Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2023/05/10 12:0 a.m.•35 views

Adobe Substance 3D Painter PLY File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Substance 3D Painter. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

3.3CVSS5.8AI score0.00345EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/04 12:0 a.m.•35 views

D-Link DAP-1360 Multiple Parameters Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /cgi-bin/webproc endpoint. When parsing the errorpage and nextpage...

8.8CVSS7.4AI score0.01101EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/01 12:0 a.m.•35 views

Foxit PDF Editor XLS File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XL...

7.8CVSS6.9AI score0.00538EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/04/24 12:0 a.m.•35 views

Microsoft Excel 3MF File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3MF...

7.8CVSS7.7AI score0.00784EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/04/14 12:0 a.m.•35 views

(Pwn2Own) Sonos One Speaker msprox Endpoint Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos One Speaker. Authentication is not required to exploit this vulnerability. The specific flaw exists within the msprox endpoint. The issue results from the lack of proper...

5.4CVSS6.1AI score0.0063EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/03/31 12:0 a.m.•35 views

Microsoft 3D Builder GLTF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS6.7AI score0.00939EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/03/07 12:0 a.m.•35 views

Omron CX-One CXP File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CXP...

7.8CVSS5.2AI score0.00564EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/02/24 12:0 a.m.•35 views

Oracle WebRTC Session Controller parseCert Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle WebRTC Session Controller. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parseCert function. The issue results from the lack of proper...

9.8CVSS9.2AI score0.00839EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/02/24 12:0 a.m.•35 views

Microsoft Windows Media Player Color Conversion Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows Media Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS8.6AI score0.00642EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/01/18 12:0 a.m.•35 views

Delta Electronics InfraSuite Device Master ExeCommandInCommandLineMode Exposed Dangerous Function Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics InfraSuite Device Master. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within t...

8.8CVSS3.6AI score0.01242EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/11/22 12:0 a.m.•35 views

Microsoft Exchange PstStatusLog Exposed Dangerous Function Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the PstStatusLog class. The issue results from the exposure of a dangerous...

7.6CVSS1.9AI score0.99964EPSS
Exploits11References1
Zero Day Initiative
Zero Day Initiative
•added 2022/11/22 12:0 a.m.•35 views

Microsoft Exchange StreamWriterWrapper Exposed Dangerous Function Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the StreamWriterWrapper class. The issue results from the exposure of a...

7.6CVSS1.6AI score0.99964EPSS
Exploits11References1
Zero Day Initiative
Zero Day Initiative
•added 2022/11/22 12:0 a.m.•35 views

Microsoft Exchange FormattedTextWriterTraceListener Exposed Dangerous Function Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the FormattedTextWriterTraceListener class. The issue results from the...

7.1CVSS1.4AI score0.99964EPSS
Exploits11References1
Zero Day Initiative
Zero Day Initiative
•added 2022/11/22 12:0 a.m.•35 views

Microsoft Exchange MsiDatabase Exposed Dangerous Function Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the MsiDatabase class. The issue results from the exposure of a dangerous functio...

4.3CVSS0.9AI score0.99964EPSS
Exploits11References1
Zero Day Initiative
Zero Day Initiative
•added 2022/11/22 12:0 a.m.•35 views

Microsoft Exchange RecipientProvisioningDefinition External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the RecipientProvisioningDefinition class. Due to the improper restriction of XML...

7.1CVSS1.9AI score0.99964EPSS
Exploits11References1
Zero Day Initiative
Zero Day Initiative
•added 2022/11/21 12:0 a.m.•35 views

TP-Link TL-WR940N httpd Incorrect Implementation of Authentication Algorithm Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR940N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default...

6.5CVSS0.5AI score0.00587EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/11/21 12:0 a.m.•35 views

Microsoft Excel FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX...

7.8CVSS5.7AI score0.00804EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/11/03 12:0 a.m.•35 views

D-Link DIR-1935 SetWebFilterSetting WebFilterURLs Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handli...

6.8CVSS3.5AI score0.01085EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/11/03 12:0 a.m.•35 views

D-Link DIR-1935 SetSysEmailSettings Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handli...

6.8CVSS3.3AI score0.01085EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/11/03 12:0 a.m.•35 views

D-Link DIR-1935 HNAP_AUTH Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of Login requests to the web management portal. When...

8.8CVSS5.1AI score0.01006EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/17 12:0 a.m.•35 views

Microsoft Exchange PowerShell Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the PowerShell endpoint. The issue results from the lack of proper validation of...

8.8CVSS6AI score0.99964EPSS
Exploits11References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/14 12:0 a.m.•35 views

Adobe ColdFusion Application Server Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe ColdFusion. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Application Server endpoint, which listens on TCP port 8500 by default. The issue...

8.1CVSS4.7AI score0.80023EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/04 12:0 a.m.•35 views

Apache Batik DefaultExternalResourceSecurity Server-Side Request Forgery Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apache Batik. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

7.5CVSS2.8AI score0.02017EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/09/23 12:0 a.m.•35 views

Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Deep Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Trend...

7.8CVSS5.5AI score0.00209EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/09/14 12:0 a.m.•35 views

D-Link DIR-2150 anweb action_handler Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected D-Link DIR-2150 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the anweb service, which listens on TCP ports 80 and 443 by default. The issue results...

8.8CVSS5.2AI score0.00623EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/23 12:0 a.m.•35 views

(Pwn2Own) Softing Secure Integration Server wbemcomn Uncontrolled Search Path Element Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Softing Secure Integration Server. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.2CVSS3.9AI score0.09501EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/23 12:0 a.m.•35 views

AVEVA Edge LoadImportedLibraries XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of AVEVA Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5.5CVSS2.9AI score0.13681EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/23 12:0 a.m.•35 views

(Pwn2Own) AVEVA Edge SetBytesToManagedControl Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of APP file...

7.8CVSS5.5AI score0.17157EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/23 12:0 a.m.•35 views

Apple macOS AppleScript TASUnparser_PrintObject Untrusted Pointer Dereference Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within a function in...

3.3CVSS1.9AI score0.01013EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/18 12:0 a.m.•35 views

Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Illustrator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5.2AI score0.00354EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/05 12:0 a.m.•35 views

OPC Foundation UA .NET Standard BrowseRequest Missing Authentication Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of OPC Foundation UA .NET Standard. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of OPC UA BrowseRequests. The issue results from th...

5.3CVSS1.7AI score0.01028EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/08/03 12:0 a.m.•35 views

ICONICS GENESIS64 GraphWorX64 TDFX File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of ICONICS GENESIS64. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5.4AI score0.00322EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/07/15 12:0 a.m.•35 views

Microsoft Windows win32kfull UMPDDrvStartBanding Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull...

8.8CVSS5.6AI score0.09415EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/07/13 12:0 a.m.•35 views

Adobe Acrobat Reader DC PDF Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.8AI score0.06063EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/07/12 12:0 a.m.•35 views

X.Org Server ProcXkbSetDeviceInfo Out-Of-Bounds Access Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

7.8CVSS3.9AI score0.00573EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/06/30 12:0 a.m.•35 views

Parallels Desktop Updater Incorrect Permission Assignment Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the update...

7.8CVSS4.5AI score0.00277EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/06/16 12:0 a.m.•35 views

SAP 3D Visual Enterprise Viewer JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS4.7AI score0.00972EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/05/26 12:0 a.m.•35 views

Trend Micro Maximum Security Link Following Arbitrary File Deletion Vulnerability

This vulnerability allows local attackers to delete arbitrary files on affected installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

6.1CVSS4.5AI score0.00435EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/05/26 12:0 a.m.•35 views

Ivanti Avalanche Web File Server Service Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Web File Server service...

9.8CVSS3.9AI score0.84454EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/04/12 12:0 a.m.•35 views

Bentley MicroStation CONNECT IFC File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.8AI score0.00897EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/04/08 12:0 a.m.•35 views

Rockwell Automation Connected Components Workbench CCWARC File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation Connected Components Workbench. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fl...

7.8CVSS4.7AI score0.11368EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/04/05 12:0 a.m.•35 views

Autodesk Navisworks Manage DWFX File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks Manage. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.6AI score0.0062EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/03/09 12:0 a.m.•35 views

Microsoft Windows CLFS Integer Overflow Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

4.2CVSS6.6AI score0.01054EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/03/07 12:0 a.m.•35 views

Autodesk AutoCAD DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DW...

7.8CVSS5AI score0.01463EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/22 12:0 a.m.•35 views

(Pwn2Own) Cisco RV340 NGINX sessionid Directory Traversal Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Cisco RV340 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the NGINX web server. When parsing the sessionid cooki...

8.8CVSS8.3AI score0.80031EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/16 12:0 a.m.•35 views

Apple macOS ModelIO ABC File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the ModelIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the ModelIO...

7.8CVSS6.6AI score0.01568EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/16 12:0 a.m.•35 views

Apple macOS CoreGraphics PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the CoreGraphics library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within t...

3.3CVSS4.1AI score0.01425EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/11 12:0 a.m.•35 views

Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.6AI score0.01564EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/11 12:0 a.m.•35 views

Schneider Electric IGSS Out-Of-Bounds Read Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IGSSDataServer process, which listens on TCP port 12401 by...

7.5CVSS7.3AI score0.19255EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2022/01/13 12:0 a.m.•35 views

Microsoft Windows Storage Spaces Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

5.6CVSS6.8AI score0.02894EPSS
Exploits1References1
Total number of security vulnerabilities5000