Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2008/12/04 12:0 a.m.•34 views

Trillian AIM IMG Tag Parsing Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cerulean Studios Trillian. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tooltip processing code for Trillian. When creating a tooltip for an...

10CVSS6AI score0.07929EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2008/10/14 12:0 a.m.•34 views

Microsoft Office Excel REPT Formula Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page, or open a malicious file. The specific flaw exists when parsing Microsof...

9.3CVSS4.4AI score0.34415EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2007/12/11 12:0 a.m.•34 views

Microsoft Windows Message Queuing Service Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows with the Message Queuing Service enabled. Authentication is not required to exploit this vulnerability. The specific flaw exists in the RPC interface defined on port 2103 with UUI...

9CVSS2.7AI score0.69055EPSS
Exploits13References1
Zero Day Initiative
Zero Day Initiative
•added 2007/11/05 12:0 a.m.•34 views

Apple QuickTime Uncompressedfile Opcode Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must open a malicious image file. The specific flaw exists in the parsing of the pict file format. If ...

7.6CVSS5.9AI score0.08053EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2006/11/29 12:0 a.m.•34 views

Novell Netware Client Print Provider Buffer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of the Novell Netware Client. Authentication is not required to exploit this vulnerability. The specific flaw exists in a print provider installed by the Netware Client. The nwspool.dll...

7.5CVSS4.1AI score0.57287EPSS
Exploits15References1
Zero Day Initiative
Zero Day Initiative
•added 2006/10/31 12:0 a.m.•34 views

Novell Netmail User Authentication Buffer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Netmail. Exploitation does not require authentication. The specific flaw exists within the user authentication component of Novell Netmail. The routine responsible for authenticating Netmail...

7.5CVSS2.6AI score0.83891EPSS
Exploits11References1
Zero Day Initiative
Zero Day Initiative
•added 2006/04/17 12:0 a.m.•34 views

Mozilla Firefox CSS Letter-Spacing Heap Overflow Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of the Mozilla/Firefox web browser and Thunderbird e-mail client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious e-mail. The...

9.3CVSS2.9AI score0.1034EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2026/04/15 12:0 a.m.•33 views

Linux Kernel ETS Scheduler Race Condition Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Qdisc...

7.5CVSS6.4AI score0.00151EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/08 12:0 a.m.•33 views

(Pwn2Own) Microsoft SharePoint ToolPane Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Microsoft SharePoint. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the Referer HTTP header provided to the ToolPane endpoint. The...

6.5CVSS6.2AI score0.99879EPSS
Exploits9References1
Zero Day Initiative
Zero Day Initiative
•added 2024/05/31 12:0 a.m.•33 views

Progress Software Telerik Reporting Register Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Progress Software Telerik Reporting. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the Register method. The issue results from the...

9.8CVSS7AI score0.97482EPSS
Exploits14References1
Zero Day Initiative
Zero Day Initiative
•added 2024/04/26 12:0 a.m.•33 views

Oracle VirtualBox Web Service Exposure of Resource to Wrong Sphere Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Oracle VirtualBox. Authentication is not required to exploit this vulnerability. The specific flaw exists within the vboxwebsrv service. The issue results from the exposure of a resource to t...

5.9CVSS5.8AI score0.01094EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/04/09 12:0 a.m.•33 views

Microsoft Windows Installer Service Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Windows...

7.8CVSS7.5AI score0.12258EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/03/13 12:0 a.m.•33 views

Microsoft Office Performance Monitor Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Office. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Office...

7.8CVSS7.4AI score0.01165EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/03/01 12:0 a.m.•33 views

Linux Kernel ksmbd Negotiate Request Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability. However, only systems with ksmbd enabled are vulnerable. The specific flaw exists within the handling of SMB2...

8.6CVSS6.5AI score0.00378EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/02/26 12:0 a.m.•33 views

Apple macOS ImageIO MPO Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

3.3CVSS5.9AI score0.00473EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/02/06 12:0 a.m.•33 views

(Pwn2Own) Canon imageCLASS MF753Cdw rls-login Authorization Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF753Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of the Authorization header provided to the...

8.8CVSS7.5AI score0.01457EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/01/11 12:0 a.m.•33 views

D-Link DCS-8300LHV2 ONVIF Hardcoded PIN Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DCS-8300LHV2 IP cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of the ONVIF API. The issue results from the u...

6.3CVSS7AI score0.03871EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/01/05 12:0 a.m.•33 views

Inductive Automation Ignition Base64Element Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability. The specific flaw exists within the Base64Element class. The issue results from the lack of proper validation ...

7.2CVSS7.8AI score0.01846EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/21 12:0 a.m.•33 views

(0Day) BlueZ Audio Profile AVRCP parse_media_element Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling o...

5.4CVSS6.5AI score0.00808EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/15 12:0 a.m.•33 views

Microsoft Windows win32kfull UMPDDrvCopyBits Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull...

8.8CVSS6.9AI score0.01229EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/14 12:0 a.m.•33 views

Adobe Prelude MP4 File Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Prelude. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

3.3CVSS6.4AI score0.00367EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•33 views

Microsoft Windows UMPDDrvBitBlt Type Confusion Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Additionally, the target system must have multiple...

7.8CVSS7.5AI score0.11648EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/10/11 12:0 a.m.•33 views

Microsoft Windows DEVLOCKBLTOBJ Race Condition Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DEVLOCKBLTOBJ...

8.8CVSS7AI score0.00807EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/27 12:0 a.m.•33 views

Microsoft Visual Studio FBX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Visual Studio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS6.9AI score0.01779EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/27 12:0 a.m.•33 views

Microsoft Visual Studio FBX File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Visual Studio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

3.3CVSS5.9AI score0.01779EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/12 12:0 a.m.•33 views

Foxit PDF Reader XFA Doc Object Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of D...

7.8CVSS6.8AI score0.0046EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/09/07 12:0 a.m.•33 views

D-Link DIR-3040 prog.cgi SetWan2Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

6.8CVSS7.3AI score0.00705EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/08/25 12:0 a.m.•33 views

Apple macOS ImageIO EXR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the ImageIO...

7.8CVSS7.2AI score0.00282EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/08/25 12:0 a.m.•33 views

LG LED Assistant updateFile Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/download/updateFile endpoint. The issue results from the lack of prope...

7.5CVSS6.1AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/08/24 12:0 a.m.•33 views

Microsoft Excel SKP File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP...

7.8CVSS6.7AI score0.00841EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/08/17 12:0 a.m.•33 views

PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS5.9AI score0.00327EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/08/14 12:0 a.m.•33 views

Adobe Acrobat Reader DC PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

3.3CVSS5.7AI score0.0213EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/06/15 12:0 a.m.•33 views

(0Day) Ashlar-Vellum Cobalt Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

7.8CVSS6.8AI score0.00399EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/05/17 12:0 a.m.•33 views

Delta Electronics InfraSuite Device Master Improper Access Control Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Delta Electronics InfraSuite Device Master. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS7AI score0.00645EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/17 12:0 a.m.•33 views

Linux Kernel IPv6 Segment Routing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of the Linux Kernel. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

4.4CVSS6.2AI score0.00353EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/17 12:0 a.m.•33 views

Apple macOS KTX Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ImageIO framework is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

3.3CVSS6.2AI score0.00247EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/17 12:0 a.m.•33 views

(Pwn2Own) Prosys OPC UA Simulation Server Resource Exhaustion Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Prosys OPC UA Simulation Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of message chunks. By sending a large number ...

7.5CVSS6.6AI score0.01168EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/17 12:0 a.m.•33 views

Apple macOS AppleScript UASIsConstant SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the AppleScript library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within th...

3.3CVSS6.2AI score0.01013EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/17 12:0 a.m.•33 views

Canonical ksmbd-tools LSARPC Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Canonical ksmbd-tools. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the LSARPCOPNUMLOOKUPSID2 opcode. The issue results from the lac...

9.8CVSS7.3AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/15 12:0 a.m.•33 views

D-Link DIR-2150 GetFirmwareStatus Target Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the SOAP A...

6.8CVSS7.4AI score0.0176EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/05/04 12:0 a.m.•33 views

(Pwn2Own) Canon imageCLASS MF743Cdw cmNetBiosParseName Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF743Cdw printers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of NetBIOS names. The issue results from the la...

8.8CVSS7.3AI score0.01163EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/04/24 12:0 a.m.•33 views

Microsoft Windows win32kfull Null Pointer Dereference Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

6.5CVSS7.3AI score0.00519EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/04/12 12:0 a.m.•33 views

Autodesk Maya USD File Parsing Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autodesk Maya. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

3.3CVSS6.9AI score0.00301EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/04/12 12:0 a.m.•33 views

Adobe Acrobat Reader DC AcroForm removeField Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS7.6AI score0.0271EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/04/12 12:0 a.m.•33 views

Adobe Substance 3D Stager USD File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Substance 3D Stager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS7.6AI score0.00345EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/03/17 12:0 a.m.•33 views

Trend Micro TXOne StellarOne Improper Access Control Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro TXOne StellarOne. Authentication is required to exploit this vulnerability. The specific flaw exists within the Account endpoint. The issue results from the lack of proper access control. An...

8.3CVSS8.4AI score0.00993EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/03/16 12:0 a.m.•33 views

Adobe Dimension GLTF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Dimension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GLT...

7.8CVSS7.6AI score0.00353EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/03/16 12:0 a.m.•33 views

Schneider Electric IGSS DashFiles Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS8AI score0.06482EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/03/16 12:0 a.m.•33 views

Adobe Substance 3D Stager USDC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Substance 3D Stager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS7.6AI score0.00332EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/02/09 12:0 a.m.•33 views

Open Design Alliance (ODA) Drawing SDK DGN File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open Design Alliance ODA Drawing SDK. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

7.8CVSS5.2AI score0.02668EPSS
Exploits0References1
Total number of security vulnerabilities5000