Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2021/02/10 12:0 a.m.•41 views

Schneider Electric EcoStruxure Power Build SSD File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exist...

7.8CVSS5.2AI score0.0347EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/10 12:0 a.m.•41 views

Microsoft Windows wab32 WAB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of W...

7.8CVSS5.2AI score0.02635EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/09 12:0 a.m.•41 views

Horner Automation Cscape CSP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Horner Automation Cscape. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

7.8CVSS3.6AI score0.01345EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/04 12:0 a.m.•41 views

Cisco Multiple Routers RESTCONF file-upload Directory Traversal Arbitrary File Write Vulnerability

This vulnerability allows network-adjacent attackers to create arbitrary files on affected installations of Cisco RV16x and RV26x routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 443 by default. The...

6.5CVSS1.8AI score0.0369EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/22 12:0 a.m.•41 views

Delta Industrial Automation TPEditor TPE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation TPEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

7.8CVSS4.6AI score0.01191EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/14 12:0 a.m.•41 views

Siemens JT2Go RGB and SGI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of RG...

7.8CVSS5.9AI score0.04297EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/12/15 12:0 a.m.•41 views

D-Link Multiple Routers dhttpd Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 8008 by...

8.8CVSS3AI score0.01375EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/12/11 12:0 a.m.•41 views

Microsoft Excel XLS File Parsing Integer Signedness Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XLS...

7CVSS5.1AI score0.02618EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/11/24 12:0 a.m.•41 views

SaltStack Salt rest_cherrypy tgt Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SaltStack Salt. Authentication is not required to exploit this vulnerability. The specific flaw exists within the restcherrypy module. When parsing the tgt parameter, the process does not properly...

7.3CVSS4.7AI score0.99585EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2020/11/10 12:0 a.m.•41 views

WECON PLC Editor WCP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of WECON PLC Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of WC...

7.8CVSS5.6AI score0.01972EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/28 12:0 a.m.•41 views

Foxit Studio Photo CR2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2AI score0.02865EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/28 12:0 a.m.•41 views

Foxit Studio Photo CR2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2AI score0.02865EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/19 12:0 a.m.•41 views

Microsoft Excel XLS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XLS...

7.8CVSS4.3AI score0.04688EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/29 12:0 a.m.•41 views

Foxit Reader JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG20...

7.8CVSS4.2AI score0.09084EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/28 12:0 a.m.•41 views

Trend Micro Maximum Security Race Condition Arbitrary File Deletion Vulnerability

This vulnerability allows local attackers to delete arbitrary files on affected installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

5.3CVSS3.7AI score0.00298EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/23 12:0 a.m.•41 views

Micro Focus Operations Bridge Reporter HPE-OBR Incorrect Permission Assignment Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Micro Focus Operations Bridge Reporter. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists with...

8.4CVSS4.4AI score0.01348EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•41 views

SAP 3D Visual Enterprise Viewer U3D File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS5.1AI score0.01623EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•41 views

SAP 3D Visual Enterprise Viewer FBX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS4.4AI score0.01623EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/05 12:0 a.m.•41 views

Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The...

3.3CVSS3.5AI score0.01434EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/20 12:0 a.m.•41 views

Oracle VirtualBox Guest Additions Unnecessary Privileges Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Guest Addition...

8.2CVSS4.7AI score0.00565EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/20 12:0 a.m.•41 views

IBM WebSphere Application Server SOAP Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IBM WebSphere. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAP protocol. The issue results from the lack of proper validation of...

9.8CVSS2.9AI score0.13227EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/01 12:0 a.m.•41 views

(Pwn2Own) ICONICS Genesis64 PKGX Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability

The vulnerablity allows remote attackers to execute arbitrary code on affected installations of ICONICS Genesis64. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of PK...

7.8CVSS7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/06/05 12:0 a.m.•41 views

IBM WebSphere Application Server IIOP Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IBM WebSphere. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the IIOP protocol. The issue results from the lack of proper validation of...

9.8CVSS3AI score0.33937EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/30 12:0 a.m.•41 views

(Pwn2Own) Oracle VirtualBox E1000 IP Checksum Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

5.5CVSS2.3AI score0.00575EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•41 views

Eaton HMiSoft VU3 File Parsing wTextLen Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Eaton HMiSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS4.7AI score0.00805EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/02/11 12:0 a.m.•41 views

Foxit Reader JPEG2000 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

7.8CVSS4.3AI score0.05955EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/12/13 12:0 a.m.•41 views

Microsoft Windows GreSetMagicColors Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS5.5AI score0.01324EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/08/27 12:0 a.m.•41 views

Adobe Photoshop JSX File ExtendScript Folder.rename Insufficient UI Warning Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of th...

7.8CVSS1.8AI score0.14215EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/08/13 12:0 a.m.•41 views

Microsoft Windows XmlLite XML space Attribute Denial-Of-Service Vulnerability

This vulnerability allows remote attackers to produce a denial-of-service condition on affected installations of Microsoft Windows. Interaction with the XmlLite.dll library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw...

4.3CVSS5.2AI score0.03102EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/08/13 12:0 a.m.•41 views

Microsoft Windows gdiplus EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.9AI score0.01659EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/24 12:0 a.m.•41 views

Apple Safari InlineFlowBox Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the deleteLine method...

5CVSS3.4AI score0.01797EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/10 12:0 a.m.•41 views

Microsoft Office Excel OLE Object Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

7.8CVSS5AI score0.1316EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/10 12:0 a.m.•41 views

Microsoft Windows gdiplus EMF Parsing Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.7AI score0.11345EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/10 12:0 a.m.•41 views

Schneider Electric Zelio Soft 2 ZM2 File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric ZelioSoft 2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4AI score0.03699EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/02 12:0 a.m.•41 views

Advantech WebAccess Node makensis Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within makensis.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs proces...

9.8CVSS3.6AI score0.06092EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/05/30 12:0 a.m.•41 views

Apple macOS kextutil Race Condition Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of kernel...

7CVSS3.4AI score0.00202EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/04/17 12:0 a.m.•41 views

Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing wMessageLen Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fl...

7.8CVSS5.4AI score0.03666EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/03/12 12:0 a.m.•41 views

(0Day) Hewlett Packard Enterprise Intelligent Management Center MyFaces Static Key ViewState Use of Default Credentials Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the product. The web...

9.8CVSS3AI score0.08037EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2019/01/25 12:0 a.m.•41 views

Drupal Phar File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Drupal. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of Phar archives. The issue results from the lack of proper validation of user-supplie...

6.8CVSS3.9AI score0.33228EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/17 12:0 a.m.•41 views

Oracle Outside In vsxl5 GelFrame Record Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Oracle Outside In. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

3.3CVSS2.5AI score0.01704EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/17 12:0 a.m.•41 views

Oracle Java Usage Tracker usagetracker.properties Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Oracle Java. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of a...

6.2CVSS3.2AI score0.00418EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/08/31 12:0 a.m.•41 views

Cisco WebEx Network Recording Player ARF File Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Network Recording Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

6.8CVSS5.6AI score0.01813EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/02/07 12:0 a.m.•41 views

(Pwn2Own) Apple iOS backboardd Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple iOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the backboardd service...

6.9CVSS4.4AI score0.01279EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/12/12 12:0 a.m.•41 views

Bitdefender Internet Security Emulator 0x102 Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.8CVSS2.5AI score0.03675EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2017/09/22 12:0 a.m.•41 views

Trend Micro Control Manager ProductTree XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Trend Micro Control Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within...

4CVSS7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/30 12:0 a.m.•41 views

(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCHMI UpdateShapeGeo Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of UCanCode E-XD++ Visualization Enterprise Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

6.8CVSS7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/11 12:0 a.m.•41 views

Hewlett Packard Enterprise Intelligent Management Center perfAddFormServer Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

9CVSS3.1AI score0.0572EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/07/11 12:0 a.m.•41 views

Microsoft Chakra Array JIT Optimization Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...

6.8CVSS7.8AI score0.66911EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2017/06/21 12:0 a.m.•41 views

(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCDRAW AddShapePoint Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of UCanCode E-XD++ Visualization Enterprise Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

6.8CVSS7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/18 12:0 a.m.•41 views

(Pwn2Own) Apple Safari WebGLRenderingContextBase drawElements Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

4.3CVSS0.9AI score0.01798EPSS
Exploits0References1
Total number of security vulnerabilities5000