Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2020/12/09 12:0 a.m.•36 views

Apple macOS libFontParser TTF Font Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the RenderGlyp...

4.3CVSS2.9AI score0.01081EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/12/08 12:0 a.m.•36 views

Apple macOS Kernel Command 0x10005 Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppleIntelKBLGraphic...

7.8CVSS4.5AI score0.00578EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/10/28 12:0 a.m.•36 views

Micro Focus Operations Bridge Manager diagnostics Use of Hard-coded Credentials Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the product's authentication mechanism. The product contains a...

9.8CVSS4.2AI score0.74232EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/08 12:0 a.m.•36 views

IBM Informix spatial Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of IBM Informix. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the spatial.bld module...

7.8CVSS4.7AI score0.00366EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/15 12:0 a.m.•36 views

VMware Workstation ThinPrint TTCHeader Integer Overflow Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6.5CVSS3.8AI score0.00324EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/15 12:0 a.m.•36 views

VMware Workstation ThinPrint JPEG2000 Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6.5CVSS2.3AI score0.00301EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/21 12:0 a.m.•36 views

Foxit Studio Photo PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS3.7AI score0.05277EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/13 12:0 a.m.•36 views

Microsoft Windows WalletService Race Condition Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

2.5CVSS4.6AI score0.00931EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/10 12:0 a.m.•36 views

Marvell QConvergeConsole getFileFromURL Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the getFileFromURL...

8.8CVSS2.4AI score0.10678EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/10 12:0 a.m.•37 views

Marvell QConvergeConsole Exposed Dangerous Method or Function Remote Code Execution

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Tomcat...

8.8CVSS2.9AI score0.07543EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/10 12:0 a.m.•37 views

Marvell QConvergeConsole isHPSmartComponent Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of installations of Marvell QConvergeConsole. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within th...

8.8CVSS3.2AI score0.07244EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/04 12:0 a.m.•36 views

Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation Arena Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

7.8CVSS4.8AI score0.12042EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/21 12:0 a.m.•36 views

Apple Safari getAnimations Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS1.3AI score0.02686EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/20 12:0 a.m.•36 views

Oracle VirtualBox e1000 Unintialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6CVSS3.9AI score0.00553EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/20 12:0 a.m.•36 views

Oracle VirtualBox LsiLogicSCSI Time-Of-Check Time-Of-Use Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

5.3CVSS2.4AI score0.00538EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/20 12:0 a.m.•36 views

Oracle VirtualBox BusLogicSCSI Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6CVSS3.9AI score0.0056EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/16 12:0 a.m.•36 views

Advantech iView ZTPConfig importZtpConfiguration Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the importZtpConfiguration method of the ZTPConfig...

7.5CVSS1.9AI score0.04886EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/09 12:0 a.m.•36 views

(0Day) (Pwn2Own) Rockwell Automation Studio 5000 AML File Parsing XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Rockwell Automation Studio 5000. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of AML files. Due to the improper restriction of XML...

3.3CVSS2.5AI score0.01545EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/06/09 12:0 a.m.•36 views

Microsoft Windows Media Player mpg2splt Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows Media Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS4.6AI score0.05928EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/06/09 12:0 a.m.•36 views

Microsoft SharePoint Server Web Part Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of Web Parts. When creating a SharePoint page, an attacker can uplo...

8.8CVSS2.4AI score0.69303EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/27 12:0 a.m.•36 views

Trend Micro InterScan Web Security Virtual Appliance Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro InterScan Web Security Virtual Appliance. Authentication is required to exploit this vulnerability. The specific flaw exists within the LogSettingHandler class. When parsing the mountdevi...

8.8CVSS5.3AI score0.8758EPSS
Exploits7References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•36 views

Foxit PhantomPDF AddWatermark Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of t...

7.8CVSS2.1AI score0.04689EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•36 views

Oracle VirtualBox xHCI Integer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the xHCI...

8.2CVSS5.1AI score0.00636EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•36 views

Foxit PhantomPDF U3DBrowser U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS1.4AI score0.03405EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•36 views

Oracle VirtualBox VBoxVGA VBoxVHWASurfaceBase Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the VBoxVGA...

8.2CVSS3.6AI score0.00576EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•36 views

Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database...

7.8CVSS4.1AI score0.11685EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•36 views

Microsoft Windows Palette Object Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

8.8CVSS4.3AI score0.00894EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/03/31 12:0 a.m.•36 views

IBM Spectrum Protect Plus plugin Directory Traversal File Creation Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of IBM Spectrum Protect Plus. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Administrative Console Framework service. The issue results from the lack ...

6.5CVSS3.1AI score0.01919EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/03/25 12:0 a.m.•36 views

(Pwn2Own) TP-Link Archer A7 Protection Mechanism Failure Firewall Bypass Vulnerability

This vulnerability allows a firewall bypass on affected installations of TP-Link Archer A7 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of IPv6 connections. The issue results from the lack of proper filtering of IPv6 SS...

8.1CVSS1.4AI score0.04105EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/03/12 12:0 a.m.•36 views

(Pwn2Own) Xiaomi Mi9 Browser manualUpgradeInfo Improper Control of Generation of Code Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Xiaomi Mi9 Browser. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing ...

8.8CVSS3.9AI score0.01477EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/02/11 12:0 a.m.•36 views

Foxit Reader Annotations AcroForm Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of form...

7.8CVSS4.9AI score0.06078EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/02/07 12:0 a.m.•36 views

Google Android V4l2 cam_actuator_driver_cmd Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Google Android. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS3.9AI score0.00282EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/02/03 12:0 a.m.•36 views

Adobe Acrobat Pro DC TTF Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processin...

7.8CVSS3.9AI score0.34676EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2020/01/15 12:0 a.m.•36 views

Microsoft Office Graph Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Graph COM...

7.8CVSS3.9AI score0.16962EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/01/03 12:0 a.m.•36 views

Cisco Data Center Network Manager SecurityManager Hard-coded Cryptographic Key Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Cisco Data Center Network Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the validation of SSO tokens of SOAP packets. The issue results from th...

9.8CVSS1.7AI score0.92835EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2019/12/23 12:0 a.m.•36 views

D-Link DCS-960L HNAP SOAPAction Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of D-Link DCS-960L. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP service, which listens on TCP port 80 by default. When parsing the SOAPAction...

8.8CVSS5.2AI score0.09532EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/11/13 12:0 a.m.•36 views

Microsoft Windows IP Helper Service Hard Link Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

5.3CVSS3.4AI score0.02076EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/11/13 12:0 a.m.•36 views

Microsoft Windows Kernel Type 1 Font Processing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling ...

8.4CVSS2.9AI score0.0159EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/10/30 12:0 a.m.•36 views

Jenkins iceScrum Cleartext Storage of Credentials Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Jenkins iceScrum. Authentication is required to exploit this vulnerability. The specific flaw exists within the iceScrum plugin. The issue results from storing credentials in plaintext. An...

3.3CVSS1.9AI score0.01634EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/10/25 12:0 a.m.•36 views

Apple Safari FrameDestructionObserver Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

5CVSS1.9AI score0.01892EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/09/17 12:0 a.m.•36 views

Advantech WebAccess Node cnvlgxtag Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within cnvlgxtag.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs...

9.8CVSS3.5AI score0.02123EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/09/10 12:0 a.m.•36 views

Microsoft Windows AppX Deployment Service Junction Arbitrary File Deletion Vulnerability

This vulnerability allows local attackers to delete arbitrary files on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppX...

6.1CVSS5.2AI score0.11616EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2019/09/05 12:0 a.m.•36 views

Red Lion Crimson Hard-coded Cryptographic Key Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Red Lion Crimson. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CTextStreamMemory class. The class contains hard-coded secrets in clear tex...

6.5CVSS1.8AI score0.0133EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/08/19 12:0 a.m.•36 views

Fuji Electric Alpha5 PLD File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Alpha5. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

7.8CVSS5.5AI score0.02947EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/08/16 12:0 a.m.•36 views

Microsoft Windows jscript9 RegExp.input Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way the JIT...

7.5CVSS3.1AI score0.05738EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/22 12:0 a.m.•36 views

Oracle VirtualBox WINED3DSIH_TEX Opcode Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the handlin...

8.2CVSS3.6AI score0.00471EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/10 12:0 a.m.•36 views

Microsoft Windows gdiplus Font Parsing Integer Overflow Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.4AI score0.01742EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/05/30 12:0 a.m.•36 views

Hewlett Packard Enterprise Intelligent Management Center devSoftSel Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

8.8CVSS3AI score0.0364EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/05/30 12:0 a.m.•36 views

Apple Safari FontFace Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

5CVSS1.9AI score0.01826EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/04/15 12:0 a.m.•36 views

(Pwn2Own) Mozilla Firefox Array.slice Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementati...

8.8CVSS2.8AI score0.29514EPSS
Exploits9References1
Total number of security vulnerabilities5000