Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2013/03/22 12:0 a.m.•37 views

Microsoft Internet Explorer saveHistory Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific issue is due to the way Internet Explorer handle...

7.5CVSS2.8AI score0.19804EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/03/22 12:0 a.m.•37 views

Oracle Java Proxy.newProxyInstance Security Manager Bypass Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or run a malicious file. The specific bypass of security permissions is...

7.5CVSS4.8AI score0.06196EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/02/14 12:0 a.m.•37 views

Microsoft Internet Explorer COmWindowProxy Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS3.6AI score0.34923EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2013/02/11 12:0 a.m.•37 views

Adobe Flash Player loadPCMFromByteArray Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS4.6AI score0.06868EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2013/02/11 12:0 a.m.•37 views

EMC NetWorker nsrck.exe Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC NetWorker. Authentication is not required to exploit this vulnerability. The specific flaw exists within the way nsrck.exe handles a remotely supplied string. When handling RPC calls for opcode...

6.8CVSS3.3AI score0.03189EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2012/12/21 12:0 a.m.•37 views

Microsoft Internet Explorer 9 CTreeNode Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS2.6AI score0.19496EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2012/12/21 12:0 a.m.•37 views

Microsoft Internet Explorer Title Element Change Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the...

7.5CVSS2.9AI score0.24052EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2012/11/15 12:0 a.m.•37 views

RealNetworks RealPlayer RV40 Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required in that a target must visit a malicious page or open a malicious file. The flaw exists within the rv40.dll component for RealNetworks RealPlaye...

9CVSS5.1AI score0.04546EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2012/08/03 12:0 a.m.•37 views

Microsoft Windows TrueType Font Parsing Remote Code Execution Vulnerability (Remote Kernel)

This vulnerability allows remote attackers to execute arbitrary code from the contact of kernelspace on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...

10CVSS4.9AI score0.26816EPSS
Exploits1References3
Zero Day Initiative
Zero Day Initiative
•added 2012/06/21 12:0 a.m.•37 views

HP OpenView Performance Manager PMParamHandler Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Performance Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PMParamHandler component of Performance Manager, which is served v...

10CVSS4.6AI score0.23279EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2012/02/08 12:0 a.m.•37 views

IBM Rational Rhapsody BBFlashBack.Recorder.1 InsertMarker Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Rational Rhapsody. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within BB FlashBa...

9CVSS6.3AI score0.03585EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/11/11 12:0 a.m.•37 views

ProFTPD Response Pool Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the ProFTPd server. Authentication is required to exploit this vulnerability in order to have access to the ftp command set. The specific flaw exists within how the server manages the response pool...

9CVSS8.1AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/06/08 12:0 a.m.•37 views

Oracle Java Web Start Command Argument Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Java webstar...

9CVSS5AI score0.03051EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/06/08 12:0 a.m.•37 views

Oracle Java ICC Profile Multi-Language 'curv' Tag Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of java. Authentication is not required to exploit this vulnerability. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exis...

9CVSS5.5AI score0.06277EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/06/06 12:0 a.m.•37 views

Novell iPrint nipplib.dll uri Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib componen...

9CVSS3.1AI score0.04883EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/06/06 12:0 a.m.•37 views

Novell iPrint nipplib.dll iprint-client-config-info Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib componen...

9CVSS3.5AI score0.05869EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/05/10 12:0 a.m.•37 views

HP 3COM/H3C Intelligent Management Center tftpserver WRQ Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP H3C Intelligent Management Center. Authentication is not required to exploit this vulnerability. The flaw exists within the tftpserver.exe component which listens by default on UDP port 69. When...

10CVSS3.7AI score0.10567EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/03/22 12:0 a.m.•37 views

(Pwn2Own) Apple Safari OfficeArtBlip Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari on the iPhone. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

9.7CVSS4AI score0.05472EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2011/03/02 12:0 a.m.•37 views

Apple iPhone Webkit Library Javascript Array sort Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's iPhone Webkit library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

9CVSS2.3AI score0.02675EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/02/08 12:0 a.m.•37 views

Adobe Acrobat Reader U3D Texture rgba RLE Decompression Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

9CVSS3.9AI score0.47599EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/02/08 12:0 a.m.•37 views

Adobe Flash Player Point Object Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within construction ...

9CVSS3AI score0.06103EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/02/08 12:0 a.m.•37 views

Adobe Reader ICC Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the ICC parsing component of...

9CVSS6.5AI score0.09839EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/02/07 12:0 a.m.•37 views

(0Day) Microsoft Office Excel Office Art Object Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way t...

9CVSS4.9AI score0.26523EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2011/02/07 12:0 a.m.•37 views

(0Day) IBM Lotus Domino Calendar Request Attachment Name Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NRouter service while transporting malformed e-mails. The vulnerable...

10CVSS5.5AI score0.05849EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/02/07 12:0 a.m.•37 views

(0Day) Microsoft Office Drawing Object Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Excel 2007. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

10CVSS5AI score0.32172EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2011/02/07 12:0 a.m.•37 views

(0Day) IBM Lotus Domino IMAP/POP3 Non-Printable Character Expansion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The specific flaw exists within the POP3 and IMAP services while processing malformed e-mails. The...

10CVSS5.9AI score0.05912EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/12/09 12:0 a.m.•37 views

Mozilla Firefox NewIdArray Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Firefox's...

9CVSS9.4AI score0.04812EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/11/23 12:0 a.m.•37 views

Apple Webkit WholeText Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the wholeText metho...

9CVSS9.2AI score0.06513EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/11/10 12:0 a.m.•37 views

Apple QuickTime ELST MediaRate Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the QuickTimeMPEG.qtx...

9CVSS9.1AI score0.03363EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2010/11/10 12:0 a.m.•37 views

Apple QuickTime FlashPix Max Uninitialized Jpeg Table Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

9CVSS9.4AI score0.02961EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2010/10/29 12:0 a.m.•37 views

Adobe Shockwave Player Director File SetVertexArray Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within code...

7.5CVSS6.6AI score0.04183EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/08/11 12:0 a.m.•37 views

Microsoft Office Word 2007 plcffldMom Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code...

10CVSS4.3AI score0.19399EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/08/09 12:0 a.m.•37 views

Novell ZENWorks Remote Management Agent Weak Authentication Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENWorks Remote Management. Access to a single node with Remote Management client installed and configured is required. The specific flaw exists within the storage of Remote Management...

9CVSS7.9AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/08/09 12:0 a.m.•37 views

Apple Webkit Rendering Counter Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Webkit's...

10CVSS3.1AI score0.05961EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/07/20 12:0 a.m.•37 views

Mozilla Firefox NodeIterator Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the victim must visit a malicious page or open a malicious file. The specific flaw exists within the application'...

10CVSS4.6AI score0.05384EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/06/21 12:0 a.m.•37 views

Novell Access Manager Arbitrary File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to upload arbitrary files on vulnerable installations of Novell Access Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PortalModuleInstallManager component of the Novell Management Console which...

10CVSS5.5AI score0.06383EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2010/04/06 12:0 a.m.•37 views

CA XOsoft Control Service entry_point.aspx Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates XOsoft Control Replication and High Availability Control Service. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

10CVSS4.8AI score0.16755EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2010/04/02 12:0 a.m.•37 views

Apple QuickTime H.263 PictureHeader Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within quicktime.qts wh...

10CVSS4.7AI score0.03719EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/04/02 12:0 a.m.•37 views

Mozilla Firefox libpr0n imgContainer Bits-Per-Pixel Change Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the libpr0n...

10CVSS2.7AI score0.05724EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2009/12/09 12:0 a.m.•37 views

Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable vsprintf Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe CGI executable accessible via the I...

10CVSS5.3AI score0.11794EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2009/12/09 12:0 a.m.•37 views

Adobe Flash Player ActionScript Exception Handler Integer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page or open a malicious SWF file. The specific flaw exists in the...

9.3CVSS4.3AI score0.09955EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2009/12/09 12:0 a.m.•37 views

Hewlett-Packard OpenView NNM Multiple Command Injection Vulnerabilities

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard's Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaws exist within Perl CGI executables distributed with Network Node Manager NNM...

10CVSS1.8AI score0.21951EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2009/12/08 12:0 a.m.•37 views

Microsoft Internet Explorer IFrame Attributes Circular Reference Dangling Pointer Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page. The specific flaw exists during deallocation of a circula...

9.3CVSS3.2AI score0.26261EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2009/12/08 12:0 a.m.•37 views

Microsoft Internet Explorer XHTML DOM Manipulation Memory Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required in that a user must visit a malicious web page. The specific flaw exists in the manipulation and parsing of certain HTML tags. The ordering...

9.3CVSS2.6AI score0.21038EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2009/11/10 12:0 a.m.•37 views

Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must open a malicious spreadsheet. The specific flaw exists in the handling of Shared Feature...

9.3CVSS2.5AI score0.85731EPSS
Exploits10References1
Zero Day Initiative
Zero Day Initiative
•added 2009/08/05 12:0 a.m.•37 views

Sun Java Pack200 Decoding Inner Class Count Integer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Sun Java Runtime. User interaction is required in that a target must visit a malicious web page or open a malicious JNLP file. The specific flaw exists within the code responsible for handling...

10CVSS4.3AI score0.04324EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2009/01/14 12:0 a.m.•37 views

Oracle TimesTen evtdump Remote Format String Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle TimesTen. User interaction is not required to exploit this vulnerability. The specific flaw exists in the evtdump CGI module, which is used to write to an internal log file. The parameter...

7.5CVSS3.2AI score0.11891EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2008/11/12 12:0 a.m.•37 views

Mozilla Firefox Input Box Type Property Dangling Pointer Vulnerability

This vulnerability allows attackers to potentially execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when a DOM method on a specific HTML form...

9.3CVSS2.7AI score0.03633EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2008/09/09 12:0 a.m.•37 views

Apple QuickTime STSZ Atom Parsing Heap Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the handling of STSZ...

6.8CVSS4.4AI score0.04541EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2008/07/10 12:0 a.m.•37 views

Novell eDirectory dhost Integer Overflow Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell eDirectory. Authentication is not required to exploit this vulnerability. The specific flaw exists within dhost.exe, bound by default to TCP port 524. Flawed arithmetic applied to a...

10CVSS3.3AI score0.08667EPSS
Exploits0References1
Total number of security vulnerabilities5000