Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2006/12/19 12:0 a.m.•44 views

Mozilla Firefox SVG Processing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the browser's handling of SVG comment objects...

9.3CVSS3.7AI score0.08604EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•43 views

Linux Kernel nf_tables_expr_destroy Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the nftablesexprdestroy...

8.8CVSS7.5AI score0.02881EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/27 12:0 a.m.•43 views

(0Day) Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NTLM challenge requests. The issue results from the lack of proper validati...

3.7CVSS6.1AI score0.28084EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/08/15 12:0 a.m.•43 views

Siemens Solid Edge Viewer DWG File Parsing Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

3.3CVSS6AI score0.00221EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/06/16 12:0 a.m.•43 views

Microsoft Exchange Command Class Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the Command class. The issue results from the lack of proper validation of user-supplied...

8.8CVSS7.4AI score0.81775EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/17 12:0 a.m.•43 views

(Pwn2Own) Lexmark MC3224i lbtraceapp _WriteTarFile Command Injection Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Lexmark MC3224i printers. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS7.1AI score0.37835EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2023/04/24 12:0 a.m.•43 views

VMware Aria Operations for Logs Cluster Controller Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of VMware Aria Operations for Logs. Authentication is not required to exploit this vulnerability. The specific flaw exists within the InternalClusterController class. The issue results from the lack of...

9.8CVSS9.4AI score0.7165EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/02/09 12:0 a.m.•43 views

Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS7.7AI score0.00355EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/01/18 12:0 a.m.•43 views

D-Link DIR-3040 MiniDLNA Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MiniDLNA service. The issue results from the lack of proper...

8.8CVSS5.8AI score0.00923EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/12/15 12:0 a.m.•43 views

Canon imageCLASS MF644Cdw BJNP Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the BJNP service. The issue results from the lack of proper...

8.8CVSS5.3AI score0.0083EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/11/03 12:0 a.m.•43 views

D-Link DIR-1935 SetVirtualServerSettings VirtualServerInfo Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handli...

6.8CVSS3.5AI score0.01085EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/14 12:0 a.m.•43 views

Microsoft Windows CSRSS Activation Context Cache Poisoning Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the CSRSS.exe...

7.8CVSS6AI score0.09331EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/09/19 12:0 a.m.•43 views

Microsoft Windows Group Policy Preference Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. This vulnerability is dependent upon a Group Policy setting, and an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

7CVSS5.5AI score0.01917EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/22 12:0 a.m.•43 views

TP-Link TL-WR940N httpd ssid1 Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue...

6.8CVSS3.5AI score0.00724EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/02/15 12:0 a.m.•43 views

Siemens JT2Go PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF...

7.8CVSS4.8AI score0.0127EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/15 12:0 a.m.•43 views

(Pwn2Own) Lexmark MC3224i PJL Exposed Dangerous Function Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark MC3224i printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of PJL commands. The issue results from an exposed...

8.8CVSS4.8AI score0.01435EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/10 12:0 a.m.•43 views

TP-Link TL-WR940N httpd httpRpmFs Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of file name extensions. The issue results from the lack...

8.8CVSS3.9AI score0.01905EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/02/10 12:0 a.m.•43 views

TP-Link AC1750 NetUSB Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB.ko module. The issue results from the lack of proper...

8.8CVSS6.1AI score0.01674EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/02/02 12:0 a.m.•43 views

Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS5AI score0.01731EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/02/01 12:0 a.m.•43 views

(Pwn2Own) Samba fruit_pread Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Samba. Authentication is not required to exploit this vulnerability. The specific flaw exists within the fruitpread method. The issue results from the lack of proper validation of user-suppli...

5.3CVSS1.9AI score0.74042EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•43 views

Bentley View DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN...

7.8CVSS5.1AI score0.01955EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•43 views

Bentley MicroStation CONNECT OBJ File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

3.3CVSS2.6AI score0.01591EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•43 views

Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.1AI score0.01911EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/12/21 12:0 a.m.•43 views

Microsoft Windows Print Spooler Link Following Privilege Escalation Vulnerability

This vulnerability allows local attackers to escape the low integrity sandbox on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS8.3AI score0.0105EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/12/21 12:0 a.m.•43 views

Adobe After Effects 3GP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe After Effects. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS4.4AI score0.00341EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/11/05 12:0 a.m.•43 views

Hewlett Packard Enterprise iLO Amplifier Pack backup Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise iLO Amplifier Pack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the backup endpoint. The issue results from the lack of...

9.8CVSS9.4AI score0.13478EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/09/16 12:0 a.m.•43 views

Adobe FrameMaker PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe FrameMaker. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PD...

7.8CVSS4.6AI score0.021EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/09/16 12:0 a.m.•43 views

Adobe Acrobat Reader DC AcroForm deleteItemAt Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS2.4AI score0.64297EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/11 12:0 a.m.•43 views

Microsoft Windows User Profile Service Directory Junction Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the User Profile...

7.8CVSS5.9AI score0.00563EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/30 12:0 a.m.•43 views

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS2.3AI score0.04EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/28 12:0 a.m.•43 views

Adobe Media Encoder FLV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Media Encoder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.7AI score0.0245EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•43 views

Siemens JT2Go J2K File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

3.3CVSS3AI score0.01348EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•43 views

Siemens JT2Go PAR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PAR...

7.8CVSS5.6AI score0.02132EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•43 views

Siemens JT2Go JT File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT...

7.8CVSS4.4AI score0.01663EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•43 views

Siemens JT2Go TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF...

7.8CVSS4.2AI score0.01574EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/13 12:0 a.m.•43 views

(0Day) GoPro Player MOV File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GoPro Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of MOV...

7.8CVSS4.3AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/07/13 12:0 a.m.•43 views

(0Day) GoPro Player MOV File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GoPro Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of MOV...

7.8CVSS4.6AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/06/22 12:0 a.m.•43 views

Autodesk AutoCAD DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

3.3CVSS3AI score0.02743EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/10 12:0 a.m.•43 views

Adobe Acrobat Reader DC AcroForm Field Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS2.6AI score0.04709EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/10 12:0 a.m.•43 views

Adobe Acrobat Reader DC AcroForm Field Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS2.6AI score0.05172EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/10 12:0 a.m.•43 views

(0Day) D-Link DAP-1330 HNAP checkValidRequest Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction HTTP header. The issue results from the...

8.8CVSS2.8AI score0.02333EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/06/07 12:0 a.m.•43 views

Advantech iView runProViewUpgrade Missing Authentication Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the runProViewUpgrade action of NetworkServlet, which listens on TCP port 8080 by defaul...

9.8CVSS3.5AI score0.08055EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/03 12:0 a.m.•43 views

Bosch B426 Web Configuration Use of Hard-coded Password Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Bosch B426. Authentication is not required to exploit this vulnerability. The specific flaw exists within the lgs.cgi module. This issue results from the use of hard-coded session token. An attacker c...

8.8CVSS2.8AI score0.00839EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/05/25 12:0 a.m.•43 views

VMware Workstation ThinPrint TTCHeader Integer Overflow Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6.5CVSS4.3AI score0.00453EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/05/21 12:0 a.m.•43 views

SolarWinds Orion Job Scheduler JobRouterService Improper Authorization Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Job Scheduler. Authentication is required to exploit this vulnerability. The specific flaw exists within the JobRouterService WCF service. The issue is due to the WCF service...

8.8CVSS6.5AI score0.06485EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/05/12 12:0 a.m.•43 views

(0Day) Siemens Solid Edge Viewer JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5AI score0.02029EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/04/22 12:0 a.m.•43 views

Schneider Electric C-Bus Toolkit PROJECT RESTORE Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Schneider Electric C-Bus Toolkit. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

6.5CVSS1.9AI score0.30534EPSS
Exploits1References2
Zero Day Initiative
Zero Day Initiative
•added 2021/04/22 12:0 a.m.•43 views

Oracle VirtualBox VMSVGA Heap-based Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the VGA...

7.5CVSS5.6AI score0.0058EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/21 12:0 a.m.•43 views

Parallels Desktop Toolgate Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within t...

6.5CVSS3.7AI score0.0043EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/21 12:0 a.m.•43 views

Parallels Desktop OTG Time-Of-Check Time-Of-Use Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within t...

7.3CVSS2.9AI score0.00279EPSS
Exploits0References1
Total number of security vulnerabilities5000