Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2017/12/13 12:0 a.m.•33 views

NetGain Systems Enterprise Manager _3d.add_005f3d_005fview_005fdo_jsp Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute code by creating arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

9CVSS4.2AI score0.04123EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2017/12/13 12:0 a.m.•33 views

NetGain Systems Enterprise Manager restore.del_005fdo_jsp filenames Directory Traversal Denial of Service Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

7.8CVSS2.5AI score0.02116EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2017/12/13 12:0 a.m.•33 views

NetGain Systems Enterprise Manager TFtpServer Filename Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of WRQ requests. When parsing the Filename field, th...

10CVSS5.1AI score0.57295EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2017/12/06 12:0 a.m.•33 views

Microsoft Chakra asm.js ArrayBuffer Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.5CVSS2.7AI score0.4726EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/11/14 12:0 a.m.•33 views

Foxit Reader JPEG2000 SOT marker tile index Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the tile...

4.3CVSS6.7AI score0.02456EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/10/10 12:0 a.m.•33 views

Microsoft Windows XLS File Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Microsoft...

6.8CVSS8.8AI score0.23119EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/26 12:0 a.m.•33 views

Apple Safari BoundFunction Out-Of-Bounds Access Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS2.2AI score0.01601EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/22 12:0 a.m.•33 views

Trend Micro Control Manager TreeUserControl_process_tree_event XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Trend Micro Control Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within...

4CVSS7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/22 12:0 a.m.•33 views

Trend Micro Control Manager CCGIServlet IDTB_GroupName SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Control Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within processing of...

6CVSS8AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/15 12:0 a.m.•33 views

Trend Micro Mobile Security for Enterprise broadcast_devices Device_DeviceDeviceId SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Mobile Security for Enterprise. Authentication is required to exploit this vulnerability. The specific flaw exists within processing of the broadcastdevices action. When parsing the...

9CVSS4.8AI score0.50166EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/15 12:0 a.m.•33 views

Trend Micro Mobile Security for Enterprise diagnose_eas_status SlinkId SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Mobile Security for Enterprise. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the easagentregister action. When parsing...

10CVSS4.9AI score0.50166EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/15 12:0 a.m.•33 views

Trend Micro Mobile Security for Enterprise show_eas_agent_info SlinkId SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Mobile Security for Enterprise. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the easagentregister action. When parsing...

10CVSS4.9AI score0.50166EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/15 12:0 a.m.•33 views

Trend Micro Mobile Security for Enterprise delete_admin_account UserName SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Mobile Security for Enterprise. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of the deleteadminaccount action. When parsing t...

9CVSS4.7AI score0.50166EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/09/15 12:0 a.m.•33 views

Trend Micro Mobile Security for Enterprise remote_lock_device Device_DeviceId SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Mobile Security for Enterprise. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of the remotelockdevice action. When parsing the...

9CVSS4.8AI score0.50166EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/24 12:0 a.m.•33 views

(0Day) Delta Industrial Automation WPLSoft dvp File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation WPLSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

7.5CVSS4.6AI score0.02581EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/11 12:0 a.m.•33 views

Hewlett Packard Enterprise Intelligent Management Center operationSelect Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

9CVSS3AI score0.0572EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/08 12:0 a.m.•33 views

Adobe Reader DC URL Parsing Insufficient Verification of Data Authenticity Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

4.3CVSS3.5AI score0.05807EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/08 12:0 a.m.•33 views

Adobe Acrobat Pro DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS2AI score0.06566EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/08 12:0 a.m.•33 views

Adobe Acrobat Pro DC PDF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS2.3AI score0.07594EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/07 12:0 a.m.•33 views

(0Day) Eaton ELCSoft Project File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Eaton ELCSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within processing of EPC...

6.8CVSS7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/01 12:0 a.m.•33 views

Mitsubishi Electric E-Designer BECoDeSysARTI Driver Configuration IPAddress0 Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mitsubishi Electric E-Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

9.3CVSS9.1AI score0.03636EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/08/01 12:0 a.m.•33 views

Mitsubishi Electric E-Designer BEMBSlave Driver Configuration CommErrIO Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mitsubishi Electric E-Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

9.3CVSS9.1AI score0.03636EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/07/31 12:0 a.m.•33 views

Trend Micro Control Manager Debug Level Authentication Bypass Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Trend Micro Control Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of debug settings. The software does not provide...

5CVSS0.8AI score0.14751EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/07/11 12:0 a.m.•33 views

Adobe Flash Player BitmapData applyFilter Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS1.9AI score0.03748EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/07/07 12:0 a.m.•33 views

Joyent Smart Data Center Docker API Zone Escape Privilege Escalation Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

9CVSS5.1AI score0.05423EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/06/21 12:0 a.m.•33 views

(0Day) UCanCode E-XD++ Visualization Enterprise Suite UCCVIEWER UpdateControl Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of UCanCode E-XD++ Visualization Enterprise Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

6.8CVSS7.1AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/06/12 12:0 a.m.•33 views

(0Day) Schneider Electric U.motion Builder Local Privilege Escalation Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Schneider Electric U.motion Builder. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the system configuration. The web administration account is s...

6.8CVSS7.5AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/05/10 12:0 a.m.•33 views

(Pwn2Own) Microsoft Edge AudioBuffer Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS0.9AI score0.14728EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/04/11 12:0 a.m.•33 views

Adobe Flash SWF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within SWF parsing. The iss...

4.3CVSS3.5AI score0.0763EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/03/29 12:0 a.m.•33 views

Trend Micro InterScan Web Security Virtual Appliance ConfigIPNetwork saveNetworkConfiguration primaryDNS6 Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro InterScan Web Security Virtual Appliance. Authentication is required to exploit this vulnerability. The specific flaw exists within ConfigIPNetwork's saveNetworkConfiguration method. A...

9CVSS5.2AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/02/07 12:0 a.m.•33 views

Ecava IntegraXor getdata name SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Ecava IntegraXor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the name parameter in getdata requests. The issue lies in the failure...

7.5CVSS2.1AI score0.01645EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/20 12:0 a.m.•33 views

Microsoft Windows JavaScript Array.concat Type Confusion Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5CVSS1.3AI score0.26767EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2017/01/20 12:0 a.m.•33 views

Brocade Network Advisor SoftwareImageUpload Directory Traversal Arbitrary File Deletion Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Brocade Network Advisor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SoftwareImageUpload servlet. The issue results from the lack of proper...

9.4CVSS3.5AI score0.14542EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/12/15 12:0 a.m.•33 views

Apple OS X WindowServer _XRegisterCursorWithData Memory Corruption Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple OS X. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the CoreGraphics...

4.4CVSS5.8AI score0.01326EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/12/15 12:0 a.m.•33 views

Delta Industrial Automation WPLSoft dvp File Parsing Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation WPLSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

6.8CVSS5.3AI score0.01708EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/12/15 12:0 a.m.•33 views

Delta Industrial Automation WPLSoft SFC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation WPLSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

6.8CVSS4.9AI score0.01054EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/11/08 12:0 a.m.•33 views

IBHsoftec S7-SoftPLC CPX43 Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBHsoftec SoftPLC. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of packets by the service listening on TCP port 502. The issue lies i...

9.3CVSS3.5AI score0.02424EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/11/02 12:0 a.m.•33 views

Hewlett Packard Enterprise System Management Homepage SSO TKN Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise System Management Homepage. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of /proxy/sso requests. When parsin...

10CVSS5.1AI score0.04111EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/11/02 12:0 a.m.•33 views

Hewlett Packard Enterprise System Management Homepage SetSMHData Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise System Management Homepage. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of /proxy/SetSMHData requests. When...

10CVSS5.5AI score0.03873EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/10/11 12:0 a.m.•33 views

Acrobat Reader DC XFA FormSubform Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS2AI score0.05813EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/08/24 12:0 a.m.•33 views

Adobe Reader DC FlateDecode Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

4.3CVSS3.1AI score0.05602EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/07/12 12:0 a.m.•33 views

Adobe Reader DC for-each XSLT Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS2.5AI score0.04547EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/06/22 12:0 a.m.•33 views

Microsoft Windows PDF Library AES Encryption Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows PDF Library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

4.3CVSS2.8AI score0.33337EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/24 12:0 a.m.•33 views

(0Day) ActivePDF Toolkit ImageToPDF IAT Overwrite Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ActivePDF Toolkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ImageToPDF...

6.8CVSS7AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2016/05/19 12:0 a.m.•33 views

Apple OS X DTrace Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the dtrace facility. T...

6.9CVSS3.6AI score0.0216EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/10 12:0 a.m.•33 views

Adobe Reader DC U3D Parsing Out-Of-Bound Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS5AI score0.0615EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/05/10 12:0 a.m.•33 views

Adobe Acrobat Reader DC CBSharedReviewSecurityDialog Javascript API Restrictions Bypass Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS4.1AI score0.0697EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/04/08 12:0 a.m.•33 views

(Pwn2Own) Adobe Flash AS2 NetConnection Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the NetConnection...

6.8CVSS3.5AI score0.07133EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/03/22 12:0 a.m.•33 views

Apple Safari Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS2.2AI score0.04125EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2016/03/08 12:0 a.m.•33 views

Microsoft Windows OleLoadPicture Bitmap Heap Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS3.2AI score0.23645EPSS
Exploits0References1
Total number of security vulnerabilities5000