Lucene search
K
ZdiMost viewed

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2021/10/14 12:0 a.m.•32 views

Fatek Automation Communication Server Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation Communication Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of data sent to the Facon Server, which listens on...

9.8CVSS4.6AI score0.01758EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/09/22 12:0 a.m.•32 views

VMware vCenter Server Appliance Update Manager Directory Traversal Arbitrary File Deletion Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on affected installations of VMware vCenter Server Appliance. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Update Manager. The issue results from the lack of proper validation...

6.5CVSS4AI score0.01053EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/09/20 12:0 a.m.•32 views

SolarWinds Orion Platform ExportToPDF Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of SolarWinds Orion Platform. Authentication is required to exploit this vulnerability. The specific flaw exists within ExportToPDF.aspx. The issue results from the lack of proper validation of ...

7.5CVSS1.6AI score0.04327EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/09/16 12:0 a.m.•32 views

Adobe FrameMaker PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe FrameMaker. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS4.4AI score0.02151EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/09/14 12:0 a.m.•32 views

(0Day) Autodesk Navisworks DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autodesk Navisworks. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.6AI score0.00988EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/09/14 12:0 a.m.•32 views

(0Day) Autodesk Navisworks PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Autodesk Navisworks. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.6AI score0.00957EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/26 12:0 a.m.•32 views

Microsoft Windows Canonical Display Driver DrvStretchBltROPInternal Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cdd.dll driver...

8.8CVSS5.8AI score0.01294EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/08/03 12:0 a.m.•32 views

(Pwn2Own) Parallels Desktop virtio-gpu Memory Corruption Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

8.2CVSS3.7AI score0.00259EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/30 12:0 a.m.•32 views

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS2.3AI score0.03103EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/07/19 12:0 a.m.•32 views

(0Day) Advantech WebAccess/NMS DashBoardAction Missing Authentication Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the DashBoardAction endpoint of the web server. The...

5.3CVSS1.8AI score0.0089EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/25 12:0 a.m.•32 views

Apple macOS AppleIntelKBLGraphics IOCTL 0x20006 Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling ...

6.5CVSS2.3AI score0.00279EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/22 12:0 a.m.•32 views

Autodesk AutoCAD DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DW...

7.8CVSS4.5AI score0.01696EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/07 12:0 a.m.•32 views

Advantech iView NetworkServlet findUpdateDeviceListDetails SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetworkServlet class. The issue results from the lack of proper validation o...

7.5CVSS1.3AI score0.01169EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/06/02 12:0 a.m.•32 views

OpenText Brava! Desktop SLDPRT File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.6AI score0.01419EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/06/02 12:0 a.m.•32 views

OpenText Brava! Desktop DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.6AI score0.01419EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/05/27 12:0 a.m.•32 views

GE Reason RPV311 Use of Hard-coded Credentials Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GE Reason RPV311. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware and filesystem of the device. The firmware and filesystem contain hard-cod...

6.3CVSS5.7AI score0.0264EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/05/07 12:0 a.m.•32 views

Foxit Reader Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS2.2AI score0.02784EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/05/07 12:0 a.m.•32 views

Foxit Reader XFA Form Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XFA...

7.8CVSS2.1AI score0.02761EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/30 12:0 a.m.•32 views

Apple macOS AppleIntelKBLGraphics IOCTL 0x20001 Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of IOCTL...

7.8CVSS3.5AI score0.00578EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/22 12:0 a.m.•32 views

Foxit PhantomPDF U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U...

7.8CVSS4.1AI score0.02691EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/16 12:0 a.m.•32 views

Siemens Solid Edge Viewer CATPart File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4.2AI score0.0208EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/03/15 12:0 a.m.•32 views

SAP 3D Visual Enterprise Viewer GIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

3.3CVSS3AI score0.01398EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/03/15 12:0 a.m.•32 views

SAP 3D Visual Enterprise Viewer GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS4.7AI score0.01398EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/03/15 12:0 a.m.•32 views

SAP 3D Visual Enterprise Viewer GIF File Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS5.7AI score0.01398EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/03/15 12:0 a.m.•32 views

SAP 3D Visual Enterprise Viewer GIF File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS5AI score0.01398EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2021/03/11 12:0 a.m.•32 views

Siemens Solid Edge Viewer PAR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4.7AI score0.0144EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/24 12:0 a.m.•32 views

Siemens JT2Go DGN File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DGN...

7.8CVSS5.2AI score0.02216EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/10 12:0 a.m.•32 views

IBM WebSphere EDataGraphImpl Deserialization of Untrusted Data Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of IBM WebSphere. Authentication is not required to exploit this vulnerability. The specific flaw exists within the EDataGraphImpl class. The issue results from the lack of proper validation of...

7.5CVSS1.7AI score0.05162EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/10 12:0 a.m.•32 views

Microsoft Excel XLSX File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XLS...

7.8CVSS4.4AI score0.02321EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/10 12:0 a.m.•32 views

Adobe Acrobat Reader DC Annotation popupOpen Method Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

7.8CVSS2.4AI score0.03977EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/02/04 12:0 a.m.•32 views

Apple macOS ModelIO USD Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ModelIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

3.3CVSS4AI score0.01089EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/29 12:0 a.m.•32 views

Trend Micro OfficeScan Server-Side Request Forgery Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro OfficeScan. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web console, which listens on TCP port 4343 by default. The issue...

5.3CVSS1.1AI score0.01898EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/29 12:0 a.m.•32 views

Trend Micro Worry-Free Business Security Improper Access Control Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Worry-Free Business Security. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web console, which listens on TCP port 4343 by...

5.3CVSS1.1AI score0.01527EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/14 12:0 a.m.•32 views

Delta Industrial Automation DOPSoft XLS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote atackers to execute arbitrary code on affected installations of Delta Industrial Automation DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

7.8CVSS4.8AI score0.0325EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/14 12:0 a.m.•32 views

Siemens JT2Go CG4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CG4...

7.8CVSS4.6AI score0.0308EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/14 12:0 a.m.•32 views

Microsoft Windows AppX Deployment Service Directory Junction Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppX Deploymen...

7CVSS5.8AI score0.00928EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2021/01/12 12:0 a.m.•32 views

SAP 3D Visual Enterprise Viewer PSD File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS4.9AI score0.01199EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/12/15 12:0 a.m.•32 views

(Pwn2Own) Western Digital MyCloud PR4100 nasAdmin Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Western Digital MyCloud PR4100. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

5.4CVSS2.1AI score0.03897EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/12/07 12:0 a.m.•32 views

(0Day) Realtek RTL8811AU Wi-Fi Driver rtwlane Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of the Realtek RTL8811AU Wi-Fi driver. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of 802.11 frames. The issue results from the...

8CVSS1.5AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/11/10 12:0 a.m.•32 views

WECON LeviStudioU HFT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of WECON LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of H...

7.8CVSS5.5AI score0.12007EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/28 12:0 a.m.•32 views

Micro Focus Operations Bridge Manager LicensingService Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS3.6AI score0.7699EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/28 12:0 a.m.•32 views

Micro Focus Operations Bridge Manager BundleService Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS3.5AI score0.7699EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/22 12:0 a.m.•32 views

Oracle VirtualBox Shader Bytecode Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

5.3CVSS2.8AI score0.00714EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/10/22 12:0 a.m.•32 views

Oracle WebLogic Server T3 Protocol Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle WebLogic Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the T3 protocol. Crafted data in a T3 protocol message can trigge...

9.8CVSS4AI score0.30081EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/25 12:0 a.m.•32 views

Trend Micro OfficeScan ServerMigrationTool DAT File Parsing Double Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro OfficeScan ServerMigrationTool. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exist...

7.8CVSS3.5AI score0.02382EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/09/17 12:0 a.m.•32 views

(0Day) Fuji Electric Tellus Lite V-Simulator 5 V8 File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.5AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/09/10 12:0 a.m.•32 views

SAP 3D Visual Enterprise Viewer PLT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

7.8CVSS5.5AI score0.01623EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/17 12:0 a.m.•32 views

Schneider Electric APC Easy UPS Online FileUploadServlet processRequest Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric APC Easy UPS Online. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FileUploadServlet class. When parsing the filename parameter,...

9.8CVSS4.5AI score0.01659EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/13 12:0 a.m.•32 views

Microsoft Outlook EML Rendering Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Outlook. User interaction is required to exploit this vulnerability in that the target must open a malicious email. The specific flaw exists within the rendering of emails. The issue result...

7.8CVSS2.9AI score0.07296EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2020/08/11 12:0 a.m.•32 views

Canonical Ubuntu apport Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Canonical Ubuntu. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the apport package...

7CVSS3.6AI score0.00498EPSS
Exploits0References1
Total number of security vulnerabilities5000