Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2022/08/18 12:0 a.m.•46 views

(Pwn2Own) Microsoft Windows partmgr Improper Authorization Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the partmgr.sys...

8.8CVSS5.2AI score0.00484EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/07/15 12:0 a.m.•47 views

(Pwn2Own) Inductive Automation Ignition Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within...

8.8CVSS4.2AI score0.43103EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/06/01 12:0 a.m.•46 views

Microsoft Visual Studio VSIX Auto Update Deserialization of Untrusted Data Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Visual Studio. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the VSIX Aut...

8.4CVSS5.6AI score0.00753EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/05/10 12:0 a.m.•46 views

Microsoft Windows Print Spooler Service Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Print Spooler...

7CVSS6.2AI score0.1209EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/05/10 12:0 a.m.•46 views

Microsoft Windows CreateObjectHandler Deserialization of Untrusted Data Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS6.8AI score0.00848EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/05/09 12:0 a.m.•46 views

Zoom Client Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Zoom Client. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the installer. By creati...

7.8CVSS5.9AI score0.0037EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/03/23 12:0 a.m.•46 views

(Pwn2Own) HP LaserJet Pro MFP M283fdw CFF Font Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of HP LaserJet Pro MFP M283fdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PostScript interpreter. Crafted data in a CFF font can...

4.3CVSS2.6AI score0.07022EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/03/23 12:0 a.m.•46 views

(Pwn2Own) NETGEAR R6700v3 libreadycloud.so Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handli...

8CVSS3.5AI score0.01467EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/14 12:0 a.m.•46 views

(Pwn2Own) Sonos One Speaker Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker. Authentication is not required to exploit this vulnerability. The specific flaw exists within the anacapd daemon. The issue results from the lack of proper validation of...

8.8CVSS3.7AI score0.04085EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•46 views

Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5AI score0.02041EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/12/08 12:0 a.m.•46 views

Bentley View JT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT...

7.8CVSS5.9AI score0.02041EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/11/22 12:0 a.m.•46 views

Commvault CommCell DataProvider JavaScript Sandbox Escape Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Commvault CommCell. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the DataProvider class. T...

8.8CVSS8.9AI score0.05789EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/10/13 12:0 a.m.•46 views

Linux Kernel eBPF Type Confusion Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBPF...

8.8CVSS3.7AI score0.00972EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/09/16 12:0 a.m.•46 views

Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.2AI score0.0238EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/03 12:0 a.m.•46 views

(Pwn2Own) Parallels Desktop Toolgate Uncontrolled Memory Allocation Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate...

7.8CVSS4.1AI score0.00246EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/28 12:0 a.m.•46 views

Adobe After Effects JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe After Effects. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing...

7.8CVSS4.2AI score0.02438EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/28 12:0 a.m.•46 views

Adobe Media Encoder MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Media Encoder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS4.1AI score0.01865EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/22 12:0 a.m.•46 views

(0Day) Apple macOS AudioToolboxCore LOAS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.9AI score0.0107EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•46 views

Siemens JT2Go SGI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SGI...

7.8CVSS4.3AI score0.01574EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•46 views

Microsoft SharePoint Missing Check of Message Integrity Vulnerability

This vulnerability allows network-adjacent attackers to tamper with update data on affected installations of Microsoft SharePoint. User interaction is required to exploit this vulnerability. The specific flaw exists within the handling of SharePoint Help updates. The issue results from a missing...

3.5CVSS1.5AI score0.04445EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•46 views

(Pwn2Own) Microsoft Windows storport Integer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the storport.sys...

8.8CVSS5.9AI score0.00982EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/17 12:0 a.m.•46 views

Siemens JT2Go TIFF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIFF...

7.8CVSS4.2AI score0.0191EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/06/02 12:0 a.m.•46 views

OpenText Brava! Desktop DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.6AI score0.01419EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/05/13 12:0 a.m.•46 views

Adobe Illustrator TTF Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Illustrator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing o...

7.8CVSS4.1AI score0.03467EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/21 12:0 a.m.•46 views

Parallels Desktop Toolgate Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within t...

6.5CVSS3.7AI score0.0043EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/21 12:0 a.m.•46 views

Parallels Desktop Tools Integer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Parallels Tool...

8.8CVSS5.6AI score0.00452EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/04 12:0 a.m.•46 views

Apple macOS ModelIO USD Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ModelIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

3.3CVSS4AI score0.00854EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/04 12:0 a.m.•46 views

Cisco Multiple Routers Cookie Header Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV16x and RV26x routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 443 by default. The...

8.8CVSS3.7AI score0.05421EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/27 12:0 a.m.•46 views

Trend Micro ServerProtect splx_manual_scan Memory Exhaustion Denial-Of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Trend Micro ServerProtect. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

3.3CVSS1.8AI score0.00404EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/18 12:0 a.m.•46 views

NETGEAR R7450 SOAP API RecoverAdminPassword Improper Access Control Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R7450 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SOAP API endpoint, which listens on TCP port 80 by default...

6.5CVSS2.6AI score0.0062EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/12/16 12:0 a.m.•46 views

(Pwn2Own) Western Digital MyCloud PR4100 nasAdmin Incorrect Authorization Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Western Digital MyCloud PR4100. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nasAdmin service, which listens on TCP port 80 and 443 by...

2.3AI score0.03897EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/28 12:0 a.m.•46 views

Micro Focus Operations Bridge Manager SecurityService Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS3.7AI score0.7699EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/22 12:0 a.m.•46 views

Adobe Illustrator PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Illustrator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of P...

7.8CVSS4.8AI score0.04715EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/19 12:0 a.m.•46 views

SAP 3D Visual Enterprise Viewer PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS4.4AI score0.01243EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/09/29 12:0 a.m.•46 views

Foxit PhantomPDF U3DBrowser U3D File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U...

7.8CVSS4.5AI score0.04175EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•46 views

SAP 3D Visual Enterprise Viewer RLE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS4.5AI score0.01623EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•46 views

SAP 3D Visual Enterprise Viewer U3D File Parsing 3difr Plugin Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7CVSS5.6AI score0.01629EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/31 12:0 a.m.•46 views

Trend Micro Apex One Improper Access Control Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the ApexOne...

7.8CVSS4.4AI score0.02639EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/18 12:0 a.m.•46 views

Parallels Desktop Networking Service Integer Underflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the prlnapt...

7.5CVSS4.8AI score0.00485EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/14 12:0 a.m.•46 views

Microsoft Windows QuickTime Video Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

8.8CVSS7AI score0.03463EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/12 12:0 a.m.•46 views

Adobe Acrobat Pro DC updateFeed Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS0.8AI score0.02817EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/02 12:0 a.m.•46 views

Advantech WebAccess Node bwmail Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within bwmail.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process...

9.8CVSS3.6AI score0.0898EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/02/12 12:0 a.m.•46 views

Adobe Acrobat Distiller PostScript File Parsing grestore Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS3.6AI score0.04506EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/11/21 12:0 a.m.•46 views

Microsoft Exchange Server NTLM Reflection EWS User Impersonation Vulnerability

This vulnerability allows remote attackers to impersonate arbitrary users on vulnerable installations of Microsoft Exchange Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the use of NTLM authentication in Exchange Server. NTLM responses produced ...

8.1CVSS4.3AI score0.27355EPSS
Exploits7References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/30 12:0 a.m.•46 views

(Pwn2Own) Apple Safari CreateThis Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of JIT...

6.8CVSS1.8AI score0.53772EPSS
Exploits12References1
Zero Day Initiative
Zero Day Initiative
•added 2018/08/30 12:0 a.m.•46 views

Linux Kernel MIDI Race Condition Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of MIDI...

6.9CVSS2.6AI score0.00523EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/08/10 12:0 a.m.•46 views

VMWare Horizon Client wswc_sharedMem_shared Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of VMware Horizon Client. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

1.9CVSS2.7AI score0.01781EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/07/26 12:0 a.m.•46 views

(Pwn2Own) Oracle Virtualbox HGCM Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

6.9CVSS3.1AI score0.00462EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2018/03/19 12:0 a.m.•46 views

Microsoft Internet Explorer VML textpath Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

2.6CVSS0.8AI score0.05536EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/03/07 12:0 a.m.•46 views

Apple macOS QuartzCore render_mask Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation o...

6.8CVSS4AI score0.01544EPSS
Exploits0References1
Total number of security vulnerabilities5000