Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2022/07/28 12:0 a.m.•49 views

Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.8CVSS5.8AI score0.00546EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/03/11 12:0 a.m.•49 views

Cisco Nexus Dashboard Fabric Controller AMF Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Nexus Dashboard Fabric Controller. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the AMF protocol. Crafted data in an AMF protoco...

7.3CVSS9.5AI score0.21274EPSS
Exploits4
Zero Day Initiative
Zero Day Initiative
•added 2022/02/22 12:0 a.m.•49 views

(Pwn2Own) Cisco RV340 JSON RPC file-copy Command Injection Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Cisco RV340 routers. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

7.8CVSS4.2AI score0.75322EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/02 12:0 a.m.•49 views

Sante DICOM Viewer Pro J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS5.2AI score0.02913EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•49 views

Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5AI score0.02087EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•49 views

Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5AI score0.01981EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•49 views

Bentley View JT File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT...

7.8CVSS4.5AI score0.01913EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/11/22 12:0 a.m.•49 views

Commvault CommCell AppStudioUploadHandler Arbitrary File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the AppStudioUploadHandle...

8.8CVSS9AI score0.04248EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/10/28 12:0 a.m.•49 views

NETGEAR R6260 setupwizard.cgi Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the setupwizard.cgi page. A crafted SOAP request can trigger an overflow...

8.8CVSS6.4AI score0.0152EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/10/21 12:0 a.m.•49 views

Microsoft SharePoint Workflow Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of custom workflows. The issue results from the lack of proper validation ...

8.8CVSS4.3AI score0.06131EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/10/21 12:0 a.m.•49 views

Microsoft SharePoint SetVariableActivity Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the Microsoft.SharePoint.WorkflowActions.SetVariableActivity class. A crafted...

8.8CVSS4.6AI score0.46339EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/10/14 12:0 a.m.•49 views

Microsoft Office Word Converter Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DO...

7.8CVSS4.7AI score0.05692EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/22 12:0 a.m.•49 views

Oracle Business Intelligence SAXParser XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Oracle Business Intelligence. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SAXParser endpoint, which listens on TCP port 9502 by default...

7.5CVSS2.5AI score0.83298EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•49 views

Siemens JT2Go TIF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF...

7.8CVSS5.5AI score0.0184EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•49 views

Siemens JT2Go TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF...

7.8CVSS4.2AI score0.01574EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/13 12:0 a.m.•49 views

Apple macOS ModelIO USD Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ModelIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

3.3CVSS4AI score0.00975EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/10 12:0 a.m.•49 views

Adobe Animate BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Animate. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP...

7.8CVSS4.5AI score0.0292EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/05/13 12:0 a.m.•49 views

Microsoft Windows Groove Music FLAC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

6.6CVSS5.7AI score0.03663EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/28 12:0 a.m.•49 views

(Pwn2Own) Oracle VirtualBox SLiRP Networking Heap-based Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the parsing...

7.5CVSS4.7AI score0.00849EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/30 12:0 a.m.•49 views

Apple macOS AudioToolboxCore MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.7AI score0.00817EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/30 12:0 a.m.•49 views

Apple macOS AudioCodecs MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AudioCodecs module...

7.8CVSS5.5AI score0.02147EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/24 12:0 a.m.•49 views

Siemens JT2Go HPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

3.3CVSS2.1AI score0.02548EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/24 12:0 a.m.•49 views

Siemens JT2Go DXF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF...

7.8CVSS5.2AI score0.02286EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/04 12:0 a.m.•49 views

Apple macOS ImageIO PICT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the ImageIO...

7.8CVSS5.2AI score0.01082EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/12/04 12:0 a.m.•49 views

Arcserve D2D getNews XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CA Arcserve D2D. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getNews method. Due to the improper restriction of XML External Entity XXE...

7.5CVSS2.6AI score0.73828EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/14 12:0 a.m.•49 views

Trend Micro Antivirus for Mac Improper Access Control Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Trend Micro Antivirus for Mac. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

4.4CVSS3.2AI score0.00442EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•49 views

Microsoft Excel XLS File SST Record Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XLS...

7.8CVSS4.2AI score0.03665EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/21 12:0 a.m.•49 views

Trend Micro Deep Security Manager Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Trend Micro Deep Security Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Deep Security Manager console. The issue results from the lack of...

8.1CVSS1.3AI score0.02757EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/12 12:0 a.m.•49 views

Adobe Acrobat Pro DC addFeed Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS1.1AI score0.02817EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/01 12:0 a.m.•49 views

(0Day) Delta Industrial Automation DOPSoft DPA File Parsing EnRcpNoName Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Delta Industrial Automation DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exis...

3.3CVSS3.3AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/05/27 12:0 a.m.•49 views

Apple macOS AudioToolboxCore CAF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the AudioToolbox library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

7.8CVSS5.6AI score0.01374EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/12 12:0 a.m.•49 views

Microsoft SharePoint Shared Forms Incomplete Blacklist Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of shared forms. It is possible to invoke a shared form in a way that allo...

8.8CVSS3.8AI score0.15134EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/03/12 12:0 a.m.•49 views

Microsoft Windows DHCP Client Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DHCP Client service. A crafted DHCP packet can trigger an integer...

5CVSS4.1AI score0.54036EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/08/14 12:0 a.m.•49 views

Microsoft Windows VBScript Array Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows VBScript. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS2.7AI score0.61912EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2018/01/02 12:0 a.m.•49 views

Quest NetVault Backup Server Process Manager Service NVBUJobDefinitions Get Method SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUJobDefinitions Get method requests. The issue results from t...

7.5CVSS1AI score0.03933EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2017/09/22 12:0 a.m.•49 views

Trend Micro Control Manager CCGIServlet CnC parameters SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within processing of...

6CVSS8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/08 12:0 a.m.•49 views

Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

6.8CVSS4.4AI score0.06918EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/07 12:0 a.m.•49 views

Eaton ELCSoft ELCSimulator Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Eaton ELCSoft. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of network TCP requests by ELCSimulator.exe. A crafted request will cause...

7.5CVSS4.2AI score0.03583EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/01 12:0 a.m.•49 views

(Pwn2Own) Adobe Reader DC util streamFromString Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

4.3CVSS2.3AI score0.03362EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/07/11 12:0 a.m.•49 views

Microsoft Windows PDF Library JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows PDF Library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

4.3CVSS3.1AI score0.20498EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/07/11 12:0 a.m.•49 views

(Pwn2Own) Microsoft Windows PlgBlt Integer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementati...

6.9CVSS8.3AI score0.06473EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/11 12:0 a.m.•49 views

Hewlett Packard Enterprise Network Automation TrueControl Management Engine Service FileServlet Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Hewlett Packard Enterprise Network Automation. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FileServlet servlet. The issue results from...

7.8CVSS1.4AI score0.17332EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/03 12:0 a.m.•49 views

Hewlett Packard Enterprise Intelligent Management Center imcwlandm Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HPE iMC Server service, which listens on...

10CVSS3AI score0.22622EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/04/19 12:0 a.m.•49 views

ThinPrint TPView JPEG2000 Parsing Heap-based Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ThinPrint. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within JPEG2000 parsing. The...

6.2CVSS3.3AI score0.00369EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/30 12:0 a.m.•49 views

Trend Micro InterScan Web Security Virtual Appliance ConfigBackup Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Trend Micro InterScan Web Security Virtual Appliance. Authentication is required to exploit this vulnerability. The specific flaw exists within processing of the ConfigBackup servlet. A...

4CVSS2.9AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/09 12:0 a.m.•49 views

Trend Micro Deep Discovery Email Inspector ajax_checklicense_AC Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Deep Discovery Email Inspector. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxchecklicenseAC.php. The issue results from the lack of...

10CVSS7.1AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/24 12:0 a.m.•50 views

Apple Safari SearchInputType Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within SearchInputType...

6.8CVSS2.5AI score0.01932EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/10 12:0 a.m.•49 views

Microsoft Windows ADO Recordset GetRows Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

2.6CVSS1.5AI score0.17016EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/10 12:0 a.m.•49 views

(Pwn2Own) Microsoft Edge JavaScript concat Method Uninitialized Memory Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementatio...

6.8CVSS3.1AI score0.28261EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/03/10 12:0 a.m.•49 views

Microsoft Windows CreateWindowStation Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.2CVSS3.1AI score0.04404EPSS
Exploits0References1
Total number of security vulnerabilities5000