Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•44 views

Linux Kernel nf_tables_expr_destroy Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the nftablesexprdestroy...

8.8CVSS7.5AI score0.02881EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/19 12:0 a.m.•44 views

Siemens Tecnomatix Plant Simulation IGS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS6.8AI score0.00228EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/08/21 12:0 a.m.•44 views

SonicWALL GMS Virtual Appliance Syslog Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SonicWALL GMS Virtual Appliance. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS7.5AI score0.42911EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/06/16 12:0 a.m.•44 views

Microsoft Exchange Command Class Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the Command class. The issue results from the lack of proper validation of user-supplied...

8.8CVSS7.4AI score0.81775EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/04/11 12:0 a.m.•44 views

Microsoft Office Word SKP File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

7.8CVSS7.8AI score0.03011EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2022/11/03 12:0 a.m.•44 views

D-Link DIR-1935 SetVirtualServerSettings VirtualServerInfo Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handli...

6.8CVSS3.5AI score0.01085EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/25 12:0 a.m.•44 views

(0Day) Corel CorelDRAW Graphics Suite GIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Corel CorelDRAW Graphics Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

3.3CVSS3.2AI score0.00807EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/14 12:0 a.m.•44 views

Microsoft Windows CSRSS Activation Context Cache Poisoning Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the CSRSS.exe...

7.8CVSS6AI score0.09331EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/23 12:0 a.m.•44 views

Softing Secure Integration Server URI NULL Pointer Dereference Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing Secure Integration Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the URI HTTP header. The issue results...

7.5CVSS0.8AI score0.01297EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/06/30 12:0 a.m.•44 views

Autodesk AutoCAD CATPart File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS4AI score0.01035EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/04/12 12:0 a.m.•44 views

Tukaani XZ Utils xzgrep Argument Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tukaani XZ Utils. Interaction with this script is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the handling of...

7CVSS9.1AI score0.04271EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/03/23 12:0 a.m.•44 views

(Pwn2Own) HP LaserJet Pro MFP M283fdw eContactRestore Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of HP LaserJet Pro MFP M283fdw printers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8CVSS4.8AI score0.07022EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/03/11 12:0 a.m.•44 views

Cisco Nexus Dashboard Fabric Controller XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Cisco Nexus Dashboard Fabric Controller. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the AMF protocol. Due to the improper...

7.5CVSS5.5AI score0.0954EPSS
Exploits2
Zero Day Initiative
Zero Day Initiative
•added 2022/02/22 12:0 a.m.•44 views

TP-Link TL-WR940N httpd ssid1 Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue...

6.8CVSS3.5AI score0.00724EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/02/16 12:0 a.m.•44 views

Linux Kernel io_uring Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

8.8CVSS3.1AI score0.03718EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/11 12:0 a.m.•44 views

Siemens Simcenter Femap NEU File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.9AI score0.01564EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•44 views

Bentley MicroStation CONNECT 3DS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

3.3CVSS2.5AI score0.01804EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•44 views

Bentley MicroStation CONNECT JT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.7AI score0.02016EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•44 views

Bentley MicroStation CONNECT DGN File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.7AI score0.02068EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•44 views

Bentley MicroStation CONNECT DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

3.3CVSS2.6AI score0.01699EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/12/21 12:0 a.m.•44 views

Adobe After Effects 3GP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe After Effects. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS4.4AI score0.00341EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/12/21 12:0 a.m.•44 views

Microsoft Windows Print Spooler Link Following Privilege Escalation Vulnerability

This vulnerability allows local attackers to escape the low integrity sandbox on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS8.3AI score0.0105EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/12/08 12:0 a.m.•44 views

Bentley View JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT...

7.8CVSS5AI score0.01945EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/12/08 12:0 a.m.•44 views

Bentley View JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT...

7.8CVSS5AI score0.01937EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/12/08 12:0 a.m.•44 views

Bentley View BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP...

7.8CVSS5.9AI score0.02123EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/11/22 12:0 a.m.•44 views

Commvault CommCell CVSearchService Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Commvault CommCell. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CVSearchService service. The issue results from the lack of proper validation prio...

9.8CVSS9.1AI score0.05424EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/10/28 12:0 a.m.•44 views

Adobe Bridge DCM File Parsing Double Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DCM...

7.8CVSS4.6AI score0.02EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/09/20 12:0 a.m.•44 views

Schneider Electric EcoStruxure Control Expert Classic STU and STA File Parsing Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Control Expert Classic. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...

7.8CVSS4.4AI score0.261EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/09/16 12:0 a.m.•44 views

Adobe FrameMaker PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe FrameMaker. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PD...

7.8CVSS4.6AI score0.021EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/03 12:0 a.m.•44 views

(Pwn2Own) Parallels Desktop Toolgate Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within t...

6.5CVSS3.7AI score0.00258EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/28 12:0 a.m.•44 views

Adobe After Effects PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe After Effects. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing...

7.8CVSS4.1AI score0.02199EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/28 12:0 a.m.•44 views

Adobe Media Encoder FLV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Media Encoder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.7AI score0.0245EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•44 views

Siemens JT2Go TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

3.3CVSS2.8AI score0.01348EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•44 views

Siemens JT2Go TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF...

7.8CVSS4.2AI score0.01574EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/13 12:0 a.m.•44 views

(0Day) GoPro Player MOV File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GoPro Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of MOV...

7.8CVSS4.3AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/06/24 12:0 a.m.•44 views

(0Day) Advantech WebAccess/HMI Designer PM3 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/HMI Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

7.8CVSS4.2AI score0.0097EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/06/22 12:0 a.m.•44 views

Autodesk Design Review PDF File Parsing Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Design Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS5.1AI score0.01767EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/17 12:0 a.m.•44 views

(0Day) Microsoft Print 3D OBJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Print 3D. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

6.6CVSS5.3AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/06/10 12:0 a.m.•44 views

Adobe Acrobat Reader DC XFA Template Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS2.3AI score0.04709EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/10 12:0 a.m.•44 views

Adobe Acrobat Reader DC AcroForm Field Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS2.6AI score0.05172EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/05/25 12:0 a.m.•44 views

VMware Workstation ThinPrint TTCHeader Integer Overflow Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6.5CVSS4.3AI score0.00453EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/05/12 12:0 a.m.•44 views

(0Day) Siemens Solid Edge Viewer CATPart File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4.2AI score0.01982EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/03/30 12:0 a.m.•44 views

Apple macOS AudioCodecs MP4 File Parsing Signed to Unsigned Conversion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AudioCodecs module...

7.8CVSS5.6AI score0.01119EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/17 12:0 a.m.•44 views

Microsoft Windows CInteractionTrackerMarshaler Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within DirectComposition...

8.8CVSS5.1AI score0.02352EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/25 12:0 a.m.•44 views

Siemens SINEC NMS FirmwareFileUtils extractToFolder Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens SINEC NMS. Authentication is required to exploit this vulnerability. The specific flaw exists within the FirmwareFileUtils class. The issue results from the lack of proper validation of a...

8.8CVSS4.5AI score0.20616EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/02/24 12:0 a.m.•44 views

D-Link DAP-2020 WEB_CmdFileList Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. The issue results from the...

8.8CVSS2.3AI score0.05089EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/24 12:0 a.m.•44 views

Siemens JT2Go RAS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

3.3CVSS2.9AI score0.00713EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/12 12:0 a.m.•44 views

Microsoft SharePoint Workflow Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the SPWorkflowDataSourceView class. The issue results from...

8.8CVSS4.3AI score0.05904EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/04 12:0 a.m.•44 views

Apple macOS ModelIO USD Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ModelIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

3.3CVSS4AI score0.00922EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/18 12:0 a.m.•44 views

Apple macOS process_token_BlitLibSetup2D Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppleIntelKBLGraphic...

7.8CVSS4.2AI score0.01061EPSS
Exploits0References1
Total number of security vulnerabilities5000