Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•36 views

Oracle E-Business Suite Human Resources Organization Hierarchy Viewer PosServer SQL Injection Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Oracle E-Business Suite Human Resources. Authentication is required to exploit this vulnerability. The specific flaw exists within the Organization Hierarchy Viewer. The issue results from the lack of...

8.1CVSS2AI score0.01956EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•36 views

Oracle VirtualBox VBoxVGA VBoxVHWASurfaceBase Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the VBoxVGA...

8.2CVSS3.6AI score0.00576EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•36 views

Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database...

7.8CVSS4.1AI score0.11685EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•36 views

Microsoft Windows Palette Object Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

8.8CVSS4.3AI score0.00856EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/03/31 12:0 a.m.•36 views

IBM Spectrum Protect Plus plugin Directory Traversal File Creation Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of IBM Spectrum Protect Plus. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Administrative Console Framework service. The issue results from the lack ...

6.5CVSS3.1AI score0.01919EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/03/25 12:0 a.m.•36 views

(Pwn2Own) TP-Link Archer A7 Protection Mechanism Failure Firewall Bypass Vulnerability

This vulnerability allows a firewall bypass on affected installations of TP-Link Archer A7 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of IPv6 connections. The issue results from the lack of proper filtering of IPv6 SS...

8.1CVSS1.4AI score0.04105EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/03/12 12:0 a.m.•36 views

(Pwn2Own) Xiaomi Mi9 Browser manualUpgradeInfo Improper Control of Generation of Code Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Xiaomi Mi9 Browser. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing ...

8.8CVSS3.9AI score0.01477EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/02/11 12:0 a.m.•36 views

Foxit Reader Annotations AcroForm Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of form...

7.8CVSS4.9AI score0.06078EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/02/07 12:0 a.m.•36 views

Google Android V4l2 cam_actuator_driver_cmd Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Google Android. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS3.9AI score0.00282EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/01/15 12:0 a.m.•36 views

Microsoft Office Graph Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Graph COM...

7.8CVSS3.9AI score0.16962EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/01/03 12:0 a.m.•36 views

Cisco Data Center Network Manager SecurityManager Hard-coded Cryptographic Key Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Cisco Data Center Network Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the validation of SSO tokens of SOAP packets. The issue results from th...

9.8CVSS1.7AI score0.92835EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2019/12/23 12:0 a.m.•36 views

D-Link DCS-960L HNAP SOAPAction Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of D-Link DCS-960L. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP service, which listens on TCP port 80 by default. When parsing the SOAPAction...

8.8CVSS5.2AI score0.09532EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/12/11 12:0 a.m.•36 views

Microsoft Windows AppX Deployment Service Hard Link Escalation of Privilege Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppX Deploymen...

7CVSS5.4AI score0.01751EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/11/13 12:0 a.m.•36 views

Microsoft Windows IP Helper Service Hard Link Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

5.3CVSS3.4AI score0.02076EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/11/13 12:0 a.m.•36 views

Microsoft Windows Kernel Type 1 Font Processing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling ...

8.4CVSS2.9AI score0.0159EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/09/17 12:0 a.m.•36 views

Advantech WebAccess Node cnvlgxtag Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within cnvlgxtag.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs...

9.8CVSS3.5AI score0.02123EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/09/10 12:0 a.m.•36 views

Microsoft Windows AppX Deployment Service Junction Arbitrary File Deletion Vulnerability

This vulnerability allows local attackers to delete arbitrary files on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppX...

6.1CVSS5.2AI score0.11616EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2019/08/27 12:0 a.m.•36 views

Apple Safari Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS4.1AI score0.04053EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2019/08/19 12:0 a.m.•36 views

Fuji Electric Alpha5 PLD File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Alpha5. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

7.8CVSS5.5AI score0.02947EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/08/16 12:0 a.m.•36 views

Delta Industrial Automation DOPSoft DPA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected instances of Delta Industrial Automation DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS5.1AI score0.0385EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/08/16 12:0 a.m.•36 views

Microsoft Windows jscript9 RegExp.input Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way the JIT...

7.5CVSS3.1AI score0.05738EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/08/13 12:0 a.m.•36 views

Microsoft Windows JET Database Engine Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET...

2.5CVSS1.6AI score0.04321EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/08/13 12:0 a.m.•36 views

Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database...

7CVSS4AI score0.04477EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/22 12:0 a.m.•36 views

Oracle VirtualBox WINED3DSIH_TEX Opcode Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the handlin...

8.2CVSS3.6AI score0.00471EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/10 12:0 a.m.•36 views

Microsoft Windows gdiplus Font Parsing Integer Overflow Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.4AI score0.01742EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/05/30 12:0 a.m.•36 views

Hewlett Packard Enterprise Intelligent Management Center devSoftSel Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

8.8CVSS3AI score0.0364EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/05/30 12:0 a.m.•36 views

Apple Safari FontFace Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

5CVSS1.9AI score0.01826EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/04/15 12:0 a.m.•36 views

(Pwn2Own) Mozilla Firefox Array.slice Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementati...

8.8CVSS2.8AI score0.29514EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2019/02/12 12:0 a.m.•36 views

Microsoft Access Database Engine ACEEXCL Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Access Database Engine. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when...

7.8CVSS3AI score0.18414EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/02/12 12:0 a.m.•36 views

Microsoft Chakra JavaScript Loop Type Confusion Vulnerability

This vulnerability allows remote attackers to produce abnormal program execution on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5CVSS1.7AI score0.19784EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/02/12 12:0 a.m.•36 views

Microsoft HID Driver Out-of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists in the hidparse.sy...

6.6CVSS2.1AI score0.0185EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/01/09 12:0 a.m.•36 views

Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET databa...

7CVSS3.8AI score0.13596EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/01/04 12:0 a.m.•36 views

Adobe Acrobat Pro DC Preflight setDefaultLibrary Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

8.2CVSS2.4AI score0.08414EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/12/10 12:0 a.m.•36 views

Apple macOS shm Uninitialized Data Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handlin...

5.5CVSS2.9AI score0.03092EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2018/11/21 12:0 a.m.•36 views

OMRON CX-Supervisor SCS File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processi...

7.8CVSS3.4AI score0.00348EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/11/05 12:0 a.m.•36 views

Apple macOS nsurlstoraged Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handlin...

1.9CVSS2.2AI score0.019EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/30 12:0 a.m.•36 views

Apple Safari WebCrypto Race Condition Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS1.8AI score0.01704EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/19 12:0 a.m.•36 views

Trend Micro Anti-Virus KERedirect Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Trend Micro Anti-Virus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

6.9CVSS3.7AI score0.00556EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/11 12:0 a.m.•36 views

Foxit PhantomPDF HTML2PDF HTML Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion ...

7.8CVSS3.1AI score0.03855EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/11 12:0 a.m.•36 views

Foxit Reader TextBox Validate Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

7.8CVSS1.8AI score0.03918EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/10 12:0 a.m.•36 views

Microsoft Internet Explorer WebCrypto importKey Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

5CVSS1.1AI score0.13131EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/09/21 12:0 a.m.•36 views

Cisco WebEx Network Recording Player NMVC RtpConfig Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Network Recording Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

5.1CVSS5.2AI score0.02015EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/09/20 12:0 a.m.•36 views

(0Day) Microsoft Windows Jet Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the management...

6.8CVSS3.3AI score0.32705EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2018/09/14 12:0 a.m.•36 views

Microsoft Internet Explorer Table Row NULL Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS3.2AI score0.12895EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/08/30 12:0 a.m.•36 views

Hewlett Packard Enterprise Intelligent Management Center TFTP deleteBaseCfgfile Directory Traversal Arbitrary File Deletion Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the TFTP server. The issue results from the...

5CVSS3.3AI score0.52749EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/08/14 12:0 a.m.•36 views

Crestron Multiple Products CTP Console FPUTFILE Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Crestron's Android-based products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FPUTFILE command of the CTP console. The issue results from the...

9.3CVSS2.8AI score0.07577EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/07/26 12:0 a.m.•36 views

(Pwn2Own) Oracle Virtualbox HGCM Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

4.7CVSS2.2AI score0.00462EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2018/07/19 12:0 a.m.•36 views

Foxit Reader exportAsFDF Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

6.8CVSS1.8AI score0.02773EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/07/18 12:0 a.m.•36 views

Oracle VirtualBox SHCRGL_GUEST_FN_WRITE_READ_BUFFERED Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

4.7CVSS3.7AI score0.0058EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/07/10 12:0 a.m.•36 views

Apple Safari HTMLFormElement Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within HTML forms. The iss...

6.8CVSS1.1AI score0.01976EPSS
Exploits0References1
Total number of security vulnerabilities5000