Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2016/12/13 12:0 a.m.•51 views

Adobe Flash Player RegExp MARK Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS3.4AI score0.10701EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/11/04 12:0 a.m.•51 views

Apple Safari JavaScriptCore Array Out-Of-Bounds Access Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Arr...

6.8CVSS2.2AI score0.01807EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/10/11 12:0 a.m.•51 views

Microsoft Edge JavaScript eval Function Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Edge and Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

6.8CVSS2.7AI score0.17027EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/07/21 12:0 a.m.•51 views

Oracle WebLogic PartItem Arbitrary File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle WebLogic. Authentication is not required to exploit this vulnerability. The PartItem class in WebLogic FileUpload allows remote attackers to write to arbitrary files via a NULL byte in a fil...

7.5CVSS6.8AI score0.08857EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/19 12:0 a.m.•51 views

(Pwn2Own) Apple Safari TextTrack Object Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Safari...

6.8CVSS3.1AI score0.02591EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/04/08 12:0 a.m.•51 views

(Pwn2Own) Adobe Flash AS2 LoadVars decode Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS4.7AI score0.06102EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/02/05 12:0 a.m.•51 views

Advantech WebAccess Dashboard Viewer ImageUploadHandler Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WebAccess Dashboard Viewer. Insufficient validation within the uploadImageComm...

10CVSS5.7AI score0.77044EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2016/02/05 12:0 a.m.•51 views

Advantech WebAccess webvrpcs Service BwpAlarm.dll sprintf Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x11369 IOCTL in the BwpAlarm subsystem. A stack-based buffe...

9.3CVSS4.3AI score0.16655EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2015/05/15 12:0 a.m.•51 views

Apple Safari file:// Redirection Sandbox Escape Vulnerabliity

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.5CVSS8.6AI score0.10946EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2015/05/12 12:0 a.m.•51 views

Adobe Acrobat Reader Matrix2D transform Javascript API Restrictions Bypass Vulnerability

This vulnerability allows remote attackers to bypass API restrictions on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Matrix2D...

6.8CVSS6.4AI score0.09917EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/10/14 12:0 a.m.•51 views

Hewlett-Packard Sprinter TTF16.ocx CopyRange/CopyRangeEx Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Sprinter. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability is found in Tidestone Formula One...

6.8CVSS6.8AI score0.06936EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/07/18 12:0 a.m.•51 views

Apache HTTP Server mod_proxy Denial Of Service Vulnerability

This vulnerability allows remote attackers to cause a denial of service condition on vulnerable installations of Apache HTTP Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the modproxy module. The issue lies in the processing of HTTP headers...

7.8CVSS6.7AI score0.35543EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2013/06/27 12:0 a.m.•51 views

Oracle Java IntegerComponentRaster Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

10CVSS4.4AI score0.14749EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2013/06/27 12:0 a.m.•51 views

Oracle Java AWT Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific vulnerability is an array indexing flaw...

10CVSS4.9AI score0.22988EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2012/04/09 12:0 a.m.•51 views

Webkit.org Webkit copyNonAttributeProperties Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the WebCore component as used by...

7.5CVSS3.9AI score0.01668EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2012/01/10 12:0 a.m.•51 views

Citrix Provisioning Services streamprocess.exe vDisk Name Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Citrix Provisioning Services. Authentication is not required to exploit this vulnerability. The specific flaw exists within the streamprocess.exe component which listens for UDP traffic on multiple...

10CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/10/13 12:0 a.m.•51 views

Adobe Reader Compound Glyphs Array Indexing Error Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Adobe Reade...

7.5CVSS2.2AI score0.07964EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2011/08/08 12:0 a.m.•51 views

Apple QuickTime PICT Image PnSize Opcode Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktim...

7.5CVSS3.3AI score0.60106EPSS
Exploits14References1
Zero Day Initiative
Zero Day Initiative
•added 2010/10/29 12:0 a.m.•51 views

Adobe Shockwave Player Lnam Chunk String Processing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

9CVSS6.9AI score0.08871EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2010/08/11 12:0 a.m.•51 views

Apple WebKit RTL LineBox Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists due to the method by whi...

10CVSS6.7AI score0.10936EPSS
Exploits1References2
Zero Day Initiative
Zero Day Initiative
•added 2009/10/13 12:0 a.m.•51 views

Microsoft Windows Media Player Audio Voice Sample Rate Memory Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows Media Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page. The specific flaw exists in the handling of Windows...

9.3CVSS3.2AI score0.27086EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2024/03/01 12:0 a.m.•50 views

Linux Kernel ksmbd Session Key Exchange Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability, but only systems with ksmbd enabled are vulnerable. The specific flaw exists within the processing of session keys. The iss...

9CVSS7.4AI score0.36685EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2024/01/15 12:0 a.m.•50 views

Paessler PRTG Network Monitor Cross-Site Scripting Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Paessler PRTG Network Monitor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the w...

8.8CVSS7.2AI score0.01748EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/06/07 12:0 a.m.•50 views

(0Day) ZTE MF286R goahead Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ZTE MF286R routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of a request parameter provided to the SETDEVICELED endpoint. The...

6.8CVSS7.3AI score0.01576EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/10 12:0 a.m.•50 views

Microsoft SharePoint AdRotator Improper Input Validation NTLM Relay Vulnerability

This vulnerability allows remote attackers to relay NTLM credentials on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the AdRotator WebControl. The issue results from the lack of prop...

8CVSS6.6AI score0.67452EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/01/18 12:0 a.m.•50 views

Adobe Acrobat Reader DC Font Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS7.7AI score0.04655EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/11/03 12:0 a.m.•50 views

D-Link DIR-1935 ConfigFileUpload Format String Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handli...

6.8CVSS2.8AI score0.00813EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/09/19 12:0 a.m.•50 views

Microsoft PowerPoint PPTX File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft PowerPoint. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

7.8CVSS5.5AI score0.01198EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/18 12:0 a.m.•50 views

PDF-XChange Editor Collab Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS2.1AI score0.0077EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/05 12:0 a.m.•50 views

Foxit PDF Reader AFSpecial_KeystrokeEx Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS0.9AI score0.00865EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/06/01 12:0 a.m.•50 views

Microsoft Excel XLS File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XLS...

7.8CVSS4.4AI score0.02583EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/05/27 12:0 a.m.•50 views

(Pwn2Own) Mozilla Firefox Improper Input Validation Sandbox Escape Vulnerability

This vulnerability allows local attackers to escape the sandbox on affected installations of Mozilla Firefox. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the NotificationsDB...

7.8CVSS3.9AI score0.17103EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/03/23 12:0 a.m.•50 views

(Pwn2Own) NETGEAR R6700v3 readycloud_control.cgi Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within readycloudcontrol.cgi. The issue results from the lack of authenticatio...

8.8CVSS8.9AI score0.01288EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/03/18 12:0 a.m.•50 views

(Pwn2Own) Canon imageCLASS MF644Cdw SLP Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the SLP protocol. The issue results from the la...

8.8CVSS5.7AI score0.02649EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/28 12:0 a.m.•50 views

Adobe Character Animator PNG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Character Animator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

3.3CVSS2.7AI score0.01528EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/28 12:0 a.m.•50 views

Adobe After Effects PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe After Effects. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.7AI score0.01768EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/28 12:0 a.m.•50 views

Adobe Photoshop MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

3.3CVSS3.7AI score0.01752EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/22 12:0 a.m.•50 views

Oracle Business Intelligence BIRemotingServlet Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle Business Intelligence. Authentication is not required to exploit this vulnerability. The specific flaw exists within BIRemotingServlet. The issue results from the lack of proper validation of...

9.8CVSS3.9AI score0.81366EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•50 views

Siemens JT2Go PAR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PAR...

7.8CVSS5.6AI score0.02132EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•50 views

Siemens JT2Go GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GIF...

7.8CVSS4.3AI score0.01574EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/05 12:0 a.m.•50 views

(Pwn2Own) Microsoft Teams ElectronJS Frame Redirect Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Teams Desktop. An attacker must first obtain the ability to execute arbitrary JavaScript within an iframe within the application window in order to exploit this vulnerability. The specific...

7.2CVSS4.7AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/04/29 12:0 a.m.•50 views

Microsoft Windows win32kfull MulAlphaBlend Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull.sys...

7.8CVSS5.9AI score0.01441EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/26 12:0 a.m.•50 views

Foxit Studio Photo PSP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS4.4AI score0.02761EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/21 12:0 a.m.•50 views

Parallels Desktop OTG Heap-based Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Open Too...

8.8CVSS4.9AI score0.00436EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/12 12:0 a.m.•50 views

Trend Micro Apex One Incorrect Permission Assignment Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the ApexOne...

7.8CVSS4.9AI score0.00508EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/17 12:0 a.m.•50 views

Microsoft Office Graph Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Graph COM...

7.8CVSS3.9AI score0.03122EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/11 12:0 a.m.•50 views

Siemens Solid Edge Viewer SEECTCXML File Parsing XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

5.5CVSS2.5AI score0.00888EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/22 12:0 a.m.•50 views

Delta Industrial Automation ISPSoft ISP File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation ISPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS4.9AI score0.01252EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/18 12:0 a.m.•50 views

NETGEAR R7450 Password Recovery External Control of Critical State Data Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7450 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the minihttpd service, which listens on TCP port 80 by default. The issue...

8.8CVSS3.3AI score0.00898EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/28 12:0 a.m.•50 views

Micro Focus Operations Bridge Manager CITService Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS3.4AI score0.7699EPSS
Exploits6References1
Total number of security vulnerabilities5000