Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2020/02/11 12:0 a.m.•41 views

Foxit Reader JPEG2000 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

7.8CVSS4.3AI score0.05955EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/08/27 12:0 a.m.•41 views

Adobe Photoshop JSX File ExtendScript Folder.rename Insufficient UI Warning Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of th...

7.8CVSS1.8AI score0.14215EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/08/13 12:0 a.m.•41 views

Microsoft Windows XmlLite XML space Attribute Denial-Of-Service Vulnerability

This vulnerability allows remote attackers to produce a denial-of-service condition on affected installations of Microsoft Windows. Interaction with the XmlLite.dll library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw...

4.3CVSS5.2AI score0.03102EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/08/13 12:0 a.m.•41 views

Microsoft Windows gdiplus EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.9AI score0.01659EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/24 12:0 a.m.•41 views

Apple Safari InlineFlowBox Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the deleteLine method...

5CVSS3.4AI score0.01797EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/10 12:0 a.m.•41 views

Microsoft Office Excel OLE Object Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

7.8CVSS5AI score0.1316EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/10 12:0 a.m.•41 views

Microsoft Windows gdiplus EMF Parsing Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.7AI score0.11345EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/10 12:0 a.m.•41 views

Schneider Electric Zelio Soft 2 ZM2 File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric ZelioSoft 2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4AI score0.03699EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/05/30 12:0 a.m.•41 views

Apple macOS kextutil Race Condition Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of kernel...

7CVSS3.4AI score0.00202EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/04/17 12:0 a.m.•41 views

(Pwn2Own) Xiaomi Mi6 V8 CollectValuesOrEntriesImpl Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Mi6. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS3.4AI score0.06892EPSS
Exploits2
Zero Day Initiative
Zero Day Initiative
•added 2019/04/17 12:0 a.m.•41 views

Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing wMessageLen Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fl...

7.8CVSS5.4AI score0.03666EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/04/15 12:0 a.m.•41 views

Microsoft Internet Explorer Property Put Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS1.9AI score0.81551EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
•added 2019/04/04 12:0 a.m.•41 views

(0Day) Hewlett Packard Enterprise Intelligent Management Center faultStatChooseFaultType Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

8.8CVSS3AI score0.0364EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2019/03/12 12:0 a.m.•41 views

(0Day) Hewlett Packard Enterprise Intelligent Management Center MyFaces Static Key ViewState Use of Default Credentials Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the product. The web...

9.8CVSS3AI score0.08037EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2019/02/12 12:0 a.m.•41 views

Microsoft Windows gdiplus DoRotatedStretchBlt Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5.3AI score0.67008EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/01/25 12:0 a.m.•41 views

Drupal Phar File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Drupal. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of Phar archives. The issue results from the lack of proper validation of user-supplie...

6.8CVSS3.9AI score0.33228EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/01/24 12:0 a.m.•41 views

(Pwn2Own) Apple iOS mediaserverd crte Out-Of-Bounds Access Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple iOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of crte...

7.8CVSS4.3AI score0.00938EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/17 12:0 a.m.•41 views

Oracle Java Usage Tracker usagetracker.properties Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Oracle Java. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of a...

6.2CVSS3.2AI score0.00418EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/17 12:0 a.m.•41 views

Oracle Outside In vsxl5 GelFrame Record Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Oracle Outside In. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

3.3CVSS2.5AI score0.01704EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/08/31 12:0 a.m.•41 views

Cisco WebEx Network Recording Player ARF File Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Network Recording Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

6.8CVSS5.6AI score0.01813EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/02/07 12:0 a.m.•41 views

(Pwn2Own) Apple iOS backboardd Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple iOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the backboardd service...

6.9CVSS4.4AI score0.01279EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/02/07 12:0 a.m.•41 views

(Pwn2Own) Apple Safari MutationObserver Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Nod...

6.8CVSS2.2AI score0.024EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/12/12 12:0 a.m.•41 views

Microsoft Windows JavaScript Array JIT Optimization Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...

7.5CVSS3AI score0.07912EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/12/12 12:0 a.m.•41 views

Bitdefender Internet Security Emulator 0x102 Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.8CVSS2.5AI score0.03675EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2017/12/06 12:0 a.m.•41 views

Cisco WebEx Recorder and Player WRF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Recorder and Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.8CVSS6.3AI score0.0298EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/11/20 12:0 a.m.•41 views

Apple macOS nsurlstoraged Heap-based Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the nsurlstoraged...

4.4CVSS5.2AI score0.0118EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/10/10 12:0 a.m.•41 views

Microsoft Windows XLS File Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Microsoft...

6.8CVSS8.8AI score0.23961EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/11 12:0 a.m.•41 views

Hewlett Packard Enterprise Intelligent Management Center perfAddFormServer Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

9CVSS3.1AI score0.0572EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/09 12:0 a.m.•41 views

Adobe Digital Editions ePub Font Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Digital Editions. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

6.8CVSS4.5AI score0.0872EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/06/21 12:0 a.m.•41 views

(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCDRAW AddShapePoint Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of UCanCode E-XD++ Visualization Enterprise Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

6.8CVSS7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/18 12:0 a.m.•41 views

(Pwn2Own) Apple Safari WebGLRenderingContextBase drawElements Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

4.3CVSS0.9AI score0.01798EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/18 12:0 a.m.•41 views

(Pwn2Own) Apple macOS HFS Uninitialized Memory Information Disclosure Privilege Escalation Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handlin...

1.9CVSS6.9AI score0.00794EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/15 12:0 a.m.•41 views

Hewlett Packard Enterprise Intelligent Management Center dbman Opcode 10007 Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dbman service, which listens on TCP port...

10CVSS2AI score0.82877EPSS
Exploits8References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/29 12:0 a.m.•41 views

Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration dataIPChanged Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro InterScan Web Security Virtual Appliance. Authentication is required to exploit this vulnerability. The specific flaw exists within ConfigIPNetwork's saveNetworkConfiguration method...

9CVSS5.1AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/29 12:0 a.m.•41 views

Hewlett Packard Enterprise Intelligent Management Center Service Operation Manager Module FileDownloadServlet filePath Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within Service Operation Manager Module's...

7.8CVSS0.8AI score0.04804EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/01 12:0 a.m.•41 views

Trend Micro SafeSync for Enterprise save_iscsi_config Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro SafeSync for Enterprise. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

9CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/20 12:0 a.m.•41 views

Brocade Network Advisor DashboardFileReceiveServlet Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Brocade Network Advisor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DashboardFileReceiveServlet servlet. The issue results from the lack of...

10CVSS4.7AI score0.13033EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/10 12:0 a.m.•41 views

Acrobat Reader DC XFA Field Font Size Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XFA field fo...

6.8CVSS2.9AI score0.03953EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/10 12:0 a.m.•41 views

Adobe Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS2.3AI score0.0333EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/10 12:0 a.m.•41 views

Adobe Reader DC XSLT output Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within XSLT's...

6.8CVSS3AI score0.2042EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/10/11 12:0 a.m.•41 views

Adobe Acrobat Pro DC XObject stream Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within handling of...

6.8CVSS2.2AI score0.05813EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/09/21 12:0 a.m.•41 views

Hewlett Packard Enterprise Network Automation RMI Registry Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Network Automation. Authentication is not required to exploit this vulnerability. The specific flaw exists within an exposed RMI registry on TCP port 6099. By sending a...

7.5CVSS3.2AI score0.04362EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/09/16 12:0 a.m.•41 views

Microsoft Windows JavaScript map Method Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing...

6.8CVSS3.2AI score0.16166EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/07/12 12:0 a.m.•41 views

Adobe Flash DeleteRangeTimelineOperation Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS2AI score0.07391EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/06/24 12:0 a.m.•41 views

Unitronics VisiLogic OPLC IDE vlp File Parsing Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Unitronics VisiLogic OPLC IDE. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.8CVSS5AI score0.04499EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/06/22 12:0 a.m.•41 views

(Pwn2Own) Microsoft Windows Diagnostics Hub Standard Collector Directory Traversal Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Microsoft Windows Diagnostics Hub Standard Collector. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specif...

6.9CVSS5AI score0.02019EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2016/06/03 12:0 a.m.•41 views

Hewlett Packard Enterprise LoadRunner Virtual Table Server import_csv Denial of Service Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of Hewlett Packard Enterprise LoadRunner. Authentication is not required to exploit this vulnerability. The specific flaw exists within the importcsv functionality. The issue lies in the failure to...

8.5CVSS2.7AI score0.08566EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/10 12:0 a.m.•41 views

Adobe Acrobat Pro DC ComboBox field Format action Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

6.8CVSS3.1AI score0.0641EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/10 12:0 a.m.•41 views

Adobe Acrobat Pro DC execDialog Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS5.1AI score0.0641EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/10 12:0 a.m.•41 views

Microsoft Internet Explorer Add-on Installer Enhanced Protected Mode Information Disclosure Vulnerability

This vulnerability allows remote attackers to bypass the Enhanced Protected Mode sandbox of vulnerable installations of Microsoft Internet Explorer and disclose file contents. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

4.7CVSS1.8AI score0.15511EPSS
Exploits0References1
Total number of security vulnerabilities5000