Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2020/06/25 12:0 a.m.•42 views

(0Day) CentOS Web Panel ajax_mod_security check_ip Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmodsecurity.php. When parsing the checkip parameter, the process does not properly...

9.8CVSS6.1AI score0.08083EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/06/22 12:0 a.m.•42 views

(Pwn2Own) Rockwell Automation Studio 5000 Version Missing Authentication for Critical Function Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Rockwell Automation Studio 5000. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the Version parameter provided to hmiisapi.dll...

5.3CVSS2AI score0.53024EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•42 views

Foxit PhantomPDF GetFieldValue Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of t...

7.8CVSS2.2AI score0.04689EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•42 views

Oracle VirtualBox vmsvgaR3FifoUpdateCursor Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

3.2CVSS2.7AI score0.00535EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•42 views

Foxit PhantomPDF Export Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of t...

7.8CVSS2.4AI score0.04689EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/02/11 12:0 a.m.•42 views

Foxit Reader JPEG2000 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

7.8CVSS4.3AI score0.05955EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/10/10 12:0 a.m.•42 views

Microsoft Windows CreateSurfacePal Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the CreateSurfaceP...

8.8CVSS5.3AI score0.01444EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/08/13 12:0 a.m.•42 views

Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.3AI score0.01661EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/08/13 12:0 a.m.•42 views

Microsoft Windows Font Subsetting Library Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within fontsub.dll. The...

7.8CVSS3.2AI score0.13055EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/04/17 12:0 a.m.•42 views

(Pwn2Own) Xiaomi Mi6 V8 CollectValuesOrEntriesImpl Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Mi6. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS3.4AI score0.06892EPSS
Exploits2
Zero Day Initiative
Zero Day Initiative
•added 2019/04/15 12:0 a.m.•42 views

Microsoft Internet Explorer Property Put Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS1.9AI score0.81551EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
•added 2019/04/04 12:0 a.m.•42 views

(0Day) Hewlett Packard Enterprise Intelligent Management Center faultStatChooseFaultType Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

8.8CVSS3AI score0.0364EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2019/02/12 12:0 a.m.•42 views

Microsoft Windows gdiplus DoRotatedStretchBlt Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5.3AI score0.67008EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/01/24 12:0 a.m.•42 views

(Pwn2Own) Apple iOS mediaserverd crte Out-Of-Bounds Access Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple iOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of crte...

7.8CVSS4.3AI score0.00938EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/11/21 12:0 a.m.•42 views

Microsoft Windows VBScript Class_Terminate Scripting.Dictionary Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows VBScript. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS2.4AI score0.47556EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2018/06/07 12:0 a.m.•42 views

(Pwn2Own) Samsung Members Intent Proxy Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Samsung Members. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

4.4CVSS2.5AI score0.01296EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2018/05/18 12:0 a.m.•42 views

Advantech WebAccess webvrpcs drawsrv Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x277e IOCTL in the webvrpcs process. The issue...

9.3CVSS2.3AI score0.02919EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/02/07 12:0 a.m.•42 views

(Pwn2Own) Apple Safari MutationObserver Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Nod...

6.8CVSS2.2AI score0.024EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/12/13 12:0 a.m.•42 views

NetGain Systems Enterprise Manager designer.script_005fsamples_jsp type Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of NetGain Systems Enterprise Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within...

7.8CVSS1.5AI score0.03391EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2017/12/12 12:0 a.m.•42 views

Microsoft Windows JavaScript Array JIT Optimization Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...

7.5CVSS3AI score0.07912EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/12/06 12:0 a.m.•42 views

Cisco WebEx Recorder and Player WRF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Recorder and Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.8CVSS6.3AI score0.0298EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/11/20 12:0 a.m.•42 views

Apple macOS nsurlstoraged Heap-based Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the nsurlstoraged...

4.4CVSS5.2AI score0.0118EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/10/10 12:0 a.m.•42 views

Microsoft Windows XLS File Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Microsoft...

6.8CVSS8.8AI score0.23961EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/09 12:0 a.m.•42 views

Adobe Digital Editions ePub Font Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Digital Editions. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

6.8CVSS4.5AI score0.0872EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/06/13 12:0 a.m.•42 views

Microsoft Internet Explorer InsertRow Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS2AI score0.06117EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/15 12:0 a.m.•42 views

Hewlett Packard Enterprise Intelligent Management Center dbman Opcode 10010 Arbitrary File Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dbman service, which listens on TCP port...

7.8CVSS3AI score0.12166EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/04/11 12:0 a.m.•42 views

Adobe Reader DC Weblink Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows a remote attacker to disclose sensitive information on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS1.4AI score0.028EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/21 12:0 a.m.•42 views

Microsoft Edge JavaScript Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

5.1CVSS5.1AI score0.1523EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/11 12:0 a.m.•42 views

Hewlett Packard Enterprise Intelligent Management Center CommonUtils Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

9CVSS3.4AI score0.04594EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/20 12:0 a.m.•42 views

Brocade Network Advisor DashboardFileReceiveServlet Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Brocade Network Advisor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DashboardFileReceiveServlet servlet. The issue results from the lack of...

10CVSS4.7AI score0.13033EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/10 12:0 a.m.•42 views

Adobe Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS2.3AI score0.0333EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/09/19 12:0 a.m.•42 views

Rockwell Automation RSLogix Micro Starter Lite Project File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Rockwell Automation RSLogix Micro Starter Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

6.8CVSS5AI score0.04667EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/09/16 12:0 a.m.•42 views

Microsoft Windows JavaScript map Method Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing...

6.8CVSS3.2AI score0.16166EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/07/12 12:0 a.m.•42 views

Microsoft Chakra ArrayBuffer.transfer Uninitialized Buffer Information Leak Vulnerability

This vulnerability allows remote attackers to leak sensitive information on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

5CVSS1.2AI score0.20869EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/07/01 12:0 a.m.•42 views

Trihedral VTScada Filter Bypass Information Disclosure Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trihedral VTScada. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of Wireless Application Protocol requests. The issue lies in the failur...

5CVSS0.7AI score0.20104EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/06/22 12:0 a.m.•42 views

(Pwn2Own) Microsoft Windows Diagnostics Hub Standard Collector Directory Traversal Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Microsoft Windows Diagnostics Hub Standard Collector. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specif...

6.9CVSS5AI score0.02019EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/10 12:0 a.m.•42 views

Adobe Acrobat Pro DC app.removeToolButton Information Disclosure Vulnerability

This vulnerability allows an attacker to leak sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS0.5AI score0.10026EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/02/18 12:0 a.m.•42 views

(0Day) SAP 3D Visual Enterprise Viewer SketchUp document Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.8CVSS2.7AI score0.03119EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2015/11/20 12:0 a.m.•42 views

Tibbo AggreGate SCADA/HMI Server Service uploadDirectory Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Tibbo AggreGate SCADA/HMI. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Windows service "AggreGate Server Service" agserverservice.exe. Through...

9.3CVSS7.3AI score0.03203EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/09/18 12:0 a.m.•42 views

(Pwn2Own) Adobe Flash RTMP Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of RTMP...

6.8CVSS5.2AI score0.08458EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2015/09/08 12:0 a.m.•42 views

Moxa SoftCMS IPCam.IPCam_Video_Render_Plugin.1 IVLCControl setConfigPath Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Moxa SoftCMS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the setConfigPath...

6.8CVSS8.8AI score0.02797EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/09/08 12:0 a.m.•42 views

Microsoft Internet Explorer mergeAttributes Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

6.8CVSS6.5AI score0.20243EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/09/08 12:0 a.m.•42 views

Microsoft Internet Explorer Element ID Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

6.8CVSS6.5AI score0.16505EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/08/11 12:0 a.m.•42 views

Microsoft Internet Explorer CStyleAttrArray Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

6.8CVSS6.5AI score0.15631EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2015/07/14 12:0 a.m.•42 views

Microsoft Internet Explorer CGeneratedTreeNode Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

6.8CVSS6.5AI score0.1842EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/05/27 12:0 a.m.•42 views

(0Day) Wavelink Emulation License Server LicenseServer.exe HTTP Request Headers Remote Code Execution Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Wavelink Emulation License Server. User interaction is not required to exploit this vulnerability. The specific flaw exists in the parsing of HTTP requests in LicenseServer.exe listening by default on por...

10CVSS7.2AI score0.0488EPSS
Exploits0References5
Zero Day Initiative
Zero Day Initiative
•added 2014/08/27 12:0 a.m.•42 views

SolarWinds Storage Manager AuthenticationFilter Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the AuthenticationFilter class. The issue lies in the ability to subvert th...

10CVSS1.9AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/08/12 12:0 a.m.•42 views

(0Day) F5 Data Manager discoverFilerBasicInfo.jsft filerName SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of F5 Data Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the discoverFilerBasicInfo.jsft page. An attacker is able to inject SQL through the...

6.8CVSS7.7AI score0.01421EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2014/07/09 12:0 a.m.•42 views

Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS7.6AI score0.16393EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/04/03 12:0 a.m.•42 views

Mozilla Firefox imgRequestProxy Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS9AI score0.07072EPSS
Exploits1References1
Total number of security vulnerabilities5000