Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2010/10/12 12:0 a.m.•50 views

Microsoft Internet Explorer EOT File hdmx Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion...

10CVSS6.9AI score0.23344EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2010/08/05 12:0 a.m.•50 views

Apple Webkit SVG ForeignObject Rendering Layout Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Webkit's...

10CVSS2.6AI score0.06084EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2010/01/21 12:0 a.m.•50 views

RealNetworks RealPlayer Skin Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute code on vulnerable installations of RealNetworks RealPlayer. User interaction is required in that a user must visit a malicious website or open a malicious file and accept a dialog to switch player skins. The specific flaw exists during parsin...

10CVSS5.8AI score0.0736EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2009/12/09 12:0 a.m.•50 views

Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable strcat Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe CGI executable accessible via the I...

10CVSS5AI score0.73694EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2009/06/10 12:0 a.m.•50 views

Adobe Reader U3D RHAdobeMeta Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat and Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious web address or open a malicious file. The specific flaw exists...

9.3CVSS5.9AI score0.12427EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2008/10/09 12:0 a.m.•50 views

Apple CUPS HP-GL/2 Filter Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple CUPS. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Hewlett-Packard Graphics Language filter. Inadequate bounds checking on the pen width and p...

10CVSS3.3AI score0.24132EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2008/03/12 12:0 a.m.•50 views

Java Web Start encoding Stack Buffer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Web Start. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the useEncodingDecl function used while...

9.3CVSS3.4AI score0.1248EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/06/18 12:0 a.m.•49 views

(0Day) Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3D...

7.8CVSS6.7AI score0.00413EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/19 12:0 a.m.•49 views

SolarWinds Access Rights Manager OpenClientUpdateFile Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the OpenClientUpdateFile method. The issue results from the lack of...

9.8CVSS7.3AI score0.02968EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/19 12:0 a.m.•49 views

Microsoft Exchange SharedTypeResolver Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the lack of protection against deserialization of the SharedTypeResolver class. The issue...

7.5CVSS7AI score0.81138EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2023/06/16 12:0 a.m.•49 views

(Pwn2Own) Microsoft SharePoint ValidateTokenIssuer Improper Verification of Cryptographic Signature Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Microsoft SharePoint. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ValidateTokenIssuer method. The issue results from the lack of proper verificati...

9.8CVSS6.8AI score0.99649EPSS
Exploits10References1
Zero Day Initiative
Zero Day Initiative
•added 2023/04/24 12:0 a.m.•49 views

(Pwn2Own) Oracle VirtualBox VGA MMIO Handling Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6CVSS5AI score0.00329EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/03/31 12:0 a.m.•49 views

Microsoft Windows IKEEXT Service Vendor ID Null Pointer Dereference Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Windows. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IKEEXT service, which listens on UDP ports 500 and 4500. A crafted...

5.3CVSS7.7AI score0.91597EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/02/24 12:0 a.m.•49 views

Microsoft Windows Untrusted Script Execution Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing o...

7.8CVSS8.7AI score0.00737EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/21 12:0 a.m.•49 views

GNU Gzip zgrep Argument Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GNU Gzip. Interaction with this script is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the handling of special...

7CVSS3.3AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/14 12:0 a.m.•49 views

Altair HyperView Player H3D File Parsing Uninitialized Memory Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Altair HyperView Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS5.7AI score0.00304EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/07/28 12:0 a.m.•49 views

EnterpriseDT CompleteFTP Server HttpFile Directory Traversal Arbitrary File Deletion Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on affected installations of EnterpriseDT CompleteFTP Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HttpFile class. The issue results from the lack of proper validation...

8.2CVSS1.1AI score0.77688EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/07/28 12:0 a.m.•49 views

Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.8CVSS5.8AI score0.00546EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/06/29 12:0 a.m.•49 views

Apple macOS PackageKit PKCoreShove Link Following System Integrity Protection Bypass Vulnerability

This vulnerability allows local attackers to bypass System Integrity Protection on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within PackageKi...

5.5CVSS5.1AI score0.00431EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/03/11 12:0 a.m.•49 views

Cisco Nexus Dashboard Fabric Controller AMF Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Nexus Dashboard Fabric Controller. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the AMF protocol. Crafted data in an AMF protoco...

7.3CVSS9.5AI score0.21274EPSS
Exploits4
Zero Day Initiative
Zero Day Initiative
•added 2022/02/22 12:0 a.m.•49 views

(Pwn2Own) Cisco RV340 JSON RPC file-copy Command Injection Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Cisco RV340 routers. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

7.8CVSS4.2AI score0.75322EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/11 12:0 a.m.•49 views

Foxit PDF Reader JPEG2000 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS4.7AI score0.027EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/02 12:0 a.m.•49 views

Sante DICOM Viewer Pro J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS5.2AI score0.02913EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•49 views

Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5AI score0.02087EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•49 views

Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5AI score0.01981EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•49 views

Bentley View JT File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT...

7.8CVSS4.5AI score0.01913EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/11/22 12:0 a.m.•49 views

Commvault CommCell AppStudioUploadHandler Arbitrary File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the AppStudioUploadHandle...

8.8CVSS9AI score0.04248EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/10/28 12:0 a.m.•49 views

NETGEAR R6260 setupwizard.cgi Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the setupwizard.cgi page. A crafted SOAP request can trigger an overflow...

8.8CVSS6.4AI score0.0152EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/10/21 12:0 a.m.•49 views

Microsoft SharePoint Workflow Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of custom workflows. The issue results from the lack of proper validation ...

8.8CVSS4.3AI score0.06131EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/10/14 12:0 a.m.•49 views

Microsoft Office Word Converter Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DO...

7.8CVSS4.7AI score0.05692EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/22 12:0 a.m.•49 views

Oracle Business Intelligence SAXParser XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Oracle Business Intelligence. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SAXParser endpoint, which listens on TCP port 9502 by default...

7.5CVSS2.5AI score0.83298EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•49 views

Siemens JT2Go TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF...

7.8CVSS4.2AI score0.01574EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/13 12:0 a.m.•49 views

Apple macOS ModelIO USD Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ModelIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

3.3CVSS4AI score0.00975EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/28 12:0 a.m.•49 views

(Pwn2Own) Oracle VirtualBox SLiRP Networking Heap-based Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the parsing...

7.5CVSS4.7AI score0.00849EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/30 12:0 a.m.•49 views

Apple macOS AudioToolboxCore MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.7AI score0.00817EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/30 12:0 a.m.•49 views

Apple macOS AudioCodecs MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AudioCodecs module...

7.8CVSS5.5AI score0.02147EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/04 12:0 a.m.•49 views

Apple macOS ImageIO PICT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the ImageIO...

7.8CVSS5.2AI score0.01082EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/12/04 12:0 a.m.•49 views

Arcserve D2D getNews XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CA Arcserve D2D. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getNews method. Due to the improper restriction of XML External Entity XXE...

7.5CVSS2.6AI score0.73828EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/14 12:0 a.m.•49 views

Trend Micro Antivirus for Mac Improper Access Control Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Trend Micro Antivirus for Mac. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

4.4CVSS3.2AI score0.00442EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•49 views

Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database...

7.8CVSS4AI score0.53399EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•49 views

Microsoft Excel XLS File SST Record Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XLS...

7.8CVSS4.2AI score0.03665EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•49 views

SAP 3D Visual Enterprise Viewer CGM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7CVSS4.9AI score0.01623EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/21 12:0 a.m.•49 views

Trend Micro Deep Security Manager Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Trend Micro Deep Security Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Deep Security Manager console. The issue results from the lack of...

8.1CVSS1.3AI score0.02757EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/01 12:0 a.m.•49 views

(0Day) Delta Industrial Automation DOPSoft DPA File Parsing EnRcpNoName Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Delta Industrial Automation DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exis...

3.3CVSS3.3AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/05/27 12:0 a.m.•49 views

Apple macOS AudioToolboxCore CAF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the AudioToolbox library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

7.8CVSS5.6AI score0.01374EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/12 12:0 a.m.•49 views

Microsoft SharePoint Shared Forms Incomplete Blacklist Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of shared forms. It is possible to invoke a shared form in a way that allo...

8.8CVSS3.8AI score0.15134EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/03/12 12:0 a.m.•49 views

Microsoft Windows DHCP Client Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DHCP Client service. A crafted DHCP packet can trigger an integer...

5CVSS4.1AI score0.54036EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/08/30 12:0 a.m.•49 views

Adobe Acrobat Pro DC Catalog Index Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

6.8CVSS4.9AI score0.06745EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/08/14 12:0 a.m.•49 views

Microsoft Windows VBScript Array Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows VBScript. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS2.7AI score0.61912EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2018/01/02 12:0 a.m.•49 views

Quest NetVault Backup Server Process Manager Service NVBUJobDefinitions Get Method SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUJobDefinitions Get method requests. The issue results from t...

7.5CVSS1AI score0.03933EPSS
Exploits0
Total number of security vulnerabilities5000