Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2021/03/11 12:0 a.m.•38 views

Siemens Solid Edge Viewer PAR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

7.8CVSS4.2AI score0.00903EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/26 12:0 a.m.•38 views

(Pwn2Own) NETGEAR R7800 ready-genie-cloud Improper Certificate Validation Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files via FTP. The issue results...

6.5CVSS2.5AI score0.00304EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/24 12:0 a.m.•38 views

Parallels Desktop Toolgate Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within t...

6.5CVSS2.6AI score0.0027EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/24 12:0 a.m.•38 views

SolarWinds Patch Manager DataGridService Deserialization of Untrusted Data Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Patch Manager. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS5.6AI score0.0042EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/02/24 12:0 a.m.•38 views

Parallels Desktop Toolgate Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

3.2CVSS2.6AI score0.0049EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/04 12:0 a.m.•38 views

Apple macOS ModelIO USD Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ModelIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

3.3CVSS4AI score0.00967EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/04 12:0 a.m.•38 views

Apple macOS CoreText TTF Parsing Out-of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the CoreText library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

3.3CVSS3.6AI score0.01947EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/15 12:0 a.m.•38 views

Siemens JT2Go ASM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ASM...

7.8CVSS5.3AI score0.03991EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/01/14 12:0 a.m.•38 views

Siemens JT2Go TGA File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of TG...

7.8CVSS5.7AI score0.04297EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/12/11 12:0 a.m.•38 views

Microsoft Excel XLS File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XLS...

7.8CVSS4.4AI score0.03308EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/12/03 12:0 a.m.•38 views

Apple macOS CoreGraphics JBIG2Stream Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the CoreGraphics library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within t...

3.3CVSS3.7AI score0.05716EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/12/03 12:0 a.m.•38 views

Apple macOS libnetworkextension ne_filter_protocol_remove_input_handler Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of networ...

7.8CVSS2.6AI score0.00889EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/11/11 12:0 a.m.•38 views

Microsoft Windows Print Spooler Directory Junction Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

6.1CVSS4.6AI score0.00932EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/11/11 12:0 a.m.•38 views

SAP 3D Visual Enterprise Viewer HPGL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS4AI score0.01228EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/10/19 12:0 a.m.•38 views

Microsoft Windows Media Player HEVC Stream Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows Media Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS5.9AI score0.08116EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/19 12:0 a.m.•38 views

Advantech R-SeeNet device_position device_id SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech R-SeeNet. Authentication is not required to exploit this vulnerability. The specific flaw exists within deviceposition.php. When parsing the deviceid parameter, the process does not...

7.5CVSS1.8AI score0.01396EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/21 12:0 a.m.•38 views

Apple macOS process_token_BlitFramebuffer Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppleIntelKBLGraphic...

7.8CVSS4.2AI score0.00216EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/15 12:0 a.m.•38 views

VMware Workstation ThinPrint EMF Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6.5CVSS2.3AI score0.00301EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/15 12:0 a.m.•38 views

VMware Workstation ThinPrint name Table Integer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the ThinPri...

8.8CVSS5.2AI score0.00289EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•38 views

SAP 3D Visual Enterprise Viewer BMP File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS5AI score0.01623EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/27 12:0 a.m.•38 views

Advantech iView NetworkServlet findUpdateDeviceListExport Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the findUpdateDeviceListExport method of the NetworkServlet...

9.8CVSS5.4AI score0.07717EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/27 12:0 a.m.•38 views

Advantech iView PSTable exportPSInventoryTable Directory Traversal File Creation Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the exportPSInventoryTable method of the PSTable class. The...

8.2CVSS2.1AI score0.07717EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/13 12:0 a.m.•38 views

Microsoft Office OfficeClickToRun Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Office. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the OfficeClickToRu...

7.8CVSS4.2AI score0.03717EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/12 12:0 a.m.•38 views

Adobe Acrobat Reader DC JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.5AI score0.04986EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/10 12:0 a.m.•38 views

Marvell QConvergeConsole writeObjectToConfigFile Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS4.7AI score0.10086EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/10 12:0 a.m.•38 views

Marvell QConvergeConsole setAppFileBytes Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the setAppFileBytes...

8.8CVSS4.6AI score0.09255EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/10 12:0 a.m.•38 views

Marvell QConvergeConsole saveAsText Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the saveAsText meth...

8.8CVSS4.7AI score0.59349EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/05 12:0 a.m.•38 views

Delta Industrial Automation CNCSoft ScreenEditor DPB File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

7.8CVSS6.1AI score0.10218EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/22 12:0 a.m.•38 views

Adobe Prelude MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Prelude. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of MP...

7.8CVSS4.2AI score0.0391EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/21 12:0 a.m.•38 views

Apple Safari RenderWidget Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the RenderWidget clas...

7.5CVSS2.4AI score0.02833EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/20 12:0 a.m.•38 views

Oracle Java Runtime Environment HTML Rendering Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle Java Runtime Environment. Interaction with the JavaFX library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists...

7.8CVSS3.6AI score0.04245EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/16 12:0 a.m.•38 views

(Pwn2Own) Microsoft Windows DirectComposition RemoveBindingManagerReferenceFromTrackerIfNecessary Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of th...

7.8CVSS4.6AI score0.05753EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/01 12:0 a.m.•38 views

Microsoft Windows hevcdecoder_store HEIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5.1AI score0.123EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/06/30 12:0 a.m.•38 views

(Pwn2Own) ICONICS Genesis64 VariantClear Out-Of-Bounds Access Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of ICONICS Genesis64. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of indexes. The issue results from the lack of proper validation of...

9.8CVSS2AI score0.29194EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/06/25 12:0 a.m.•38 views

(0Day) CentOS Web Panel ajax_mod_security Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmodsecurity.php. The issue results from the lack of proper validation of a...

9.8CVSS3.3AI score0.08083EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/06/25 12:0 a.m.•38 views

(0Day) CentOS Web Panel ajax_mail_autoreply search SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxmailautoreply.php. When parsing the search parameter, the process does not...

7.5CVSS2.1AI score0.0383EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/05/28 12:0 a.m.•38 views

Apple Safari HasIndexedProperty Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of...

8.8CVSS2.2AI score0.01648EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/19 12:0 a.m.•38 views

(0Day) Microsoft Windows splwow64 Untrusted Pointer Dereference Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the user-mode...

2.5CVSS2.9AI score0.00821EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•38 views

Advantech WebAccess/SCADA ViewSrv IOCTL 0x00002774 Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of IOCTL 0x00002774 in ViewSrv.dll. The issue results from...

9.8CVSS3.8AI score0.07059EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•38 views

Foxit PhantomPDF U3DBrowser U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U...

7.8CVSS4.1AI score0.04826EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•38 views

Intel Wi-Fi Link Driver Netwtw06 Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Intel Wi-Fi Link Driver. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of 802.11 frames. The issue results from the lack of...

8.8CVSS1.7AI score0.00395EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/02/11 12:0 a.m.•38 views

Apple macOS IO80211Family Stack-based Buffer Overflow Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.1CVSS3.9AI score0.00345EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/02/04 12:0 a.m.•38 views

(0Day) Hewlett Packard Enterprise Intelligent Management Center deploySelectSoftware Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

8.8CVSS3AI score0.06707EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/01/29 12:0 a.m.•38 views

Hewlett Packard Enterprise Intelligent Management Center eventInfo_content Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

8.8CVSS3.1AI score0.06613EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/12/11 12:0 a.m.•38 views

Apple macOS fseventsd Uninitialized Buffer Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the fseventsd...

6.5CVSS4.7AI score0.00344EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/11/26 12:0 a.m.•38 views

Phoenix Contact Automationworx MWT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Phoenix Contact Automationworx. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

7.8CVSS4.2AI score0.03306EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/10/31 12:0 a.m.•38 views

Apple macOS AppleIntelCFLGraphicsFramebuffer.kext Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.8CVSS4.5AI score0.00406EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/10/25 12:0 a.m.•38 views

Apple macOS AudioCodecs Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AudioCodecs...

7.8CVSS3.7AI score0.01215EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/10/22 12:0 a.m.•38 views

Foxit PhantomPDF Signature Field OnFocus Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of t...

7.8CVSS2.1AI score0.05186EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/10/15 12:0 a.m.•38 views

Adobe Acrobat Pro DC XFA Form Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processin...

7.8CVSS2.7AI score0.03637EPSS
Exploits0References1
Total number of security vulnerabilities5000