Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2015/08/11 12:0 a.m.•41 views

Microsoft Internet Explorer Filesystem Elevation of Privilege Vulnerability

This vulnerability allows attackers to escalate privileges on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...

6.9CVSS6AI score0.07161EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/07/14 12:0 a.m.•41 views

Microsoft Internet Explorer CGeneratedTreeNode Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

6.8CVSS6.5AI score0.1842EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/05/12 12:0 a.m.•41 views

Adobe Acrobat Reader app.Monitors().select nonDocument Javascript API Restrictions Bypass Vulnerability

This vulnerability allows remote attackers to bypass API restrictions on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS6.4AI score0.09917EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/03/10 12:0 a.m.•41 views

Microsoft Internet Explorer CDOMTextNode Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS6.3AI score0.20344EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2015/02/23 12:0 a.m.•41 views

Mozilla Firefox DirectionalityUtils Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS9.3AI score0.03978EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/10/14 12:0 a.m.•41 views

Hewlett-Packard Sprinter TTF16.ocx DefaultFontName Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Sprinter. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability is found in Tidestone Formula One...

6.8CVSS6.7AI score0.06936EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/10/01 12:0 a.m.•41 views

Hewlett-Packard Network Node Manager ovopi.dll Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within ovopi.dll which listens by default on UDP port 696. When parsing...

10CVSS7.2AI score0.65435EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2014/10/01 12:0 a.m.•41 views

Hewlett-Packard Network Node Manager ovopi.dll Option -D Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within ovopi.dll which listens by default on a UDP port 696. When parsin...

10CVSS7.2AI score0.65435EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2014/09/03 12:0 a.m.•41 views

SAP Crystal Reports Connection String Processing Double Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Crystal Reports. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling...

6.8CVSS6.6AI score0.0306EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/04/21 12:0 a.m.•41 views

Oracle Event Processing FileUploadServlet Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Event Processing. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FileUploadServlet class. The class contains a method that does not properl...

7.5CVSS7.3AI score0.48355EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2014/04/11 12:0 a.m.•41 views

(Pwn2Own) Mozilla Firefox TypedArrayObject Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS9.3AI score0.06087EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2014/04/03 12:0 a.m.•41 views

Hewlett-Packard LeftHand Virtual SAN Appliance dbd_manager libens Unmarshalling Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP LeftHand Virtual SAN Appliance. Authentication is not required to exploit this vulnerability. The flaw exists within the dbdmanager component which receives messages via the hydra process. This...

10CVSS6.4AI score0.10436EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2014/02/05 12:0 a.m.•41 views

Oracle Java TTF Font Parsing Heap Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

6.8CVSS3.9AI score0.08383EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/07/26 12:0 a.m.•41 views

Cogent Datahub Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cogent Datahub. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web server component's handling of HTTP headers. By sending an overlarge HTTP heade...

10CVSS7.8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/06/11 12:0 a.m.•41 views

Apple QuickTime stsd Atom Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.5CVSS4.1AI score0.04014EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/05/29 12:0 a.m.•41 views

Microsoft HTTP.SYS Remote Denial of Service Vulnerability

This vulnerability allows remote attackers to cause a denial of service condition on vulnerable installations of IIS. No user interaction is required to exploit this vulnerability. The specific flaw exists within handling of HTTP headers in the Windows kernel. By providing a duplicate of a...

7.8CVSS3.7AI score0.54665EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2013/05/29 12:0 a.m.•41 views

IBM SPSS SamplePower Vsflex7l.ocx ActiveX ComboList Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS SamplePower. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS4.1AI score0.03498EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/05/29 12:0 a.m.•41 views

Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with the...

6.8CVSS3.1AI score0.38223EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2013/04/09 12:0 a.m.•41 views

Apple Mac OS X PDF Ink Annotations Processing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of a PDF...

6.8CVSS5.5AI score0.01844EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2012/06/28 12:0 a.m.•41 views

Apple Quicktime TeXML Karaoke Element Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of X...

7.5CVSS4.9AI score0.28623EPSS
Exploits9
Zero Day Initiative
Zero Day Initiative
•added 2012/04/18 12:0 a.m.•41 views

Samba SetInfoPolicy AuditEventsInfo Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samba. Authentication is not required to exploit this vulnerability. The specific flaw exists within the way Samba handles SetInfoPolicy requests. When parsing the data send in the request Samba us...

10CVSS5.5AI score0.74034EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2011/07/27 12:0 a.m.•41 views

Apple Safari Rendering Object Body Detachment Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the...

7.5CVSS3AI score0.03923EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2011/06/29 12:0 a.m.•41 views

Apple QuickTime RIFF fmt Chunk Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the...

7.5CVSS5.3AI score0.02924EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2011/02/15 12:0 a.m.•41 views

Oracle Java Applet Clipboard Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw is due to insufficient defenses against system...

10CVSS2.6AI score0.04132EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2011/02/08 12:0 a.m.•41 views

Adobe Reader BMP ColorData Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the Bitmap parsing component...

9CVSS4.4AI score0.09305EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/01/18 12:0 a.m.•41 views

Oracle GoldenGate Veridata Server XML SOAP Request Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle GoldenGate Veridata. Authentication is not required to exploit this vulnerability. The specific flaw exists within the way the application parses an XML soap request used for authorization t...

10CVSS4.9AI score0.02471EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/12/07 12:0 a.m.•41 views

Apple QuickTime PICT File PackBits Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application'...

9CVSS7.3AI score0.04937EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/08/10 12:0 a.m.•41 views

Microsoft Windows MPEG Layer-3 Audio Decoder Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required in that a target must open a malicious media file or visit a malicious page. The specific flaw exists within the codec responsible for parsing layer ...

10CVSS6.2AI score0.23415EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/04/02 12:0 a.m.•41 views

Microsoft Internet Explorer TIME2 Behavior Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page. The issue is located within the CTimeAction object. Durin...

10CVSS2.7AI score0.27523EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2010/02/19 12:0 a.m.•41 views

Mozilla Firefox showModalDialog Cross-Domain Scripting Vulnerability

This vulnerability allows remote attackers to bypass specific script execution enforcements on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the lack of cross doma...

9.4CVSS2.5AI score0.02147EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2009/11/05 12:0 a.m.•41 views

Hewlett-Packard Power Manager Administration Web Server Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Power Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of URL parameters when posting to the login form of the web bas...

10CVSS4.6AI score0.76706EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2009/11/04 12:0 a.m.•41 views

Sun Java Runtime AWT setBytePixels Heap Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the processing of arguments to t...

9.3CVSS4.6AI score0.06842EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2009/06/10 12:0 a.m.•41 views

Microsoft Word Document Stack Based Buffer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page, open a malicious e-mail, or open a malicious file. The specific flaw exist...

9.3CVSS4.8AI score0.63081EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2008/11/04 12:0 a.m.•41 views

Adobe Acrobat Reader Malformed PDF Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat and Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious web address or open a malicious file. The specific flaw exists...

9.3CVSS5.2AI score0.09497EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2008/03/12 12:0 a.m.•41 views

Java Web Start tempbuff Stack Buffer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Web Start. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the useEncodingDecl function used while...

9.3CVSS3.1AI score0.1248EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2007/03/28 12:0 a.m.•41 views

IBM Lotus Domino IMAP Server CRAM-MD5 Authentication Buffer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Domino Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in the CRAM-MD5 authentication mechanism of nimap.exe which binds by default to TCP...

10CVSS3.6AI score0.6122EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2024/06/18 12:0 a.m.•40 views

(0Day) Autodesk AutoCAD SLDPRT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS7.2AI score0.00403EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/06/18 12:0 a.m.•40 views

Hewlett Packard Enterprise OneView Apache Server-Side Request Forgery Vulnerability

This vulnerability allows remote attackers to initiate arbitrary server-side requests on affected installations of Hewlett Packard Enterprise OneView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the REST service, which listens on TCP port 443 by...

8.2CVSS7.2AI score0.99999EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2024/05/09 12:0 a.m.•40 views

Microsoft Windows Bluetooth AVDTP Protocol Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must connect a malicious Bluetooth device. The specific flaw exists within the processing of...

7.6CVSS7.2AI score0.00953EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/02/06 12:0 a.m.•40 views

(Pwn2Own) Canon imageCLASS MF753Cdw CADM setResource Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF753Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CADM service. The issue results from the lack of proper...

8.8CVSS7.5AI score0.01383EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/02/06 12:0 a.m.•40 views

(Pwn2Own) Canon imageCLASS MF753Cdw Probe message Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF753Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of Probe messages. The issue results from the...

8.8CVSS7.5AI score0.01383EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/05 12:0 a.m.•40 views

SolarWinds Orion Platform VimChartInfo SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Platform. Authentication is required to exploit this vulnerability. The specific flaw exists within the VimChartInfo class. The issue results from the lack of proper validation of a...

8.8CVSS8.1AI score0.04814EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/08/24 12:0 a.m.•40 views

(Pwn2Own) HP Color LaserJet Pro M479fdw Serial_Number Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of HP Color LaserJet Pro M479fdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of the SerialNumber element. The issue...

8.8CVSS7.3AI score0.0043EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/08/14 12:0 a.m.•40 views

Microsoft Windows Bluetooth AVDTP Protocol Integer Underflow Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must connect a malicious Bluetooth device. The specific flaw exists within the...

6.2CVSS6.1AI score0.0119EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/17 12:0 a.m.•40 views

Delta Electronics InfraSuite Device Master Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics InfraSuite Device Master. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installed instance of Apache ActiveMQ, which utilizes an...

9.8CVSS7.4AI score0.5005EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/17 12:0 a.m.•40 views

Linux Kernel ksmbd Session Setup Memory Exhaustion Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability, but only systems with ksmbd enabled are vulnerable. The specific flaw exists within the handling of...

7.5CVSS6.6AI score0.03872EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/15 12:0 a.m.•40 views

D-Link DIR-2150 SetTriggerPPPoEValidate Username Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the SOAP A...

6.8CVSS7.4AI score0.0176EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/03/31 12:0 a.m.•40 views

Microsoft 3D Builder GLB File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

5.3CVSS7.5AI score0.00939EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/02/09 12:0 a.m.•40 views

Open Design Alliance (ODA) Drawing SDK DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open Design Alliance ODA Drawing SDK. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

7.8CVSS5.6AI score0.01627EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/01/31 12:0 a.m.•40 views

Cacti poll_for_data Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cacti. Authentication is not required to exploit this vulnerability. The specific flaw exists within the pollfordata function. The issue results from the lack of proper validation of a user-supplied...

9.8CVSS3.8AI score0.99826EPSS
Exploits48References1
Total number of security vulnerabilities5000