Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2019/02/12 12:0 a.m.•44 views

Adobe Acrobat Pro DC Font Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS4.6AI score0.04506EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/12/13 12:0 a.m.•43 views

Microsoft Windows JScript Array concat Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows JScript. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS4.2AI score0.09906EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/24 12:0 a.m.•43 views

Advantech WebAccess Node drawsrv Arbitrary File Deletion Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x2715 IOCTL in the webvrpcs process. The issue...

7.1CVSS1.5AI score0.022EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/09/14 12:0 a.m.•43 views

Microsoft Windows Excel Database Driver Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the msexcl40.d...

6.8CVSS3.7AI score0.22757EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/08/14 12:0 a.m.•43 views

Crestron Multiple Products CTP Console FGETFILE Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Crestron's Android-based products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FGETFILE command of the CTP console. The issue results from the...

9.3CVSS2.7AI score0.07577EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/06/06 12:0 a.m.•43 views

GE MDS PulseNET CommandLineService Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE MDS PulseNET. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the CommandLineService web service. The issue results from the lack ...

7.5CVSS4.2AI score0.05058EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/05/04 12:0 a.m.•43 views

Wecon LeviStudioU DataLogTool Edit Stack-based Buffer Overflow Code Execution Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Wecon LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within DataLogTool.exe. Duri...

4.6CVSS3.7AI score0.00732EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/05/04 12:0 a.m.•43 views

Foxit Reader U3D Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

4.3CVSS2.3AI score0.02536EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/02/07 12:0 a.m.•43 views

(Pwn2Own) Apple Safari DFG JIT Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

6.8CVSS1.9AI score0.02689EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2018/01/10 12:0 a.m.•43 views

Trend Micro Control Manager TopSensitiveFilesDetected SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

6CVSS9.1AI score0.20222EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/01/05 12:0 a.m.•43 views

Advantech WebAccess webvrpcs drawsrv SQLSetConnectOption Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x27de IOCTL in the webvrpcs process. The issue results...

6.8CVSS8AI score0.02079EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/12/18 12:0 a.m.•43 views

(0Day) Linksys WVBR0 User-Agent Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Linksys WVBR0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web management portal. The issue lies in the lack of proper validation of user data...

10CVSS3.4AI score0.87929EPSS
Exploits9
Zero Day Initiative
Zero Day Initiative
•added 2017/12/15 12:0 a.m.•43 views

Quest NetVault Backup Server Process Manager Service NVBUPhaseStatus Count Method SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUPhaseStatus Count method requests. The issue results from th...

7.5CVSS1.1AI score0.03933EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2017/12/13 12:0 a.m.•43 views

NetGain Systems Enterprise Manager MainFilter doFilter Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on vulnerable installations of NetGain Systems Enterprise MainFilter. User interaction is required to exploit this vulnerability. The specific flaw exists within the MainFilter servlet. The issue results from the lack of proper...

7.8CVSS1.7AI score0.03333EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2017/11/20 12:0 a.m.•43 views

Apple macOS nsurlstoraged Heap-based Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the nsurlstoraged...

4.4CVSS5.2AI score0.0118EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/11/14 12:0 a.m.•43 views

Foxit Reader XFA Layout w Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the w method of XFA...

6.8CVSS8.7AI score0.0259EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/26 12:0 a.m.•43 views

Dell EMC VNX Monitoring and Reporting RMI Registry Deserialization of Untrusted Data Denial of Service Vulnerability

This vulnerability allows remote attackers to create a denial of service on vulnerable installations of Dell EMC VNX Monitoring and Reporting. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within ...

6.8CVSS7.1AI score0.01922EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/10 12:0 a.m.•43 views

Fuji Electric Monitouch V-SFT Insecure Configuration Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate their privileges on vulnerable installations of Fuji Electric Monitouch V-SFT. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists withi...

4.4CVSS6.3AI score0.00447EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/08 12:0 a.m.•43 views

Adobe Acrobat Pro DC ImageConversion JPEG Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.8CVSS5.8AI score0.27071EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/06/13 12:0 a.m.•43 views

Microsoft Windows OTL Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

2.6CVSS3.6AI score0.02973EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/15 12:0 a.m.•43 views

Apple Safari RenderLayer Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS1.9AI score0.0157EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/04/19 12:0 a.m.•43 views

Oracle Fusion Middleware MapViewer FileUploaderServlet fileName Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Fusion Middleware MapViewer. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FileUploaderServlet servlet. When parsing the fileName paramete...

7.5CVSS4.9AI score0.02005EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/04/19 12:0 a.m.•43 views

ThinPrint TPView JPEG2000 Parsing Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ThinPrint. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within JPEG2000 parsing. The...

6.2CVSS2.3AI score0.00369EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/28 12:0 a.m.•43 views

Apple macOS ImageIO JPEG Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of JPEG...

6.8CVSS5.4AI score0.02159EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/12 12:0 a.m.•43 views

Advantech WebAccess updateTemplate SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess. Authentication is required to exploit this vulnerability, but can be easily bypassed. The specific flaw exists within updateTemplate.aspx. The vulnerability is caused b...

6.5CVSS1.5AI score0.04398EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/10 12:0 a.m.•43 views

Adobe Reader DC XFA Layout Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XFA subform...

6.8CVSS2.8AI score0.04217EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/11/04 12:0 a.m.•43 views

Adobe Reader DC XObject stream Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing o...

6.8CVSS2.9AI score0.08706EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/08/09 12:0 a.m.•43 views

Microsoft Windows xxxInsertMenuItem Out-Of-Bounds Access Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.9CVSS3.2AI score0.06418EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/06/22 12:0 a.m.•43 views

(Pwn2Own) Microsoft Windows Diagnostics Hub Standard Collector Directory Traversal Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Microsoft Windows Diagnostics Hub Standard Collector. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specif...

6.9CVSS5AI score0.02019EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2016/06/03 12:0 a.m.•43 views

Hewlett Packard Enterprise LoadRunner Virtual Table Server import_csv Denial of Service Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of Hewlett Packard Enterprise LoadRunner. Authentication is not required to exploit this vulnerability. The specific flaw exists within the importcsv functionality. The issue lies in the failure to...

8.5CVSS2.7AI score0.08566EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/27 12:0 a.m.•43 views

(Pwn2Own) Apple OS X libATSServer Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS3.6AI score0.00964EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/10 12:0 a.m.•43 views

Adobe Acrobat Pro DC app.removeToolButton Information Disclosure Vulnerability

This vulnerability allows an attacker to leak sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS0.5AI score0.10026EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/04/08 12:0 a.m.•43 views

(Pwn2Own) Adobe Flash JPEG-XR Parsing Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS5.3AI score0.08292EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/02/05 12:0 a.m.•43 views

Advantech WebAccess datacore Service datacore.exe Path strcpy Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x791E IOCTL in the Kernel subsystem. A stack-based buffer...

9.3CVSS4.2AI score0.16655EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2016/02/05 12:0 a.m.•43 views

Advantech WebAccess webvrpcs Service BwpAlarm.dll sprintf Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x11178 IOCTL in the BwpAlarm subsystem. A stack-based buffe...

9.3CVSS4.3AI score0.16655EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2015/11/20 12:0 a.m.•43 views

Tibbo AggreGate SCADA/HMI Server Service uploadDirectory Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Tibbo AggreGate SCADA/HMI. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Windows service "AggreGate Server Service" agserverservice.exe. Through...

9.3CVSS7.3AI score0.03203EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/11/10 12:0 a.m.•43 views

Adobe Flash AS2 actionExtends Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the actionExtends...

6.8CVSS6.4AI score0.06171EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/11/10 12:0 a.m.•43 views

SolarWinds DameWare Mini Remote Control URI Handler Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds DameWare Mini Remote Control. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

7.5CVSS7AI score0.04846EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/10/13 12:0 a.m.•43 views

Adobe Reader Arbitrary File Deletion Sandbox Escape Vulnerability

This vulnerability allows local attackers to delete arbitrary files on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

1.9CVSS5.6AI score0.01124EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/09/16 12:0 a.m.•43 views

GE MDS PulseNET Hidden Support Account Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of GE MDS PulseNET. Authentication is required to exploit this vulnerability but it can bypassed using static credentials. The specific flaw exists within the PulseNET web service. It contains a hidde...

9CVSS7AI score0.03784EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/09/08 12:0 a.m.•43 views

Microsoft Internet Explorer mergeAttributes Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

6.8CVSS6.5AI score0.20243EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/07/20 12:0 a.m.•43 views

(0Day) Hewlett-Packard Client Automation Agent Stack Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Client Automation. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Hewlett-Packard Client Automation agent. An attacker can send a...

10CVSS7.2AI score0.06081EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2015/07/01 12:0 a.m.•43 views

SQLite Default Value Authorization Bypass Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SQLite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of DEFAULT...

7.5CVSS8.8AI score0.02766EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/05/26 12:0 a.m.•43 views

Dell NetVault Backup Heap Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Dell NetVault Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the libnv6 module. By manipulating a serialized object's template string...

9.3CVSS7.3AI score0.05962EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/03/10 12:0 a.m.•43 views

Microsoft Windows Text Services Out-Of-Bounds Memory Access Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how Windows Text...

6.8CVSS6.5AI score0.23755EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/12/11 12:0 a.m.•43 views

ManageEngine Desktop Central MSP NativeAppServlet UDID JSON Object Code Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ManageEngine Desktop Central MSP. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NativeAppServlet servlet. The issue lies in the failure to saniti...

10CVSS7.1AI score0.19086EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2014/12/11 12:0 a.m.•43 views

ManageEngine NetFlow Analyzer CollectorConfInfoServlet COLLECTOR_ID Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ManageEngine NetFlow Analyzer. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CollectorConfInfoServlet servlet. The issue lies in the failure to...

10CVSS7.1AI score0.06257EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/10/01 12:0 a.m.•43 views

Sophos Cyberoam webclient_portal_settings Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sophos Cyberoam. Authentication is required to exploit this vulnerability. The specific flaw exists within the webclientportalsettings opcode. The issue lies in the failure to properly sanitize...

9CVSS7AI score0.02318EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/08/12 12:0 a.m.•43 views

Microsoft Internet Explorer CSegment Object Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS7.6AI score0.2347EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/06/11 12:0 a.m.•43 views

Microsoft Internet Explorer CWindow Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS6.3AI score0.21735EPSS
Exploits0References1
Total number of security vulnerabilities5000