Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2019/07/08 12:0 a.m.•35 views

Microsoft Windows ADODB Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within msado15.dll. B...

5CVSS3.3AI score0.05524EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/05 12:0 a.m.•35 views

Foxit Reader Format String Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processin...

5.5CVSS0.9AI score0.05834EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/04 12:0 a.m.•35 views

Microsoft Windows ADODB Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library...

5CVSS3.5AI score0.05524EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/06/14 12:0 a.m.•35 views

Microsoft Word Table Out-Of-Bounds Access Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

4.5CVSS2.9AI score0.06558EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/06/11 12:0 a.m.•35 views

Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.3AI score0.04314EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/05/30 12:0 a.m.•35 views

Hewlett Packard Enterprise Intelligent Management Center ifViewSelectPage Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

8.8CVSS2.9AI score0.0364EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/05/30 12:0 a.m.•35 views

Apple Safari createRenderers Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the createRenderers...

5CVSS4.6AI score0.01797EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/05/15 12:0 a.m.•35 views

Microsoft Chakra Exception Handling Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

8.8CVSS2AI score0.09215EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/05/15 12:0 a.m.•35 views

Adobe Acrobat Pro DC XFA Template Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

7.8CVSS2.1AI score0.10858EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/04/17 12:0 a.m.•35 views

(Pwn2Own) VMware Workstation UHCI Out-Of-Bounds Access Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing ...

7.8CVSS3.9AI score0.00792EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/04/17 12:0 a.m.•35 views

Oracle VirtualBox crServerDispatchGetMaterialiv Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6.5CVSS2.5AI score0.00533EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/04/15 12:0 a.m.•35 views

Adobe Acrobat Pro DC JOBOPTIONS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS1.8AI score0.12098EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/03/12 12:0 a.m.•35 views

(0Day) Hewlett Packard Enterprise Intelligent Management Center operatorGroupSelectContent Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

8.8CVSS2.9AI score0.0364EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2019/02/12 12:0 a.m.•35 views

Microsoft Windows gdiplus DoStretchBlt Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.5AI score0.07708EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/01/29 12:0 a.m.•35 views

(0Day) Wecon LeviStudioU screendata Desc FigureFile Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...

7.8CVSS5.3AI score0.02109EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2019/01/25 12:0 a.m.•35 views

(Pwn2Own) Apple Safari Global RegExp JIT Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.3CVSS1.7AI score0.01841EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/01/25 12:0 a.m.•35 views

Cisco Webex Teams Cisco Spark URI Handler Remote Command Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webex Cisco Spark. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page. There is an issue with the way the product handles URIs within...

8.8CVSS3.7AI score0.46891EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2019/01/24 12:0 a.m.•35 views

Oracle VirtualBox crUnpackMap2d Integer Overflow Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

3.8CVSS3.8AI score0.00722EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/01/19 12:0 a.m.•35 views

LAquis SCADA Web Server Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of LAquis SCADA Software. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of requested URLs. The issue results from the lack of...

5CVSS1.7AI score0.39487EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/01/17 12:0 a.m.•35 views

Oracle VirtualBox crUnpackExtendGetAttribLocation Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Oracle VirtualBox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5.6CVSS1.1AI score0.01124EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2019/01/09 12:0 a.m.•35 views

Microsoft Windows JET Database Engine Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET databa...

7.8CVSS3.8AI score0.17347EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2018/12/19 12:0 a.m.•35 views

Microsoft Windows gdiplus bParseWin32Metafile Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.6AI score0.06874EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/12/17 12:0 a.m.•35 views

Microsoft Office Excel XLS File Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

3.3CVSS1.3AI score0.1613EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/12/14 12:0 a.m.•35 views

Schneider Electric GUIcon GD1 File Parsing Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Schneider Electric GUIcon. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4.2AI score0.0114EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/11/05 12:0 a.m.•35 views

(Pwn2Own) Apple macOS task_set_special_port Port Overwrite Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Mach...

7.2CVSS3.1AI score0.1392EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/30 12:0 a.m.•35 views

Apple macOS WindowServer XRegisterForKey Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the WindowServer...

4.4CVSS5AI score0.0569EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/25 12:0 a.m.•35 views

Saga Radio SAGA1-L8B Remote Controller Forced-Pairing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to issue commands on vulnerable installations of Saga Radio equipment. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of communication between the transmitter and receiver. By sending a crafte...

7.5CVSS2.8AI score0.00726EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/19 12:0 a.m.•35 views

Trend Micro Anti-Virus ctl_set KERedirect Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Trend Micro Anti-Virus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the functio...

6.9CVSS3.9AI score0.00556EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/17 12:0 a.m.•35 views

OMRON CX-Supervisor SCS File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling...

6.8CVSS2.8AI score0.01627EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/11 12:0 a.m.•35 views

Foxit Reader XFA TimeField editValue Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

7.8CVSS1.7AI score0.03918EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/11 12:0 a.m.•35 views

Foxit PhantomPDF richValue Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS1.6AI score0.03855EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/10 12:0 a.m.•35 views

Microsoft Windows SMB2 Out-Of-Bounds Access Information Disclosure Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

6.9CVSS3.8AI score0.01801EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/10 12:0 a.m.•35 views

Microsoft Edge Hazardous URI Insufficient UI Warning Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page and perform a UI action. There are multiple issues with the way the...

6.8CVSS2.3AI score0.558EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2018/09/28 12:0 a.m.•35 views

Foxit Reader CheckBox onFocus Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS1.7AI score0.03814EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/09/17 12:0 a.m.•35 views

Apple macOS AirPort BrcmNIC Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handlin...

4.7CVSS1.9AI score0.01438EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/09/14 12:0 a.m.•35 views

Microsoft Windows Jet Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Jet databa...

5.1CVSS3.7AI score0.2248EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/09/05 12:0 a.m.•35 views

Delta Industrial Automation CNCSoft ScreenEditor DPB File SystemAlarm wMessage Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fl...

9.3CVSS4.8AI score0.09536EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/08/14 12:0 a.m.•35 views

Microsoft Windows Dxgkrnl Type Confusion Privilege Escalation Vulnerability

This vulnerability allows attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

6.9CVSS4.2AI score0.03444EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/05/15 12:0 a.m.•35 views

Adobe Acrobat Pro DC ImageConversion EMF GIF ImageDescriptor Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

6.8CVSS4.6AI score0.15976EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/05/04 12:0 a.m.•35 views

Trend Micro Encryption for Email Gateway editPolicy hidRuleId SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary SQL statements on vulnerable installations of Trend Micro Encryption of Email Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...

6.5CVSS3.9AI score0.10813EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2018/03/07 12:0 a.m.•35 views

Joyent SmartOS DTrace DOF Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DTrace DOF file...

6.9CVSS3.2AI score0.00447EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/02/21 12:0 a.m.•35 views

Microsoft Chakra String Concatenation Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the generation ...

6.8CVSS3.7AI score0.80799EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2018/01/10 12:0 a.m.•35 views

Trend Micro Control Manager TopChannelByTemplate SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

6CVSS9.1AI score0.20222EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/01/10 12:0 a.m.•35 views

Trend Micro Control Manager WebSecuritySummary SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

6CVSS9.1AI score0.49408EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/12/15 12:0 a.m.•35 views

Quest NetVault Backup Server Process Manager Service NVBUBackupTargetSet Get Method SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackupTargetSet Get method requests. The issue results from...

7.5CVSS1.2AI score0.03933EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2017/12/15 12:0 a.m.•35 views

Quest NetVault Backup Server Process Manager Service NVBUTransferHistory Get Method SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUTransferHistory Get method requests. The issue results from...

7.5CVSS1.1AI score0.03933EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2017/12/15 12:0 a.m.•35 views

Quest NetVault Backup Server Process Manager Service NVBUJobHistory Get Method SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUJobHistory Get method requests. The issue results from the...

7.5CVSS1.5AI score0.03933EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2017/12/13 12:0 a.m.•35 views

NetGain Systems Enterprise Manager misc.sample_jsp type Directory Traversal Arbitrary File Deletion Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

9.4CVSS3.1AI score0.03027EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2017/12/13 12:0 a.m.•35 views

NetGain Systems Enterprise Manager db.save_005fimage_jsp id Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to create arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

9.3CVSS4.9AI score0.02558EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2017/11/29 12:0 a.m.•35 views

Trend Micro OfficeScan Proxy Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro OfficeScan. Authentication is required to exploit this vulnerability. The specific flaw exists within the Web Console, which listens on TCP port 4343 by default. When parsing the tr...

9CVSS4.7AI score0.15887EPSS
Exploits1References1
Total number of security vulnerabilities5000