Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2021/04/21 12:0 a.m.•46 views

Parallels Desktop Toolgate Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within t...

6.5CVSS3.7AI score0.0043EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/04 12:0 a.m.•46 views

Apple macOS ModelIO USD Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ModelIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

3.3CVSS4AI score0.00854EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/04 12:0 a.m.•46 views

Cisco Multiple Routers Cookie Header Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV16x and RV26x routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 443 by default. The...

8.8CVSS3.7AI score0.05421EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/27 12:0 a.m.•46 views

Trend Micro ServerProtect splx_manual_scan Memory Exhaustion Denial-Of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Trend Micro ServerProtect. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

3.3CVSS1.8AI score0.00404EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/18 12:0 a.m.•46 views

NETGEAR R7450 SOAP API RecoverAdminPassword Improper Access Control Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R7450 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SOAP API endpoint, which listens on TCP port 80 by default...

6.5CVSS2.6AI score0.0062EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/12/16 12:0 a.m.•46 views

(Pwn2Own) Western Digital MyCloud PR4100 nasAdmin Incorrect Authorization Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Western Digital MyCloud PR4100. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nasAdmin service, which listens on TCP port 80 and 443 by...

2.3AI score0.03897EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/28 12:0 a.m.•46 views

Micro Focus Operations Bridge Manager SecurityService Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS3.7AI score0.7699EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/22 12:0 a.m.•46 views

Adobe Illustrator PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Illustrator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of P...

7.8CVSS4.8AI score0.04715EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/19 12:0 a.m.•46 views

SAP 3D Visual Enterprise Viewer PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS4.4AI score0.01243EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/09/29 12:0 a.m.•46 views

Foxit PhantomPDF U3DBrowser U3D File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U...

7.8CVSS4.5AI score0.04175EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•46 views

SAP 3D Visual Enterprise Viewer RLE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS4.5AI score0.01623EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•46 views

SAP 3D Visual Enterprise Viewer U3D File Parsing 3difr Plugin Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7CVSS5.6AI score0.01629EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/31 12:0 a.m.•46 views

Trend Micro Apex One Improper Access Control Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the ApexOne...

7.8CVSS4.4AI score0.02639EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/18 12:0 a.m.•46 views

Parallels Desktop Networking Service Integer Underflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the prlnapt...

7.5CVSS4.8AI score0.00485EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/12 12:0 a.m.•46 views

Adobe Acrobat Pro DC updateFeed Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS0.8AI score0.02817EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/02 12:0 a.m.•46 views

Advantech WebAccess Node bwmail Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within bwmail.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process...

9.8CVSS3.6AI score0.0898EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/11/21 12:0 a.m.•46 views

Microsoft Exchange Server NTLM Reflection EWS User Impersonation Vulnerability

This vulnerability allows remote attackers to impersonate arbitrary users on vulnerable installations of Microsoft Exchange Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the use of NTLM authentication in Exchange Server. NTLM responses produced ...

8.1CVSS4.3AI score0.27355EPSS
Exploits7References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/30 12:0 a.m.•46 views

(Pwn2Own) Apple Safari CreateThis Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of JIT...

6.8CVSS1.8AI score0.53772EPSS
Exploits12References1
Zero Day Initiative
Zero Day Initiative
•added 2018/08/30 12:0 a.m.•46 views

Linux Kernel MIDI Race Condition Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of MIDI...

6.9CVSS2.6AI score0.00523EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/07/26 12:0 a.m.•46 views

(Pwn2Own) Oracle Virtualbox HGCM Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

6.9CVSS3.1AI score0.00462EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2018/03/19 12:0 a.m.•46 views

Microsoft Internet Explorer VML textpath Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

2.6CVSS0.8AI score0.05536EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/03/07 12:0 a.m.•46 views

Apple macOS QuartzCore render_mask Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation o...

6.8CVSS4AI score0.01544EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/12/13 12:0 a.m.•46 views

NetGain Systems Enterprise Manager deviceReport.deviceReport_005fexport_005fdo_jsp filename Directory Traversal Arbitrary File Overwrite Vulnerability

This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

7.5CVSS2.9AI score0.02264EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2017/12/12 12:0 a.m.•46 views

Bitdefender Internet Security Themida Emulator Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.8CVSS4.3AI score0.06487EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2017/12/12 12:0 a.m.•46 views

Microsoft Windows VBScript Join Function Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS1.9AI score0.06423EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/12 12:0 a.m.•46 views

Microsoft Windows Bitmap Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

2.6CVSS5.8AI score0.1404EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/06/13 12:0 a.m.•46 views

(Pwn2Own) Microsoft Windows NtUserLinkDpiCursor Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

6.9CVSS8.5AI score0.01084EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/06/13 12:0 a.m.•46 views

(Pwn2Own) Microsoft Windows NtUserLinkDpiCursor Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

6.9CVSS8AI score0.02341EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/10 12:0 a.m.•46 views

Microsoft Windows ADO Recordset Update Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS1.3AI score0.17016EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/10 12:0 a.m.•46 views

Adobe Reader DC XSLT attribute-set Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within XSLT's...

6.8CVSS3.5AI score0.2042EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/09/20 12:0 a.m.•46 views

Apple OS X AppleHSSPIHIDDriver Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple OS X. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

6.9CVSS5.2AI score0.01255EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/03/11 12:0 a.m.•46 views

Mozilla Firefox nsHTMLDocument SetBody Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS2.5AI score0.0289EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/03/08 12:0 a.m.•46 views

Adobe Acrobat Pro DC DLL Planting Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists within the handling of DLL search paths. In...

7.5CVSS2.8AI score0.01098EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/07/08 12:0 a.m.•46 views

Adobe Flash Player AS2 ConvolutionFilter Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processin...

6.8CVSS6.4AI score0.0785EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/03/12 12:0 a.m.•46 views

Adobe Flash Player AVSS Load Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling ...

6.8CVSS6.5AI score0.07002EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2015/02/10 12:0 a.m.•46 views

Microsoft Internet Explorer CSVGSVGElement Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS7.5AI score0.12805EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/10/14 12:0 a.m.•46 views

Foxit ActiveX Pro SDK SetLogFile Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Foxit ActiveX Pro SDK ActiveX control. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exis...

6.8CVSS6.9AI score0.03411EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/08/12 12:0 a.m.•46 views

Microsoft Internet Explorer CInput onfocus Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

6.8CVSS7.6AI score0.16528EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/06/11 12:0 a.m.•46 views

Microsoft Internet Explorer CGeneratedContent Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS6.3AI score0.20687EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/08/13 12:0 a.m.•46 views

(Pwn2Own) Microsoft Windows Shared Data ASLR Security Feature Bypass Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the existence ...

5CVSS2AI score0.07575EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2013/08/13 12:0 a.m.•46 views

Hewlett-Packard SiteScope SOAP Call runOMAgentCommand Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP SiteScope. Authentication is not required to exploit this vulnerability. The specific flaw exists within APIBSMIntegrationImpl's processing of the runOMAgentCommand which can be invoked through...

10CVSS3.3AI score0.68895EPSS
Exploits10References1
Zero Day Initiative
Zero Day Initiative
•added 2013/08/13 12:0 a.m.•46 views

Hewlett-Packard System Management iprange Parameter Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP System Management. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the iprange parameter when passed to /proxy/DataValidation in an...

10CVSS2.5AI score0.00527EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2013/05/10 12:0 a.m.•46 views

Oracle Java mort TTF Table Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the fontmanager...

10CVSS3.8AI score0.08869EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/02/11 12:0 a.m.•46 views

Oracle Java NativeJavaConstructor Class Serialization Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists due to insufficient checks...

7.5CVSS4.3AI score0.09822EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2012/06/28 12:0 a.m.•46 views

Mozilla Firefox AttributeChildRemoved Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Firefox...

7.5CVSS3.4AI score0.36511EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2012/06/06 12:0 a.m.•46 views

Apple QuickTime RLE Sample Decoding Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the...

7.5CVSS4.1AI score0.04626EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2011/08/17 12:0 a.m.•46 views

(0Day) FlexNet License Server Manager Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Flexnet License Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the license server manager which listens on TCP port 27000. There are multiple...

10CVSS7.8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/06/21 12:0 a.m.•46 views

Mozilla Firefox SVGPathSegList.replaceItem Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code...

7.5CVSS4.5AI score0.05772EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/02/07 12:0 a.m.•46 views

(0Day) IBM Lotus Domino iCalendar Meeting Request Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nrouter.exe service while processing a malformed calendar meeting...

10CVSS5.6AI score0.11584EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2011/01/18 12:0 a.m.•46 views

Oracle Database and Enterprise Manager Grid Control Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Database 11g. Authentication is not required to exploit this vulnerability. The specific flaw exists within a JSP script exposed via an HTTPS server running by default on TCP port 1158. The...

10CVSS1.3AI score0.76694EPSS
Exploits4References1
Total number of security vulnerabilities5000