Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2018/10/30 12:0 a.m.•46 views

(Pwn2Own) Apple Safari CreateThis Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of JIT...

6.8CVSS1.8AI score0.53772EPSS
Exploits12References1
Zero Day Initiative
Zero Day Initiative
•added 2018/08/30 12:0 a.m.•46 views

Linux Kernel MIDI Race Condition Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of MIDI...

6.9CVSS2.6AI score0.00523EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/07/26 12:0 a.m.•46 views

(Pwn2Own) Oracle Virtualbox HGCM Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

6.9CVSS3.1AI score0.00462EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2018/03/19 12:0 a.m.•46 views

Microsoft Internet Explorer VML textpath Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

2.6CVSS0.8AI score0.05536EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/03/07 12:0 a.m.•46 views

Apple macOS QuartzCore render_mask Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation o...

6.8CVSS4AI score0.01544EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/12/13 12:0 a.m.•46 views

NetGain Systems Enterprise Manager deviceReport.deviceReport_005fexport_005fdo_jsp filename Directory Traversal Arbitrary File Overwrite Vulnerability

This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

7.5CVSS2.9AI score0.02264EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2017/12/12 12:0 a.m.•46 views

Bitdefender Internet Security Themida Emulator Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.8CVSS4.3AI score0.06487EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2017/12/12 12:0 a.m.•46 views

Microsoft Windows VBScript Join Function Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS1.9AI score0.06423EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/11/14 12:0 a.m.•46 views

Foxit Reader XFAScriptObject setFocus Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the setFocus method...

6.8CVSS8.6AI score0.0259EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/12 12:0 a.m.•46 views

Microsoft Windows Bitmap Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

2.6CVSS5.8AI score0.1404EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/07/14 12:0 a.m.•46 views

Microsoft Windows OTL Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

2.6CVSS3.6AI score0.02973EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2017/06/13 12:0 a.m.•46 views

(Pwn2Own) Microsoft Windows NtUserLinkDpiCursor Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

6.9CVSS8.5AI score0.01084EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/06/13 12:0 a.m.•46 views

(Pwn2Own) Microsoft Windows NtUserLinkDpiCursor Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

6.9CVSS8AI score0.02341EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/04 12:0 a.m.•46 views

(Pwn2Own) Apple Safari String replace Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

6.8CVSS1.4AI score0.08038EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2017/04/11 12:0 a.m.•46 views

Adobe Acrobat Pro DC ImageConversion TIFF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

6.8CVSS4.1AI score0.04306EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/20 12:0 a.m.•46 views

Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samba. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NDR data. The issue results from the lack of proper validation of the length of...

6.8CVSS8.8AI score0.06226EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/10 12:0 a.m.•46 views

Microsoft Windows ADO Recordset Update Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS1.3AI score0.17016EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/10 12:0 a.m.•46 views

Adobe Reader DC XSLT attribute-set Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within XSLT's...

6.8CVSS3.5AI score0.2042EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/09/20 12:0 a.m.•46 views

Apple OS X AppleHSSPIHIDDriver Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple OS X. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

6.9CVSS5.2AI score0.01255EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/03/11 12:0 a.m.•46 views

Mozilla Firefox nsHTMLDocument SetBody Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS2.5AI score0.0289EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/03/08 12:0 a.m.•46 views

Adobe Acrobat Pro DC DLL Planting Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists within the handling of DLL search paths. In...

7.5CVSS2.8AI score0.01098EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/07/08 12:0 a.m.•46 views

Adobe Flash Player AS2 ConvolutionFilter Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processin...

6.8CVSS6.4AI score0.0785EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/03/12 12:0 a.m.•46 views

Adobe Flash Player AVSS Load Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling ...

6.8CVSS6.5AI score0.07002EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2015/03/10 12:0 a.m.•46 views

Microsoft Windows NtUserfnINSTRINGNULL Information Leak Vulnerability

This vulnerability allows local attackers to leak sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

2.1CVSS5.9AI score0.02379EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/02/10 12:0 a.m.•46 views

Microsoft Internet Explorer CSVGSVGElement Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS7.5AI score0.12805EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/10/14 12:0 a.m.•46 views

Foxit ActiveX Pro SDK SetLogFile Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Foxit ActiveX Pro SDK ActiveX control. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exis...

6.8CVSS6.9AI score0.03411EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/08/12 12:0 a.m.•46 views

Microsoft Internet Explorer CInput onfocus Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

6.8CVSS7.6AI score0.16528EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/06/11 12:0 a.m.•46 views

Microsoft Internet Explorer CGeneratedContent Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS6.3AI score0.20687EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/08/13 12:0 a.m.•46 views

(Pwn2Own) Microsoft Windows Shared Data ASLR Security Feature Bypass Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the existence ...

5CVSS2AI score0.07575EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2013/08/13 12:0 a.m.•46 views

Hewlett-Packard SiteScope SOAP Call runOMAgentCommand Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP SiteScope. Authentication is not required to exploit this vulnerability. The specific flaw exists within APIBSMIntegrationImpl's processing of the runOMAgentCommand which can be invoked through...

10CVSS3.3AI score0.68895EPSS
Exploits10References1
Zero Day Initiative
Zero Day Initiative
•added 2013/08/13 12:0 a.m.•46 views

Hewlett-Packard System Management iprange Parameter Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP System Management. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the iprange parameter when passed to /proxy/DataValidation in an...

10CVSS2.5AI score0.00527EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2013/05/29 12:0 a.m.•46 views

(Pwn2Own) Oracle Java DragAndDrop Sandbox Bypass Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

7.5CVSS3AI score0.10342EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/05/10 12:0 a.m.•46 views

Oracle Java mort TTF Table Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the fontmanager...

10CVSS3.8AI score0.08869EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/02/11 12:0 a.m.•46 views

Oracle Java NativeJavaConstructor Class Serialization Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists due to insufficient checks...

7.5CVSS4.3AI score0.09822EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2012/12/21 12:0 a.m.•46 views

Microsoft Internet Explorer insertAdjacentText Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS3.2AI score0.19579EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2012/06/28 12:0 a.m.•46 views

Mozilla Firefox AttributeChildRemoved Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Firefox...

7.5CVSS3.4AI score0.36511EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2012/06/06 12:0 a.m.•46 views

Apple QuickTime RLE Sample Decoding Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the...

7.5CVSS4.1AI score0.04626EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2011/08/17 12:0 a.m.•46 views

(0Day) FlexNet License Server Manager Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Flexnet License Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the license server manager which listens on TCP port 27000. There are multiple...

10CVSS7.8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/06/21 12:0 a.m.•46 views

Mozilla Firefox SVGPathSegList.replaceItem Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code...

7.5CVSS4.5AI score0.05772EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/04/19 12:0 a.m.•46 views

Webkit Undefined DOM Prototype Attach Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

9CVSS2.9AI score0.03923EPSS
Exploits2
Zero Day Initiative
Zero Day Initiative
•added 2011/02/07 12:0 a.m.•46 views

(0Day) IBM Lotus Domino iCalendar Meeting Request Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nrouter.exe service while processing a malformed calendar meeting...

10CVSS5.6AI score0.11584EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2011/01/18 12:0 a.m.•46 views

Oracle Database and Enterprise Manager Grid Control Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Database 11g. Authentication is not required to exploit this vulnerability. The specific flaw exists within a JSP script exposed via an HTTPS server running by default on TCP port 1158. The...

10CVSS1.3AI score0.76694EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2010/10/06 12:0 a.m.•46 views

Adobe Reader ICC Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required in that a target must be coerced into opening a file or visiting a web page. The specific flaw exists within the ACE.dll module responsible for parsing IC...

9CVSS7.1AI score0.05707EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/04/05 12:0 a.m.•46 views

Mozilla Firefox Cross Document DOM Node Moving Remote Code Execution Vulnerability

This vulnerability allows remote attackers to bypass specific script execution enforcements on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when moving DOM nodes in...

10CVSS3.2AI score0.05773EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2010/04/02 12:0 a.m.•46 views

Mozilla Firefox Web Worker Array Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the implementation of web worker threads...

10CVSS3.5AI score0.06006EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/03/09 12:0 a.m.•46 views

Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists in the decompression of XLSX files. The XL...

10CVSS4.4AI score0.25692EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2010/02/18 12:0 a.m.•46 views

IBM Cognos Server Backdoor Account Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute remote code on vulnerable installations of IBM Cognos Server. Proper authentication is not required to exploit this vulnerability. The specific flaw exists due to a hidden manager-level account with a default password defined in the user...

9CVSS8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2009/11/04 12:0 a.m.•46 views

Sun Java Runtime AWT setDifflCM Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the processing of arguments to t...

9.3CVSS5.1AI score0.65461EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2009/10/13 12:0 a.m.•46 views

Microsoft Internet Explorer writing-mode Memory Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required in that a user must visit a malicious web page. The specific flaw exists in the parsing of CSS style information. When a writing-mode style...

9.3CVSS2.8AI score0.22927EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2007/05/08 12:0 a.m.•46 views

Microsoft Excel BIFF File Format Named Graph Record Parsing Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file. The specific flaw exists within the parsing of the BIFF file format used by...

7.6CVSS4.7AI score0.31546EPSS
Exploits4References1
Total number of security vulnerabilities5000