Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2008/07/17 12:0 a.m.•49 views

Mozilla Firefox CSSValue Array Memory Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the browser's handling reference counters to...

9.3CVSS4.5AI score0.05284EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2024/06/12 12:0 a.m.•48 views

(Pwn2Own) Mozilla Firefox Exposed Dangerous Function Sandbox Escape Vulnerability

This vulnerability allows remote attackers to escape the sandbox on affected installations of Mozilla Firefox. An attacker must first obtain the ability to execute low-privileged code in the renderer process in order to exploit this vulnerability. The specific flaw exists within the SessionStore...

7.8CVSS7.2AI score0.047EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/06/12 12:0 a.m.•48 views

(Pwn2Own) Microsoft Windows NtQueryInformationToken Race Condition Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementation...

8.8CVSS7.1AI score0.68202EPSS
Exploits7References1
Zero Day Initiative
Zero Day Initiative
•added 2024/05/19 12:0 a.m.•48 views

(Pwn2Own) QNAP TS-464 QR Code Device CRLF Injection Arbitrary Configuration Change Vulnerability

This vulnerability allows remote attackers to make arbitrary changes to configuration on affected installations of QNAP TS-464 NAS devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the privWizard API endpoints. The issue results from the lack o...

9.1CVSS6.6AI score0.24365EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/02/13 12:0 a.m.•48 views

Microsoft Windows Internet Shortcut SmartScreen Bypass Vulnerability

This vulnerability allows remote attackers to bypass the SmartScreen security feature to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The...

8.8CVSS7.3AI score0.95443EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2024/01/15 12:0 a.m.•48 views

Synology RT6600ax Qualcomm LDB Service Improper Input Validation Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology RT6600ax routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Qualcomm LDB service. The issue results from the lack of proper...

7.5CVSS7.5AI score0.00663EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/11/15 12:0 a.m.•48 views

Microsoft Office Word FBX File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

7.8CVSS7.2AI score0.00979EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/11 12:0 a.m.•48 views

Hewlett Packard Enterprise OneView resetAdminPassword Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Hewlett Packard Enterprise OneView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the resetAdminPassword endpoint. The issue results from the lack of...

9.8CVSS6.9AI score0.01216EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/02/24 12:0 a.m.•48 views

Microsoft Print 3D PLY File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Print 3D. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

6.6CVSS7.6AI score0.00657EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/02/09 12:0 a.m.•48 views

(Pwn2Own) Ubiquiti Networks EdgeOS dhcp6c Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Ubiquiti Networks EdgeOS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhcp6c daemon. The issue results from the lack of proper validati...

7.5CVSS8.8AI score0.0089EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2023/01/18 12:0 a.m.•48 views

Microsoft Windows GreStartDocInternal Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS8.2AI score0.00476EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/01/18 12:0 a.m.•48 views

Microsoft 3D Builder GLB File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

6.6CVSS7.5AI score0.00939EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/18 12:0 a.m.•48 views

PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5.3AI score0.0077EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/18 12:0 a.m.•48 views

Microsoft Outlook MIME Header Heap Corruption Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Outlook. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of MIME headers. Crafted MIME headers within an email messa...

7.5CVSS2.5AI score0.22441EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/03 12:0 a.m.•48 views

(Pwn2Own) ICONICS GENESIS64 TDFX File Parsing Exposed Dangerous Function Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of ICONICS GENESIS64. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5.5AI score0.00309EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/05/10 12:0 a.m.•48 views

Microsoft Windows Print Spooler Service Directory Traversal Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Pri...

5.5CVSS3AI score0.01128EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/05/10 12:0 a.m.•48 views

Microsoft Windows Print Spooler Service Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Print Spooler...

7CVSS6.2AI score0.1209EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/03/18 12:0 a.m.•48 views

Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS7.6AI score0.01293EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2022/03/16 12:0 a.m.•48 views

Siemens Simcenter Femap BDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS7.7AI score0.01454EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/03/09 12:0 a.m.•48 views

Microsoft Windows CD-ROM Driver Uninitialized Pointer Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the CD-ROM drive...

7.8CVSS7.8AI score0.00895EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/02 12:0 a.m.•48 views

Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.1AI score0.01538EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•48 views

Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

3.3CVSS2.6AI score0.01592EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•48 views

Bentley MicroStation CONNECT J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.3AI score0.02093EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•48 views

Bentley MicroStation CONNECT JT File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4.4AI score0.02041EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•48 views

Bentley MicroStation CONNECT JT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.7AI score0.02041EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•48 views

Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5AI score0.02087EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/11/11 12:0 a.m.•48 views

Microsoft Access ACCDB File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Access. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS7.5AI score0.03537EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/10/28 12:0 a.m.•48 views

NETGEAR R6260 mini_httpd Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6260 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SOAP requests. When parsing the SOAPAction header, the...

8.8CVSS5AI score0.01374EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/09/16 12:0 a.m.•48 views

Adobe Acrobat Reader DC AcroForm Field Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS2.6AI score0.49525EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/09/16 12:0 a.m.•48 views

Microsoft Office Visio EMF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS5AI score0.04856EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/09/15 12:0 a.m.•48 views

Autodesk FBX Review ZIP File Parsing Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk FBX Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS4.2AI score0.5964EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/09/08 12:0 a.m.•48 views

Parallels Desktop Toolgate Uncontrolled Memory Allocation Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate...

7.8CVSS4.1AI score0.00423EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/26 12:0 a.m.•48 views

Microsoft Windows Canonical Display Driver DrvPlgBltInternal Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cdd.dll driver...

8.8CVSS5.7AI score0.01294EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/17 12:0 a.m.•48 views

(Pwn2Own) Zoom Client Marketplace Use of Incorrectly-Resolved Name or Reference Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Zoom Clients. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of Zoom Marketplace URLs. The issue results from the lack of proper...

5.3CVSS6.5AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•48 views

Siemens JT2Go JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT...

7.8CVSS4.1AI score0.01639EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•48 views

(Pwn2Own) Microsoft Windows win32kfull Bitmap Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

8.8CVSS4.6AI score0.00982EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•48 views

Siemens JT2Go GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GIF...

7.8CVSS4.3AI score0.01856EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•48 views

Microsoft Windows InstallService Time-Of-Check Time-Of-Use Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

6.1CVSS4AI score0.00744EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•48 views

(Pwn2Own) Microsoft Windows AppX Deployment Service Race Condition Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppX Deploymen...

7CVSS6AI score0.00835EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/15 12:0 a.m.•48 views

OpenText Brava! Desktop PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.5AI score0.01811EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/04/28 12:0 a.m.•48 views

(Pwn2Own) Oracle VirtualBox e1000 Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

5.3CVSS2.8AI score0.00563EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/23 12:0 a.m.•48 views

Trend Micro HouseCall for Home Networks Incorrect Permission Assignment Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro HouseCall for Home Networks. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

7.3CVSS3.8AI score0.00261EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/23 12:0 a.m.•48 views

Autodesk FBX Review FBX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk FBX Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS4.9AI score0.01778EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/26 12:0 a.m.•48 views

NETGEAR ProSAFE Network Management System MibController realName Directory Traversal Denial-of-Service Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on affected installations of NETGEAR ProSAFE Network Management System. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within th...

7.1CVSS3.7AI score0.72461EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/15 12:0 a.m.•48 views

Microsoft Windows User Profile Service Directory Junction Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the User Profile...

7CVSS5.9AI score0.01086EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/04 12:0 a.m.•48 views

Linux Kernel io_uring Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of file...

8.8CVSS2.4AI score0.0044EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/12/09 12:0 a.m.•48 views

Apple macOS KTX Image DecodeRow Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the DecodeRow...

4.3CVSS2.8AI score0.01015EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/12/03 12:0 a.m.•48 views

Apple Safari RenderObject Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

8.8CVSS2.1AI score0.0163EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/22 12:0 a.m.•48 views

Oracle VirtualBox Shader Bytecode Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

5.3CVSS2.8AI score0.00705EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/19 12:0 a.m.•48 views

Microsoft 3D Builder GLB File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

7.8CVSS5.7AI score0.04716EPSS
Exploits0References1
Total number of security vulnerabilities5000