Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2016/04/28 12:0 a.m.•35 views

SolarWinds Storage Resource Monitor Profiler Module QuantumMonitorServlet SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor Profiler Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the QuantumMonitorServlet servlet in...

10CVSS6.8AI score0.70167EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/04/12 12:0 a.m.•35 views

Ecava IntegraXor Report summary_opt SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Ecava IntegraXor. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of summaryopt report requests. The vulnerability is caused by the lack of...

7.5CVSS3.3AI score0.01425EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2016/04/12 12:0 a.m.•35 views

Ecava IntegraXor Report batchlist SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Ecava IntegraXor. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of batchlist report requests. The vulnerability is caused by the lack of inp...

7.5CVSS3.3AI score0.01425EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2016/03/02 12:0 a.m.•35 views

Adobe Flash MPEG Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within MPEG-4 parsing. A...

6.8CVSS6.5AI score0.07152EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/02/10 12:0 a.m.•35 views

Dell SonicWALL GMS Virtual Appliance Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Dell SonicWALL GMS Virtual Appliance. Authentication is not required to exploit this vulnerability. The specific flaw exists within the cliserver implementation, which accepts, deserializes, and...

10CVSS4.6AI score0.06437EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/02/05 12:0 a.m.•35 views

Advantech WebAccess Dashboard Viewer removeFile Directory Traversal Arbitrary File Deletion Denial of Service Vulnerability

This vulnerability allows remote attackers to deny service to all users on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WebAccess Dashboard Viewer. Insufficient validation within the removeFile...

7.8CVSS4.6AI score0.04693EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/01/25 12:0 a.m.•35 views

Oracle Application Testing Suite DownloadServlet scriptPath Parameter Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to exfiltrate arbitrary files on vulnerable installations of Oracle Application Testing Suite. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DownloadServlet servlet. By providing a scriptPath parameter...

7.8CVSS7.3AI score0.22011EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/01/25 12:0 a.m.•35 views

Oracle Application Testing Suite DownloadServlet exportFileName Parameter Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to exfiltrate arbitrary files on vulnerable installations of Oracle Application Testing Suite. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DownloadServlet servlet. By providing an exportFileName...

7.8CVSS7.2AI score0.27519EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/12/08 12:0 a.m.•35 views

Adobe Flash AS2 SharedObject getRemote Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the SharedObject...

6.8CVSS8.6AI score0.06571EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/11/10 12:0 a.m.•35 views

Microsoft Internet Explorer COptionElement::InvalidateDataListAncestorCollections Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how...

6.8CVSS6.5AI score0.20226EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/10/13 12:0 a.m.•35 views

Adobe Acrobat Reader DC ANSendForBrowserReview Javascript API Restrictions Bypass Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS6.7AI score0.0643EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/10/13 12:0 a.m.•35 views

Adobe Acrobat Reader DC ANSendForSharedReview Javascript API Restrictions Bypass Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS6.7AI score0.0643EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/10/13 12:0 a.m.•35 views

Adobe Acrobat Reader DC Fields Format Action Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the handling of fields. A...

6.8CVSS6.5AI score0.05149EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/09/29 12:0 a.m.•35 views

(0Day) Moxa OnCell Central Manager Server RequestController Static Credentials Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Moxa OnCell Central Manager Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RequestController class. The specific flaw exists within the...

7.5CVSS8.9AI score0.01695EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2015/09/16 12:0 a.m.•35 views

Symantec Web Gateway Arbitrary PHP File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Web Gateway. Authentication is required to exploit this vulnerability, however it can be bypassed via reflected cross-site scripting. The specific flaw exists within the adminmessages.php...

8.5CVSS6.9AI score0.05122EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/08/13 12:0 a.m.•35 views

Moxa VPort ActiveX SDK PLUS GetClientReg Name Parameter Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of VPort ActiveX SDK PLUS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS6.9AI score0.0242EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/08/11 12:0 a.m.•35 views

Microsoft Internet Explorer HelpPane Sandbox Bypass Vulnerability

This vulnerability allows remote attackers to escape Protected Mode on vulnerable installations of Microsoft Internet Explorer User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.4CVSS6.1AI score0.02097EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/07/14 12:0 a.m.•35 views

Microsoft Office Excel Chart Object Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to read freed memory on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within processing of...

5.8CVSS5.3AI score0.13601EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/07/14 12:0 a.m.•35 views

Adobe Acrobat Pro Calculate field action Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...

6.8CVSS6.3AI score0.06908EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/07/08 12:0 a.m.•35 views

Adobe Flash Sound Universal Cross Site Scripting Vulnerability

This vulnerability allows remote attackers to read arbitrary data on vulnerable Adobe Flash installations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of Sound objects. A remote attacker can run arbitrary script in the context of any...

5.8CVSS6.1AI score0.03563EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/07/01 12:0 a.m.•35 views

Apple iOS ICC Profile curv Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple iOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of ICC...

6.8CVSS8.5AI score0.02958EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/06/30 12:0 a.m.•35 views

IBM Tivoli Storage Manager FastBack Server Opcode 1329 Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 1329. By sending a crafted packet...

7.8CVSS8.4AI score0.0596EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/05/12 12:0 a.m.•35 views

Adobe Acrobat Reader ScriptBridgeUtils Javascript API Restrictions Bypass Vulnerability

This vulnerability allows remote attackers to bypass API restrictions on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ScriptBridgeUtils...

6.8CVSS6.4AI score0.09917EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/05/12 12:0 a.m.•35 views

(Pwn2Own) Microsoft Windows CNG Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.9CVSS5.7AI score0.03334EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2015/04/22 12:0 a.m.•35 views

Novell Zenworks Rtrlet.class Session ID Disclosure Vulnerability

This vulnerability allows attackers to disclose Session ID's of logged in users on vulnerable installations of Novell Zenworks. User interaction is not required to exploit this vulnerability. The specific flaw exists within Rtrlet.class. By sending a POST request with the maintenance variable set...

6.8CVSS7AI score0.0659EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/04/22 12:0 a.m.•35 views

Novell Zenworks Rtrlet doPost Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Zenworks. By default, authentication is not required to exploit this vulnerability. The specific flaw exists within the doPost method of the Rtrlet class. The issue lies in the failure to...

6.8CVSS9.5AI score0.04282EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/04/08 12:0 a.m.•35 views

Apple OS X IOKit IOHIDSecurePromptClient Heap Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within IOKit IOHIDSecurePromptClien...

6.8CVSS7.2AI score0.00962EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2015/03/12 12:0 a.m.•35 views

Hewlett-Packard POS Printer Windows And OPOS Drivers OPOSCashDrawer.ocx Open Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard POS Printer Windows and OPOS Drivers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specifi...

6.8CVSS6.9AI score0.10349EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/02/27 12:0 a.m.•35 views

(0Day) WebGate eDVR Manager WESPPTZ.WESPPTZCtrl.1 OpenDVrSSite Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WebGate eDVR Manager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS8.6AI score0.13977EPSS
Exploits4References2
Zero Day Initiative
Zero Day Initiative
•added 2015/02/10 12:0 a.m.•35 views

Microsoft Internet Explorer CMapElement Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS6.3AI score0.30043EPSS
Exploits2References1
Zero Day Initiative
Zero Day Initiative
•added 2015/02/10 12:0 a.m.•35 views

SolarWinds Server and Application Monitor TSUnicodeGraphEditorControl graphManager.load Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Server and Application Monitor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exis...

7.5CVSS6.6AI score0.08165EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2015/01/27 12:0 a.m.•35 views

(Mobile Pwn2Own) Apple iOS SSL Sandbox Bypass Vulnerability

This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Apple iOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of SSL...

7.5CVSS6.1AI score0.0224EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2014/11/19 12:0 a.m.•35 views

Rockwell Automation Connected Components Workbench RA.ViewElements.Grid.1 Arbitrary Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Rockwell Automation Connected Components Workbench. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...

7.5CVSS6.5AI score0.11EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/10/14 12:0 a.m.•35 views

Microsoft Word Style Tag Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

6.8CVSS8.5AI score0.17458EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/10/01 12:0 a.m.•35 views

Hewlett-Packard Network Node Manager ovopi.dll Option -D Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within ovopi.dll which listens by default on a UDP port 696. When parsin...

10CVSS7.4AI score0.65435EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2014/09/16 12:0 a.m.•35 views

Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS6.3AI score0.15993EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/09/16 12:0 a.m.•35 views

Adobe Reader replace() Heap Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the replace...

6.8CVSS6.5AI score0.09655EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/08/27 12:0 a.m.•35 views

Juniper Network and Security Manager XDB Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Juniper Network and Security Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the XDB service. The issue lies in the ability to connect to the...

10CVSS7.5AI score0.04219EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/08/12 12:0 a.m.•35 views

Microsoft Internet Explorer CTableRow Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS7.6AI score0.16528EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/08/12 12:0 a.m.•35 views

Microsoft Internet Explorer CElement::GetClassCacheArray Improper Indexing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS7.6AI score0.16528EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/08/01 12:0 a.m.•35 views

AlienVault OSSIM av-centerd Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of AlienVault OSSIM. Authentication is not required to exploit this vulnerability. The specific flaw exists within the av-centerd SOAP service. The issue lies in the handling of the requests due to a...

10CVSS7AI score0.0368EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/07/16 12:0 a.m.•36 views

Hewlett-Packard Intelligent Management Center FaultDownloadServlet Information Disclosure Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FaultDownloadServlet servlet. This servlet contains ...

7.8CVSS7.5AI score0.046EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/07/16 12:0 a.m.•35 views

Hewlett-Packard Intelligent Management Center IctDownloadServlet Information Disclosure Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IctDownloadServlet servlet. This servlet contains a...

7.8CVSS7.5AI score0.046EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/06/11 12:0 a.m.•35 views

Microsoft Internet Explorer Js::PathTypeHandlerBase Improper Indexing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS6.3AI score0.21553EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/06/11 12:0 a.m.•35 views

(Pwn2Own) Microsoft Internet Explorer Protected Mode Bypass Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.2CVSS6.4AI score0.37373EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/04/23 12:0 a.m.•35 views

SolarWinds Server and Application Monitor PEstrarg1 ActiveX Heap Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Server and Application Monitor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exis...

6.8CVSS7.1AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2014/04/11 12:0 a.m.•35 views

(Pwn2Own) Mozilla Firefox TypeObject Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS9.3AI score0.31373EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2014/04/11 12:0 a.m.•35 views

(Pwn2Own) Mozilla Firefox Pop-Up Blocker Bypass Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the pop-up...

6.8CVSS9.3AI score0.83633EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2014/04/03 12:0 a.m.•35 views

Microsoft Internet Explorer HtmlLayout Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS2.8AI score0.72239EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
•added 2014/03/20 12:0 a.m.•35 views

Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS2.9AI score0.12736EPSS
Exploits1References1
Total number of security vulnerabilities5000