Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2012/08/17 12:0 a.m.•40 views

Apple Mac OS X libsecurity_cdsa_plugin Malloc Integer Truncation Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Mac OSX. Authentication is not required to exploit this vulnerability. The flaw exists within the libsecuritycdsaplugin which implements routines defined in libsecuritycssm. The library defin...

10CVSS3.1AI score0.03229EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2012/08/03 12:0 a.m.•40 views

Apple QuickTime Player MP4A Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the...

7.5CVSS5.3AI score0.02899EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2011/11/07 12:0 a.m.•40 views

Novell ZENWorks Software Packaging Antique ActiveX Control Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENWorks. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists due to the inclusion an...

9CVSS4.1AI score0.02671EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/10/26 12:0 a.m.•40 views

Oracle Java MixerSequencer.nAddControllerEventCallback Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists because Java does not...

9CVSS6.1AI score0.05445EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2011/08/17 12:0 a.m.•40 views

Mozilla Firefox appendChild DOM Tree Inconsistency Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw results when .setUserData...

7.5CVSS4.7AI score0.05556EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/07/27 12:0 a.m.•40 views

Apple Safari Webkit FrameOwner Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library'...

7.5CVSS3.6AI score0.03923EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2011/06/08 12:0 a.m.•40 views

Oracle Java ICC Profile 'bfd ' Tag Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the way java handles color profiles. When parsing a...

9CVSS5.6AI score0.06277EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/06/08 12:0 a.m.•40 views

Oracle Java IE Browser Plugin Corrupted Window Procedure Hook Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Sun Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

9CVSS2.4AI score0.02734EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/03/21 12:0 a.m.•40 views

Libtiff ThunderCode Decoder THUNDER_2BITDELTAS Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of libtiff. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of th...

9CVSS4.2AI score0.06233EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/03/18 12:0 a.m.•40 views

Novell Netware NWFTPD.NLM DELE Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Netware. Authentication is required to exploit this vulnerability. The flaw exists within NWFTPD.NLM. When handling the argument provided to the DELE command the application copies user...

9CVSS3.2AI score0.14658EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2011/03/02 12:0 a.m.•40 views

Apple Webkit setOuterText Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the setOuterText...

9CVSS2.5AI score0.03181EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/02/01 12:0 a.m.•40 views

Apple Quicktime Sprite Transformation Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the...

9CVSS1.9AI score0.04837EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2011/01/18 12:0 a.m.•40 views

Oracle Business Intelligence emagent.exe nmehl_getURIParams Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Business Intelligence One. Authentication is not required to exploit this vulnerability. The flaw exists within the emagent.exe component which listens by default on TCP port 3938. When...

10CVSS7.7AI score
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2010/12/17 12:0 a.m.•40 views

Trend Micro Control Manager Server-agent Communication Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trent Micro Control Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within how the mrf.exe component composes a string used to display an error...

10CVSS8.1AI score
Exploits0References4
Zero Day Initiative
Zero Day Initiative
•added 2010/12/10 12:0 a.m.•40 views

RealNetworks RealPlayer AAC MLLT Atom Parsing Remote Code Execution Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when parsing an .AAC...

9CVSS7.3AI score0.05924EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/12/07 12:0 a.m.•40 views

Apple QuickTime Panorama Atom Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that a user must be coerced into visiting a malicious page or opening a malicious file. The specific flaw exists withi...

9CVSS6.9AI score0.04937EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/10/18 12:0 a.m.•40 views

IBM Informix Dynamic Server oninit.exe EXPLAIN Remote Code Execution Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of IBM Informix Dynamic Server. Authentication is required in that an attacker must have valid credentials to connect to the database. The specific flaw exists within the oninit.exe process bound by default ...

9CVSS8.1AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2010/09/13 12:0 a.m.•40 views

Mozilla Firefox normalizeDocument Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the normalizeDocument...

10CVSS9.4AI score0.05366EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/07/20 12:0 a.m.•40 views

Mozilla Firefox DOM Attribute Cloning Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists due to a workaround tha...

10CVSS4.9AI score0.05153EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/07/20 12:0 a.m.•40 views

Novell Groupwise WebAccess Multiple Cross-Site Scripting Vulnerabilities

This vulnerability allows remote attackers to execute arbitrary client side script on vulnerable installations of Novell Groupwise WebAccess. Authentication is notrequired to exploit this vulnerability. The specific flaw exists within handling html messages sent to a Novell GroupwiseWebAccess use...

4.3CVSS0.7AI score0.01864EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2010/04/13 12:0 a.m.•40 views

Adobe Reader TrueType Font Handling Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe's Acrobat Reader. User interaction is required in that the victim must be coerced into opening a malicious document or visiting a malicious URL. The specific flaw exists within the parsing of...

10CVSS3.3AI score0.05566EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2009/08/11 12:0 a.m.•40 views

Microsoft Remote Desktop Client Arbitrary Code Execution Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft's Remote Desktop Client. Authentication is not required to exploit this vulnerability. The specific flaw exists within mstscax.dll when parsing packets from an RDP server. A design flaw in the...

9.3CVSS6AI score0.30496EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2009/06/02 12:0 a.m.•40 views

Apple Quicktime PICT Opcode 0x71 Heap Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the parsing of PICT...

9.3CVSS4.8AI score0.08221EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2008/09/09 12:0 a.m.•40 views

Apple QuickTime IV32 Codec Parsing Stack Overflow Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of QuickTim...

9.3CVSS5.1AI score0.06149EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2007/10/31 12:0 a.m.•40 views

Oracle E-Business Suite SQL Injection Vulnerability

This vulnerability allows remote attackers to inject arbitrary SQL on vulnerable installations of Oracle E-Business Suite. Authentication is not required to exploit this vulnerability. The specific flaw exists in the okxLOV.jsp page in the Administration console. This page allows an attacker to...

7.5CVSS3.4AI score0.01309EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2006/11/09 12:0 a.m.•40 views

Citrix MetaFrame IMA Management Module Remote Heap Overflow Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Citrix MetaFrame Presentation Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the routine IMASECUREDecryptData1 defined in ImaSystem.dll and is...

7.5CVSS4AI score0.0519EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2006/10/10 12:0 a.m.•40 views

Microsoft PowerPoint Malformed Slide Notes Rebuilding Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the attacker coerce the target user into opening a malicious .PPT file. The specific flaw exists during the parsing of a malformed slide notes field within the...

9.3CVSS5.1AI score0.3634EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2006/08/08 12:0 a.m.•40 views

Microsoft Internet Explorer CSS Class Ordering Memory Corruption Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific vulnerability exists due to improper handling of CSS...

7.5CVSS4AI score0.41112EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/06/13 12:0 a.m.•39 views

(0Day) Dropbox Desktop Folder Sharing Mark-of-the-Web Bypass Vulnerability

This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of Dropbox Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

8.8CVSS6.9AI score0.01247EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2024/05/19 12:0 a.m.•39 views

(Pwn2Own) QNAP TS-464 Exposed Dangerous Method Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of QNAP TS-464 NAS devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the privWizard.cgi endpoint. The issue results from an exposed dangerous method. An...

6.5CVSS7.3AI score0.02315EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/05/13 12:0 a.m.•39 views

Delta Electronics InfraSuite Device Master ActiveMQ Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics InfraSuite Device Master. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Apache ActiveMQ broker, which listens on TCP port 61616 b...

9.8CVSS7.7AI score0.99654EPSS
Exploits31References1
Zero Day Initiative
Zero Day Initiative
•added 2024/04/15 12:0 a.m.•39 views

(Pwn2Own) Google Chrome WASM Improper Input Validation Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation o...

5.4CVSS7.2AI score0.19883EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2024/02/05 12:0 a.m.•39 views

(Pwn2Own) TP-Link Omada ER605 DHCPv6 Client Options Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DHCP options. The issue results from the lack of...

7.5CVSS7.5AI score0.00912EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2024/01/10 12:0 a.m.•39 views

Microsoft Windows cldflt Integer Overflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Only systems with long Win32 path support enabled...

7.8CVSS7.2AI score0.11509EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/11/14 12:0 a.m.•39 views

Apple macOS Hydra Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the Hydra library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the Hydr...

3.3CVSS6.9AI score0.00394EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•39 views

Microsoft Windows UMPDDrvPlgBlt Type Confusion Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Additionally, the target system must have multiple...

7.8CVSS7.5AI score0.11648EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/29 12:0 a.m.•39 views

Apple Safari TypedArray copyWithin Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of...

8.8CVSS6.7AI score0.01346EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/08/23 12:0 a.m.•39 views

7-Zip 7Z File Parsing Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 7Z files. The...

7.8CVSS6.8AI score0.7104EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/07/28 12:0 a.m.•39 views

Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adtran SR400ac routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the ping command, whi...

8.8CVSS7.7AI score0.03168EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/07/13 12:0 a.m.•39 views

Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

3.3CVSS5.9AI score0.00369EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/24 12:0 a.m.•39 views

Autodesk On-Demand Install Services Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Autodesk On-Demand Install Services. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.8CVSS7.2AI score0.00225EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/19 12:0 a.m.•39 views

(Pwn2Own) Canon imageCLASS MF743Cdw rls-login Authorization Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF743Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Authorization header provided to the /mls/rls-login/bas...

8.8CVSS7.3AI score0.01139EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/17 12:0 a.m.•39 views

(Pwn2Own) Lexmark MC3224i putinterval Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark MC3224i printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the putinterval method. The issue results from the lack of proper...

8.8CVSS7.3AI score0.00708EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/15 12:0 a.m.•39 views

D-Link DIR-2150 GetDeviceSettings Target Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SOAP API interface, which listens on TCP port 80 by default. The...

6.8CVSS7.3AI score0.01429EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/04/12 12:0 a.m.•39 views

Autodesk Maya USD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Maya. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of USD...

7.8CVSS7.8AI score0.00301EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/11/21 12:0 a.m.•39 views

Hewlett Packard Enterprise OfficeConnect 1820 Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Hewlett Packard Enterprise OfficeConnect 1820 switches. Authentication is not required to exploit this vulnerability. The specific flaw exists within the defaultpasswordcfg.lua endpoint. The...

8.8CVSS2.3AI score0.02641EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2022/11/03 12:0 a.m.•39 views

SAP 3D Visual Enterprise Author CUR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Author. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS5AI score0.00197EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/21 12:0 a.m.•39 views

(Pwn2Own) Kepware KEPServerEX Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of text encoding conversions. The issue results from the lack of proper...

9.1CVSS5.9AI score0.03366EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•39 views

PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS4.2AI score0.00386EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/09/08 12:0 a.m.•39 views

(Pwn2Own) Tesla ice_updater Time-Of-Check Time-Of-Use Code Execution Vulnerability

This vulnerability allows physical attackers to execute arbitrary code on affected Tesla vehicles. Authentication is not required to exploit this vulnerability. The specific flaw exists within the iceupdater update mechanism. The issue results from the lack of proper validation of user-supplied...

7.6CVSS3.5AI score0.00439EPSS
Exploits0
Total number of security vulnerabilities5000