Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2011/07/27 12:0 a.m.•38 views

Webkit setAttributes attributeChanged Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Webkit Library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS2.1AI score0.03923EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2011/06/27 12:0 a.m.•38 views

Citrix EdgeSight Launcher Service Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Citrix EdgeSight. Authentication is not required to exploit this vulnerability. The flaw exists within the LauncherService.exe component which listens by default on TCP port 18747. When handling a...

10CVSS2.4AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/06/08 12:0 a.m.•38 views

Oracle Java ICC Profile ncl2 DevCoords Tag Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the way java handles color...

9CVSS5.6AI score0.06277EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/06/06 12:0 a.m.•38 views

Novell iPrint nipplib.dll uri Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib componen...

9CVSS3.1AI score0.04883EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/06/06 12:0 a.m.•38 views

Novell iPrint nipplib.dll iprint-client-config-info Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib componen...

9CVSS3.5AI score0.05869EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/04/12 12:0 a.m.•38 views

Microsoft Office Excel RealTimeData Record Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the methods used f...

9CVSS4.7AI score0.29971EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2011/03/22 12:0 a.m.•38 views

(0Day) IBM Lotus Domino Server Controller Authentication Bypass Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Lotus Domino Server Controller. Authentication is not required to exploit this vulnerability. The flaw exists within the remote console functionality which listens by default on TCP port 2050. When...

10CVSS4.1AI score0.10078EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/03/02 12:0 a.m.•38 views

Apple iPhone Webkit Library Javascript Array sort Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's iPhone Webkit library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

9CVSS2.3AI score0.02675EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/02/15 12:0 a.m.•38 views

Oracle Java Webstart Trusted JNLP Extension Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle's Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

9.7CVSS4.3AI score0.02415EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/02/08 12:0 a.m.•38 views

Adobe Reader ICC Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the ICC parsing component of...

9CVSS6.5AI score0.09839EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/02/07 12:0 a.m.•38 views

(0Day) Microsoft Office Excel Office Art Object Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way t...

9CVSS4.9AI score0.26523EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2010/12/09 12:0 a.m.•38 views

Mozilla Firefox NewIdArray Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Firefox's...

9CVSS9.4AI score0.04812EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/11/23 12:0 a.m.•38 views

Apple Webkit WholeText Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the wholeText metho...

9CVSS9.2AI score0.06513EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/11/10 12:0 a.m.•38 views

Apple QuickTime GIF LZW Decompression Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required in that a target must open a malicious media file or visit a malicious page. The specific flaw exists within the application's implementation of the LZ...

9CVSS9.6AI score0.02961EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2010/11/10 12:0 a.m.•38 views

Apple QuickTime FlashPix Max Uninitialized Jpeg Table Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

9CVSS9.4AI score0.02961EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2010/11/07 12:0 a.m.•38 views

Juniper Secure Access Series meeting_testjava.cgi XSS Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Juniper SA Series devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the meetingtestjava.cgi page which is used to test JVM compatibility. When...

6.4CVSS6.8AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2010/10/19 12:0 a.m.•38 views

Mozilla Firefox LookupGetterOrSetter Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in js3250.dll. When a...

9CVSS9.5AI score0.06451EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2010/08/31 12:0 a.m.•38 views

Apple QuickTime ActiveX _Marshaled_pUnk Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the QTPlugin.ocx...

9CVSS6.8AI score0.42668EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2010/08/26 12:0 a.m.•38 views

RealNetworks RealPlayer Malformed IVR Object Index Code Execution Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when parsing a RealMed...

10CVSS6.8AI score0.06812EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2010/08/24 12:0 a.m.•38 views

Adobe Shockwave Player Director File FFFFFF88 Record Processing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

9CVSS7AI score0.06051EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/08/11 12:0 a.m.•38 views

Apple Webkit Button First-Letter Style Rendering Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. Authentication is not required to exploit this vulnerability. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or ope...

10CVSS8.8AI score0.06691EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/08/11 12:0 a.m.•38 views

Microsoft Office Word sprmCMajority Record Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must open a malicious document. The specific flaw exists in the parsing of sprmCMajority records...

10CVSS4.7AI score0.39813EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
•added 2010/08/10 12:0 a.m.•38 views

Adobe Flash Player LocalConnection Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the connect...

10CVSS5.9AI score0.06751EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2010/06/16 12:0 a.m.•38 views

Adobe Flash Player Multiple Atom MP4 Parsing Remote Code Execution Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of the Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code...

10CVSS3.2AI score0.06751EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2010/06/08 12:0 a.m.•38 views

Hewlett-Packard OpenView NNM ovwebsnmpsrv.exe Bad Option Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ovwebsnmpsrv.exe process which can be reached remote...

10CVSS3.3AI score0.6911EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2010/04/02 12:0 a.m.•38 views

Apple QuickTime H.263 PictureHeader Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within quicktime.qts wh...

10CVSS4.7AI score0.03719EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/03/09 12:0 a.m.•38 views

Hewlett-Packard OVPI helpmanager Servlet Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary commands on vulnerable installations of Hewlett-Packard Performance Insight. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of requests to the helpmanager servlet running on the...

10CVSS3.2AI score0.05664EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2009/12/09 12:0 a.m.•38 views

Adobe Flash Player ActionScript Exception Handler Integer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page or open a malicious SWF file. The specific flaw exists in the...

9.3CVSS4.3AI score0.09955EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2009/12/09 12:0 a.m.•38 views

Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable vsprintf Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe CGI executable accessible via the I...

10CVSS5.3AI score0.11794EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2009/11/30 12:0 a.m.•38 views

Novell ZENworks Desktop Management Installation Service Remote Information Disclosure Vulnerability

This vulnerability allows remote attackers to impersonate valid users in vulnerable installations of Novell ZENworks Desktop Management. Authentication is not required to exploit this vulnerability. The specific flaw exists due to an information leak when querying the AWSI service which listens b...

6.5AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2009/11/10 12:0 a.m.•38 views

Microsoft Office Excel PivotTable Cache Record Parsing Memory Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must open a malicious document. The specific flaw exists when parsing a document containing a...

9.3CVSS5.3AI score0.25075EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2009/08/07 12:0 a.m.•38 views

CA Unicenter Software Delivery dtscore.dll Stack Overflow Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates Unicenter Software Delivery. Authentication is not required to exploit this vulnerability. The specific flaw resides in the dtscore.dll library. The vulnerability is exposed through...

10CVSS3.7AI score0.07726EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2009/06/08 12:0 a.m.•38 views

Apple WebKit dir Attribute Freeing Dangling Object Pointer Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable software utilizing the Apple WebKit library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when the document.body element contains a...

9.3CVSS3.3AI score0.07746EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2009/06/08 12:0 a.m.•38 views

Apple WebKit attr() Invalid Attribute Memory Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of attr functions in a CSS content...

9.3CVSS2.2AI score0.08462EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2009/04/07 12:0 a.m.•38 views

EMC RepliStor Server Service DoASOCommand Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC RepliStor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DoRcvRpcCall RPC function exposed via the repsrv.exe process which listens by defaul...

10CVSS3.8AI score0.07409EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2009/02/10 12:0 a.m.•38 views

Microsoft Internet Explorer CFunctionPointer Memory Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of document objects...

9.3CVSS3.9AI score0.85277EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2008/10/08 12:0 a.m.•38 views

Novell eDirectory Core Protocol Opcode 0x24 Heap Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell eDirectory Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within dhost.exe, the service responsible for directory replication which is bound b...

10CVSS4.5AI score0.10601EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2008/09/09 12:0 a.m.•38 views

Apple QuickTime Panorama PDAT Atom Parsing Buffer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the handling of...

9.3CVSS4.9AI score0.06645EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2008/09/09 12:0 a.m.•38 views

Apple QuickTime STSZ Atom Parsing Heap Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the handling of STSZ...

6.8CVSS4.4AI score0.04541EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2008/08/14 12:0 a.m.•38 views

EMC ApplicationXtender Workflow Server Admin Agent Heap Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of EMC ApplicationXtender Workflow Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Admin Agent service awstmxn.exe which listens by...

10CVSS6AI score0.05618EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2008/02/11 12:0 a.m.•38 views

Novell Client NWSPOOL.DLL EnumPrinters Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of the Novell Netware Client. Authentication is not required to exploit this vulnerability. The specific flaw exists in nwspool.dll which is responsible for handling RPC requests through...

10CVSS4.9AI score0.23186EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
•added 2008/01/17 12:0 a.m.•38 views

Citrix Metaframe Presentation Server IMA Service Heap Overflow Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Citrix Presentation Server. Authentication is not required to exploit this vulnerability. The specific flaw resides in the Independent Management Architecture service, ImaSrv.exe, which listens by default...

10CVSS4.7AI score0.72963EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2007/07/11 12:0 a.m.•38 views

Samba lsa_io_trans_names Heap Overflow Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Samba. User interaction is not required to exploit this vulnerability. The specific flaw exists in the parsing of RPC requests to the LSA RPC interface. When parsing a request to...

10CVSS5.6AI score0.77806EPSS
Exploits23References1
Zero Day Initiative
Zero Day Initiative
•added 2007/07/11 12:0 a.m.•38 views

Samba netdfs_io_dfs_EnumInfo_d Heap Overflow Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Samba. User interaction is not required to exploit this vulnerability. The specific flaw exists in the parsing of RPC requests to the DFS RPC interface. When parsing a request to DFSEnum, heap allocation ...

10CVSS5.4AI score0.77806EPSS
Exploits23References1
Zero Day Initiative
Zero Day Initiative
•added 2007/07/11 12:0 a.m.•38 views

Samba sec_io_acl Heap Overflow Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Samba. User interaction is not required to exploit this vulnerability. The specific flaw exists in the parsing of RPC requests to the SRVSVC RPC interface. When parsing a request to NetSetFileSecurity, he...

10CVSS5.3AI score0.77806EPSS
Exploits23References1
Zero Day Initiative
Zero Day Initiative
•added 2006/08/08 12:0 a.m.•38 views

Microsoft Internet Explorer Multiple CSS Imports Memory Corruption Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists due to improper garbage collection when...

7.5CVSS2.3AI score0.41215EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2006/05/11 12:0 a.m.•38 views

Apple QuickTime H.264 Parsing Buffer Overflow Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple's QuickTime media player. The specific flaw exists within the parsing of H.264 content. The implicit trust of a user-supplied size value during a memory copy loop allows an attacker to create an...

5.1CVSS6.2AI score0.06516EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/06/20 12:0 a.m.•37 views

Linux Kernel TIPC Message Reassembly Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability, but only systems with TIPC bearer enabled are vulnerable. The specific flaw exists within the processing of fragmented TIPC...

9CVSS7.3AI score0.01305EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2024/06/12 12:0 a.m.•37 views

(Pwn2Own) Microsoft Windows cldflt Heap-based Buffer Overflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cldflt kernel...

7.8CVSS7AI score0.15127EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2024/05/24 12:0 a.m.•37 views

Ivanti Endpoint Manager RecordGoodApp SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the RecordGoodApp method. The issue results from the lack ...

9.8CVSS8.1AI score0.6439EPSS
Exploits0References1
Total number of security vulnerabilities5000