Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•35 views

Oracle Business Intelligence AMF Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle Business Intelligence. Authentication is not required to exploit this vulnerability. The specific flaw exists within BIRemotingServlet. The issue results from the lack of proper validation of...

9.8CVSS4.2AI score0.71031EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•35 views

Foxit PhantomPDF DuplicatePages Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of t...

7.8CVSS2.1AI score0.04689EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•35 views

Eaton HMiSoft VU3 File Parsing LinkSize Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Eaton HMiSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS4.5AI score0.00805EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•35 views

Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database...

7.8CVSS4AI score0.11685EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/03/25 12:0 a.m.•35 views

(Pwn2Own) TP-Link Archer A7 DNS Response Improper Input Validation Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS responses. The issue results from the lack of prope...

8.1CVSS3.7AI score0.07219EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/03/18 12:0 a.m.•35 views

Foxit Studio Photo TIF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS4.8AI score0.04973EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/02/12 12:0 a.m.•35 views

Adobe FrameMaker PCX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe FrameMaker. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PC...

7.8CVSS5AI score0.0391EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/02/04 12:0 a.m.•35 views

(0Day) Hewlett Packard Enterprise Intelligent Management Center wmiConfigContent Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

8.8CVSS3AI score0.03213EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/02/03 12:0 a.m.•35 views

Adobe Acrobat Pro DC TTF Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processin...

7.8CVSS3.9AI score0.34676EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2019/10/22 12:0 a.m.•35 views

Foxit PhantomPDF ListBox Field Keystroke Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

7.8CVSS2.3AI score0.06261EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/10/22 12:0 a.m.•35 views

Foxit Studio Photo JPEG Batch Processing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.2AI score0.08158EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/09/11 12:0 a.m.•35 views

Delta Industrial Automation TPEditor TPE File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation TPEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

7.8CVSS5.8AI score0.0143EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/09/10 12:0 a.m.•35 views

Microsoft Azure DevOps Server Markdown Indexing Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Azure DevOps Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of markdown files during indexing of wiki content. A crafted...

8.3CVSS5.1AI score0.16988EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2019/09/05 12:0 a.m.•35 views

Red Lion Crimson Hard-coded Cryptographic Key Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Red Lion Crimson. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CTextStreamMemory class. The class contains hard-coded secrets in clear tex...

6.5CVSS1.8AI score0.0133EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/08/19 12:0 a.m.•35 views

Adobe Acrobat Pro DC AcroForm setFocus Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AcroForm...

7.8CVSS2.8AI score0.04528EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/05 12:0 a.m.•35 views

Foxit Reader Format String Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processin...

5.5CVSS0.9AI score0.05834EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/06/11 12:0 a.m.•35 views

Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.3AI score0.04314EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/05/15 12:0 a.m.•35 views

Adobe Acrobat Pro DC XFA Template Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

7.8CVSS2.1AI score0.10858EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/03/12 12:0 a.m.•35 views

(0Day) Hewlett Packard Enterprise Intelligent Management Center operatorGroupSelectContent Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

8.8CVSS2.9AI score0.0364EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2019/01/29 12:0 a.m.•35 views

(0Day) Wecon LeviStudioU screendata Desc FigureFile Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...

7.8CVSS5.3AI score0.02109EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2019/01/25 12:0 a.m.•35 views

(Pwn2Own) Apple Safari Global RegExp JIT Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.3CVSS1.7AI score0.01841EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/01/25 12:0 a.m.•35 views

Cisco Webex Teams Cisco Spark URI Handler Remote Command Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webex Cisco Spark. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page. There is an issue with the way the product handles URIs within...

8.8CVSS3.7AI score0.46891EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2019/01/24 12:0 a.m.•35 views

Oracle VirtualBox crUnpackMap2d Integer Overflow Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

3.8CVSS3.8AI score0.00722EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/01/19 12:0 a.m.•35 views

LAquis SCADA Web Server Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of LAquis SCADA Software. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of requested URLs. The issue results from the lack of...

5CVSS1.7AI score0.39487EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/01/17 12:0 a.m.•35 views

Oracle VirtualBox crUnpackExtendGetAttribLocation Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Oracle VirtualBox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5.6CVSS1.1AI score0.01124EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2019/01/09 12:0 a.m.•35 views

Microsoft Windows JET Database Engine Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET databa...

7.8CVSS3.8AI score0.17347EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2018/12/17 12:0 a.m.•35 views

Microsoft Office Excel XLS File Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

3.3CVSS1.3AI score0.1613EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/11/05 12:0 a.m.•35 views

(Pwn2Own) Apple macOS task_set_special_port Port Overwrite Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Mach...

7.2CVSS3.1AI score0.1392EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/30 12:0 a.m.•35 views

Apple macOS WindowServer XRegisterForKey Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the WindowServer...

4.4CVSS5AI score0.0569EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/11 12:0 a.m.•35 views

Foxit Reader TextBox Validate Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

7.8CVSS1.8AI score0.03918EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/11 12:0 a.m.•35 views

Foxit Reader XFA TimeField editValue Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

7.8CVSS1.7AI score0.03918EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/11 12:0 a.m.•35 views

Foxit PhantomPDF richValue Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS1.6AI score0.03855EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/10 12:0 a.m.•35 views

Microsoft Internet Explorer WebCrypto importKey Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

5CVSS1.1AI score0.13131EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/10 12:0 a.m.•35 views

Microsoft Edge Hazardous URI Insufficient UI Warning Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page and perform a UI action. There are multiple issues with the way the...

6.8CVSS2.3AI score0.558EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/10 12:0 a.m.•35 views

Microsoft Windows SMB2 Out-Of-Bounds Access Information Disclosure Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

6.9CVSS3.8AI score0.01801EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/09/28 12:0 a.m.•35 views

Foxit Reader CheckBox onFocus Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS1.7AI score0.03814EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/09/24 12:0 a.m.•35 views

Apple Safari performProxyCall Internal Object Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of pro...

6.8CVSS2.3AI score0.02168EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/09/20 12:0 a.m.•35 views

(0Day) Microsoft Windows Jet Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the management...

6.8CVSS3.3AI score0.32705EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2018/09/17 12:0 a.m.•35 views

Apple macOS AirPort BrcmNIC Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handlin...

4.7CVSS1.9AI score0.01438EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/09/14 12:0 a.m.•35 views

Microsoft Windows Jet Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Jet databa...

5.1CVSS3.7AI score0.2248EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/09/05 12:0 a.m.•35 views

Delta Industrial Automation CNCSoft ScreenEditor DPB File SystemAlarm wMessage Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fl...

9.3CVSS4.8AI score0.09536EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/08/14 12:0 a.m.•35 views

Microsoft Windows Dxgkrnl Type Confusion Privilege Escalation Vulnerability

This vulnerability allows attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

6.9CVSS4.2AI score0.03444EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/07/18 12:0 a.m.•35 views

Oracle VirtualBox SHCRGL_GUEST_FN_WRITE_READ_BUFFERED Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

4.7CVSS3.7AI score0.0058EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/05/18 12:0 a.m.•35 views

Advantech WebAccess Node webvrpcs drawsrv Arbitrary File Deletion Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x2715 IOCTL in the webvrpcs process. The issue...

7.1CVSS1.7AI score0.02215EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/05/18 12:0 a.m.•35 views

Advantech WebAccess Node BWSCADASoap GetUnackAlarmsByPage SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

4CVSS1AI score0.01659EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/05/15 12:0 a.m.•35 views

Adobe Acrobat Pro DC ImageConversion EMF GIF ImageDescriptor Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

6.8CVSS4.6AI score0.15976EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/05/14 12:0 a.m.•35 views

Microsoft Office Excel Formula Record Type Confusion Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

4.3CVSS2.7AI score0.12255EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/05/04 12:0 a.m.•35 views

Trend Micro Encryption for Email Gateway editPolicy hidRuleId SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary SQL statements on vulnerable installations of Trend Micro Encryption of Email Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...

6.5CVSS3.9AI score0.10813EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2018/04/06 12:0 a.m.•35 views

Apple Safari Math floor Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of JIT...

6.8CVSS2AI score0.01921EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/03/07 12:0 a.m.•35 views

Joyent SmartOS DTrace DOF Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DTrace DOF file...

6.9CVSS3.2AI score0.00447EPSS
Exploits0References1
Total number of security vulnerabilities5000