Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2013/11/24 12:0 a.m.•33 views

HP Business Process Monitor tp_bpm_admin.exe Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Business Process Monitor. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of requests to the tpbpmadmin.exe server which listens by default...

10CVSS5.9AI score0.03436EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/10/16 12:0 a.m.•33 views

Hewlett-Packard Intelligent Management Center CommonUtils Static DES/ECB Decryption Key Vulnerability

This vulnerability allows remote attackers to obtain sensitive information on vulnerable installations of Hewlett-Packard Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CommonUtil class. This application uses a stat...

4.9CVSS2.9AI score0.02597EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/10/16 12:0 a.m.•33 views

Oracle Java NumberFormatter and RealTimeSequencer Sandbox Bypass Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage of...

5.8CVSS3.8AI score0.03932EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/09/11 12:0 a.m.•33 views

HP PCM+ AgentController Servlet Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP PCM Plus. Authentication is not required to exploit this vulnerability. The specific flaws exist within the Agent servlet. This servlet is vulnerable to a command injection vulnerability when...

10CVSS3.9AI score0.08507EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/08/29 12:0 a.m.•33 views

(0Day) (Mobile Pwn2Own) Polaris Viewer DOCX VML Shape Tag Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable Polaris Viewer. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists within the parsing of a DOCX file. A tag associated with a VML shap...

8.3CVSS8.2AI score
Exploits0References9
Zero Day Initiative
Zero Day Initiative
•added 2013/07/26 12:0 a.m.•33 views

Adobe Flash Player Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the PCM processing...

7.5CVSS4.7AI score0.04752EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2013/06/11 12:0 a.m.•33 views

Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 259 Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within crs.exe which listens by default on a random TCP port. When parsing opcode 259, the...

10CVSS5.7AI score0.61043EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2013/06/11 12:0 a.m.•33 views

Apple QuickTime 3GP Parsing Remote Code Execution Vunerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

6.8CVSS5.6AI score0.04954EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/05/29 12:0 a.m.•33 views

Microsoft Internet Explorer VML TextBox Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS3.9AI score0.20539EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/05/29 12:0 a.m.•33 views

Oracle Document Capture BlackIceDevMode.ocx ActiveX Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Document Capture. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.4CVSS3.2AI score0.00995EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2013/05/10 12:0 a.m.•33 views

Oracle Java t2k.dll glyph_AddPoint() Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within t2k.dll...

10CVSS3.5AI score0.05131EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/05/10 12:0 a.m.•33 views

Microsoft Internet Explorer RDP ActiveX Control Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Remo...

6.8CVSS3.3AI score0.20661EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2013/05/10 12:0 a.m.•34 views

Oracle Java t2k Type1 Subroutine Indexing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

9.3CVSS4.8AI score0.05904EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/05/10 12:0 a.m.•33 views

Cisco Clean Access Manager filter SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Clean Access Manager. Authentication is not required to exploit this vulnerability. The specific flaw is in the handling of filter URL parameters when constructing SQL database queries. By...

10CVSS4.7AI score0.01143EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/03/22 12:0 a.m.•33 views

Mozilla Firefox obj_toSource Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the objtoSource...

7.5CVSS1.8AI score0.04199EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2013/02/11 12:0 a.m.•33 views

Oracle Java JavaFX WCGraphicsManager Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JavaFX...

7.5CVSS3.7AI score0.04395EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2012/12/21 12:0 a.m.•33 views

Microsoft Internet Explorer CMarkup outerText Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS2.8AI score0.19496EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2012/08/29 12:0 a.m.•33 views

Novell iPrint nipplib.dll client-file-name Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib componen...

10CVSS5.2AI score0.03552EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2012/08/17 12:0 a.m.•33 views

Oracle Java WebStart Browser Argument Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

9CVSS5.4AI score0.05983EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2012/07/12 12:0 a.m.•33 views

HP OpenView Performance Agent coda.exe Opcode 0x34 Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Performance Agent. Authentication is not required to exploit this vulnerability. The specific flaw exists within the coda.exe process which listens on a random TCP port by default. The...

10CVSS4.3AI score0.64685EPSS
Exploits8References1
Zero Day Initiative
Zero Day Initiative
•added 2012/06/28 12:0 a.m.•33 views

Apple Quicktime TeXML Style Element Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of X...

7.5CVSS5.1AI score0.28623EPSS
Exploits9
Zero Day Initiative
Zero Day Initiative
•added 2012/06/21 12:0 a.m.•33 views

DataDirect OpenAccess oaagent.exe GIOP Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of DataDirect SequeLink. Authentication is not required to exploit this vulnerability. The specific flaw exists within how the application parses a packet that is received. When parsing a field in thi...

7.5CVSS6AI score0.08526EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2012/06/21 12:0 a.m.•33 views

RealNetworks Helix Server rn5auth Credential Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Real Helix Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within rn4auth.dll, which is responsible for parsing authentication credentials. When the...

7.5CVSS5AI score0.04168EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2012/06/08 12:0 a.m.•33 views

Symantec Web Gateway upload_file Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Web Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists because Symantec Web Gateway allows unauthenticated users to upload a file while...

7.5CVSS5.7AI score0.64061EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2012/06/06 12:0 a.m.•33 views

HP DataDirect OpenAccess GIOP Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable applications using DataDirect's SequeLink. Authentication is not required to exploit this vulnerability. The specific flaw exists within how the application processes GIOP packets. When processing a specific GIOP...

10CVSS6.1AI score0.08526EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
•added 2012/03/13 12:0 a.m.•33 views

LibTIFF TileSize Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LibTIFF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the LibTIFF Library and...

7.5CVSS5.5AI score0.06918EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2012/03/01 12:0 a.m.•33 views

IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1 Multiple Remote Code Execution Vulnerabilities

IBM Tivoli Provisioning Manager soapServlet SOAP Message Printer.getPrinterAgentKey SQL Injection Vulnerability This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Provisioning Manager Express for Software Distribution. Authentication is...

10CVSS3.1AI score0.01757EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2012/01/12 12:0 a.m.•33 views

(0Day) HP Diagnostics Server magentservice.exe Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Diagnostics server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the way the HP Diagnostics server handles incomming packets with 0x00000000 as t...

10CVSS6AI score0.64803EPSS
Exploits8
Zero Day Initiative
Zero Day Initiative
•added 2011/10/27 12:0 a.m.•33 views

Apple QuickTime H264 Matrix Conversion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktim...

7.5CVSS3.5AI score0.03607EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2011/08/23 12:0 a.m.•33 views

EMC Autostart Domain Name Logging Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC AutoStart High Availability. Authentication is not required to exploit this vulnerability. The specific flaw exists within the packet error handling of the application. When building an error...

10CVSS2.6AI score0.02335EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
•added 2011/07/20 12:0 a.m.•33 views

CA Total Defense Suite Gateway Security Malformed HTTP Packet Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CA Total Defense Suite r12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Icihttp.exe module CA Gateway Security for HTTP, which responds to...

10CVSS3.8AI score0.16205EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/06/14 12:0 a.m.•33 views

Microsoft Internet Explorer layout-grid-char style Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Intern...

7.5CVSS1.7AI score0.60849EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
•added 2011/06/14 12:0 a.m.•33 views

Adobe Shockwave TextXtra Text Element Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

9CVSS4.6AI score0.07476EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/06/14 12:0 a.m.•33 views

Microsoft Internet Explorer selection.empty Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.5CVSS2.7AI score0.16935EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2011/06/06 12:0 a.m.•33 views

Novell iPrint nipplib.dll profile-time Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib componen...

9CVSS3.3AI score0.04883EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/06/03 12:0 a.m.•33 views

Sybase OneBridge Mobile Data Suite Format String Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sybase OneBridge Mobile Data Suite. Authentication is not required to exploit this vulnerability. The specific flaw exists within the iMailGatewayService server process ECTrace.dll which listens fo...

10CVSS8.1AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/04/19 12:0 a.m.•33 views

Oracle Application Server Authentication Bypass Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle GlassFish Application Server and Oracle Java Application Server. Authentication is not required to exploit this vulnerability. The flaw exists within the Web Administration component which...

10CVSS2.8AI score0.60878EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
•added 2011/04/13 12:0 a.m.•33 views

CA Total Defense Suite Heartbeat Web Service Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CA Total Defense Endpoint. Authentication is not required to exploit this vulnerability. The specific flaw exists within CA.Itm.Server.ManagementWS.dll. Due to a failure to properly sanitize...

10CVSS3.4AI score0.11423EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/02/08 12:0 a.m.•33 views

RealNetworks Real Player Predictable Temporary File Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the temporary fil...

9CVSS3.1AI score0.06582EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/02/07 12:0 a.m.•33 views

(0Day) Hewlett-Packard Data Protector Cell Manager Service Authentication Bypass Vulnerability

This vulnerability allows an attacker to execute remote code on vulnerable installations of Hewlett-Packard Data Protector. User interaction is not required to exploit this vulnerability. The specific flaw exists within the Cell Manager Service which listens by default on a random TCP port. The...

10CVSS2.9AI score0.11333EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2011/02/07 12:0 a.m.•34 views

(0Day) IBM Lotus Domino LDAP Bind Request Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The flaw exists within the nLDAP.exe component which listens by default on TCP port 389. When handling the an LDAP Bi...

10CVSS5.2AI score0.14302EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/02/07 12:0 a.m.•33 views

(0Day) Microsoft Office Excel Axis Properties Record Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application...

9CVSS5.5AI score0.42562EPSS
Exploits5References1
Zero Day Initiative
Zero Day Initiative
•added 2011/01/26 12:0 a.m.•33 views

Novell GroupWise Internet Agent TZID Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell GroupWise. Authentication is not required to exploit this vulnerability. The specific flaw exists within the gwwww1.dll module responsible for parsing VCALENDAR data within e-mail messages...

10CVSS6.3AI score0.09547EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2011/01/25 12:0 a.m.•33 views

Novell GroupWise Internet Agent REQUEST-STATUS Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell GroupWise. Authentication is not required to exploit this vulnerability. The specific flaw exists within the gwwww1.dll module responsible for parsing VCALENDAR data within e-mail messages...

10CVSS6.3AI score0.10245EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/12/10 12:0 a.m.•33 views

RealNetworks RealPlayer Cross-Zone Scripting Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is requires in that a target must navigate to a malicious page. The specific flaw exists within the HandleAction method of the RealPlayer ActiveX control...

9CVSS7.4AI score0.01157EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/12/10 12:0 a.m.•33 views

RealNetworks RealPlayer RTSP GIF Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious media file. The specific flaw exists in the...

9CVSS7.1AI score0.06411EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/10/15 12:0 a.m.•33 views

RealNetworks RealPlayer Multiple Protocol Handlers Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the RealPlayer ActiveX control...

9CVSS7.2AI score0.06501EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/10/12 12:0 a.m.•33 views

Oracle Java ActiveX Plugin Uninitialized Window Handle Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle's Java platform that utilize the ActiveX Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The...

9CVSS7AI score0.07968EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/10/12 12:0 a.m.•33 views

Oracle Database Java Stored Procedure Race Condition Remote Code Execution Vulnerability

This vulnerability allows remote attackers to break out of the Java Sandbox implemented by Oracle's relational database. Authentication is required in that a user must be able to create a Java stored procedure to trigger the issue. The specific flaw exists within Oracle's custom SecurityManager...

9CVSS6.8AI score0.01732EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2010/08/11 12:0 a.m.•33 views

Apple Webkit SVG Floating Text Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

10CVSS9.2AI score0.05961EPSS
Exploits0References1
Total number of security vulnerabilities5000