Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2010/07/20 12:0 a.m.•103 views

Mozilla Firefox CSS font-face Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within handling of...

10CVSS4AI score0.09782EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/27 12:0 a.m.•102 views

(0Day) Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the smtp service, which listens on TCP port 25 by default. The issue results from the lack of prope...

9.8CVSS7.4AI score0.10042EPSS
Exploits5
Zero Day Initiative
Zero Day Initiative
•added 2021/07/22 12:0 a.m.•102 views

(Pwn2Own) Microsoft Exchange Server OAB Arbitrary File Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Exchange Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the OAB service. T...

8.8CVSS5.5AI score0.04873EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/06/16 12:0 a.m.•101 views

(Pwn2Own) Microsoft Windows cldflt Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Cloud Files Mi...

8.8CVSS6.6AI score0.03944EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/04 12:0 a.m.•101 views

Cisco Multiple Routers RESTCONF Content-Type Header Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV16x and RV26x routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 443 by default. When...

8.8CVSS3.9AI score0.04236EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/11/24 12:0 a.m.•101 views

SaltStack Salt rest_cherrypy ssh_priv Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SaltStack Salt. Authentication is not required to exploit this vulnerability. The specific flaw exists within the restcherrypy module. When parsing the sshpriv parameter, the process does not properl...

7.3CVSS5.1AI score0.99585EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/07 12:0 a.m.•100 views

Phoenix Contact Automationworx BCP File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Phoenix Contact Automationworx. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.2AI score0.01756EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/14 12:0 a.m.•100 views

Siemens JT2Go PLMXML File Parsing XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

5.5CVSS2.4AI score0.02586EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/14 12:0 a.m.•100 views

Schneider Electric EcoStruxure Operator Terminal Expert VXDZ File Parsing Directory Traversal Remote Code Execution Vulnerability

The vulnerablity allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Operator Terminal Expert. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...

7.8CVSS3.7AI score0.01136EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/11/18 12:0 a.m.•100 views

SQLite fts3_tokenizer Untrusted Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SQLite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

7.5CVSS6.7AI score0.39286EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•99 views

Siemens JT2Go JT File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT...

7.8CVSS4.4AI score0.01793EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2020/06/15 12:0 a.m.•99 views

(0Day) (Pwn2Own) NETGEAR R6700 UPnP NewBlockSiteName Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the UPnP...

8.8CVSS3.6AI score0.87343EPSS
Exploits2
Zero Day Initiative
Zero Day Initiative
•added 2016/08/09 12:0 a.m.•99 views

Microsoft Windows win32k RGNOBJ Integer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within RGNOBJ objects...

6.9CVSS5.9AI score0.20625EPSS
Exploits8References1
Zero Day Initiative
Zero Day Initiative
•added 2013/08/13 12:0 a.m.•99 views

Hewlett-Packard LoadRunner Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP LoadRunner. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of XDR. The issue lies in the handling of the length of the XDR-encoded dat...

7.6CVSS3.6AI score0.08249EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/07/05 12:0 a.m.•98 views

TP-Link Tapo C210 Password Recovery Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of TP-Link Tapo C210 IP cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the password recovery mechanism. The issue results from reliance...

8.8CVSS7AI score0.0062EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/07 12:0 a.m.•98 views

ISC BIND TKEY Query Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of ISC BIND. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of TKEY queries. The issue results from the lack of proper validation of...

8.1CVSS3.2AI score0.83406EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/19 12:0 a.m.•98 views

(Pwn2Own) Apple OS X SubmitDiagInfo Arbitrary Directory Creation Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.2CVSS3.4AI score0.0166EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/06/26 12:0 a.m.•97 views

Microsoft Windows VBScript Class_Terminate Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows VBScript. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS2.4AI score0.87814EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2014/04/11 12:0 a.m.•97 views

(Pwn2Own) Google Chrome Clipboard Sandbox Escape Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of th...

6.8CVSS6.4AI score0.01855EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/18 12:0 a.m.•96 views

(Pwn2Own) Linux Kernel route4_change Double Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of routing...

8.8CVSS3.3AI score0.06214EPSS
Exploits7References1
Zero Day Initiative
Zero Day Initiative
•added 2007/03/02 12:0 a.m.•96 views

Apache Tomcat JK Web Server Connector Long URL Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache Tomcat JK Web Server Connector. Authentication is not required to exploit this vulnerability. The specific flaw exists in the URI handler for the modjk.so library, mapuritoworker, defined in...

7.5CVSS4.6AI score0.81513EPSS
Exploits8References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/28 12:0 a.m.•95 views

(Pwn2Own) Apple macOS cfprefsd Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of file...

7.8CVSS3.7AI score0.03667EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2018/06/05 12:0 a.m.•95 views

Microsoft Windows VBScript Class_Terminate Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows VBScript. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS2.4AI score0.87814EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2014/07/16 12:0 a.m.•95 views

Apache httpd mod_status Heap Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache HTTPD server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the updating of modstatus. A race condition in modstatus allows an attacker to...

7.5CVSS7.1AI score0.85744EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2011/02/08 12:0 a.m.•95 views

Adobe Reader BMP RLE_8 Decompression Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the Bitmap parsing component...

9CVSS3.3AI score0.07159EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/22 12:0 a.m.•94 views

(Pwn2Own) Cisco RV340 Firmware Update Missing Integrity Check Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of firmware updates. The issue results from the lack of prope...

8.8CVSS2.9AI score0.09203EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/02/20 12:0 a.m.•94 views

Microsoft Access Database Engine ACECORE Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Access Database Engine. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when...

7.8CVSS3.2AI score0.14817EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/04/05 12:0 a.m.•94 views

Sun Java Runtime Environment MixerSequencer Invalid Array Index Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the handling of...

10CVSS4.5AI score0.77721EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/16 12:0 a.m.•93 views

Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.8CVSS6AI score0.00469EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/05/14 12:0 a.m.•93 views

QNAP NAS MusicStation Directory Traversal Arbitrary File Creation Vulnerability

This vulnerability allows network-adjacent attackers to create arbitrary files on affected installations of QNAP NAS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MusicStation application. When parsing the arttype request parameter, the process...

7.1CVSS3.2AI score0.18497EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/30 12:0 a.m.•93 views

(Pwn2Own) Linux Kernel XFRM Out-Of-Bounds Access Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of the Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling o...

6.9CVSS2.9AI score0.01902EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2006/07/11 12:0 a.m.•93 views

Microsoft Office Excel File Rebuilding Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file. The specific flaw exists within the rebuilding of malformed cell comments. When Excel...

9.3CVSS6AI score0.10784EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/17 12:0 a.m.•92 views

(Pwn2Own) Synology DiskStation Manager Serv.php Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Synology DiskStation Manager. This vulnerability does not require authentication, but does require some user interaction. The specific flaw exists within the Serv.php endpoint. The issue results from...

8.8CVSS7.4AI score0.00586EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/24 12:0 a.m.•92 views

Oracle Java Uninitialized Memory Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the creation of an...

6.8CVSS4.5AI score0.02483EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2015/07/01 12:0 a.m.•92 views

SQLite printf Format String Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SQLite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the print...

5.1CVSS7AI score0.04421EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/22 12:0 a.m.•91 views

Autodesk Design Review TIF File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Design Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS5.9AI score0.01613EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/09 12:0 a.m.•91 views

Trend Micro Deep Discovery Email Inspector firewall_setting Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Deep Discovery Email Inspector. Authentication is not required to exploit this vulnerability. The specific flaw exists within firewallsetting.php. The issue results from the lack of...

10CVSS7.1AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/07/30 12:0 a.m.•91 views

(0Day) (Pwn2Own\Pwn4Fun) Microsoft Internet Explorer localhost Protected Mode Bypass Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS6.4AI score0.70727EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2024/05/19 12:0 a.m.•90 views

(Pwn2Own) QNAP TS-464 HLS_tmp Directory Traversal Arbitrary File Creation Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of QNAP TS-464 NAS devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the HLStmp parameter provided to the share.cgi endpoint. The iss...

6.5CVSS7.4AI score0.34818EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/27 12:0 a.m.•90 views

(0Day) Exim libspf2 Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Exim libspf2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of SPF macros. When parsing SPF macros, the process does not properly...

7.5CVSS7.4AI score0.51474EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/12/22 12:0 a.m.•89 views

Linux Kernel ksmbd Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of file attributes. The issue results from the lack of proper validation of the...

8.5CVSS3.5AI score0.03576EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/06/29 12:0 a.m.•89 views

Apache HTTPD Server ap_escape_html2 Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apache HTTPD Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the apescapehtml2 function. The issue results from the lack of proper validation of...

8.1CVSS2.4AI score0.41861EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/05/26 12:0 a.m.•89 views

Trend Micro Apex One Incorrect Permission Assignment Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the ApexOne...

7.8CVSS4.8AI score0.00304EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/25 12:0 a.m.•89 views

(Pwn2Own) NETGEAR Nighthawk R7800 Use of Hard-coded Password Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific flaw exists within the applysave.cgi endpoint. This issue results from the use of hard-coded...

6.3CVSS2.2AI score0.00487EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/07/31 12:0 a.m.•89 views

Trend Micro InterScan Messaging Security Proxy Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro InterScan Messaging Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...

6.5CVSS4.7AI score0.33763EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/10/02 12:0 a.m.•89 views

(0Day) Samsung XNS ActiveX SDK XnsSdkDevice Multiple Untrusted Pointer Dereference Remote Code Execution Vulnerabilities

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung XNS ActiveX SDK. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within multiple...

7.5CVSS7.6AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/03/22 12:0 a.m.•88 views

Apple OS X PDF Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of PDF...

6.8CVSS4.9AI score0.03958EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2012/08/22 12:0 a.m.•88 views

IBM Lotus Notes URL Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Notes. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within notes.exe. When...

7.5CVSS3.9AI score0.38291EPSS
Exploits11References1
Zero Day Initiative
Zero Day Initiative
•added 2012/06/12 12:0 a.m.•88 views

(Pwn2Own) Microsoft Internet Explorer Fixed Table Colspan Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

9CVSS2.8AI score0.64962EPSS
Exploits27References1
Zero Day Initiative
Zero Day Initiative
•added 2022/03/23 12:0 a.m.•87 views

(Pwn2Own) Netatalk ad_addcomment Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the adaddcomment function. The issue results from the lack of proper validation of the length o...

9.8CVSS3.8AI score0.04409EPSS
Exploits0References1
Total number of security vulnerabilities5000