Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2019/07/05 12:0 a.m.•33 views

Foxit PhantomPDF Button Calculate Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS2.3AI score0.07711EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/07/02 12:0 a.m.•33 views

Advantech WebAccess Node viewsrv SQLExecute Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x27ea IOCTL in the webvrpcs process. The issue resul...

9.8CVSS2.5AI score0.10665EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/06/11 12:0 a.m.•33 views

Microsoft Windows gdiplus Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.3AI score0.04314EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/05/30 12:0 a.m.•33 views

Hewlett Packard Enterprise Intelligent Management Center faultEventSelectFact Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

8.8CVSS3.1AI score0.0364EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/05/15 12:0 a.m.•33 views

Microsoft Windows Jet Database Engine Sign Extension Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET databa...

7CVSS3.7AI score0.1371EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/05/15 12:0 a.m.•33 views

Microsoft Windows JET Database Engine Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET databa...

7CVSS3.5AI score0.1371EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/04/29 12:0 a.m.•33 views

Foxit Reader FoxitReaderCtl ToggleFormsDesign Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ToggleFormsDesi...

7.8CVSS2.3AI score0.03352EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/04/29 12:0 a.m.•33 views

Foxit Reader AcroForm richValue Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

3.3CVSS0.6AI score0.03049EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/03/12 12:0 a.m.•33 views

Microsoft Internet Explorer event Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5CVSS3.1AI score0.08261EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/03/12 12:0 a.m.•33 views

(0Day) Hewlett Packard Enterprise Intelligent Management Center reportTaskSelect Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

8.8CVSS3.1AI score0.03462EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2019/03/06 12:0 a.m.•33 views

Jaspersoft JasperReports Server ResourceForwardingServlet URI Improper Access Control Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Jaspersoft JasperReports Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in the doGet method of the ResourceForwardingServlet. The issue resul...

7.5CVSS2.2AI score0.03132EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/03/05 12:0 a.m.•33 views

(Pwn2Own) Samsung Galaxy S9 Untrusted Site Redirection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S9. User interaction is required to exploit this vulnerability in that the target must connect to a wireless network. The specific flaw exists within the captive portal. By...

6.5CVSS1.9AI score0.03225EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2019/03/04 12:0 a.m.•33 views

(Pwn2Own) Samsung Galaxy S8 Shannon Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8. User interaction is required to exploit this vulnerability in that the target must answer a phone call. The specific flaw exists within the handling of Status Information Element...

6.8CVSS7.3AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/02/12 12:0 a.m.•33 views

Microsoft Access Database Engine ACEEXCL Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Access Database Engine. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when...

7.8CVSS3AI score0.18414EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/02/12 12:0 a.m.•33 views

Adobe Acrobat Pro DC HTML2PDF HTML Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS4.8AI score0.03915EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2019/01/29 12:0 a.m.•33 views

Bitdefender SafePay openFile Arbitrary File Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender SafePay. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processi...

8.8CVSS2.3AI score0.03823EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2019/01/19 12:0 a.m.•33 views

LAquis SCADA LQS File Parsing Improper Control of Generation of Code Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.4AI score0.02668EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/11/20 12:0 a.m.•33 views

Microsoft Edge Chakra Engine Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.5CVSS2.3AI score0.14159EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/19 12:0 a.m.•33 views

Trend Micro Anti-Virus UrlfWTPPagePtr KERedirect Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Trend Micro Anti-Virus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

6.9CVSS2.7AI score0.0054EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/16 12:0 a.m.•33 views

LAquis SCADA LQS File Parsing Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The issue results from the lack of proper...

6.8CVSS4.3AI score0.08063EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/11 12:0 a.m.•33 views

Foxit PhantomPDF HTML2PDF HTML Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion ...

7.8CVSS3.3AI score0.03855EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/11 12:0 a.m.•33 views

Foxit PhantomPDF exportValues Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS1.9AI score0.03855EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/10/11 12:0 a.m.•33 views

Foxit Reader richValue Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

7.8CVSS1.5AI score0.03855EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/09/24 12:0 a.m.•33 views

Apple Safari Array Concat Uninitialized Buffer Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

4.3CVSS2AI score0.02168EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/09/19 12:0 a.m.•33 views

Delta Industrial Automation CNCSoft ScreenEditor DPB File UserVARComment wFont Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation CNCSoft ScreenEditor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fl...

9.3CVSS5.2AI score0.09536EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/09/17 12:0 a.m.•33 views

VMware Workstation e1000 Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the guest system in order to exploit this vulnerability. The specific flaw exists within the handling ...

6.9CVSS4.2AI score0.00494EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/08/14 12:0 a.m.•33 views

Microsoft Windows VBScript Class_Terminate Use After Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows VBScript. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS2.7AI score0.14443EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/07/26 12:0 a.m.•33 views

(0Day) Wecon LeviStudioU addresslib Port Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wecon LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...

9.3CVSS5.2AI score0.01947EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/07/19 12:0 a.m.•33 views

Foxit Reader getURL Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getURL method. ...

6.8CVSS2.4AI score0.02773EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/07/19 12:0 a.m.•33 views

Foxit Reader getTemplate Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getTemplate...

6.8CVSS2.6AI score0.02773EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/07/19 12:0 a.m.•33 views

Foxit Reader mailDoc Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS2.3AI score0.02773EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/07/16 12:0 a.m.•33 views

Adobe Acrobat Pro DC ImageConversion EMF Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

6.8CVSS5.6AI score0.08425EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/06/08 12:0 a.m.•33 views

(Pwn2Own) Microsoft Windows DirectX Integer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DirectX...

6.9CVSS4.7AI score0.01297EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/05/18 12:0 a.m.•33 views

Advantech WebAccess Node BWSCADASoap GetUnackAlarms SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

4CVSS1.1AI score0.01659EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/05/15 12:0 a.m.•33 views

Adobe Acrobat Pro DC ImageConversion EMF JPEG Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

6.8CVSS5.3AI score0.12274EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/05/15 12:0 a.m.•33 views

Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS2.3AI score0.10403EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/05/14 12:0 a.m.•33 views

Microsoft Windows win32k Menu Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

7.2CVSS3.1AI score0.01154EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/04/20 12:0 a.m.•33 views

Foxit Reader TIFF Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIFF...

6.8CVSS5.4AI score0.03226EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/04/20 12:0 a.m.•33 views

Foxit Reader setTimeOut Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

4.3CVSS0.3AI score0.03EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/04/20 12:0 a.m.•33 views

Foxit Reader PrintParams bitmapDPI Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

4.3CVSS1.4AI score0.02629EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/04/20 12:0 a.m.•33 views

Foxit Reader Link setAction Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

6.8CVSS1.9AI score0.02773EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/04/20 12:0 a.m.•33 views

Foxit Reader addField Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

6.8CVSS1.9AI score0.02773EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/03/06 12:0 a.m.•33 views

Adobe Acrobat Pro DC ImageConversion EMF JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

2.6CVSS3.1AI score0.06208EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/02/28 12:0 a.m.•33 views

Microsoft Office Excel XLS File Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS2.9AI score0.2043EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/02/27 12:0 a.m.•33 views

Microsoft Windows Font Embedding Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

2.6CVSS1.5AI score0.02367EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/02/21 12:0 a.m.•33 views

Adobe Acrobat Pro DC ImageConversion XPS TIFF Software Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS2.3AI score0.22423EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/02/21 12:0 a.m.•33 views

Microsoft Windows Font Embedding Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

2.6CVSS1.5AI score0.02367EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2018/01/16 12:0 a.m.•33 views

(0Day) Quest NetVault Backup Server Process Manager Service Export Method Directory Traversal Denial of Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on vulnerable installations of Quest NetVault Backup. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be easily bypassed. The specific flaw exists within...

8.5CVSS7.8AI score0.05029EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2018/01/03 12:0 a.m.•33 views

Hewlett Packard Enterprise Moonshot Provisioning Manager Appliance server_response Directory Traversal Denial Of Service Vulnerability

This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of Hewlett Packard Enterprise Moonshot Provisioning Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the serverresponse.py file. The issue...

8.5CVSS8.7AI score0.04198EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/12/15 12:0 a.m.•33 views

Quest NetVault Backup Server Process Manager Service NVBUPhaseStatus Get Method SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUPhaseStatus Get method requests. The issue results from the...

7.5CVSS0.9AI score0.03933EPSS
Exploits0
Total number of security vulnerabilities5000