Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2023/04/14 12:0 a.m.•43 views

(Pwn2Own) Sonos One Speaker MPEG-TS Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MPEG-TS parser. The issue results from the lack of proper validation of...

8.8CVSS8.8AI score0.00814EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/02/09 12:0 a.m.•43 views

Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS7.7AI score0.00355EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/01/18 12:0 a.m.•43 views

D-Link DIR-3040 MiniDLNA Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MiniDLNA service. The issue results from the lack of proper...

8.8CVSS5.8AI score0.00923EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/12/15 12:0 a.m.•43 views

Canon imageCLASS MF644Cdw BJNP Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF644Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the BJNP service. The issue results from the lack of proper...

8.8CVSS5.3AI score0.0083EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/09/19 12:0 a.m.•43 views

Microsoft Windows Group Policy Preference Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. This vulnerability is dependent upon a Group Policy setting, and an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

7CVSS5.5AI score0.01917EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/15 12:0 a.m.•43 views

Siemens JT2Go PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF...

7.8CVSS4.8AI score0.0127EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/15 12:0 a.m.•43 views

(Pwn2Own) Lexmark MC3224i PJL Exposed Dangerous Function Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark MC3224i printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of PJL commands. The issue results from an exposed...

8.8CVSS4.8AI score0.01435EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/10 12:0 a.m.•43 views

TP-Link TL-WR940N httpd httpRpmFs Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of file name extensions. The issue results from the lack...

8.8CVSS3.9AI score0.02034EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/02/10 12:0 a.m.•43 views

TP-Link AC1750 NetUSB Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB.ko module. The issue results from the lack of proper...

8.8CVSS6.1AI score0.01788EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/02/02 12:0 a.m.•43 views

Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS5AI score0.01848EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/02/01 12:0 a.m.•43 views

(Pwn2Own) Samba fruit_pread Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Samba. Authentication is not required to exploit this vulnerability. The specific flaw exists within the fruitpread method. The issue results from the lack of proper validation of user-suppli...

5.3CVSS1.9AI score0.7372EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•43 views

Bentley View DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN...

7.8CVSS5.1AI score0.02087EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•43 views

Bentley MicroStation CONNECT JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.1AI score0.02041EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•43 views

Bentley MicroStation CONNECT OBJ File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

3.3CVSS2.6AI score0.01699EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/11/05 12:0 a.m.•43 views

Hewlett Packard Enterprise iLO Amplifier Pack backup Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise iLO Amplifier Pack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the backup endpoint. The issue results from the lack of...

9.8CVSS9.4AI score0.13478EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/09/16 12:0 a.m.•43 views

Adobe Acrobat Reader DC AcroForm deleteItemAt Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS2.4AI score0.64297EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/09/14 12:0 a.m.•43 views

(0Day) Autodesk Navisworks PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autodesk Navisworks. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.6AI score0.00957EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/09/14 12:0 a.m.•43 views

(0Day) Autodesk Navisworks DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS4.8AI score0.00988EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/11 12:0 a.m.•43 views

Microsoft Windows User Profile Service Directory Junction Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the User Profile...

7.8CVSS5.9AI score0.00563EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/30 12:0 a.m.•43 views

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS2.3AI score0.04EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•43 views

Siemens JT2Go J2K File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

3.3CVSS3AI score0.01348EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•43 views

Siemens JT2Go PAR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PAR...

7.8CVSS5.6AI score0.02132EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•43 views

Siemens JT2Go JT File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT...

7.8CVSS4.4AI score0.01663EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/13 12:0 a.m.•43 views

(0Day) GoPro Player MOV File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GoPro Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of MOV...

7.8CVSS4.6AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/07/05 12:0 a.m.•43 views

(0Day) Advantech WebAccess Node BwImgExe Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within BwImgExe.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs proces...

9.8CVSS3.8AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/06/22 12:0 a.m.•43 views

Autodesk AutoCAD DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

3.3CVSS3AI score0.02743EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/10 12:0 a.m.•43 views

Adobe Acrobat Reader DC AcroForm Field Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS2.6AI score0.04709EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/10 12:0 a.m.•43 views

(0Day) D-Link DAP-1330 HNAP checkValidRequest Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction HTTP header. The issue results from the...

8.8CVSS2.8AI score0.02333EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/06/07 12:0 a.m.•43 views

Advantech iView runProViewUpgrade Missing Authentication Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the runProViewUpgrade action of NetworkServlet, which listens on TCP port 8080 by defaul...

9.8CVSS3.5AI score0.08055EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/03 12:0 a.m.•43 views

Bosch B426 Web Configuration Use of Hard-coded Password Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Bosch B426. Authentication is not required to exploit this vulnerability. The specific flaw exists within the lgs.cgi module. This issue results from the use of hard-coded session token. An attacker c...

8.8CVSS2.8AI score0.00839EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/05/21 12:0 a.m.•43 views

SolarWinds Orion Job Scheduler JobRouterService Improper Authorization Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Job Scheduler. Authentication is required to exploit this vulnerability. The specific flaw exists within the JobRouterService WCF service. The issue is due to the WCF service...

8.8CVSS6.5AI score0.06485EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/05/12 12:0 a.m.•43 views

(0Day) Siemens Solid Edge Viewer JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5AI score0.02029EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/04/22 12:0 a.m.•43 views

Schneider Electric C-Bus Toolkit PROJECT RESTORE Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Schneider Electric C-Bus Toolkit. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

6.5CVSS1.9AI score0.30534EPSS
Exploits1References2
Zero Day Initiative
Zero Day Initiative
•added 2021/04/21 12:0 a.m.•43 views

Parallels Desktop OTG Time-Of-Check Time-Of-Use Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within t...

7.3CVSS2.9AI score0.00279EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/21 12:0 a.m.•43 views

Parallels Desktop Toolgate Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within t...

6.5CVSS3.7AI score0.0043EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/30 12:0 a.m.•43 views

Esri ArcReader PMF File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Esri ArcReader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PMF...

7.8CVSS5.6AI score0.01522EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/30 12:0 a.m.•43 views

Esri ArcReader PMF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Esri ArcReader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PMF...

7.8CVSS5.7AI score0.02412EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/17 12:0 a.m.•43 views

Microsoft Windows EFI Partition Incorrect Authorization Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

5.5CVSS4.5AI score0.01062EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/15 12:0 a.m.•43 views

SAP 3D Visual Enterprise Viewer HPGL File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS4.7AI score0.01242EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/02/24 12:0 a.m.•43 views

NETGEAR Multiple Routers SSDP Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6400 and R6700 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upnpd service, which listens on UDP port 1900 by default. ...

8.8CVSS5.2AI score0.00746EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/24 12:0 a.m.•43 views

Siemens JT2Go TIFF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIFF...

7.8CVSS5.1AI score0.00724EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/10 12:0 a.m.•43 views

Adobe Acrobat Pro DC setAction Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2AI score0.02006EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/04 12:0 a.m.•43 views

Apple macOS ImageIO EXR Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the ImageIO...

7.8CVSS6.4AI score0.01113EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/22 12:0 a.m.•43 views

Delta Industrial Automation TPEditor TPE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation TPEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

7.8CVSS4.6AI score0.01191EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/12/09 12:0 a.m.•43 views

Microsoft SharePoint Site Import Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the ImportWeb function. The issue results from the lack of proper validation of a...

8.8CVSS4.4AI score0.03257EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/12/09 12:0 a.m.•43 views

X.Org Server XkbSelectEvents Integer Underflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

7.8CVSS5.1AI score0.00613EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/11/11 12:0 a.m.•43 views

Microsoft Internet Explorer array Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS2.1AI score0.02936EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/11/10 12:0 a.m.•43 views

Adobe Acrobat Pro DC PDF Export Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the exporting...

7.8CVSS2.5AI score0.16348EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/28 12:0 a.m.•43 views

Foxit Studio Photo EZIX channel id Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS2.3AI score0.03647EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/28 12:0 a.m.•43 views

Foxit Studio Photo CR2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS4.4AI score0.0372EPSS
Exploits0References1
Total number of security vulnerabilities5000