Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2021/05/25 12:0 a.m.•44 views

VMware Workstation ThinPrint TTCHeader Integer Overflow Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6.5CVSS4.3AI score0.00453EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/05/12 12:0 a.m.•44 views

(0Day) Siemens Solid Edge Viewer CATPart File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4.2AI score0.01982EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/03/30 12:0 a.m.•44 views

Apple macOS AudioCodecs MP4 File Parsing Signed to Unsigned Conversion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AudioCodecs module...

7.8CVSS5.6AI score0.01119EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/17 12:0 a.m.•44 views

Microsoft Windows CInteractionTrackerMarshaler Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within DirectComposition...

8.8CVSS5.1AI score0.02352EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/25 12:0 a.m.•44 views

Siemens SINEC NMS FirmwareFileUtils extractToFolder Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens SINEC NMS. Authentication is required to exploit this vulnerability. The specific flaw exists within the FirmwareFileUtils class. The issue results from the lack of proper validation of a...

8.8CVSS4.5AI score0.20616EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/02/24 12:0 a.m.•44 views

D-Link DAP-2020 WEB_CmdFileList Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. The issue results from the...

8.8CVSS2.3AI score0.05089EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/24 12:0 a.m.•44 views

Siemens JT2Go RAS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

3.3CVSS2.9AI score0.00713EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/12 12:0 a.m.•44 views

Microsoft SharePoint Workflow Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the SPWorkflowDataSourceView class. The issue results from...

8.8CVSS4.3AI score0.05904EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/22 12:0 a.m.•44 views

Delta Industrial Automation TPEditor TPE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation TPEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

7.8CVSS4.6AI score0.01191EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/18 12:0 a.m.•44 views

Apple macOS process_token_BlitLibSetup2D Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppleIntelKBLGraphic...

7.8CVSS4.2AI score0.01061EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/14 12:0 a.m.•44 views

Microsoft Windows Print Spooler Directory Junction Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Print Spooler...

7.8CVSS5.9AI score0.00852EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/12/03 12:0 a.m.•44 views

Apple macOS AudioCodecs Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AudioCodecs module...

7.8CVSS3.6AI score0.0139EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/11/24 12:0 a.m.•44 views

SaltStack Salt rest_cherrypy ssh_options Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SaltStack Salt. Authentication is not required to exploit this vulnerability. The specific flaw exists within the restcherrypy module. When parsing the sshoptions parameter, the process does not...

7.3CVSS5.1AI score0.99585EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2020/11/11 12:0 a.m.•44 views

Microsoft Windows bindflt Driver Missing Authentication Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the bindflt.sys...

7.8CVSS5.4AI score0.00772EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/11/10 12:0 a.m.•44 views

Adobe Acrobat Reader DC ID Parameter Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

3.3CVSS1.6AI score0.03023EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/21 12:0 a.m.•44 views

Apple macOS process_token_CopyPixelsSrcFBO Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppleIntelKBLGraphic...

7.8CVSS4.2AI score0.00216EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/15 12:0 a.m.•44 views

VMware Workstation ThinPrint EMR_STRETCHDIBITS Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6.5CVSS2.8AI score0.00301EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•44 views

Microsoft Windows State Repository Service Race Condition Use-After-Free Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Sta...

2.5CVSS4.2AI score0.01079EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•44 views

SAP 3D Visual Enterprise Viewer BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS4.5AI score0.01623EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•44 views

SAP 3D Visual Enterprise Viewer HPGL File Parsing hpgl Plugin Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7CVSS4.1AI score0.01623EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•44 views

SAP 3D Visual Enterprise Viewer HDR File Parsing Memory Corruption Remote Code Execution Vulnerabililty

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS4AI score0.01623EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/31 12:0 a.m.•44 views

Trend Micro Apex One Hard Link Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the ApexOne...

7.8CVSS4AI score0.00776EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/04 12:0 a.m.•44 views

NETGEAR R6700 acsd Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the acsd service, which listens on TCP port 5916 by default. The issue...

8.8CVSS4.5AI score0.02644EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/04 12:0 a.m.•44 views

NETGEAR Multiple Routers check_ra Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R6400, R6700, R7000, R7850, R7900, R8000, RS400, and XR300 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the checkra service. A crafte...

8.1CVSS6.8AI score0.08536EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/20 12:0 a.m.•44 views

Oracle VirtualBox PCnet Out-Of-Bounds Access Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the handlin...

7.5CVSS3.2AI score0.00547EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•44 views

Oracle VirtualBox xHCI Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6CVSS3AI score0.00563EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/03/25 12:0 a.m.•44 views

(Pwn2Own) TP-Link Archer A7 tdpServer Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tdpServer service, which listens on UDP port 20002 by...

8.8CVSS4.9AI score0.44437EPSS
Exploits4
Zero Day Initiative
Zero Day Initiative
•added 2019/09/10 12:0 a.m.•44 views

Microsoft Windows JET Database Engine Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database...

7CVSS3.7AI score0.11924EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/02 12:0 a.m.•44 views

Advantech WebAccess Node viewsrv SQLSetParam Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x27E9 IOCTL in the webvrpcs process. The issue resul...

9.8CVSS2.1AI score0.10665EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/02 12:0 a.m.•44 views

Advantech WebAccess Node webvrpcs viewsrv Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x2723 IOCTL in the webvrpcs process. The issue resul...

9.8CVSS2AI score0.05654EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/31 12:0 a.m.•44 views

Apple macOS sysctl_procargsx Uninitialized Buffer Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handlin...

4.7CVSS2.3AI score0.01121EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/11 12:0 a.m.•44 views

Foxit Reader XFA TimeField deleteItem Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

7.8CVSS1.7AI score0.03918EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/09/06 12:0 a.m.•44 views

(0Day) Cisco WebEx Network Recording Player Improper Access Control Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Cisco WebEx Network Recording Player. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists in t...

6.9CVSS5.3AI score0.0107EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2018/06/26 12:0 a.m.•44 views

Adobe Acrobat Pro DC Catalog Index Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS2.8AI score0.15976EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/06/08 12:0 a.m.•44 views

(Pwn2Own) Microsoft Windows D3DKMTCreateDCFromMemory Memory Corruption Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the creation of ...

7.2CVSS5.4AI score0.01424EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/03/19 12:0 a.m.•44 views

Microsoft Windows Font Creation Race Condition Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32k.sys...

7.2CVSS4.9AI score0.01267EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/12/12 12:0 a.m.•44 views

Microsoft Windows VBScript VT_BSTR Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS1.1AI score0.08643EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/22 12:0 a.m.•44 views

Trend Micro Control Manager CCGIServlet ID_HIDDEN_UG_STR SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within processing of...

6CVSS8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/22 12:0 a.m.•44 views

Trend Micro Control Manager CCGIServlet ID_QUERY_COMMAND_TRACKING_ID SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within processing of...

6CVSS8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/15 12:0 a.m.•44 views

Trend Micro Mobile Security for Enterprise search_device_invitations user_name SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Mobile Security for Enterprise. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of the searchdeviceinvitations action. When...

9CVSS4.8AI score0.50166EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/12 12:0 a.m.•44 views

Microsoft Office Word WordPerfect Document Converter Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS7.9AI score0.17224EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/10 12:0 a.m.•44 views

Fuji Electric Monitouch V-SFT Project File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.8CVSS8.7AI score0.05155EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/08 12:0 a.m.•44 views

Microsoft Windows Error Reporting Manager Improper Access Control Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute medium-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Windows...

2.6CVSS8AI score0.03889EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/07/11 12:0 a.m.•44 views

(Pwn2Own) Microsoft Windows fnHKINLPRECT Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull.s...

7.2CVSS8.1AI score0.00975EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/07/10 12:0 a.m.•44 views

(Pwn2Own) Google Chrome Array indexOf Out-Of-Bounds Access Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of th...

6.8CVSS2.5AI score0.02557EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/18 12:0 a.m.•44 views

(Pwn2Own) Apple macOS AppleMultitouchDevice Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handlin...

1.9CVSS3.2AI score0.0113EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/15 12:0 a.m.•44 views

(Pwn2Own) Apple Safari Array concat Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

6.8CVSS3.3AI score0.01508EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/02 12:0 a.m.•44 views

Google Chrome List Item Marker Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

6.8CVSS4.6AI score0.03362EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/04/11 12:0 a.m.•44 views

Adobe Reader DC JPEG2000 Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows a remote attacker to disclose sensitive information on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within JPEG200...

6.8CVSS1.7AI score0.02455EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/04/11 12:0 a.m.•44 views

Adobe Acrobat Pro DC ImageConversion JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS2.7AI score0.04184EPSS
Exploits0References1
Total number of security vulnerabilities5000