Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2015/09/08 12:0 a.m.•74 views

Moxa SoftCMS IPCam.IPCam_Video_Render_Plugin.1 IVLCControl setStreamRecordData Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Moxa SoftCMS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS8.8AI score0.02797EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/02/24 12:0 a.m.•73 views

Microsoft Exchange MultiValuedProperty Exposed Dangerous Function Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the MultiValuedProperty class. The issue results from the exposure of a dangerous functio...

8.8CVSS8.7AI score0.62104EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/05/09 12:0 a.m.•73 views

Zoom Client Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Zoom Client. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the installer. By creati...

7.8CVSS5.9AI score0.0037EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•73 views

Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.2AI score0.01855EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•73 views

Bentley MicroStation CONNECT DGN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5AI score0.01955EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/25 12:0 a.m.•73 views

Apple macOS AudioCodecs LOAS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the USACBitstreamReade...

7.8CVSS6.6AI score0.00864EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•73 views

Microsoft Visual Studio DDS File Parsing Integer Overflow Remote Code Execution Multiple Vulnerabilities

These vulnerabilities allow remote attackers to execute arbitrary code on affected installations of Microsoft Visual Studio. User interaction is required to exploit these vulnerabilities in that the target must visit a malicious page or open a malicious file. The specific flaws exist within the...

7CVSS6.2AI score0.04285EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/03/12 12:0 a.m.•73 views

Hewlett-Packard POS Keyboard OPOS Drivers OPOSMSR.ocx Open Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard POS Keyboard OPOS Drivers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exis...

6.8CVSS6.9AI score0.10349EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/01/10 12:0 a.m.•73 views

Hewlett-Packard Data Protector Backup Client Service vbda Remote Code Execution Vulnerability

This vulnerability allows remote attackers directory traversal on vulnerable installations of HP OpenView Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service OmniInet.exe. The Backup Client Service listens on TCP por...

10CVSS5.6AI score0.10436EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2013/05/10 12:0 a.m.•73 views

(Pwn2Own) Oracle Java FLV Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of FLV...

9.3CVSS4.8AI score0.09627EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2012/08/29 12:0 a.m.•73 views

EMC ApplicationXtender Desktop Viewer AEXView ActiveX AnnoSave Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC ApplicationXtender. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS4.4AI score0.05424EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/31 12:0 a.m.•72 views

(0Day) Microsoft 3D Viewer FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS6.7AI score0.00643EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/04 12:0 a.m.•72 views

(0Day) Linux Kernel IPv6 RPL Protocol Reachable Assertion Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the RPL protocol. The issue results from the lack of proper...

7.5CVSS6.5AI score0.06127EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/01/18 12:0 a.m.•72 views

Adobe Acrobat Reader DC resetForm Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS7.6AI score0.61475EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2022/12/28 12:0 a.m.•72 views

Microsoft Windows StretchBlt Untrusted Pointer Dereference Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementation...

8.8CVSS5.7AI score0.0105EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/04/04 12:0 a.m.•72 views

(0Day) Array Networks MotionPro Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Array Networks MotionPro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS3.9AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/01/31 12:0 a.m.•72 views

Bentley MicroStation CONNECT 3DS File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4.6AI score0.01961EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/18 12:0 a.m.•72 views

(Pwn2Own) Microsoft Windows storport Integer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the storport.sys...

8.8CVSS5.9AI score0.00865EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/09 12:0 a.m.•72 views

(0Day) Delta Industrial Automation DOPSoft XLS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS4.8AI score0.77892EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/05/03 12:0 a.m.•72 views

Linux Kernel eBPF Improper Input Validation Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBPF...

8.8CVSS3.7AI score0.01754EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/18 12:0 a.m.•72 views

(Pwn2Own) Synology DiskStation Manager iscsi_snapshot_comm_core Race Condition Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows local attackers to execute arbitrary code on affected installations of Synology DS418play. Authentication is not required to exploit this vulnerability. The specific flaw exists within the iscsisnapshotcommcore service. The issue results from the lack of proper locking...

6.3CVSS2AI score0.02176EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/12 12:0 a.m.•72 views

SAP 3D Visual Enterprise Viewer RLE File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS5AI score0.01199EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/12/03 12:0 a.m.•72 views

Apple Safari TextNode Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling ...

4.3CVSS0.7AI score0.01397EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/11/22 12:0 a.m.•72 views

Linux Kernel Performance Counters Race Condition Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the implementation of...

7.8CVSS4.7AI score0.00302EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/12/19 12:0 a.m.•72 views

Apple macOS apfs Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the apfs kernel extensio...

8.8CVSS4.1AI score0.02018EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/27 12:0 a.m.•72 views

Trend Micro OfficeScan tmwfp Memory Corruption Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Trend Micro OfficeScan. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

6.9CVSS2.8AI score0.00668EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/01 12:0 a.m.•72 views

Mitsubishi Electric E-Designer BEModbus Driver Configuration ClockDevice Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mitsubishi Electric E-Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

9.3CVSS9.1AI score0.03636EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/07/31 12:0 a.m.•72 views

Trend Micro InterScan Messaging Security Proxy Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro InterScan Messaging Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...

6.5CVSS4.7AI score0.61777EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/09/08 12:0 a.m.•72 views

Microsoft Internet Explorer ISettingsBroker Sandbox Bypass Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage o...

6.9CVSS6.4AI score0.10714EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/07/18 12:0 a.m.•72 views

Advantech WebAccess webdact.ocx ProjectName Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS6.6AI score0.61384EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
•added 2014/04/11 12:0 a.m.•72 views

(Pwn2Own) Mozilla Firefox Privileged Content Loading Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS9.4AI score0.82339EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2014/04/11 12:0 a.m.•72 views

(Pwn2Own) Google Chrome Directory Traversal Sandbox Escape Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS6.6AI score0.01582EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2023/11/14 12:0 a.m.•71 views

TP-Link TL-WR841N ated_tp Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the atedtp service. The issue results from the lack of proper...

7.5CVSS7.6AI score0.00913EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2023/05/17 12:0 a.m.•71 views

Linux Kernel ksmbd Session Race Condition Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability, but only systems with ksmbd enabled are vulnerable. The specific flaw exists within the processing of SMB2SESSIONSETUP and...

8.1CVSS7.4AI score0.02393EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/02/15 12:0 a.m.•71 views

(Pwn2Own) Lexmark MC3224i Web Configuration File Code Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark MC3224i printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server. The issue results from the lack of proper validation...

8.8CVSS1.9AI score0.06427EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/08 12:0 a.m.•71 views

QNAP NAS Hybrid Backup Missing Authentication for Critical Function Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of QNAP NAS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RTSS server, which listens on TCP port 8899 by default. The issue results from the lack of...

9.8CVSS2.7AI score0.15802EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/07 12:0 a.m.•71 views

(0Day) Autodesk Design Review DWF File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Design Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS5.4AI score0.07734EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/05/20 12:0 a.m.•71 views

Apple macOS ImageIO DDS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

3.3CVSS3.6AI score0.01182EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/05/11 12:0 a.m.•71 views

Cisco RV340 set_snmp usmUserEngineID Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of JSON-RPC requests. When parsing the usmUserEngineID property...

5.5CVSS4.5AI score0.01612EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/19 12:0 a.m.•71 views

Microsoft Outlook HTML Email Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Outlook. User interaction is required to exploit this vulnerability in that the target must open a malicious email or view it in the preview pane. The specific flaw exists within th...

3.7CVSS1.6AI score0.33551EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/07/20 12:0 a.m.•71 views

D-Link DAP-1860 HNAP SOAPAction Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 WiFi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8CVSS3.4AI score0.02942EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/02/12 12:0 a.m.•71 views

Microsoft SharePoint BDC Import Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the Business Data Connectivity Service Application. The issue results from the lack o...

7.2CVSS3.5AI score0.12389EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/12/27 12:0 a.m.•71 views

Apache Groovy MethodClosure Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache Groovy. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on implementation. The specific flaw exists within the handling of...

7.5CVSS5.1AI score0.17239EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2016/10/11 12:0 a.m.•72 views

VMware Horizon View loggerBean Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of VMware Horizon View. Authentication is not required to exploit this vulnerability. The specific flaw exists within the loggerBean service. The loadConfig method does not properly sanitize the path...

5.8CVSS2.8AI score0.04362EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/08/31 12:0 a.m.•71 views

Apache ActiveMQ RestFilter Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache ActiveMQ. Authentication is not required to exploit this vulnerability. The specific flaw exists within ActiveMQ fileserver web application. By issuing specially crafted requests, an attacke...

7.5CVSS9.4AI score0.84408EPSS
Exploits7References1
Zero Day Initiative
Zero Day Initiative
•added 2013/07/26 12:0 a.m.•71 views

(Pwn2Own) Microsoft Windows NtUserMessageCall Privilege Escalation Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

6.9CVSS3.5AI score0.1218EPSS
Exploits8References1
Zero Day Initiative
Zero Day Initiative
•added 2009/08/11 12:0 a.m.•71 views

Microsoft Windows WINS Service Heap Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WINS.exe process which provides name resolution services for NetBIOS networks...

9.3CVSS5.4AI score0.24658EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2005/10/12 12:0 a.m.•71 views

VERITAS NetBackup Remote Code Execution

This vulnerability allows remote attackers to execute arbitrary code on vulnerable NetBackup installations. Authentication is not required to exploit this vulnerability. This specific flaw exists within the bpjava-msvc daemon due to incorrect handling of format string data passed through the...

10CVSS7.3AI score0.60356EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
•added 2023/06/14 12:0 a.m.•70 views

(0Day) Pulse Secure Client SetupService Directory Traversal Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Pulse Secure Client. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within SetupService. Th...

7.8CVSS7.1AI score0.0097EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/10/14 12:0 a.m.•70 views

Microsoft Windows CDFS Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of I...

7.7CVSS6.2AI score0.56269EPSS
Exploits0References1
Total number of security vulnerabilities5000