Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2014/06/11 12:0 a.m.•181 views

(Pwn2Own\Pwn4Fun) Microsoft Internet Explorer CDOMTextNode Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS6.4AI score0.70727EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/14 12:0 a.m.•180 views

Siemens JT2Go ASM File Parsing Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ASM...

7.8CVSS4.7AI score0.03904EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/12/19 12:0 a.m.•180 views

Oracle ADF Faces Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle ADF Faces. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Remote Regions component. The issue results from the lack of proper validation of...

9.8CVSS4.2AI score0.14264EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/17 12:0 a.m.•178 views

Trend Micro Apex One Security Agent Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.8CVSS7AI score0.00184EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/12/22 12:0 a.m.•177 views

Linux Kernel ksmbd Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability, but only systems with ksmbd enabled are vulnerable. The specific flaw exists within the processing of SMB2TREEDISCONNECT...

10CVSS2.6AI score0.46428EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/01/10 12:0 a.m.•175 views

Trend Micro Control Manager TemplateMatchByTemplate SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

6CVSS9.1AI score0.49408EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/14 12:0 a.m.•174 views

Delta Industrial Automation CNCSoft-B DOPSoft DPA File Parsing Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation CNCSoft-B. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

7.8CVSS5.2AI score0.01981EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•172 views

(Pwn2Own) Microsoft Exchange Server Arbitrary File Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Exchange Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of...

8.8CVSS3.2AI score0.99782EPSS
Exploits11References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/19 12:0 a.m.•172 views

Microsoft Outlook HTML Email Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Outlook. User interaction is required to exploit this vulnerability in that the target must open a malicious email or view it in the preview pane. The specific flaw exists within the parsin...

8.1CVSS4.7AI score0.33551EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/05/12 12:0 a.m.•172 views

Microsoft Windows .MSC Stack Buffer Overflow Denial of Service Vulnerability

This vulnerability allows an attacker to cause a denial of service condition on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit open a malicious directory or device. The specific flaw exists within the handlin...

5CVSS6.5AI score0.01685EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/24 12:0 a.m.•170 views

VMware ESXi SLP Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of VMware ESXi. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SLP messages. The issue results from the lack of proper validati...

8.8CVSS3.7AI score0.45063EPSS
Exploits7References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/19 12:0 a.m.•168 views

Microsoft Windows Raw Image Extension CR3 File Parsing Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Raw Image Extension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.5AI score0.05914EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/10 12:0 a.m.•167 views

(Pwn2Own) Microsoft Windows dxgkrnl Kernel Driver Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within processing of t...

6.9CVSS5.9AI score0.02031EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2017/06/26 12:0 a.m.•166 views

ARRIS VAP2500 list_mac_address cmb_macaddrfilter Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ARRIS VAP2500. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the cmbmacaddrfilter parameter provided to the listmacaddress.php...

10CVSS2.7AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2013/09/11 12:0 a.m.•165 views

Microsoft Internet Explorer CAtomTable Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS3.3AI score0.19345EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/15 12:0 a.m.•164 views

(Pwn2Own) Google Chromium V8 XOR Typer Mismatch Out-Of-Bounds Access Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Google Chromium. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation...

8.8CVSS8.8AI score0.70435EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
•added 2021/05/25 12:0 a.m.•163 views

(Pwn2Own) Canonical Ubuntu eBPF Out-Of-Bounds Access Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Canonical Ubuntu. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBP...

8.8CVSS8AI score0.27477EPSS
Exploits8References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/24 12:0 a.m.•163 views

Apache ActiveMQ MOVE Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache ActiveMQ. Authentication may or may not be required to exploit this vulnerability, according to how the product has been configured. The specific flaw exists within the fileserver web servic...

7.5CVSS2AI score0.98518EPSS
Exploits19References1
Zero Day Initiative
Zero Day Initiative
•added 2010/10/12 12:0 a.m.•163 views

Tivoli Storage Manager FastBack 0xfafbfcfd Packet Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Tivoli Storage Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within FastBackServer.exe which listens by default on TCP port 1320. When handling a...

10CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/01/10 12:0 a.m.•162 views

Trend Micro Control Manager ApplicationStatus SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

6CVSS9.1AI score0.49408EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/08/24 12:0 a.m.•161 views

(Pwn2Own) HP Color LaserJet Pro M479fdw slangapp PATH_INFO Stack-based Buffer Overflow Remote Code Execution

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of HP Color LaserJet Pro M479fdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the slangapp binary. When parsing the value of the pass...

8.8CVSS7.4AI score0.00397EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/24 12:0 a.m.•161 views

Apache ActiveMQ Fileserver File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache ActiveMQ. Authentication may or may not be required to exploit this vulnerability, depending on how the product has been configured. The specific flaw exists within the "fileserver" web...

7.5CVSS3.3AI score0.98518EPSS
Exploits19References1
Zero Day Initiative
Zero Day Initiative
•added 2012/08/22 12:0 a.m.•159 views

Symantec Endpoint Protection SemSvc.exe AgentServlet Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Endpoint Protection. Authentication is not required to exploit this vulnerability. The specific flaw exists within SemSvc.exe which listens by default on TCP port 8443 https. The SemSvc...

10CVSS5AI score0.0146EPSS
Exploits7References1
Zero Day Initiative
Zero Day Initiative
•added 2018/01/10 12:0 a.m.•158 views

Trend Micro Control Manager TopViolationPolicy SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

6CVSS9.1AI score0.20222EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/10 12:0 a.m.•158 views

(Pwn2Own) Microsoft Windows NtGdiGetEmbUFI Information Disclosure Vulnerability

This vulnerability allows local attackers to leak sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

4.9CVSS0.2AI score0.02485EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2015/10/02 12:0 a.m.•158 views

VMware vCenter Server JMX RMI Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of VMware vCenter Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in the configuration of the JMX remote interface. This interface allows a remote attack...

10CVSS8.2AI score0.89048EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2018/01/10 12:0 a.m.•157 views

Trend Micro Control Manager PersonalFirewallSummary SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

6CVSS9.1AI score0.49408EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/01/10 12:0 a.m.•157 views

Trend Micro Control Manager UserStatusBySeverity SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

6CVSS9.1AI score0.49408EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/09/16 12:0 a.m.•157 views

Microsoft Windows .URL File Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. An attacker can craft a malicious file with a...

6.8CVSS4.6AI score0.11774EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2024/04/23 12:0 a.m.•155 views

Microsoft Azure ODSP nikisos Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of ODSP for Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of ODSP. When installed from the official Microsoft GitHub...

9.8CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/12/04 12:0 a.m.•155 views

Microsoft SharePoint DataFormWebPart Server-Side Include Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft SharePoint Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of web parts of type DataFormWebPart. By specifying a custo...

6.5CVSS0.8AI score0.1318EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/01/10 12:0 a.m.•154 views

Trend Micro Control Manager TopXThreatTrail SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

6CVSS9.1AI score0.20222EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/10 12:0 a.m.•155 views

Microsoft Windows Media Center .MCL File Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows Media Center. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. An attacker can craft a malicious...

6.8CVSS5.3AI score0.6994EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2016/03/10 12:0 a.m.•153 views

Google Chrome Pdfium JPEG2000 Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS2.5AI score0.01981EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/10/26 12:0 a.m.•153 views

Oracle Java Applet Rhino Script Engine Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Java handles...

9CVSS2.8AI score0.96714EPSS
Exploits13References1
Zero Day Initiative
Zero Day Initiative
•added 2018/01/10 12:0 a.m.•152 views

Trend Micro Control Manager TopViolators SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the TopViolato...

6CVSS9.1AI score0.20222EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/17 12:0 a.m.•151 views

(0Day) (Pwn2Own) Mikrotik RouterOS RADVD Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Mikrotik RouterOS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Router Advertisement Daemon. The issue results from the lack of proper...

7.5CVSS7.3AI score0.0061EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2019/02/12 12:0 a.m.•150 views

Microsoft SharePoint EntityInstanceIdEncoder Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the EntityInstanceIdEncoder class. The issue results from the lack of proper validati...

9.8CVSS3.2AI score0.99913EPSS
Exploits29References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/17 12:0 a.m.•147 views

(Pwn2Own) Synology RT6600ax Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology RT6600ax routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the libsynoskd library. The issue results from the lack of proper...

8.8CVSS7.3AI score0.00998EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/19 12:0 a.m.•144 views

(0Day) Microsoft Windows splwow64 Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the user-mode...

7CVSS4.3AI score0.15932EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/09/19 12:0 a.m.•143 views

Microsoft Windows DirectX Graphics Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DirectX Graphi...

8.8CVSS5.6AI score0.44896EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/18 12:0 a.m.•143 views

(0Day) (Pwn2Own) Sony X800H Smart TV Vewd Type-Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sony X800H Smart TV. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...

5.9CVSS3AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2016/04/08 12:0 a.m.•143 views

Google Chrome libANGLE glGetUniformfv Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the libANGLE...

6.8CVSS6.2AI score0.02876EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2006/04/13 12:0 a.m.•143 views

Novell GroupWise Messenger Accept-Language Buffer Overflow Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of the Novell GroupWise Messenger. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Novell Messaging Agent, a web server that listens by default on TCP port...

10CVSS3.4AI score0.72833EPSS
Exploits12References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/22 12:0 a.m.•140 views

Oracle E-Business Suite ozfVendorLov SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Oracle E-Business Suite. Authentication is not required to exploit this vulnerability. The specific flaw exists within ozfVendorLov.jsp. The issue results from the lack of proper validation of a...

7.5CVSS1.8AI score0.02797EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2012/04/18 12:0 a.m.•139 views

Samba NDR PULL SVCCTL StartServiceW Heap Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samba. Authentication is not required to exploit this vulnerability. The specific flaw exists within Samba's handling of a NDR PULL SVCCTL StartServiceW request. By sending a specially crafted...

10CVSS3.9AI score0.74034EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2020/12/08 12:0 a.m.•138 views

Apple macOS libFontParser TTF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the libFontParser library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

7.8CVSS4.9AI score0.00888EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/03/11 12:0 a.m.•137 views

Microsoft SharePoint InfoPath List Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of InfoPath attachments. Tampering with client-side data can...

8.8CVSS3.8AI score0.14387EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/18 12:0 a.m.•136 views

(Pwn2Own) Linux Kernel nft_object Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

8.8CVSS3AI score0.12746EPSS
Exploits7References1
Zero Day Initiative
Zero Day Initiative
•added 2018/06/13 12:0 a.m.•136 views

Microsoft Windows ksecdd IOCTL 0x390400 Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

5.4CVSS3.8AI score0.02363EPSS
Exploits0References1
Total number of security vulnerabilities5000