Lucene search
K
ZdiMost viewed

16763 matches found

zdi
zdi
•added 2022/07/15 12:0 a.m.•38 views

(Pwn2Own) Inductive Automation Ignition ZIP File Insufficient UI Warning Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS2.5AI score0.00662EPSS
Exploits0References1
zdi
zdi
•added 2022/07/13 12:0 a.m.•38 views

Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.8AI score0.02973EPSS
Exploits0References1
zdi
zdi
•added 2022/07/01 12:0 a.m.•38 views

Parallels Access Agent Uncontrolled Search Path Element Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Dispatche...

7.8CVSS4.9AI score0.00396EPSS
Exploits0References1
zdi
zdi
•added 2022/05/10 12:0 a.m.•38 views

Microsoft Windows Print Spooler Service Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Print Spooler...

7CVSS6.2AI score0.1209EPSS
Exploits0References1
zdi
zdi
•added 2022/04/28 12:0 a.m.•38 views

Adobe Acrobat Reader DC zoomType Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS2.1AI score0.02903EPSS
Exploits0References1
zdi
zdi
•added 2022/03/23 12:0 a.m.•38 views

(Pwn2Own) Netatalk get_finderinfo Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getfinderinfo method. The issue results from the lack of proper validation of...

5.3CVSS1.9AI score0.02837EPSS
Exploits0References1
zdi
zdi
•added 2022/03/07 12:0 a.m.•38 views

Autodesk AutoCAD PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PD...

7.8CVSS5AI score0.0154EPSS
Exploits0References1
zdi
zdi
•added 2022/02/22 12:0 a.m.•38 views

(Pwn2Own) Cisco RV340 upload.cgi sessionid Improper Input Validation Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Cisco RV340 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the sessionid parameter provided to the upload.cgi endpoint...

8.8CVSS1.6AI score0.80031EPSS
Exploits3References1
zdi
zdi
•added 2022/02/16 12:0 a.m.•38 views

MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of the length of...

7CVSS4.5AI score0.00689EPSS
Exploits0References1
zdi
zdi
•added 2022/02/11 12:0 a.m.•38 views

Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.4AI score0.01567EPSS
Exploits0References1
zdi
zdi
•added 2022/02/11 12:0 a.m.•38 views

Siemens Simcenter Femap NEU File Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS5.6AI score0.01596EPSS
Exploits0References1
zdi
zdi
•added 2022/01/31 12:0 a.m.•38 views

Bentley MicroStation CONNECT JT File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4.4AI score0.02041EPSS
Exploits0References1
zdi
zdi
•added 2022/01/31 12:0 a.m.•38 views

Bentley View JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT...

7.8CVSS5AI score0.02293EPSS
Exploits0References1
zdi
zdi
•added 2022/01/31 12:0 a.m.•38 views

Bentley View DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

3.3CVSS2.7AI score0.01592EPSS
Exploits0References1
zdi
zdi
•added 2022/01/31 12:0 a.m.•38 views

Bentley MicroStation CONNECT JT File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4.4AI score0.02041EPSS
Exploits0References1
zdi
zdi
•added 2022/01/31 12:0 a.m.•38 views

Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

3.3CVSS2.6AI score0.01678EPSS
Exploits0References1
zdi
zdi
•added 2022/01/31 12:0 a.m.•38 views

Bentley MicroStation CONNECT J2K File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.3AI score0.02113EPSS
Exploits0References1
zdi
zdi
•added 2022/01/21 12:0 a.m.•38 views

Oracle VirtualBox TFTP Server Directory Traversal Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within t...

6.5CVSS1.1AI score0.0066EPSS
Exploits0References1
zdi
zdi
•added 2022/01/20 12:0 a.m.•38 views

TeamViewer Improper Validation of Array Index Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of TeamViewer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the TeamViewer...

3.3CVSS3.8AI score0.00891EPSS
Exploits0References1
zdi
zdi
•added 2021/12/08 12:0 a.m.•38 views

Bentley View DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

3.3CVSS2.7AI score0.01521EPSS
Exploits0References1
zdi
zdi
•added 2021/11/29 12:0 a.m.•38 views

Panda Security Free Antivirus Unnecessary Privileges Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Free Antivirus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the us...

7CVSS5.8AI score0.00369EPSS
Exploits0References1
zdi
zdi
•added 2021/11/10 12:0 a.m.•38 views

Open Design Alliance (ODA) ODAViewer DWF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Open Design Alliance ODA ODAViewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exist...

3.3CVSS6.9AI score0.00814EPSS
Exploits0References1
zdi
zdi
•added 2021/10/29 12:0 a.m.•38 views

NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of multiple NETGEAR routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. T...

6.5CVSS0.4AI score0.00326EPSS
Exploits0References1
zdi
zdi
•added 2021/10/13 12:0 a.m.•38 views

Adobe Acrobat Pro DC getAnnots Type Confusion Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.3AI score0.02721EPSS
Exploits0References1
zdi
zdi
•added 2021/09/16 12:0 a.m.•38 views

Adobe FrameMaker PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe FrameMaker. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

3.3CVSS2.8AI score0.01453EPSS
Exploits0References1
zdi
zdi
•added 2021/09/16 12:0 a.m.•38 views

Adobe Acrobat Reader DC AcroForm buttonGetIcon Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS2.3AI score0.68696EPSS
Exploits0References1
zdi
zdi
•added 2021/08/26 12:0 a.m.•38 views

Microsoft Windows Canonical Display Driver DrvTextOut NULL Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cdd.dll driver...

7.8CVSS5.9AI score0.01294EPSS
Exploits0References1
zdi
zdi
•added 2021/08/24 12:0 a.m.•38 views

Siemens Solid Edge Viewer DFT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4.8AI score0.02505EPSS
Exploits0References1
zdi
zdi
•added 2021/08/24 12:0 a.m.•38 views

Siemens Solid Edge Viewer DFT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4.8AI score0.02505EPSS
Exploits0References1
zdi
zdi
•added 2021/08/05 12:0 a.m.•38 views

Apple macOS libType1Scaler PFB Font Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the libType1Scaler library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

7.8CVSS6.3AI score0.01518EPSS
Exploits0References1
zdi
zdi
•added 2021/07/30 12:0 a.m.•38 views

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS2.3AI score0.0347EPSS
Exploits0References1
zdi
zdi
•added 2021/07/30 12:0 a.m.•38 views

Foxit Reader embedDocAsDataObject Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS2.1AI score0.0347EPSS
Exploits0References1
zdi
zdi
•added 2021/07/30 12:0 a.m.•38 views

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS2.3AI score0.04EPSS
Exploits0References1
zdi
zdi
•added 2021/07/19 12:0 a.m.•38 views

Siemens JT2Go TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

3.3CVSS2.8AI score0.01348EPSS
Exploits0References2
zdi
zdi
•added 2021/06/25 12:0 a.m.•38 views

Apple macOS ModelIO USD Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ModelIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

3.3CVSS4AI score0.01139EPSS
Exploits0References1
zdi
zdi
•added 2021/06/25 12:0 a.m.•38 views

Apple macOS ModelIO USD Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ModelIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

3.3CVSS4AI score0.00935EPSS
Exploits0References1
zdi
zdi
•added 2021/06/10 12:0 a.m.•38 views

Schneider Electric IGSS CGF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS3.8AI score0.01172EPSS
Exploits0References1
zdi
zdi
•added 2021/06/02 12:0 a.m.•38 views

OpenText Brava! Desktop PDF File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.6AI score0.01419EPSS
Exploits0
zdi
zdi
•added 2021/05/25 12:0 a.m.•38 views

VMware Workstation ThinPrint TTCHeader Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

5.6CVSS2.7AI score0.00559EPSS
Exploits0References1
zdi
zdi
•added 2021/05/07 12:0 a.m.•38 views

Foxit Reader U3D File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D...

7.8CVSS3.7AI score0.02819EPSS
Exploits0References1
zdi
zdi
•added 2021/05/07 12:0 a.m.•38 views

Foxit Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling ...

3.3CVSS2AI score0.02023EPSS
Exploits0References1
zdi
zdi
•added 2021/04/21 12:0 a.m.•38 views

Parallels Desktop IDE Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6CVSS2.9AI score0.00448EPSS
Exploits0References1
zdi
zdi
•added 2021/04/15 12:0 a.m.•38 views

Trend Micro Antivirus for Mac Improper Access Control Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Antivirus for Mac. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.8CVSS5.1AI score0.00527EPSS
Exploits0References1
zdi
zdi
•added 2021/03/30 12:0 a.m.•38 views

Apple macOS AppleIntelKBLGraphics IOCTL 0x30004 Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of IOCTL...

7.8CVSS3.5AI score0.00578EPSS
Exploits0References1
zdi
zdi
•added 2021/03/22 12:0 a.m.•38 views

Foxit PhantomPDF U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS1.8AI score0.02899EPSS
Exploits0References1
zdi
zdi
•added 2021/03/16 12:0 a.m.•38 views

Siemens Solid Edge Viewer Insufficient UI Warning Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS2.9AI score0.01509EPSS
Exploits0References1
zdi
zdi
•added 2021/03/15 12:0 a.m.•38 views

SAP 3D Visual Enterprise Viewer GIF File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS5AI score0.01398EPSS
Exploits0
zdi
zdi
•added 2021/03/11 12:0 a.m.•38 views

Siemens Solid Edge Viewer PAR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

7.8CVSS4.2AI score0.00903EPSS
Exploits0References1
zdi
zdi
•added 2021/02/26 12:0 a.m.•38 views

(Pwn2Own) NETGEAR R7800 ready-genie-cloud Improper Certificate Validation Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files via FTP. The issue results...

6.5CVSS2.5AI score0.00304EPSS
Exploits0References1
zdi
zdi
•added 2021/02/24 12:0 a.m.•38 views

SolarWinds Patch Manager DataGridService Deserialization of Untrusted Data Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Patch Manager. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS5.6AI score0.0042EPSS
Exploits0
Total number of security vulnerabilities5000