Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2020/10/28 12:0 a.m.•40 views

Foxit Studio Photo CR2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS4.4AI score0.0372EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/28 12:0 a.m.•40 views

Foxit Studio Photo NEF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS4.3AI score0.03797EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/22 12:0 a.m.•40 views

Oracle WebLogic Server T3 Protocol Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle WebLogic Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the T3 protocol. Crafted data in a T3 protocol message can trigge...

9.8CVSS4AI score0.30081EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/20 12:0 a.m.•40 views

VMware Workstation BDOOR_CMD_PATCH_ACPI_TABLES Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

8.2CVSS3.3AI score0.00825EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/19 12:0 a.m.•40 views

Apple macOS process_token_SetFence Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppleIntelKBLGraphic...

7.8CVSS4.2AI score0.00238EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/19 12:0 a.m.•40 views

Microsoft Windows User Profile Service Arbitrary File Deletion Vulnerability

This vulnerability allows local attackers to delete arbitrary files on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within handling of the...

5.5CVSS4.5AI score0.01553EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/08 12:0 a.m.•40 views

Apple macOS CoreGraphics JBIG2Bitmap Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the CoreGraphics library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

7.8CVSS6AI score0.05716EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/29 12:0 a.m.•40 views

Foxit PhantomPDF Update Service Incorrect Permission Assignment Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PhantomPDF. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the...

7.8CVSS3.8AI score0.02059EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/29 12:0 a.m.•40 views

Foxit PhantomPDF U3DBrowser U3D Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS1.4AI score0.03113EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/23 12:0 a.m.•40 views

Micro Focus Operations Bridge Reporter shrboadmin Use of Hard-coded Credentials Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Reporter. Authentication is not required to exploit this vulnerability. The specific flaw exists within the creation of the shrboadmin user during installation. The...

7.3CVSS3AI score0.15776EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•40 views

SAP 3D Visual Enterprise Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

4.5CVSS5.3AI score0.01623EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•40 views

SAP 3D Visual Enterprise Viewer FBX File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS4.9AI score0.01623EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•40 views

SAP 3D Visual Enterprise Viewer HPGL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7CVSS3.9AI score0.01623EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/27 12:0 a.m.•40 views

Advantech iView NetworkServlet findSummaryCfgDeviceListExport Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the findSummaryCfgDeviceListExport method of the NetworkServl...

9.8CVSS5.5AI score0.07717EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/27 12:0 a.m.•40 views

Advantech iView DeviceTreeTable exportInventoryTable Directory Traversal File Creation Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the exportInventoryTable method of the DeviceTreeTable class...

8.2CVSS3.3AI score0.07717EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/12 12:0 a.m.•40 views

Adobe Acrobat Reader DC ESObject Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS2.3AI score0.48441EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/12 12:0 a.m.•40 views

Adobe Acrobat Pro DC convert Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS1AI score0.02817EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/06 12:0 a.m.•40 views

FreeBSD Kernel sendmsg System Call Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of FreeBSD Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

8.8CVSS3.6AI score0.00721EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/04 12:0 a.m.•40 views

Foxit PhantomPDF JSCreate Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS2.6AI score0.06111EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/22 12:0 a.m.•40 views

Adobe Bridge MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of MP4...

7.8CVSS4.3AI score0.03832EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/06/30 12:0 a.m.•40 views

ICONICS Genesis64 TestQuery SQL Injection Remote Code Execution Vulnerability

The vulnerablity allows remote attackers to execute arbitrary code on affected installations of ICONICS Genesis64. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of requests to the TestQuery endpoint of the IcoFwxServer service. The...

9.8CVSS2.9AI score0.03029EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/06/30 12:0 a.m.•40 views

(Pwn2Own) ICONICS Genesis64 IcoFwxServer Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of ICONICS Genesis64. Authentication is not required to exploit this vulnerability. The specific flaw exists with the handling of serialized objects. The issue results from the lack of proper validation...

9.8CVSS3.1AI score0.02032EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/06/22 12:0 a.m.•40 views

(Pwn2Own) Rockwell Automation FactoryTalk View SE Backup Missing Authentication for Critical Function Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of Rockwell Automation FactoryTalk View SE. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of project backups. The issue results from lack of...

7.3CVSS1.6AI score0.51023EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2020/06/15 12:0 a.m.•40 views

(0Day) (Pwn2Own) Inductive Automation Ignition ServerMessageHeader Deserialization of Untrusted Data Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Inductive Automation Ignition. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of serialized data. The issue results in the lack of...

5.3CVSS1.7AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/05/27 12:0 a.m.•40 views

(Pwn2Own) Apple Safari In Operator JIT Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of...

7.3CVSS2.3AI score0.77246EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/12 12:0 a.m.•40 views

Microsoft Internet Explorer JScript Garbage Collection Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS3.4AI score0.1425EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/28 12:0 a.m.•40 views

TP-Link TL-WA855RE login.json Improper Authentication Privilege Escalation Vulnerability

This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of TP-Link TL-WA855RE Wi-Fi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within th...

8CVSS3AI score0.01123EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•40 views

Oracle VirtualBox D3D9 Shader Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle VirtualBox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within handling of D3D9...

8.8CVSS2.3AI score0.00568EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•40 views

Intel Wi-Fi Link Driver Netwtw06 Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Intel Wi-Fi Link Driver. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of 802.11 frames. The issue results from the lack of...

8.8CVSS3.3AI score0.00606EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•40 views

Microsoft Windows KERNELBASE Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.5AI score0.01456EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/03/16 12:0 a.m.•40 views

Foxit Studio Photo EPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS1.1AI score0.08384EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/03/12 12:0 a.m.•40 views

Microsoft Windows ulGetNearestIndexFromColorref Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

8.8CVSS5.4AI score0.00962EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/03/12 12:0 a.m.•40 views

(Pwn2Own) Xiaomi Mi9 Browser Untrusted Site Redirection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Xiaomi Mi9 Browser. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Xiaom...

5.5CVSS2.9AI score0.013EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/03/05 12:0 a.m.•40 views

IBM Spectrum Protect Plus changeAdministratorPassword Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IBM Spectrum Protect Plus. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Administrative Console Framework service. The issue results from the lack ...

9.8CVSS3.1AI score0.15491EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/02/11 12:0 a.m.•40 views

Foxit Reader JPEG2000 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

7.8CVSS4.3AI score0.06078EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/09/17 12:0 a.m.•40 views

Advantech WebAccess Node bwrunrpt Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within bwrunrpt.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs proces...

9.8CVSS3.4AI score0.02123EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/08/19 12:0 a.m.•40 views

Adobe Photoshop PostScript callothersubr Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

7.8CVSS3.5AI score0.05045EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/24 12:0 a.m.•40 views

Apple macOS parseSummaryInfo Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.1AI score0.01915EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/10 12:0 a.m.•40 views

Mozilla Firefox Language Pack XUL Injection Sandbox Escape Vulnerability

This vulnerability allows remote attackers to escape the sandbox on affected installations of Mozilla Firefox. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists due to possibility of XUL...

5.6CVSS4.5AI score0.02574EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/02 12:0 a.m.•40 views

Advantech WebAccess Node viewsrv Arbitrary File Deletion Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x2715 IOCTL in the webvrpcs process. The issue resul...

7.5CVSS1.5AI score0.03106EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/06/20 12:0 a.m.•40 views

Microsoft Windows DirectWrite Integer Overflow Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS6.3AI score0.07802EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/06/11 12:0 a.m.•40 views

Microsoft Word DOCX Parsing Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

3.3CVSS2.4AI score0.04885EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/03/28 12:0 a.m.•40 views

(0Day) Hewlett Packard Enterprise Intelligent Management Center iccSelectRules Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

8.8CVSS3.3AI score0.0364EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2019/01/25 12:0 a.m.•40 views

Apple Safari CSSFontFace Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

8.8CVSS1.5AI score0.01799EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/09/27 12:0 a.m.•40 views

Adobe Acrobat Pro DC ImageConversion JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS2.7AI score0.40537EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2018/08/14 12:0 a.m.•40 views

Microsoft Windows Dxgkrnl Type Confusion Privilege Escalation Vulnerability

This vulnerability allows attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within D3DKMTRender. The issu...

6.9CVSS4AI score0.03444EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/08/14 12:0 a.m.•40 views

Microsoft Exchange Server Voicemail Transcription Improper Access Control Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the conversion of voicemails to text. Due to improper access control, an attacker who h...

9CVSS5.1AI score0.25519EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/06/07 12:0 a.m.•40 views

Qemu Slirp Networking Heap-based Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Qemu. An attacker must first obtain the ability to execute code on the guest OS in order to exploit this vulnerability. The specific flaw exists within the handling of the slirp networking. The issu...

3.7CVSS4.5AI score0.00823EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/06/06 12:0 a.m.•40 views

Google Web Designer URI Parsing Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Web Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processi...

7.5CVSS4.1AI score0.84434EPSS
Exploits31References1
Zero Day Initiative
Zero Day Initiative
•added 2018/05/18 12:0 a.m.•40 views

Advantech WebAccess Node BWSCADASoap PointListByPage SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

4CVSS0.8AI score0.01659EPSS
Exploits0References1
Total number of security vulnerabilities5000