Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2015/09/08 12:0 a.m.•42 views

Microsoft Internet Explorer Element ID Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

6.8CVSS6.5AI score0.16505EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/08/11 12:0 a.m.•42 views

Microsoft Internet Explorer CStyleAttrArray Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

6.8CVSS6.5AI score0.15631EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2015/07/14 12:0 a.m.•42 views

Microsoft Internet Explorer CGeneratedTreeNode Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

6.8CVSS6.5AI score0.1842EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/07/01 12:0 a.m.•42 views

SQLite Default Value Authorization Bypass Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SQLite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of DEFAULT...

7.5CVSS8.8AI score0.02766EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/05/27 12:0 a.m.•42 views

(0Day) Wavelink Emulation License Server LicenseServer.exe HTTP Request Headers Remote Code Execution Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Wavelink Emulation License Server. User interaction is not required to exploit this vulnerability. The specific flaw exists in the parsing of HTTP requests in LicenseServer.exe listening by default on por...

10CVSS7.2AI score0.0488EPSS
Exploits0References5
Zero Day Initiative
Zero Day Initiative
•added 2015/03/10 12:0 a.m.•42 views

Microsoft Windows Text Services Out-Of-Bounds Memory Access Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how Windows Text...

6.8CVSS6.5AI score0.23755EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/08/27 12:0 a.m.•42 views

SolarWinds Storage Manager AuthenticationFilter Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the AuthenticationFilter class. The issue lies in the ability to subvert th...

10CVSS1.9AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/08/12 12:0 a.m.•42 views

Microsoft Internet Explorer CSegment Object Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS7.6AI score0.2347EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/08/12 12:0 a.m.•42 views

(0Day) F5 Data Manager discoverFilerBasicInfo.jsft filerName SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of F5 Data Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the discoverFilerBasicInfo.jsft page. An attacker is able to inject SQL through the...

6.8CVSS7.7AI score0.01421EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2014/07/09 12:0 a.m.•42 views

Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS7.6AI score0.16393EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/04/21 12:0 a.m.•42 views

Oracle Java permuteArguments Sandbox Bypass Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage of...

10CVSS4.1AI score0.04392EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/04/03 12:0 a.m.•42 views

Mozilla Firefox imgRequestProxy Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS9AI score0.07072EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2013/12/15 12:0 a.m.•42 views

Adobe Flash Player Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within processing of certai...

7.5CVSS4.3AI score0.1129EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2013/09/11 12:0 a.m.•42 views

Microsoft Visio Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of V...

6.8CVSS6.3AI score0.21533EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/07/26 12:0 a.m.•42 views

Microsoft Windows win32k.sys Privilege Escalation Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must run a malicious executable. The specific flaw exists within the handling of Dynamic Data Exchange...

6.2CVSS3.2AI score0.01743EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2013/07/26 12:0 a.m.•42 views

Hewlett-Packard LoadRunner Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP LoadRunner. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of connections using SSL. The issue lies in the failure to validate the...

9.3CVSS3.4AI score0.39303EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2013/05/29 12:0 a.m.•42 views

(Pwn2Own) Microsoft Internet Explorer VML Parsing Remote Code Execution Vulnerabillity

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS4.1AI score0.74096EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2012/08/29 12:0 a.m.•42 views

InduSoft Thin Client ISSymbol InternationalSeparator Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Indusoft Thin Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ISSymbol.oc...

7.5CVSS2.6AI score0.32349EPSS
Exploits12References1
Zero Day Initiative
Zero Day Initiative
•added 2012/08/22 12:0 a.m.•42 views

InduSoft Thin Client ISSymbol InternationalOrder Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Indusoft Thin Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ISSymbol.oc...

7.5CVSS5.2AI score0.32349EPSS
Exploits12References1
Zero Day Initiative
Zero Day Initiative
•added 2012/06/06 12:0 a.m.•42 views

Adobe Flash Player MP4 Stream Decoding Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

7.5CVSS5AI score0.9203EPSS
Exploits11References1
Zero Day Initiative
Zero Day Initiative
•added 2012/04/09 12:0 a.m.•42 views

Apple Quicktime PNG Depth Decoding Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of AppleQuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw occurs when the...

7.5CVSS4.3AI score0.03732EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2012/04/09 12:0 a.m.•42 views

Mozilla Firefox Ogg Vorbis Decoding Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the parsing of Ogg...

7.5CVSS5AI score0.07936EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2012/02/08 12:0 a.m.•43 views

Novell iPrint Server attributes-natural-language Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Server. Authentication is not required to exploit this vulnerability. The flaw exists within the modipp apache module component of the iprint-server, which listens by default on...

9CVSS2.6AI score0.02974EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2012/02/08 12:0 a.m.•42 views

Adobe Reader BMP Resource Signedness Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within 2d.x3d, which is...

7.5CVSS3.9AI score0.30641EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/08/31 12:0 a.m.•42 views

Apple QuickTime 3g2 'mp4v' atom size Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktim...

7.5CVSS2.8AI score0.04783EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/06/29 12:0 a.m.•42 views

Apple QuickTime RIFF fmt Chunk Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the...

7.5CVSS5.3AI score0.02924EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2011/06/08 12:0 a.m.•42 views

Oracle Java ICC Profile 'crdi' Tag Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java Runtime running on OSX or Linux. This vulnerability does not affect java running on Windows. User interaction is required to exploit this vulnerability in that the target must visit...

9CVSS5.6AI score0.06277EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/03/02 12:0 a.m.•42 views

Apple Webkit Font Glyph Layout Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way th...

9.7CVSS1.8AI score0.03181EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/02/15 12:0 a.m.•42 views

Oracle Java Applet Clipboard Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw is due to insufficient defenses against system...

10CVSS2.6AI score0.04132EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2010/10/12 12:0 a.m.•42 views

Oracle Sun JRE ICC Profile Device Information Tag Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle's Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the implementation of t...

9CVSS8.6AI score0.05885EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/09/13 12:0 a.m.•42 views

Apple Safari Webkit Runin Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

9CVSS9.3AI score0.05482EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2010/06/08 12:0 a.m.•42 views

Apple Webkit ProcessInstruction Target Error Message Insertion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with how WebKit inserts...

10CVSS5.3AI score0.08732EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/06/08 12:0 a.m.•42 views

Apple Webkit DOCUMENT_POSITION_DISCONNECTED Attribute Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on software utilizing a vulnerable version of Apple's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the way that Apple's Webkit...

10CVSS3.3AI score0.08732EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/05/06 12:0 a.m.•42 views

HP Mercury LoadRunner Agent Trusted Input Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Mercury LoadRunner. Authentication is not required to exploit this vulnerability. The specific flaw exists within the process magentproc.exe that binds to TCP port 54345. A specially crafted...

10CVSS6.1AI score0.78962EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2010/04/05 12:0 a.m.•42 views

Sun Java Runtime Environment MIDI File metaEvent Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the handling of MIDI...

10CVSS4.3AI score0.03788EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/04/05 12:0 a.m.•42 views

Sun Java Runtime Environment JPEGImageReader stepX Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the processing of JPEG image...

10CVSS6.1AI score0.06194EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/01/21 12:0 a.m.•42 views

Microsoft Internet Explorer Baseline Tag Rendering Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that an attacker must coerce a victim to visit a malicious page. The specific flaw exists due to the...

10CVSS3.2AI score0.19036EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2009/11/04 12:0 a.m.•42 views

Sun Java Web Start Arbitrary Command Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java WebStart. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the implementation...

9.3CVSS4.9AI score0.06182EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2009/05/12 12:0 a.m.•42 views

Microsoft Office PowerPoint Notes Container Heap Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office's PowerPoint. User interaction is required to exploit this vulnerability in that the target must open up a malicious file. The vulnerability exists within the parsing of certain...

9.3CVSS4.4AI score0.39453EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2008/12/09 12:0 a.m.•42 views

Microsoft Office RTF Consecutive Drawing Object Parsing Heap Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page, open a malicious e-mail, or open a malicious file. The specific flaw...

9.3CVSS2.8AI score0.33906EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2008/12/09 12:0 a.m.•42 views

Microsoft Animation ActiveX Control Malformed AVI Parsing Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code through vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the Microsoft Animation...

9.3CVSS4.4AI score0.53703EPSS
Exploits7References1
Zero Day Initiative
Zero Day Initiative
•added 2008/08/12 12:0 a.m.•42 views

Microsoft Windows Graphics Rendering Engine PICT Heap Corruption Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists in the handling of PICT images in an office document. D...

9.3CVSS2.7AI score0.35905EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2008/07/17 12:0 a.m.•42 views

Sun Java Web Start Sandbox Bypass Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Web Start. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the writeManifest method of the CacheEntry...

10CVSS5.2AI score0.25727EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2006/10/05 12:0 a.m.•42 views

CA Multiple Product Message Engine RPC Server Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates BrightStor ARCserve Backup, Enterprise Backup, Server Protection Suite and Business Protection Suite. Authentication is not required to exploit this vulnerability. The problem...

7.5CVSS1.8AI score0.78513EPSS
Exploits12References1
Zero Day Initiative
Zero Day Initiative
•added 2025/03/18 12:0 a.m.•41 views

Autodesk AutoCAD MODEL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS6.8AI score0.00224EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/06/18 12:0 a.m.•41 views

(0Day) Autodesk AutoCAD SLDPRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS7.2AI score0.00403EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/05 12:0 a.m.•41 views

SolarWinds Orion Platform VimChartInfo SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Platform. Authentication is required to exploit this vulnerability. The specific flaw exists within the VimChartInfo class. The issue results from the lack of proper validation of a...

8.8CVSS8.1AI score0.04814EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/11/15 12:0 a.m.•41 views

Microsoft .NET FormatFtpCommand CRLF Injection Arbitrary File Write and Deletion Vulnerability

This vulnerability allows remote attackers to create or delete arbitrary files on FTP servers implemented using affected versions of Microsoft .NET. Interaction with the .NET framework is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The...

7.6CVSS7.2AI score0.12512EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/08/17 12:0 a.m.•41 views

PDF-XChange Editor JavaScript String Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS6.8AI score0.0034EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/08/08 12:0 a.m.•41 views

(0Day) Inductive Automation Ignition JavaSerializationCodec Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is not required to exploit this vulnerability. The specific flaw exists within the JavaSerializationCodec class. The issue results from the lack of prope...

9.8CVSS7.4AI score0.01784EPSS
Exploits0
Total number of security vulnerabilities5000