Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2019/10/22 12:0 a.m.•34 views

Foxit PhantomPDF Text Field Calculate Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

7.8CVSS2.2AI score0.05186EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/10/15 12:0 a.m.•34 views

Adobe Acrobat Reader DC XFA Form Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Acroba...

7.8CVSS2.8AI score0.03637EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/10/15 12:0 a.m.•34 views

Adobe Acrobat Pro DC DXF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.7AI score0.01995EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/10/15 12:0 a.m.•34 views

Adobe Acrobat Pro DC XFA Form Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling ...

7.8CVSS2.5AI score0.03637EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/10/10 12:0 a.m.•34 views

Microsoft Windows user32 Cursor Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS3AI score0.0645EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/10/04 12:0 a.m.•34 views

Foxit PhantomPDF Dwg2Pdf DXF File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DX...

7.8CVSS5.2AI score0.05194EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2019/09/17 12:0 a.m.•34 views

Jenkins eggPlant Cleartext Storage of Credentials Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Jenkins eggPlant. Authentication is required to exploit this vulnerability. The specific flaw exists within the eggPlant plugin. The issue results from storing credentials in plaintext. An...

3.3CVSS1.9AI score0.01482EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/09/05 12:0 a.m.•34 views

Red Lion Crimson CD31 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Red Lion Crimson. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS1.9AI score0.00861EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/08/13 12:0 a.m.•34 views

Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affecred installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database...

7CVSS4AI score0.04477EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/08 12:0 a.m.•34 views

Microsoft Windows ADODB Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within msado15.dll. B...

5CVSS3.3AI score0.05524EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/04 12:0 a.m.•34 views

Microsoft Windows ADODB Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library...

5CVSS3.5AI score0.05524EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/02 12:0 a.m.•34 views

Advantech WebAccess Node bwscrp Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within bwscrp.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process...

9.8CVSS3.3AI score0.0898EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/06/20 12:0 a.m.•34 views

Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.5AI score0.06645EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/06/14 12:0 a.m.•34 views

Microsoft Word Table Out-Of-Bounds Access Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

4.5CVSS2.9AI score0.06558EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/06/07 12:0 a.m.•34 views

Apple macOS ACGetNewAU Memory Corruption Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AudioCodec...

3.3CVSS2.5AI score0.01934EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/05/30 12:0 a.m.•34 views

Hewlett Packard Enterprise Intelligent Management Center ifViewSelectPage Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

8.8CVSS2.9AI score0.0364EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/05/30 12:0 a.m.•34 views

Apple Safari createRenderers Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the createRenderers...

5CVSS4.6AI score0.01797EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/05/15 12:0 a.m.•34 views

Microsoft Chakra Exception Handling Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

8.8CVSS2AI score0.09215EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/04/17 12:0 a.m.•34 views

(Pwn2Own) VMware Workstation UHCI Out-Of-Bounds Access Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing ...

7.8CVSS3.9AI score0.00792EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/04/17 12:0 a.m.•34 views

Oracle VirtualBox crServerDispatchGetMaterialiv Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6.5CVSS2.5AI score0.00533EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/04/17 12:0 a.m.•34 views

(Pwn2Own) VMware Workstation UHCI Race Condition Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing ...

7.8CVSS3.7AI score0.01004EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/04/15 12:0 a.m.•34 views

Adobe Acrobat Pro DC JOBOPTIONS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS1.8AI score0.12098EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/04/15 12:0 a.m.•34 views

Microsoft Windows AppX Deployment Service Hard Link Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppX...

7.3CVSS4.1AI score0.414EPSS
Exploits19References1
Zero Day Initiative
Zero Day Initiative
•added 2019/04/15 12:0 a.m.•34 views

Microsoft Windows EMF File Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...

7.8CVSS3.8AI score0.27571EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/04/02 12:0 a.m.•34 views

Jaspersoft JasperReports Server DiagnosticDataCipherer Hard-coded Cryptographic Key Information Disclosure Vulnerability

This vulnerability allows the decryption of the passwords on vulnerable installations of Jaspersoft JasperReports Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within encryption of user passwords in the DiagnosticDataCipherer class. A hard-coded...

6.2CVSS3.3AI score0.03132EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/03/26 12:0 a.m.•34 views

Apple Safari GraphicsContext Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the GraphicsContext...

7.5CVSS2.2AI score0.01646EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/02/14 12:0 a.m.•34 views

Microsoft Windows JET Database Engine Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET databa...

7CVSS3.8AI score0.1613EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/02/12 12:0 a.m.•34 views

Microsoft Windows gdiplus DoStretchBlt Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.5AI score0.07708EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/12/19 12:0 a.m.•34 views

Microsoft Windows gdiplus bParseWin32Metafile Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.6AI score0.06874EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/12/12 12:0 a.m.•34 views

Adobe Acrobat Pro DC XFA Form Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Acrobat...

7.8CVSS4.6AI score0.04917EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/12/10 12:0 a.m.•34 views

OMRON CX-One CX-Position NCI File Parsing Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-One CX-Position. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.4AI score0.01754EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/25 12:0 a.m.•34 views

Saga Radio SAGA1-L8B Remote Controller Forced-Pairing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to issue commands on vulnerable installations of Saga Radio equipment. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of communication between the transmitter and receiver. By sending a crafte...

7.5CVSS2.8AI score0.00726EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/19 12:0 a.m.•34 views

Trend Micro Anti-Virus ctl_set KERedirect Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Trend Micro Anti-Virus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the functio...

6.9CVSS3.9AI score0.00556EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/17 12:0 a.m.•34 views

OMRON CX-Supervisor SCS File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling...

6.8CVSS2.8AI score0.01627EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/11 12:0 a.m.•34 views

Foxit Reader XFA host messageBox Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

7.8CVSS1.9AI score0.03918EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/11 12:0 a.m.•34 views

Foxit Reader XFA TimeField colSpan Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

7.8CVSS1.9AI score0.03918EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/11 12:0 a.m.•34 views

Foxit Reader XFA xmpmeta content Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

7.8CVSS2.3AI score0.03918EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/11 12:0 a.m.•34 views

Foxit Reader XFA loadXML Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

7.8CVSS2AI score0.03918EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/09/28 12:0 a.m.•34 views

Foxit Reader Link setAction Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Lin...

6.8CVSS1.8AI score0.03279EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/09/26 12:0 a.m.•34 views

(0Day) Wecon LeviStudioU cximageu TIFF Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

9.3CVSS5.9AI score0.01947EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/07/19 12:0 a.m.•34 views

Foxit Reader resetForm Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

6.8CVSS2AI score0.02773EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/07/19 12:0 a.m.•34 views

Foxit Reader getOCGs Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getOCGs method...

6.8CVSS2.5AI score0.02773EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/07/19 12:0 a.m.•34 views

Foxit Reader Circle Annotation borderEffectStyle Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

6.8CVSS3.4AI score0.02773EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/07/13 12:0 a.m.•34 views

Microsoft Windows Child Window NULL Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

7.2CVSS3.5AI score0.01208EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/05/18 12:0 a.m.•34 views

Advantech WebAccess Node bwaccrts Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within bwaccrts.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs proces...

9.3CVSS3.4AI score0.03842EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/03/19 12:0 a.m.•34 views

Microsoft Windows Palette Object Race Condition Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32k.sys...

7.2CVSS5AI score0.01352EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/02/27 12:0 a.m.•34 views

Volkswagen Customer-Link App Protection Mechanism Failure CAN Message Injection Vulnerability

This vulnerability allows adjacent attackers to inject arbitrary Controller Area Network messages on vulnerable installations of Volkswagen Customer-Link App and HTC Customer-Link Bridge. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Customer-Li...

8.3CVSS0.8AI score0.00787EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2018/02/27 12:0 a.m.•34 views

Adobe Acrobat Pro DC PDF Forms Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

2.6CVSS2.3AI score0.13242EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/02/23 12:0 a.m.•34 views

Adobe Reader DC XFA dashDot Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS3.6AI score0.12462EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/11/20 12:0 a.m.•34 views

Cisco Prime Network Analysis Module graph sfile Parameter Directory Traversal Arbitrary File Deletion Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of Cisco Prime Network Analysis Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within graph.php. When parsing the sfile parameter, the script does not...

6.4CVSS3.3AI score0.37192EPSS
Exploits0References1
Total number of security vulnerabilities5000