Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2021/02/10 12:0 a.m.•35 views

Adobe Illustrator CDR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Illustrator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of C...

7.8CVSS4.6AI score0.03821EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/10 12:0 a.m.•35 views

Microsoft Windows Camera Codec Pack Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS3.6AI score0.03159EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/10 12:0 a.m.•35 views

Adobe Acrobat Reader DC Annotation getAnnots Method Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS2.4AI score0.03977EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/04 12:0 a.m.•35 views

Apple macOS ModelIO USD Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the ModelIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the ModelIO...

7.8CVSS5.5AI score0.01084EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/01 12:0 a.m.•35 views

Schneider Electric IGSS CGF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.1AI score0.01585EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/29 12:0 a.m.•35 views

Schneider Electric IGSS CGF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.1AI score0.02395EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/29 12:0 a.m.•35 views

Trend Micro Apex One Improper Access Control Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex One. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web console, which listens on TCP port 4343 by default. The issue resul...

5.3CVSS1.2AI score0.02067EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/14 12:0 a.m.•35 views

Microsoft Word DOC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DOC...

7.8CVSS4.2AI score0.03614EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/14 12:0 a.m.•35 views

Siemens JT2Go JT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JT...

7.8CVSS5.5AI score0.03281EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/14 12:0 a.m.•35 views

Microsoft Windows InstallService Directory Junction Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

6.1CVSS4.7AI score0.0081EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/12 12:0 a.m.•35 views

SAP 3D Visual Enterprise Viewer DIB File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS5.7AI score0.01199EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/12/21 12:0 a.m.•35 views

NETGEAR Multiple Routers mini_httpd Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers. Although authentication is required to exploit...

6.8CVSS2.9AI score0.02344EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/12/08 12:0 a.m.•35 views

Apple macOS Kernel Command 0x10005 Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppleIntelKBLGraphic...

7.8CVSS4.5AI score0.00578EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/12/04 12:0 a.m.•35 views

Apple macOS powerd Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the powerd...

5.5CVSS5.8AI score0.00387EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/11/22 12:0 a.m.•35 views

Trend Micro Apex One Improper Access Control Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex One. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web console, which listens on TCP port 4343 by default. The issue resul...

5.3CVSS1.2AI score0.03206EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/28 12:0 a.m.•35 views

Foxit Studio Photo CR2 File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS4.1AI score0.03534EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/28 12:0 a.m.•35 views

Foxit Studio Photo EZI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS4.5AI score0.0372EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/28 12:0 a.m.•35 views

Micro Focus Operations Bridge Manager PackageFacadeForGui Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS3.6AI score0.7699EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/28 12:0 a.m.•35 views

Micro Focus Operations Bridge Manager ServiceDiscoveryService Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS3.8AI score0.7699EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/25 12:0 a.m.•35 views

Trend Micro Apex One Authentication Bypass Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the ApexOne...

7.8CVSS5AI score0.00482EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/15 12:0 a.m.•35 views

VMware Workstation ThinPrint TTCHeader Integer Overflow Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6.5CVSS3.8AI score0.00324EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/18 12:0 a.m.•35 views

Parallels Desktop VGA Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive informations on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6CVSS2.9AI score0.00553EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/10 12:0 a.m.•35 views

Delta Industrial Automation TPEditor TPE File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation TPEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

7.8CVSS5.8AI score0.02248EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/22 12:0 a.m.•35 views

Adobe Photoshop MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

7.8CVSS4.1AI score0.03482EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/22 12:0 a.m.•35 views

Adobe Prelude MOV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Prelude. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

3.3CVSS2.8AI score0.04848EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/20 12:0 a.m.•35 views

Oracle VirtualBox BusLogicSCSI Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

5.3CVSS2.8AI score0.00538EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/20 12:0 a.m.•35 views

Oracle VirtualBox LsiLogicSCSI Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

7.5CVSS3.7AI score0.00547EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/16 12:0 a.m.•35 views

Advantech iView NetworkServlet SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetworkServlet servlet. The issue results from the lack of proper validation of a...

9.8CVSS2.6AI score0.04922EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/08 12:0 a.m.•35 views

Veeam ONE SSRSReport GetCustomElementText XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Veeam ONE. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSRSReport class. Due to the improper restriction of XML External Entity XXE...

7.5CVSS2.4AI score0.09402EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/07 12:0 a.m.•35 views

C-MORE HMI EA9 Weak Cryptography for Passwords Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of C-MORE HMI EA9 touch screen panels. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of passwords. When transmitting passwords, the...

5.9CVSS0.1AI score0.01591EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/07/07 12:0 a.m.•35 views

C-MORE HMI EA9 EA-HTTP Improper Input Validation Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of C-More HMI EA9 touch screen panels. Authentication is not required to exploit this vulnerability. The specific flaw exists within the EA-HTTP.exe process. The issue results from the lac...

7.5CVSS0.7AI score0.03674EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/06/25 12:0 a.m.•35 views

(0Day) CentOS Web Panel ajax_list_accounts status SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxlistaccounts.php. When parsing the status parameter, the process does not...

7.5CVSS2.2AI score0.0383EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/06/25 12:0 a.m.•35 views

(0Day) CentOS Web Panel ajax_crons user Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxcrons.php. When parsing the user parameter, the process does not properly validate ...

9.8CVSS5.8AI score0.08411EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/06/09 12:0 a.m.•35 views

Microsoft Windows Media Player mpg2splt Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows Media Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS4.6AI score0.05928EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/19 12:0 a.m.•35 views

(0Day) Microsoft Windows splwow64 Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the user-mode...

7CVSS4.3AI score0.00821EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/05/12 12:0 a.m.•35 views

Microsoft Windows JET Database Engine Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database...

7.8CVSS3.7AI score0.10889EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•35 views

Advantech WebAccess/SCADA DrawSrv IOCTL 0x0000277d Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of IOCTL 0x0000277d in DrawSrv.dll. The issue results fro...

9.8CVSS4.2AI score0.02312EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•35 views

Foxit PhantomPDF DuplicatePages Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of t...

7.8CVSS2.1AI score0.04689EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•35 views

Oracle VirtualBox VBoxVGA VBoxVHWASurfaceBase Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the VBoxVGA...

8.2CVSS3.6AI score0.00576EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•35 views

Oracle Business Intelligence AMF Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle Business Intelligence. Authentication is not required to exploit this vulnerability. The specific flaw exists within BIRemotingServlet. The issue results from the lack of proper validation of...

9.8CVSS4.2AI score0.71031EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•35 views

Eaton HMiSoft VU3 File Parsing LinkSize Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Eaton HMiSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS4.5AI score0.00805EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•35 views

Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database...

7.8CVSS4AI score0.11685EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•35 views

Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database...

7.8CVSS4.1AI score0.11685EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/03/25 12:0 a.m.•35 views

(Pwn2Own) TP-Link Archer A7 DNS Response Improper Input Validation Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS responses. The issue results from the lack of prope...

8.1CVSS3.7AI score0.07219EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/03/18 12:0 a.m.•35 views

Foxit Studio Photo TIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS4.8AI score0.04973EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/02/04 12:0 a.m.•35 views

(0Day) Hewlett Packard Enterprise Intelligent Management Center wmiConfigContent Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

8.8CVSS3AI score0.03213EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/02/03 12:0 a.m.•35 views

Adobe Acrobat Pro DC TTF Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processin...

7.8CVSS3.9AI score0.34676EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2019/11/13 12:0 a.m.•35 views

Microsoft Windows Kernel Type 1 Font Processing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling ...

8.4CVSS2.9AI score0.0159EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/10/22 12:0 a.m.•35 views

Foxit PhantomPDF ListBox Field Keystroke Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

7.8CVSS2.3AI score0.06261EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/10/22 12:0 a.m.•35 views

Foxit Studio Photo JPEG Batch Processing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.2AI score0.08158EPSS
Exploits0References1
Total number of security vulnerabilities5000