Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2017/05/10 12:0 a.m.•50 views

Microsoft Internet Explorer Enhanced Protected Mode Sandbox Escape Vulnerability

This vulnerability allows remote attackers to escape the Enhanced Protected Mode EPM sandbox on vulnerable installations of Microsoft Internet Explorer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specif...

4.4CVSS4.4AI score0.09816EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/10 12:0 a.m.•50 views

(Pwn2Own) Microsoft Chakra Array unshift Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS2.8AI score0.18074EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/03 12:0 a.m.•50 views

Hewlett Packard Enterprise Intelligent Management Center imcwlandm UserName Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HPE iMC Server service, which listens on...

10CVSS4.8AI score0.22622EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/11 12:0 a.m.•50 views

Hewlett Packard Enterprise Intelligent Management Center FileDownloadServlet fileName Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The...

6.8CVSS1.7AI score0.03471EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/09 12:0 a.m.•50 views

Foxit Reader ePub Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ePub...

6.8CVSS7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/10 12:0 a.m.•50 views

Adobe Reader DC XSLT decimal-format Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within XSLT's...

6.8CVSS3.5AI score0.2042EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/10 12:0 a.m.•50 views

Adobe Reader DC XSLT variable Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within XSLT's...

6.8CVSS4.1AI score0.2042EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/10 12:0 a.m.•50 views

Adobe Acrobat Pro DC ImageConversion TIFF Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.8CVSS5.9AI score0.10554EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/11/04 12:0 a.m.•50 views

Apple Safari JavaScriptCore Array Out-Of-Bounds Access Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Arr...

6.8CVSS2.2AI score0.01807EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/09/27 12:0 a.m.•50 views

Apple Safari HTMLVideoElement Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS2.4AI score0.02065EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/10 12:0 a.m.•50 views

Adobe Reader DC XFA FormCalc replace Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS3.9AI score0.06567EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/10 12:0 a.m.•50 views

(Pwn2Own) Microsoft Windows win32kfull.sys Surface Object Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how...

6.6CVSS3.2AI score0.03663EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2016/02/05 12:0 a.m.•50 views

Advantech WebAccess webvrpcs Service BwpAlarm.dll sprintf Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x11369 IOCTL in the BwpAlarm subsystem. A stack-based buffe...

9.3CVSS4.3AI score0.16655EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2015/08/10 12:0 a.m.•50 views

Microsoft Internet Explorer add-on Installer Sandbox Escape Vulnerability

This vulnerability allows remote attackers to escape Enhanced Protected Mode on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

6.9CVSS6.4AI score0.13736EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2015/06/11 12:0 a.m.•50 views

(Pwn2Own) Microsoft Internet Explorer DataView Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within jscript9.dll...

6.8CVSS6.3AI score0.23758EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/12/09 12:0 a.m.•50 views

Microsoft Internet Explorer RtfToForeign32 Out-Of-Bounds Indexing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS6.4AI score0.1253EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2014/07/18 12:0 a.m.•50 views

Advantech WebAccess Password Disclosure Vulnerability

This vulnerability allows remote attackers to disclose arbitrary credentials on vulnerable versions of Advantech WebAccess. Authentication is required to exploit this vulnerability. The specific flaw exists within the upAdminPg.asp component. An authenticated user can provide an arbitrary existin...

9CVSS6.3AI score0.01311EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/07/18 12:0 a.m.•50 views

Apache HTTP Server mod_proxy Denial Of Service Vulnerability

This vulnerability allows remote attackers to cause a denial of service condition on vulnerable installations of Apache HTTP Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the modproxy module. The issue lies in the processing of HTTP headers...

7.8CVSS6.7AI score0.35543EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2014/01/10 12:0 a.m.•50 views

Hewlett-Packard Data Protector Cell Manager crs.exe Multiple Opcodes Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within crs.exe which listens by default on a random TCP port. When parsing opcodes 214, 215...

7.5CVSS4.9AI score0.10436EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2013/11/24 12:0 a.m.•50 views

ABB RobotStudio Tools CWGraph3D ActiveX Control Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ABB RobotStudio Tools. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS7.2AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/07/26 12:0 a.m.•50 views

Microsoft Windows Media Player WMV Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Windows Media Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

5.1CVSS5.5AI score0.2191EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2013/06/27 12:0 a.m.•50 views

Oracle Java ByteComponentRaster Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

10CVSS4.4AI score0.07437EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2013/02/01 12:0 a.m.•50 views

Mozilla Firefox XMLSerializer Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XML...

7.5CVSS4.7AI score0.51324EPSS
Exploits8References1
Zero Day Initiative
Zero Day Initiative
•added 2012/12/21 12:0 a.m.•50 views

Microsoft Internet Explorer execCommand Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS3AI score0.81716EPSS
Exploits8References1
Zero Day Initiative
Zero Day Initiative
•added 2012/08/29 12:0 a.m.•50 views

GE Proficy Historian KeyHelp ActiveX LaunchTriPane Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE Proficy Historian. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS4.3AI score0.39711EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2012/04/09 12:0 a.m.•50 views

Webkit.org Webkit copyNonAttributeProperties Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the WebCore component as used by...

7.5CVSS3.9AI score0.01668EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2012/01/10 12:0 a.m.•50 views

Citrix Provisioning Services streamprocess.exe vDisk Name Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Citrix Provisioning Services. Authentication is not required to exploit this vulnerability. The specific flaw exists within the streamprocess.exe component which listens for UDP traffic on multiple...

10CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/11/28 12:0 a.m.•50 views

RealNetwork RealPlayer MPG Width Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Realplayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way RealPlayer...

7.5CVSS4.2AI score0.02889EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/10/13 12:0 a.m.•50 views

Adobe Reader Compound Glyphs Array Indexing Error Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Adobe Reade...

7.5CVSS2.2AI score0.07964EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2011/06/21 12:0 a.m.•50 views

Mozilla Firefox SVGPointList.appendItem Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code...

7.5CVSS5.5AI score0.05772EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/10/12 12:0 a.m.•50 views

Microsoft Internet Explorer EOT File hdmx Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion...

10CVSS6.9AI score0.23344EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2010/08/05 12:0 a.m.•50 views

Apple Webkit SVG ForeignObject Rendering Layout Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Webkit's...

10CVSS2.6AI score0.06084EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2010/06/08 12:0 a.m.•50 views

Microsoft Office Excel SxView Record Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must open a malicious document. The specific flaw exists in the parsing of SXVIEW records in an...

10CVSS5.3AI score0.24265EPSS
Exploits2
Zero Day Initiative
Zero Day Initiative
•added 2010/01/21 12:0 a.m.•50 views

RealNetworks RealPlayer Skin Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute code on vulnerable installations of RealNetworks RealPlayer. User interaction is required in that a user must visit a malicious website or open a malicious file and accept a dialog to switch player skins. The specific flaw exists during parsin...

10CVSS5.8AI score0.0736EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2009/12/09 12:0 a.m.•50 views

Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable strcat Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe CGI executable accessible via the I...

10CVSS5AI score0.73694EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2009/06/10 12:0 a.m.•50 views

Adobe Reader U3D RHAdobeMeta Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat and Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious web address or open a malicious file. The specific flaw exists...

9.3CVSS5.9AI score0.12427EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2008/10/09 12:0 a.m.•50 views

Apple CUPS HP-GL/2 Filter Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple CUPS. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Hewlett-Packard Graphics Language filter. Inadequate bounds checking on the pen width and p...

10CVSS3.3AI score0.24132EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2008/03/12 12:0 a.m.•50 views

Java Web Start encoding Stack Buffer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Web Start. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the useEncodingDecl function used while...

9.3CVSS3.4AI score0.1248EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/06/18 12:0 a.m.•49 views

(0Day) Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3D...

7.8CVSS6.7AI score0.00413EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/01/10 12:0 a.m.•49 views

Microsoft Office Word FBX File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

7.8CVSS6.8AI score0.0326EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/19 12:0 a.m.•49 views

SolarWinds Access Rights Manager OpenClientUpdateFile Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the OpenClientUpdateFile method. The issue results from the lack of...

9.8CVSS7.3AI score0.02968EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/19 12:0 a.m.•49 views

Microsoft Exchange SharedTypeResolver Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the lack of protection against deserialization of the SharedTypeResolver class. The issue...

7.5CVSS7AI score0.81138EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2023/04/24 12:0 a.m.•49 views

(Pwn2Own) Oracle VirtualBox VGA MMIO Handling Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6CVSS5AI score0.00329EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/03/31 12:0 a.m.•49 views

Microsoft Windows IKEEXT Service Vendor ID Null Pointer Dereference Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Windows. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IKEEXT service, which listens on UDP ports 500 and 4500. A crafted...

5.3CVSS7.7AI score0.91597EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/21 12:0 a.m.•49 views

GNU Gzip zgrep Argument Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GNU Gzip. Interaction with this script is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the handling of special...

7CVSS3.3AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/14 12:0 a.m.•49 views

Altair HyperView Player H3D File Parsing Uninitialized Memory Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Altair HyperView Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS5.7AI score0.00304EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/07/28 12:0 a.m.•49 views

EnterpriseDT CompleteFTP Server HttpFile Directory Traversal Arbitrary File Deletion Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on affected installations of EnterpriseDT CompleteFTP Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HttpFile class. The issue results from the lack of proper validation...

8.2CVSS1.1AI score0.77688EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/07/28 12:0 a.m.•49 views

Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.8CVSS5.8AI score0.00546EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/03/11 12:0 a.m.•49 views

Cisco Nexus Dashboard Fabric Controller AMF Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Nexus Dashboard Fabric Controller. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the AMF protocol. Crafted data in an AMF protoco...

7.3CVSS9.5AI score0.21274EPSS
Exploits4
Zero Day Initiative
Zero Day Initiative
•added 2022/02/22 12:0 a.m.•49 views

(Pwn2Own) Cisco RV340 JSON RPC file-copy Command Injection Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Cisco RV340 routers. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

7.8CVSS4.2AI score0.75322EPSS
Exploits3References1
Total number of security vulnerabilities5000