Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2018/05/15 12:0 a.m.•39 views

Adobe Acrobat Pro DC Catalog Index Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

6.8CVSS5.6AI score0.15976EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/03/23 12:0 a.m.•39 views

Microsoft Windows JavaScript Typed Array JIT Optimization Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...

6.8CVSS2.7AI score0.08546EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/02/27 12:0 a.m.•39 views

Amazon Music Player URI parsing Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Amazon Music Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processi...

7.5CVSS4.4AI score0.02555EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2017/11/20 12:0 a.m.•39 views

Microsoft Windows EngLockSurface Time-Of-Check Time-Of-Use Race Condition Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

5.4CVSS4.7AI score0.02091EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/11/14 12:0 a.m.•39 views

Adobe Acrobat Pro DC XPS PNG tEXT Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS8AI score0.06882EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/11/14 12:0 a.m.•39 views

Foxit Reader XFAScriptObject remove Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the remove method o...

6.8CVSS8.7AI score0.0259EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/11/14 12:0 a.m.•39 views

Foxit Reader XFAScriptObject openList Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the openList method...

6.8CVSS8.6AI score0.0259EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/10/11 12:0 a.m.•39 views

Microsoft Chakra asm.js ArrayBuffer Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.5CVSS2.7AI score0.4726EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/22 12:0 a.m.•39 views

Trend Micro Control Manager CCGIServlet StealthProgramFoundResult SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within processing of...

6CVSS8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/15 12:0 a.m.•39 views

Trend Micro Mobile Security for Enterprise change_user Device_DeviceId SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Mobile Security for Enterprise. Authentication is required to exploit this vulnerability. The specific flaw exists within processing of the changeuser action. When parsing the 'id' fiel...

9CVSS4.8AI score0.50166EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/12 12:0 a.m.•39 views

EMC AppSync Apollo REST Services SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of EMC Appsync. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be easily bypassed. The specific flaw exists within Apollo REST...

6.8CVSS9.1AI score0.01509EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/15 12:0 a.m.•39 views

(0Day) Advantech WebOP Designer Project File Heap Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebOP Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS5.3AI score0.00448EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2017/08/08 12:0 a.m.•39 views

Adobe Acrobat Pro DC ImageConversion XPS Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

4.3CVSS2.4AI score0.11468EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/01 12:0 a.m.•39 views

Mitsubishi Electric E-Designer TxStaticString Col Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mitsubishi Electric E-Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

9.3CVSS9.1AI score0.03636EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/07/31 12:0 a.m.•39 views

Trend Micro Deep Discovery Email Inspector kdump_setting Denial of Service Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of Trend Micro Deep Discovery Email Inspector. Authentication is not required to exploit this vulnerability. The specific flaw exists within kdumpsetting.php. The issue results from the lack of proper...

7.8CVSS1.4AI score0.02453EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/07/12 12:0 a.m.•39 views

(Pwn2Own) Microsoft Windows NtUserLinkDpiCursor Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

6.9CVSS8AI score0.02341EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/06/27 12:0 a.m.•39 views

(Pwn2Own) Microsoft Windows WarpKMSubmitCommandVirtual Uninitialized Memory Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within BasicRender.sys,...

6.9CVSS8.1AI score0.01246EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/06/21 12:0 a.m.•39 views

Apple Safari Element Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS1.8AI score0.01621EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/30 12:0 a.m.•39 views

(Pwn2Own) Apple Safari WebSQL matchinfo Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS8.7AI score0.01823EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/18 12:0 a.m.•39 views

(Pwn2Own) Apple Safari B3 Optimization Out-Of-Bounds Access Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of B3...

6.8CVSS2.5AI score0.14349EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/15 12:0 a.m.•39 views

(Pwn2Own) Apple macOS WindowServer _XGetConnectionPSN Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

1.9CVSS4.1AI score0.00969EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/10 12:0 a.m.•39 views

(Pwn2Own) Microsoft Edge AudioBuffer Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS2.8AI score0.14728EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/04/11 12:0 a.m.•39 views

(Pwn2Own) Adobe Reader DC JPEG2000 Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within JPEG2000...

6.8CVSS5.6AI score0.14452EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/11 12:0 a.m.•39 views

Hewlett Packard Enterprise Intelligent Management Center FileUploadServlet Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

9CVSS3.3AI score0.03431EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/09 12:0 a.m.•39 views

Foxit Reader PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

4.3CVSS5.8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/09 12:0 a.m.•39 views

Foxit Reader JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

4.3CVSS5.8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/01 12:0 a.m.•39 views

Trend Micro SafeSync for Enterprise dead_iscsi_device Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro SafeSync for Enterprise. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

9CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/01 12:0 a.m.•39 views

Trend Micro SafeSync for Enterprise get_device_info SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Trend Micro SafeSync for Enterprise. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists withi...

4CVSS7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/02/07 12:0 a.m.•39 views

Trend Micro Control Manager importFile Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within widget's importFile.php script. The issue lies in the lack of proper...

6.8CVSS7.5AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/10 12:0 a.m.•39 views

Adobe Reader DC XFA hyphenation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within XFA's hyphenatio...

6.8CVSS2.4AI score0.03783EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/12/15 12:0 a.m.•39 views

Delta Industrial Automation ISPSoft dvp File Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation ISPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

6.8CVSS3.5AI score0.01708EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/09/16 12:0 a.m.•39 views

Microsoft Internet Explorer Add-on Installer Enhanced Protected Mode Sandbox Escape Vulnerability

This vulnerability allows attackers to escape from the Enhanced Protected Mode sandbox on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

6.9CVSS1.7AI score0.07109EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/09/16 12:0 a.m.•39 views

Microsoft Windows MSXML IDispatch Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within MSXML...

4.3CVSS1.5AI score0.12816EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/09/16 12:0 a.m.•39 views

Microsoft Edge CSS white-space Property Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

2.6CVSS1AI score0.71478EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2016/07/07 12:0 a.m.•39 views

Eaton ELCSoft Heap Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Eaton ELCSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within processing of EPC...

6.8CVSS4.3AI score0.01973EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/10 12:0 a.m.•39 views

Adobe Acrobat Pro DC WillClose JavaScript API Restrictions Bypass Remote Code Execution Vulnerability

This vulnerability allows remote attackers to bypass API restrictions on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS3.1AI score0.06316EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/04/15 12:0 a.m.•39 views

Hewlett Packard Enterprise Vertica validateAdminConfig Remote Command Injection Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Vertica. Authentication is not required to exploit this vulnerability. The specific flaw exists within the validateAdminConfig handler. By providing an mcPort parameter...

10CVSS2.3AI score0.03086EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/02/05 12:0 a.m.•39 views

Advantech WebAccess datacore Service datacore.exe AlarmMessage sprintf Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x5228 IOCTL in the Kernel subsystem. A stack-based buffer...

9.3CVSS4.5AI score0.16655EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2016/02/05 12:0 a.m.•39 views

Advantech WebAccess webvrpcs Service DrawSrv.dll TagGroup strcpy Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x280B IOCTL in the DrawSrv subsystem. A stack-based buffer...

9.3CVSS4.5AI score0.16655EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2016/02/05 12:0 a.m.•39 views

Advantech WebAccess webvrpcs Service BwOpcSvc.dll WindowName sprintf Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x1389F IOCTL in the BwOpcTool subsystem. A stack-based buff...

9.3CVSS3.7AI score0.16655EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2016/01/25 12:0 a.m.•39 views

Oracle Application Testing Suite Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Oracle Application Testing Suite. The specific flaw exists within the isAllowedUrl function used for the admin pages. This function has a list of URI entries which do not require authentication...

7.5CVSS8.3AI score0.6531EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/01/06 12:0 a.m.•39 views

Unitronics VisiLogic OPLC IDE File Parsing Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Unitronics VisiLogic OPLC IDE. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

9.3CVSS9AI score0.04962EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/12/08 12:0 a.m.•39 views

Microsoft Windows VBScript InStrB Function Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose the contents of memory on applications using the VBScript scripting language on vulnerable installations of Microsoft Windows. Microsoft Internet Explorer is an affected application. User interaction is required to exploit this vulnerability ...

4.3CVSS5.6AI score0.25169EPSS
Exploits1References2
Zero Day Initiative
Zero Day Initiative
•added 2015/10/20 12:0 a.m.•39 views

SAP 3D Visual Enterprise Viewer 3DM Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.8CVSS6.5AI score0.0365EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2015/08/31 12:0 a.m.•39 views

Mozilla Firefox nsIPresShell Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage of...

7.5CVSS9.2AI score0.08007EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/07/01 12:0 a.m.•39 views

WebKit WebSQL ALTER TABLE Authorization Bypass Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of WebSQL. T...

7.5CVSS8.9AI score0.01998EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/07/01 12:0 a.m.•39 views

Apple QuickTime GIF Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS5.4AI score0.03119EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/06/24 12:0 a.m.•39 views

Panasonic Security API SDK ipropsapivideo ActiveX Control MulticastAddr Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Panasonic Security API. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS7.1AI score0.06369EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/06/11 12:0 a.m.•39 views

(Pwn2Own) Microsoft Internet Explorer Protocol Handler Sandbox Escape Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage o...

6.9CVSS6.3AI score0.15195EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/04/29 12:0 a.m.•39 views

Samsung Security Manager ActiveMQ Broker Service MOVE Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Security Manager. Authentication is not required to exploit this vulnerability. Successful exploitation allows an attacker to gain complete control of the system on which the product is...

10CVSS7.4AI score0.10308EPSS
Exploits2References1
Total number of security vulnerabilities5000