Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2021/09/16 12:0 a.m.•34 views

Adobe FrameMaker PDF File Parsing Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe FrameMaker. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

3.3CVSS2.9AI score0.01491EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/09/14 12:0 a.m.•34 views

(0Day) Autodesk Navisworks PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autodesk Navisworks. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.6AI score0.00957EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/26 12:0 a.m.•34 views

Microsoft Windows Canonical Display Driver DrvLineTo NULL Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cdd.dll driver...

7.8CVSS5.9AI score0.01294EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/11 12:0 a.m.•34 views

Microsoft Windows Update Service Incorrect Permission Assignment Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Windows Update...

7.8CVSS6.2AI score0.01097EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/05 12:0 a.m.•34 views

Apple macOS ModelIO ABC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ModelIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

3.3CVSS4AI score0.01116EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/03 12:0 a.m.•34 views

Microsoft Edge Installer Directory Junction Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Edge. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within Edge Installer. By...

7CVSS4.8AI score0.00729EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/24 12:0 a.m.•34 views

(0Day) Advantech WebAccess/HMI Designer PM3 File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/HMI Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t...

7.8CVSS5AI score0.0095EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/06/22 12:0 a.m.•34 views

Autodesk Design Review PDF File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Design Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS5.1AI score0.01606EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/07 12:0 a.m.•34 views

Advantech iView NetworkServlet findUpdateDeviceListDetails SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetworkServlet class. The issue results from the lack of proper validation o...

7.5CVSS1.3AI score0.01169EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/02 12:0 a.m.•34 views

OpenText Brava! Desktop DWF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

3.3CVSS2.5AI score0.01097EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/06/02 12:0 a.m.•34 views

OpenText Brava! Desktop DWF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS5.8AI score0.01419EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/06/02 12:0 a.m.•34 views

OpenText Brava! Desktop DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.6AI score0.01419EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/06/02 12:0 a.m.•34 views

OpenText Brava! Desktop DWF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS5.8AI score0.01419EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/05/07 12:0 a.m.•34 views

Foxit Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling ...

3.3CVSS2AI score0.02018EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/04/13 12:0 a.m.•34 views

(0Day) Siemens Solid Edge Viewer PAR File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.2AI score0.01044EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/03/22 12:0 a.m.•34 views

Foxit PhantomPDF U3DBrowser Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U...

7.8CVSS2.5AI score0.03304EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/22 12:0 a.m.•34 views

Foxit PhantomPDF U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS1.8AI score0.02023EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/17 12:0 a.m.•34 views

Microsoft Windows Setup Directory Junction Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within Windows Setup. By...

7.8CVSS5.8AI score0.01027EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/16 12:0 a.m.•34 views

Siemens Solid Edge Viewer FBX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4.7AI score0.0208EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/15 12:0 a.m.•34 views

Microsoft Windows Setup Directory Junction Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

6.1CVSS4.7AI score0.00888EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/15 12:0 a.m.•34 views

SAP 3D Visual Enterprise Viewer SVG File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS4.4AI score0.01242EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/03/15 12:0 a.m.•34 views

SAP 3D Visual Enterprise Viewer U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS4.7AI score0.01382EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/03/15 12:0 a.m.•34 views

SAP 3D Visual Enterprise Viewer PDF File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS4.9AI score0.01242EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/03/11 12:0 a.m.•34 views

Schneider Electric IGSS CGF File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.3AI score0.00841EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/24 12:0 a.m.•34 views

(Pwn2Own) NETGEAR R7800 udchpd DHCP_REQUEST Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the vendorspecific DHCP opcode. The issue results from the lack ...

8.8CVSS1.9AI score0.01118EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/24 12:0 a.m.•34 views

Siemens JT2Go PAR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PAR...

7.8CVSS5.6AI score0.0077EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2021/02/11 12:0 a.m.•34 views

Advantech iView NetworkServlet ztp_config_name SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetworkServlet class. When parsing the ztpconfigname parameter, the process...

7.5CVSS2.3AI score0.11791EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/10 12:0 a.m.•34 views

Adobe Acrobat Reader DC Annots File ID Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

3.3CVSS1.4AI score0.14705EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/29 12:0 a.m.•34 views

Trend Micro Apex One Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

2.5CVSS3.2AI score0.00887EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/29 12:0 a.m.•34 views

Trend Micro Apex One Improper Access Control Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex One. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web console, which listens on TCP port 4343 by default. The issue resul...

5.3CVSS1.2AI score0.02026EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/29 12:0 a.m.•34 views

Trend Micro Apex One Improper Access Control Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex One. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web console, which listens on TCP port 4343 by default. The issue resul...

5.3CVSS1.2AI score0.02083EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/29 12:0 a.m.•34 views

Trend Micro Apex One Improper Access Control Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex One. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web console. The issue results from improper access control. An attacke...

6.5CVSS1.5AI score0.01742EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/20 12:0 a.m.•34 views

Siemens Solid Edge Viewer PAR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.9AI score0.02845EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/14 12:0 a.m.•34 views

Siemens JT2Go CG4 and CGM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CG4 a...

7.8CVSS4.7AI score0.03042EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/14 12:0 a.m.•34 views

Delta Industrial Automation CNCSoft-B DOPSoft XLS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Industrial Automation CNCSoft-B. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

7.8CVSS5.2AI score0.02534EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/14 12:0 a.m.•34 views

Siemens JT2Go PAR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PAR...

7.8CVSS5.6AI score0.02833EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/12 12:0 a.m.•34 views

Adobe Bridge TTF Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

7.8CVSS4.3AI score0.03361EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/12 12:0 a.m.•34 views

Adobe Bridge TTF Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

7.8CVSS4.3AI score0.03361EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/12 12:0 a.m.•34 views

SAP 3D Visual Enterprise Viewer BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS4.6AI score0.01199EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/01/12 12:0 a.m.•34 views

SAP 3D Visual Enterprise Viewer IFF File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS5.1AI score0.01199EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/01/12 12:0 a.m.•34 views

SAP 3D Visual Enterprise Viewer IFF File Parsing Memory Corruption Remote Code Execution Vulnerabililty

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS5.1AI score0.01199EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/01/12 12:0 a.m.•34 views

SAP 3D Visual Enterprise Viewer PCX File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS4.6AI score0.01199EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/12/15 12:0 a.m.•34 views

(Pwn2Own) Western Digital MyCloud PR4100 nasAdmin Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Western Digital MyCloud PR4100. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

5.4CVSS2.1AI score0.03785EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/12/09 12:0 a.m.•34 views

Microsoft PowerPoint PPTX File Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft PowerPoint. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processin...

7.8CVSS3.2AI score0.03308EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/11/11 12:0 a.m.•34 views

Microsoft Internet Explorer array Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS1.7AI score0.02936EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/28 12:0 a.m.•34 views

Foxit Studio Photo CMP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS1.9AI score0.02865EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/28 12:0 a.m.•34 views

Micro Focus Operations Bridge Manager RegistrationServlet Deserialization Of Untrusted Data Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Micro Focus Operations Bridge Manager. Authentication is required to exploit this vulnerability. The specific flaw exists within the RegistrationServlet endpoint. The issue results from the lack of prop...

8.8CVSS3.4AI score0.7699EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/28 12:0 a.m.•34 views

Micro Focus Operations Bridge Manager HistoryService Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS3.2AI score0.7699EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/28 12:0 a.m.•34 views

Micro Focus Operations Bridge Manager CommonService Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS3.9AI score0.7699EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/28 12:0 a.m.•34 views

Foxit Studio Photo CR2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2AI score0.02865EPSS
Exploits0References1
Total number of security vulnerabilities5000