Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2021/01/14 12:0 a.m.•42 views

Siemens JT2Go JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT...

7.8CVSS4.6AI score0.0308EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/12/15 12:0 a.m.•42 views

NETGEAR Orbi UA_Parser Host Name Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Orbi routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UAParser utility. A crafted Host Name option in a DHCP request can...

8.8CVSS4.5AI score0.02033EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/28 12:0 a.m.•42 views

Foxit Studio Photo EPS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS4.2AI score0.03671EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/22 12:0 a.m.•42 views

Oracle VirtualBox Shader Bytecode Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

5.3CVSS2.8AI score0.00705EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/22 12:0 a.m.•42 views

Oracle WebLogic Server IIOP Protocol Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle WebLogic. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the IIOP protocol. Crafted data in an IIOP protocol message can trigger...

9.8CVSS4AI score0.52032EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/22 12:0 a.m.•42 views

WECON LeviStudioU XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of WECON LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5.5CVSS2.2AI score0.01138EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/20 12:0 a.m.•42 views

VMware Workstation BDOOR_CMD_PATCH_ACPI_TABLES Time-Of-Check Time-Of-Use Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6CVSS2AI score0.00792EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/19 12:0 a.m.•42 views

Advantech WebAccess/SCADA WADashboard External Control of File Path Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the WADashboard...

8.8CVSS2.1AI score0.01509EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/21 12:0 a.m.•42 views

Apple macOS process_token_TexPBOUpload Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppleIntelKBLGraphic...

7.8CVSS4.2AI score0.00216EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•42 views

SAP 3D Visual Enterprise Viewer RH File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS4.4AI score0.01623EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•42 views

SAP 3D Visual Enterprise Viewer DIB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS4.6AI score0.01623EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•42 views

SAP 3D Visual Enterprise Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

4.5CVSS5.1AI score0.01623EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•42 views

SAP 3D Visual Enterprise Viewer HPGL File Parsing hpgl Plugin Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7CVSS3.4AI score0.01623EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•42 views

SAP 3D Visual Enterprise Viewer HDR File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS4.1AI score0.01623EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/08 12:0 a.m.•42 views

(0Day) Hewlett Packard Enterprise Pay per use UCS Meter ReceiverServlet doPost Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise Pay per use UCS Meter. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ReceiverServlet class. The issue results from the...

9.8CVSS4.1AI score0.0304EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/08 12:0 a.m.•42 views

(0Day) Hewlett Packard Enterprise Pay per use UCS Meter ReceiverServlet doGet Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Hewlett Packard Enterprise Pay per use UCS Meter. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ReceiverServlet class. The issue results fr...

7.5CVSS1.4AI score0.01588EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/22 12:0 a.m.•42 views

Adobe Photoshop MOV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

3.3CVSS2.5AI score0.04235EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/20 12:0 a.m.•42 views

Oracle VirtualBox PCnet Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the handlin...

7.5CVSS3.3AI score0.00416EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/20 12:0 a.m.•42 views

Oracle VirtualBox PCnet Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the handlin...

7.5CVSS3.3AI score0.00411EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/06/26 12:0 a.m.•42 views

(0Day) CentOS Web Panel ajax_mail_autoreply user SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmailautoreply.php. When parsing the user parameter, the process does not...

7.5CVSS2.1AI score0.0383EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/06/25 12:0 a.m.•42 views

(0Day) CentOS Web Panel ajax_mod_security check_ip Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmodsecurity.php. When parsing the checkip parameter, the process does not properly...

9.8CVSS6.1AI score0.08083EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/06/22 12:0 a.m.•42 views

(Pwn2Own) Rockwell Automation Studio 5000 Version Missing Authentication for Critical Function Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Rockwell Automation Studio 5000. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the Version parameter provided to hmiisapi.dll...

5.3CVSS2AI score0.53024EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•42 views

Foxit PhantomPDF GetFieldValue Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of t...

7.8CVSS2.2AI score0.04689EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•42 views

Oracle VirtualBox vmsvgaR3FifoUpdateCursor Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

3.2CVSS2.7AI score0.00535EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/02/11 12:0 a.m.•42 views

Foxit Reader JPEG2000 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

7.8CVSS4.3AI score0.05955EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/10/10 12:0 a.m.•42 views

Microsoft Windows CreateSurfacePal Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the CreateSurfaceP...

8.8CVSS5.3AI score0.01444EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/08/13 12:0 a.m.•42 views

Microsoft Windows Font Subsetting Library Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within fontsub.dll. The...

7.8CVSS3.2AI score0.13055EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/08/13 12:0 a.m.•42 views

Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.3AI score0.01661EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/22 12:0 a.m.•42 views

(Pwn2Own) Oracle VirtualBox vusbUrbSubmitCtrl Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS3.3AI score0.00466EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/02/12 12:0 a.m.•43 views

Adobe Acrobat Pro DC Font Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS4.6AI score0.04506EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/11/21 12:0 a.m.•42 views

Microsoft Windows VBScript Class_Terminate Scripting.Dictionary Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows VBScript. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS2.4AI score0.47556EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2018/09/14 12:0 a.m.•42 views

Microsoft Windows Excel Database Driver Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the msexcl40.d...

6.8CVSS3.7AI score0.22757EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/06/07 12:0 a.m.•42 views

(Pwn2Own) Samsung Members Intent Proxy Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Samsung Members. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

4.4CVSS2.5AI score0.01296EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2018/05/18 12:0 a.m.•42 views

Advantech WebAccess webvrpcs drawsrv Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x277e IOCTL in the webvrpcs process. The issue...

9.3CVSS2.3AI score0.02919EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/03/19 12:0 a.m.•42 views

Microsoft Windows Remote Assistance XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS3AI score0.21899EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2017/12/13 12:0 a.m.•42 views

NetGain Systems Enterprise Manager designer.script_005fsamples_jsp type Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of NetGain Systems Enterprise Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within...

7.8CVSS1.5AI score0.03391EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2017/08/08 12:0 a.m.•42 views

Adobe Acrobat Pro DC ImageConversion JPEG Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.8CVSS5.8AI score0.27071EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/06/13 12:0 a.m.•42 views

Microsoft Windows OTL Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

2.6CVSS3.6AI score0.02973EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2017/06/13 12:0 a.m.•42 views

Microsoft Internet Explorer InsertRow Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS2AI score0.06117EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/15 12:0 a.m.•42 views

Apple Safari RenderLayer Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS1.9AI score0.0157EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/15 12:0 a.m.•42 views

Hewlett Packard Enterprise Intelligent Management Center dbman Opcode 10010 Arbitrary File Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dbman service, which listens on TCP port...

7.8CVSS3AI score0.12166EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/04/11 12:0 a.m.•42 views

Adobe Reader DC Weblink Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows a remote attacker to disclose sensitive information on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS1.4AI score0.028EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/11 12:0 a.m.•42 views

Hewlett Packard Enterprise Intelligent Management Center CommonUtils Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

9CVSS3.4AI score0.04594EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/12 12:0 a.m.•42 views

Advantech WebAccess updateTemplate SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess. Authentication is required to exploit this vulnerability, but can be easily bypassed. The specific flaw exists within updateTemplate.aspx. The vulnerability is caused b...

6.5CVSS1.5AI score0.04398EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/10 12:0 a.m.•42 views

Adobe Reader DC XFA Layout Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XFA subform...

6.8CVSS2.8AI score0.04217EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/09/19 12:0 a.m.•42 views

Rockwell Automation RSLogix Micro Starter Lite Project File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Rockwell Automation RSLogix Micro Starter Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

6.8CVSS5AI score0.04667EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/08/09 12:0 a.m.•42 views

Microsoft Windows xxxInsertMenuItem Out-Of-Bounds Access Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.9CVSS3.2AI score0.06418EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/07/12 12:0 a.m.•42 views

Microsoft Chakra ArrayBuffer.transfer Uninitialized Buffer Information Leak Vulnerability

This vulnerability allows remote attackers to leak sensitive information on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

5CVSS1.2AI score0.20869EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/07/01 12:0 a.m.•42 views

Trihedral VTScada Filter Bypass Information Disclosure Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trihedral VTScada. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of Wireless Application Protocol requests. The issue lies in the failur...

5CVSS0.7AI score0.20104EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/27 12:0 a.m.•42 views

(Pwn2Own) Apple OS X libATSServer Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS3.6AI score0.00964EPSS
Exploits0References1
Total number of security vulnerabilities5000