Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2017/12/15 12:0 a.m.•36 views

Quest NetVault Backup Server Process Manager Service NVBUBackup JobList Method SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackup JobList method requests. The issue results from the...

7.5CVSS1.3AI score0.03933EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2017/12/06 12:0 a.m.•36 views

Advantech WebAccess webvrpcs drawsrv Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x2775 IOCTL in the webvrpcs process. The issue results...

6.8CVSS2.3AI score0.03051EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/12/06 12:0 a.m.•36 views

Cisco WebEx ARF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Network Recording Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

6.8CVSS6.5AI score0.0298EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/12/06 12:0 a.m.•36 views

Cisco WebEx Recorder and Player WRF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Recorder and Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.8CVSS6.3AI score0.0298EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/11/20 12:0 a.m.•36 views

Microsoft Windows VBScript Join Function Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS3AI score0.09825EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/11/20 12:0 a.m.•36 views

Apple Safari Node Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Nod...

6.8CVSS1.2AI score0.01508EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/11/14 12:0 a.m.•36 views

Foxit Reader Link setAction Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the setAction metho...

6.8CVSS8.7AI score0.03014EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/11/14 12:0 a.m.•36 views

Adobe Acrobat Pro DC ImageConversion EMF EmfPlusDrawBeziers Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS8AI score0.0672EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/11/14 12:0 a.m.•36 views

Foxit Reader util printf Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within util.printf...

4.3CVSS6.3AI score0.02578EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/28 12:0 a.m.•36 views

(0Day) EMC Data Protection Advisor ScheduledReportResource Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Data Protection Advisor. Authentication is required to exploit this vulnerability. The specific flaw exists within the EMC DPA Application service, which listens on TCP port 9002 by default. Wh...

9CVSS4.6AI score
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2017/09/26 12:0 a.m.•36 views

Apple Safari RegExp replace Out-Of-Bounds Access Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS1.9AI score0.01603EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/26 12:0 a.m.•36 views

Hewlett Packard Enterprise Application Performance Management Staging Data Replicator hpbsmsdr Missing Authentication for Critical Function Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Application Performance Management Staging Data Replicator. The specific flaw exists within the hpbsmsdr web service, which listens on TCP port 29921 by default. The...

10CVSS2.3AI score0.06958EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/22 12:0 a.m.•36 views

Trend Micro Control Manager CCGIServlet HighRiskDetectionResult SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within processing of...

6CVSS8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/15 12:0 a.m.•36 views

Trend Micro Mobile Security for Enterprise notify_groups_to_scan DeviceGroupId SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Mobile Security for Enterprise. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of the notifygroupstoscan action. When parsing t...

9CVSS4.9AI score0.50166EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/15 12:0 a.m.•36 views

Trend Micro Mobile Security for Enterprise assign_policy Id SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Mobile Security for Enterprise. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of the assignpolicy action. When parsing the...

9CVSS4.9AI score0.50166EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/12 12:0 a.m.•36 views

Microsoft Windows Uniscribe Bidirectional Text Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS2.1AI score0.16911EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/12 12:0 a.m.•36 views

Microsoft Windows PDF Library JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows PDF Library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

4.3CVSS7.4AI score0.21531EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/30 12:0 a.m.•36 views

Advantech WebAccess Product Installation File Access Control Modification Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privilege on vulnerable installations of Advantech WebAccess. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the access...

7.2CVSS5AI score0.0035EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/08 12:0 a.m.•36 views

Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.8CVSS4.5AI score0.07742EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/08 12:0 a.m.•36 views

Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS2.3AI score0.07594EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2017/07/11 12:0 a.m.•36 views

(Pwn2Own) Microsoft Windows win32kfull CopyOutputString Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

2.1CVSS6.5AI score0.02214EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2017/07/07 12:0 a.m.•36 views

Foxit Reader execMenuItem Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the app.execMenuIte...

6.8CVSS2AI score0.03162EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/06/21 12:0 a.m.•36 views

(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCVIEWER RotateFromCenter Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of UCanCode E-XD++ Visualization Enterprise Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

6.8CVSS7.1AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/06/21 12:0 a.m.•36 views

Microsoft Internet Explorer Array.splice Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS3.6AI score0.73289EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2017/06/13 12:0 a.m.•36 views

Microsoft Windows OTL Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

2.6CVSS6.6AI score0.07148EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/12 12:0 a.m.•36 views

Adobe Reader DC PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Reader's...

4.3CVSS2.7AI score0.03362EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/10 12:0 a.m.•36 views

(Pwn2Own) Microsoft Edge WriteClassesOfCategory DLL Planting Sandbox Escape Vulnerability

This vulnerability allows remote attackers to escape the AppContainer sandbox on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.2CVSS3.1AI score0.0308EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/04/21 12:0 a.m.•36 views

Foxit Reader importAnXFDF Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the importAnXFDF...

6.8CVSS7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/29 12:0 a.m.•36 views

Trend Micro InterScan Web Security Virtual Appliance ReportHandler DoCmd Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro InterScan Web Security Virtual Appliance. Authentication is required to exploit this vulnerability. The specific flaw exists within ReportHandler's DoCmd method. A crafted cmd parameter...

9CVSS5.3AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/21 12:0 a.m.•36 views

Microsoft Internet Explorer CHtmTag Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

4.3CVSS0.4AI score0.13076EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/01 12:0 a.m.•36 views

Trend Micro SafeSync for Enterprise displayName_get SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Trend Micro SafeSync for Enterprise. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists withi...

4CVSS7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/20 12:0 a.m.•36 views

Bitdefender Internet Security SIS Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.8CVSS7.3AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2017/01/10 12:0 a.m.•36 views

Adobe Reader DC XSLT element-available Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within XSLT's...

6.8CVSS3.4AI score0.2042EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/10 12:0 a.m.•36 views

Adobe Acrobat Pro DC ImageConversion TIFF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

4.3CVSS2.4AI score0.03621EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/08/29 12:0 a.m.•36 views

Apple OS X IOHDIXController Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists within the IOHDIXController interface. The issue lies...

6.9CVSS3.4AI score0.01611EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/08/24 12:0 a.m.•36 views

Adobe Reader DC FlateDecode Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS3.1AI score0.05602EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/08/09 12:0 a.m.•36 views

Trend Micro Control Manager cgiCMUIDispatcher SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within cgiCMUIDispatcher.exe. The issue lies in the failure to sanitize user-supplied...

6.5CVSS8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/07/12 12:0 a.m.•36 views

Adobe Flash PrintJob printAsBitmap Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS2.2AI score0.0854EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/06/22 12:0 a.m.•36 views

Microsoft Edge CBaseScriptable PrivateQueryInterface Uninitialized Memory Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementatio...

6.8CVSS3.2AI score0.56767EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2016/06/22 12:0 a.m.•36 views

SolarWinds Storage Resource Monitor Profiler Server RulesMetaData addNewRule SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RulesMetaData's addNewRule method which is reachable through t...

10CVSS7.9AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/10 12:0 a.m.•36 views

Adobe Acrobat Pro DC Signature signatureSetSeed Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS4.2AI score0.06386EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/10 12:0 a.m.•36 views

Adobe Acrobat Reader DC CBSharedReviewIfOfflineDialog Javascript API Restrictions Bypass Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS4.2AI score0.06911EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/10 12:0 a.m.•36 views

Adobe Reader DC XFAFormInstanceManager Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS3.8AI score0.0641EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/10 12:0 a.m.•36 views

Adobe Acrobat Reader DC ANAuthenticateResource Javascript API Restrictions Bypass Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS3.4AI score0.06293EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/04/12 12:0 a.m.•36 views

Microsoft Internet Explorer CMediaEngine Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS3.6AI score0.15764EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/04/12 12:0 a.m.•36 views

Microsoft Edge Proxy Object Universal Cross Site Scripting Vulnerability

This vulnerability allows remote attackers to inject arbitrary script code into arbitrary domains on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

7.5CVSS3.3AI score0.15078EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/03/10 12:0 a.m.•36 views

Adobe Flash setInterval Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the setInterval...

6.8CVSS4.1AI score0.0714EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/02/09 12:0 a.m.•36 views

Adobe Flash URLRequest Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS3.4AI score0.05499EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/02/05 12:0 a.m.•36 views

Advantech WebAccess datacore Service datacore.exe Path strcat Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x791E IOCTL in the Kernel subsystem. A stack-based buffer...

9.3CVSS4.2AI score0.16655EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2016/01/25 12:0 a.m.•36 views

Oracle Application Testing Suite ReportImage tempfilename Parameter Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Application Testing Suite. Authentication is required but can be bypassed. The specific vulnerability is exposed by the ActionServlet servlet. In the ReportImage action, the tempfilename...

9CVSS7.8AI score0.54782EPSS
Exploits0References1
Total number of security vulnerabilities5000