Lucene search
K

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2022/10/14 12:0 a.m.•37 views

Microsoft Windows win32kfull UMPD Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull...

8.8CVSS5.4AI score0.00575EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/14 12:0 a.m.•22 views

Adobe ColdFusion Application Server Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe ColdFusion. Authentication is required to exploit this vulnerability. The specific flaw exists within the Application Server endpoint, which listens on TCP port 8500 by default. The iss...

4.4CVSS1.6AI score0.45022EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/14 12:0 a.m.•32 views

Adobe ColdFusion Admin Component Use of Hard-coded Credentials Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Adobe ColdFusion. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Admin Component service. The service uses a hard-coded password for the administrato...

6.5CVSS3.1AI score0.44021EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/14 12:0 a.m.•31 views

Altair HyperView Player H3D File Parsing Uninitialized Memory Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Altair HyperView Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS5.7AI score0.00286EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/14 12:0 a.m.•34 views

Adobe ColdFusion Application Server Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe ColdFusion. Authentication is required to exploit this vulnerability. The specific flaw exists within the Application Server endpoint, which listens on TCP port 8500 by default. The issue resul...

6.6CVSS4.7AI score0.79218EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/14 12:0 a.m.•20 views

Adobe Dimension SKP File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Dimension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP...

7.8CVSS4.2AI score0.00389EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/14 12:0 a.m.•26 views

Adobe Dimension GLB File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Dimension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GLB...

7.8CVSS5.2AI score0.00453EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/14 12:0 a.m.•26 views

Adobe Dimension GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Dimension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

3.3CVSS3.2AI score0.00325EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/14 12:0 a.m.•71 views

Microsoft Windows CDFS Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of I...

7.7CVSS6.2AI score0.56269EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/14 12:0 a.m.•33 views

Adobe ColdFusion Application Server Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe ColdFusion. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Application Server endpoint, which listens on TCP port 8500 by default. The...

5.3CVSS1.6AI score0.44252EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/14 12:0 a.m.•26 views

Adobe ColdFusion Solr Service XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe ColdFusion. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Apache Solr service. Due to the improper restriction of XML External Entity...

5.9CVSS2.8AI score0.53028EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/14 12:0 a.m.•29 views

Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

3.3CVSS2.8AI score0.00528EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•20 views

PDF-XChange Editor TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5.1AI score0.00434EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•22 views

PDF-XChange Editor TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5.1AI score0.00434EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•37 views

Centreon Poller Broker SQL Injection Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of requests to modify poller broker configuration. The issue results from the lack of...

7.2CVSS1.7AI score0.0287EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•28 views

PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3AI score0.00332EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•25 views

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.1AI score0.00357EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•18 views

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5.1AI score0.00386EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•28 views

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5.1AI score0.00382EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•29 views

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.1AI score0.00357EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•25 views

PDF-XChange Editor TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5.1AI score0.00428EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•16 views

PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5AI score0.00377EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•28 views

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5.1AI score0.00386EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•25 views

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS4.9AI score0.00386EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•22 views

Trend Micro Apex One Forced Browsing Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Apex One. Authentication is required to exploit this vulnerability. The specific flaw exists within the Apex One web console. By navigating directly to a URL, a user can bypass authorization...

9.1CVSS4.2AI score0.00971EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•18 views

PDF-XChange Editor PGM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS4.8AI score0.0036EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•27 views

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS4.9AI score0.00386EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•31 views

Trend Micro Apex One Origin Validation Error Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.8CVSS5AI score0.00182EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•22 views

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.1AI score0.00332EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•20 views

PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.2AI score0.00357EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•38 views

PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS4.2AI score0.00386EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•32 views

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.1AI score0.00357EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•26 views

PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.8AI score0.00357EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•19 views

PDF-XChange Editor EMF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5.5AI score0.00364EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•27 views

Centreon Poller Broker SQL Injection Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of requests to modify poller broker configuration. The issue results from the lack of...

7.2CVSS1.7AI score0.0287EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•30 views

Centreon Poller Broker SQL Injection Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of requests to modify poller broker configuration. The issue results from the lack of...

7.2CVSS1.7AI score0.76134EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•20 views

Centreon Contact Group SQL Injection Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the contact groups configuration page. The issue results from the lack of proper validation of a...

7.2CVSS2.4AI score0.76134EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•26 views

Trend Micro Apex One Security Agent Improper Certificate Validation Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Apex One...

7.8CVSS5AI score0.0023EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•20 views

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.1AI score0.00353EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•23 views

PDF-XChange Editor XPS File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5.1AI score0.00364EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•25 views

PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.2AI score0.00366EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•32 views

Tesla bcmdhd Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected Tesla vehicles. An attacker must first obtain the ability to execute privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the bcmdhd driver. The issue results from...

8.8CVSS6AI score0.00312EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•23 views

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.1AI score0.00353EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•31 views

PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.1AI score0.00332EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•28 views

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.1AI score0.00332EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•31 views

PDF-XChange Editor PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5.4AI score0.00536EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•22 views

PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3AI score0.00341EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•19 views

PDF-XChange Editor TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5.1AI score0.00434EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•33 views

PDF-XChange Editor PDF File Parsing Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.6AI score0.00412EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2022/10/07 12:0 a.m.•26 views

PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS4.9AI score0.00386EPSS
Exploits0References1
Total number of security vulnerabilities16763