Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2023/11/15 12:0 a.m.•34 views

Microsoft Windows win32kfull UMPDDrvBitBlt Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull...

8.8CVSS7.6AI score0.01229EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/11/15 12:0 a.m.•34 views

Adobe Acrobat Reader DC AcroForm value Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

3.3CVSS6.3AI score0.02035EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•34 views

Microsoft Windows UMPDDrvStretchBltROP Type Confusion Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Additionally, the target system must have multiple...

7.8CVSS7.5AI score0.11648EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/29 12:0 a.m.•34 views

Linux Kernel Netfilter Xtables Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

5.1CVSS5.6AI score0.00415EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/29 12:0 a.m.•34 views

Linux Kernel Netfilter Xtables Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

6.7CVSS6AI score0.00397EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/27 12:0 a.m.•34 views

Microsoft Visual Studio DAE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Visual Studio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS6.9AI score0.01779EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/19 12:0 a.m.•34 views

Microsoft Exchange ExFileLog Deserialization of Untrusted Data Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the lack of protection against deserialization of the ExFileLog class. The...

6.5CVSS6.5AI score0.68598EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/12 12:0 a.m.•34 views

Microsoft 3D Builder PLY File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

5.3CVSS6.3AI score0.00697EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/12 12:0 a.m.•34 views

Microsoft Exchange ApprovedApplicationCollection Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the lack of protection against deserialization of the ApprovedApplicationCollection class...

8.8CVSS7.3AI score0.74671EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/08/25 12:0 a.m.•34 views

Samba Spotlight mdssvc RPC Request Infinite Loop Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Samba. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of Spotlight RPC arguments. Crafted arguments can force the server into ...

5.9CVSS6.6AI score0.62606EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/08/25 12:0 a.m.•34 views

Apple macOS ImageIO EXR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the ImageIO...

7.8CVSS7.2AI score0.00282EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/08/24 12:0 a.m.•34 views

Microsoft Excel SKP File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP...

7.8CVSS6.7AI score0.00841EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/08/23 12:0 a.m.•34 views

Ivanti Avalanche decodeToMap XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The specific flaw exists within the decodeToMap method. Due to the improper restriction of XML External Entity...

6.5CVSS6.2AI score0.02148EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/08/14 12:0 a.m.•34 views

Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS6.8AI score0.02036EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/07/12 12:0 a.m.•34 views

Microsoft Windows Installer Service Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability. The specific flaw exists within the Windows...

7CVSS7AI score0.00421EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/31 12:0 a.m.•34 views

SAP SQL Anywhere Database Server Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP SQL Anywhere. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Database Server, which listens on TCP and UDP ports 2638 by default. The issue...

8.1CVSS7.8AI score0.01053EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/17 12:0 a.m.•34 views

(Pwn2Own) Lexmark MC3224i fax_change_faxtrace_setting Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark MC3224i printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the faxchangefaxtracesettings script. The issue results from the lack...

8.8CVSS7.3AI score0.37835EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/17 12:0 a.m.•34 views

Apple macOS KTX Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ImageIO framework is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

3.3CVSS6.2AI score0.00939EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/17 12:0 a.m.•34 views

Linux Kernel IPv6 Segment Routing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

4.4CVSS6.2AI score0.00353EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/17 12:0 a.m.•34 views

Apple macOS KTX Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ImageIO framework is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

3.3CVSS6.2AI score0.00247EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/15 12:0 a.m.•34 views

D-Link DIR-2150 LoginPassword Incorrect Implementation of Authentication Algorithm Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-2150 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SOAP API interface, which listens on TCP port 80 by default. A...

8.8CVSS6.9AI score0.01108EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/04 12:0 a.m.•34 views

(Pwn2Own) Canon imageCLASS MF743Cdw Authorization Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF743Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the rls-login handler. The issue results from the lack of...

8.8CVSS7.4AI score0.01139EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/04 12:0 a.m.•34 views

D-Link DIR-2640 DestNetwork Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handli...

6.8CVSS7.5AI score0.01796EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/04 12:0 a.m.•34 views

D-Link DAP-1360 webproc var:sys_Token Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling requests to the /cgi-bin/webproc endpoint. When parsing t...

7.5CVSS7.4AI score0.00913EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/01 12:0 a.m.•34 views

(Pwn2Own) VMware Workstation UHCI Component Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6CVSS6.9AI score0.00375EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/01 12:0 a.m.•34 views

(Pwn2Own) NETGEAR RAX30 libcms_cli Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the libcmscl...

8CVSS7.6AI score0.01371EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/04/14 12:0 a.m.•34 views

(Pwn2Own) Sonos One Speaker libsmb2 Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the SMB directory query command. The issue results from th...

8.8CVSS8.8AI score0.00783EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/04/13 12:0 a.m.•34 views

Linux Kernel udmabuf Improper Validation of Array Index Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within a fault handler. The...

8.2CVSS7.6AI score0.01013EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2023/03/31 12:0 a.m.•34 views

Microsoft Print 3D OBJ File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Print 3D. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

6.6CVSS7.6AI score0.00657EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/03/16 12:0 a.m.•34 views

Siemens Tecnomatix Plant Simulation SPP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS7.6AI score0.00223EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/03/16 12:0 a.m.•34 views

Adobe Substance 3D Stager USDC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Substance 3D Stager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS7.6AI score0.00332EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/03/07 12:0 a.m.•34 views

Omron CX-One CXP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CXP...

7.8CVSS4.2AI score0.00564EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/03/01 12:0 a.m.•34 views

Siemens Solid Edge Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5AI score0.02775EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/02/24 12:0 a.m.•34 views

Trend Micro Apex One Improper Access Control Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Apex One...

7.8CVSS7.7AI score0.00304EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/02/24 12:0 a.m.•34 views

Open Design Alliance (ODA) Drawing SDK DGN File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open Design Alliance ODA Drawing SDK. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

7.8CVSS5.6AI score0.00814EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/02/09 12:0 a.m.•34 views

VMware vRealize Log Insight getConfig Missing Authentication for Critical Function Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose information on affected installations of VMware vRealize Log Insight. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getConfig function. The issue results from the lack of authentication prio...

7.5CVSS1.7AI score0.21657EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2023/01/18 12:0 a.m.•34 views

Microsoft Word SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP...

7.8CVSS5.3AI score0.00824EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/01/18 12:0 a.m.•34 views

Microsoft 3D Builder WRL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

5.3CVSS7.6AI score0.00929EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/12/28 12:0 a.m.•34 views

X.Org Server ProcXIPassiveUngrabDevice Improper Validation of Array Index Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

7.8CVSS8.5AI score0.02516EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/12/28 12:0 a.m.•34 views

X.Org Server ScreenSaverSetAttributes Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

7.8CVSS8.6AI score0.02367EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/12/15 12:0 a.m.•34 views

Microsoft Office Visio DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS5.2AI score0.00815EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/11/22 12:0 a.m.•34 views

Microsoft Exchange DbgEngDataReader Exposed Dangerous Function Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the DbgEngDataReader class. The issue results from the exposure of a dangerous...

4.3CVSS0.8AI score0.99964EPSS
Exploits11References1
Zero Day Initiative
Zero Day Initiative
•added 2022/11/22 12:0 a.m.•34 views

Microsoft Exchange FileDependency Exposed Dangerous Function Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability. The specific flaw exists within the FileDependency class. The issue results from the exposure of a dangerous...

4.3CVSS0.8AI score0.99964EPSS
Exploits11References1
Zero Day Initiative
Zero Day Initiative
•added 2022/11/03 12:0 a.m.•34 views

SAP 3D Visual Enterprise Author CUR File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Author. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS4.5AI score0.00521EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/21 12:0 a.m.•34 views

Oracle VirtualBox VRDP Double Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle VirtualBox. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of smartcard I/O messages. The issue results from the lack of validating...

8.1CVSS1.8AI score0.01136EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/14 12:0 a.m.•34 views

Adobe ColdFusion Application Server Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe ColdFusion. Authentication is required to exploit this vulnerability. The specific flaw exists within the Application Server endpoint, which listens on TCP port 8500 by default. The issue resul...

6.6CVSS4.7AI score0.79218EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/14 12:0 a.m.•34 views

Adobe ColdFusion ODBC Server Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe ColdFusion. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of GIOP packets. The issue results from the lack of proper validation of...

9.8CVSS3.1AI score0.42577EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•34 views

PDF-XChange Editor U3D File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5.2AI score0.00339EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•34 views

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.1AI score0.00357EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/09/19 12:0 a.m.•34 views

Adobe InCopy PCX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe InCopy. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PCX...

7.8CVSS5.8AI score0.00475EPSS
Exploits0References1
Total number of security vulnerabilities5000