Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2023/05/15 12:0 a.m.•41 views

D-Link DIR-2150 SetSysEmailSettings AccountName Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the SOAP A...

6.8CVSS7.4AI score0.0176EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/01 12:0 a.m.•41 views

(Pwn2Own) NETGEAR RAX30 SOAP Request SQL Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of specific SOAP requests. The issue results from the lack ...

8.8CVSS7.7AI score0.00877EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/03/31 12:0 a.m.•41 views

Microsoft 3D Builder GLB File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

5.3CVSS7.5AI score0.00939EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/02/09 12:0 a.m.•41 views

(Pwn2Own) Western Digital MyCloud PR4100 FTP Server Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Western Digital MyCloud PR4100 NAS devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FTP server. The issue results from the lack of...

8.8CVSS3.1AI score0.36405EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/02/06 12:0 a.m.•41 views

Netatalk dsi_writeinit Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dsiwriteinit function. The issue results from the lack of proper validation of the length o...

9.8CVSS3.8AI score0.18903EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/01/18 12:0 a.m.•41 views

Microsoft Print 3D PLY File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Print 3D. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

6.6CVSS7.6AI score0.00939EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/12/28 12:0 a.m.•41 views

D-Link DIR-825/EE xupnpd Upload Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-825/EE routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the xupnpd service, which listens on TCP port 4044. The issue result...

8.8CVSS4.5AI score0.00962EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/09/14 12:0 a.m.•41 views

(0Day) NIKON NIS-Elements Viewer TIF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.4AI score0.00626EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/08/23 12:0 a.m.•41 views

(Pwn2Own) AVEVA Edge Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of APP...

7.8CVSS2.9AI score0.00647EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/18 12:0 a.m.•41 views

PDF-XChange Editor ICO File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5.2AI score0.0077EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/18 12:0 a.m.•41 views

Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.9AI score0.02545EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/18 12:0 a.m.•41 views

ManageEngine OpManager Plus getUserAPIKey Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of ManageEngine OpManager Plus. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getUserAPIKey function. The issue results from the lack of authentication...

9.4CVSS2.9AI score0.0793EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/05 12:0 a.m.•41 views

Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PD...

7.8CVSS4.9AI score0.01016EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/05 12:0 a.m.•41 views

Foxit PDF Reader AcroForm deletePages Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS2.1AI score0.01016EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/07/15 12:0 a.m.•41 views

ABB Automation Builder Platform Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of ABB Automation Builder Platform. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS6.2AI score0.00315EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/07/15 12:0 a.m.•41 views

(Pwn2Own) Inductive Automation Ignition Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Inductive Automation Ignition. Authentication is not required to exploit this vulnerability. The specific flaw exists within com.inductiveautomation.ignition.gateway.web.pages. The issue results from...

7.5CVSS2.6AI score0.60292EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/06/29 12:0 a.m.•41 views

ZyXel AP Configurator Incorrect Permission Assignment Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of ZyXel AP Configurator. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the installer...

7.3CVSS4.8AI score0.00343EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/05/10 12:0 a.m.•41 views

Cisco RV340 JSON RPC set-snmp Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling o...

4.3CVSS4.2AI score0.02021EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/05/10 12:0 a.m.•41 views

Microsoft Visual Studio DDS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Visual Studio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS6AI score0.0266EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/05/10 12:0 a.m.•41 views

Microsoft Windows Print Spooler Service Directory Traversal Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Pri...

5.5CVSS3AI score0.0123EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/04/28 12:0 a.m.•41 views

Oracle MySQL Cluster Data Node Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle MySQL Cluster. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of Data Node jobs. The issue results from the lack of proper...

9.8CVSS4.5AI score0.03079EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/04/08 12:0 a.m.•41 views

Rockwell Automation Connected Components Workbench CCWARC File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation Connected Components Workbench. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fl...

7.8CVSS4.7AI score0.11654EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/22 12:0 a.m.•41 views

(Pwn2Own) Cisco RV340 upload.cgi JSON Command Injection Privilege Escalation Vulnerability

This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of Cisco RV340 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of...

4.3CVSS3.7AI score0.75322EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/02 12:0 a.m.•41 views

Sante DICOM Viewer Pro J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS5.2AI score0.01848EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/02/02 12:0 a.m.•41 views

Sante DICOM Viewer Pro J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS5.1AI score0.01848EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•41 views

Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

3.3CVSS2.6AI score0.01699EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•41 views

Bentley MicroStation CONNECT JP2 File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4.7AI score0.02113EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/13 12:0 a.m.•41 views

Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS2.5AI score0.20906EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/13 12:0 a.m.•41 views

Microsoft Windows User Profile Service Directory Junction Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the User Profile...

7.8CVSS5.9AI score0.01227EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/06 12:0 a.m.•41 views

VMware Workstation SCSI Heap-based Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the SCSI...

7.8CVSS5.2AI score0.04681EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/12/08 12:0 a.m.•41 views

Bentley View BMP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP...

7.8CVSS5.9AI score0.02005EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/12/08 12:0 a.m.•41 views

Bentley View JT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

3.3CVSS2.6AI score0.01644EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/12/08 12:0 a.m.•41 views

Bentley View JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT...

7.8CVSS5AI score0.01945EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/11/11 12:0 a.m.•41 views

Microsoft Windows DiagTrack Service Link Following Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DiagTrack...

7.8CVSS8.3AI score0.00875EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/10/29 12:0 a.m.•41 views

NETGEAR Multiple Routers httpd Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. When...

8.8CVSS3.4AI score0.00576EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/10/28 12:0 a.m.•41 views

SolarWinds Orion Platform ActionPluginBaseView Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Platform. Authentication is required to exploit this vulnerability. The specific flaw exists within the ActionPluginBaseView class. The issue results from the lack of proper validati...

8.8CVSS3.9AI score0.69731EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/10/14 12:0 a.m.•41 views

Microsoft Office Visio EMF File Parsing Improper Validation of Array Index Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS4.9AI score0.05421EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/09/16 12:0 a.m.•41 views

Adobe FrameMaker TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe FrameMaker. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.7AI score0.01287EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/18 12:0 a.m.•41 views

Siemens JT2Go DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN...

7.8CVSS4.2AI score0.02801EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/30 12:0 a.m.•41 views

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS2.3AI score0.04EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/30 12:0 a.m.•41 views

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS2.3AI score0.13346EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/30 12:0 a.m.•41 views

Foxit PDF Reader delay Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of t...

7.8CVSS2.1AI score0.04EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/30 12:0 a.m.•41 views

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS2.3AI score0.04EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/28 12:0 a.m.•41 views

Adobe Character Animator SVG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Character Animator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

3.3CVSS2.7AI score0.01128EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•41 views

Siemens JT2Go BMP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

3.3CVSS2.8AI score0.01348EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•41 views

Cisco WebEx Network Recording Player ARF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Cisco WebEx Network Recording Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

3.3CVSS3AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/06/10 12:0 a.m.•41 views

Vector 35 Binary Ninja BNDB File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Vector 35 Binary Ninja. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS5AI score0.02384EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/07 12:0 a.m.•41 views

Advantech iView getInventoryReportData SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getInventoryReportData action of NetworkServlet, which listens on TCP port...

7.5CVSS2.7AI score0.01169EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/05/11 12:0 a.m.•41 views

Schneider Electric C-Bus Toolkit Incorrect Permission Assignment Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on affected installations of Schneider Electric C-Bus Toolkit. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.8CVSS5AI score0.00765EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/05/07 12:0 a.m.•41 views

Foxit Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D...

7.8CVSS3.9AI score0.02812EPSS
Exploits0References1
Total number of security vulnerabilities5000