer Pro JP2 File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS4.7AI score0.01848EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•53 views

Bentley View DGN File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN...

7.8CVSS6AI score0.01981EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/09/16 12:0 a.m.•53 views

Microsoft PowerPoint PPT File Parsing Double Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft PowerPoint. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

7.8CVSS5.4AI score0.04878EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/09/16 12:0 a.m.•53 views

Microsoft Office Visio EMF File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS4.9AI score0.04856EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/09/16 12:0 a.m.•53 views

Adobe Acrobat Pro DC DocMedia Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processin...

7.8CVSS4AI score0.1134EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/28 12:0 a.m.•53 views

Adobe Prelude MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Prelude. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

3.3CVSS4AI score0.01475EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/22 12:0 a.m.•53 views

Oracle Business Intelligence SchedulerConfigPage11g JNDI Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle Business Intelligence. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of the SchedulerConfigPage11g class. The issue results from the...

8.8CVSS3.2AI score0.34677EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•53 views

Siemens JT2Go GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GIF...

7.8CVSS4.3AI score0.01856EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•53 views

Siemens JT2Go TIF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF...

7.8CVSS5.5AI score0.01793EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•53 views

Siemens JT2Go JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT...

7.8CVSS4.1AI score0.01574EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/13 12:0 a.m.•53 views

Apple macOS vImage PICT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the vImage library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the vImage...

7.8CVSS5.4AI score0.01142EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/15 12:0 a.m.•53 views

OpenText Brava! Desktop TIF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.7AI score0.01811EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/05/13 12:0 a.m.•53 views

Microsoft Windows win32kfull Palette Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

8.8CVSS4.7AI score0.0101EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/26 12:0 a.m.•53 views

Foxit Studio Photo JPM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS4.3AI score0.02761EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/22 12:0 a.m.•53 views

Oracle VirtualBox VGA Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the VGA...

5.5CVSS3.7AI score0.00763EPSS
Exploits0References1
Total number of security vulnerabilities5000