Lucene search
+L

16763 matches found

zdi
zdi
•added 2021/07/19 12:0 a.m.•49 views

Siemens JT2Go JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT...

7.8CVSS4.1AI score0.01639EPSS
Exploits0References2
zdi
zdi
•added 2021/07/19 12:0 a.m.•49 views

(Pwn2Own) Microsoft Windows win32kfull Bitmap Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

8.8CVSS4.6AI score0.00982EPSS
Exploits0References1
zdi
zdi
•added 2021/07/19 12:0 a.m.•49 views

Microsoft Windows InstallService Time-Of-Check Time-Of-Use Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

6.1CVSS4AI score0.00744EPSS
Exploits0References1
zdi
zdi
•added 2021/07/19 12:0 a.m.•61 views

(Pwn2Own) Microsoft Windows spaceport Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the spaceport.sys...

8.8CVSS5.7AI score0.0074EPSS
Exploits0References1
zdi
zdi
•added 2021/07/19 12:0 a.m.•39 views

Microsoft Windows storport Integer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the storport.sys...

8.8CVSS5.9AI score0.00982EPSS
Exploits0References1
zdi
zdi
•added 2021/07/19 12:0 a.m.•22 views

(0Day) Autodesk Meshmixer 3MF File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Meshmixer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing ...

7.8CVSS4.2AI score
Exploits0
zdi
zdi
•added 2021/07/19 12:0 a.m.•49 views

(Pwn2Own) Microsoft Windows AppX Deployment Service Race Condition Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppX Deploymen...

7CVSS6AI score0.00835EPSS
Exploits0References1
zdi
zdi
•added 2021/07/19 12:0 a.m.•42 views

Siemens JT2Go BMP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

3.3CVSS2.8AI score0.01348EPSS
Exploits0References2
zdi
zdi
•added 2021/07/19 12:0 a.m.•44 views

Siemens JT2Go JT File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT...

7.8CVSS4.4AI score0.01663EPSS
Exploits0References2
zdi
zdi
•added 2021/07/19 12:0 a.m.•69 views

Siemens JT2Go BMP File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP...

7.8CVSS4.4AI score0.01574EPSS
Exploits0References2
zdi
zdi
•added 2021/07/19 12:0 a.m.•36 views

Siemens JT2Go JT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

3.3CVSS2.8AI score0.01348EPSS
Exploits0References2
zdi
zdi
•added 2021/07/19 12:0 a.m.•36 views

Siemens JT2Go JT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

3.3CVSS2.8AI score0.01348EPSS
Exploits0References2
zdi
zdi
•added 2021/07/19 12:0 a.m.•56 views

Siemens JT2Go PAR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PAR...

7.8CVSS5.6AI score0.02132EPSS
Exploits0References2
zdi
zdi
•added 2021/07/19 12:0 a.m.•50 views

Siemens JT2Go TIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF...

7.8CVSS4.2AI score0.01574EPSS
Exploits0References2
zdi
zdi
•added 2021/07/19 12:0 a.m.•51 views

Siemens JT2Go PAR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PAR...

7.8CVSS5.6AI score0.02132EPSS
Exploits0References2
zdi
zdi
•added 2021/07/19 12:0 a.m.•36 views

Cisco WebEx Network Recording Player ARF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Cisco WebEx Network Recording Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

3.3CVSS3AI score
Exploits0
zdi
zdi
•added 2021/07/19 12:0 a.m.•40 views

Siemens JT2Go TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

3.3CVSS2.8AI score0.01348EPSS
Exploits0References2
zdi
zdi
•added 2021/07/15 12:0 a.m.•62 views

Adobe Bridge SGI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SGI...

7.8CVSS5.6AI score0.05343EPSS
Exploits0References1
zdi
zdi
•added 2021/07/15 12:0 a.m.•60 views

Adobe Illustrator PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Illustrator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing o...

7.8CVSS4.2AI score0.0194EPSS
Exploits0References1
zdi
zdi
•added 2021/07/15 12:0 a.m.•58 views

Adobe Bridge MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

3.3CVSS4.1AI score0.01805EPSS
Exploits0References1
zdi
zdi
•added 2021/07/15 12:0 a.m.•107 views

Microsoft Windows CLDFLT Integer Underflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cldflt.sys...

8.8CVSS5.9AI score0.01208EPSS
Exploits2References1
zdi
zdi
•added 2021/07/15 12:0 a.m.•55 views

Adobe Bridge PostScript Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processin...

3.3CVSS1.7AI score0.01805EPSS
Exploits0References1
zdi
zdi
•added 2021/07/15 12:0 a.m.•375 views

Microsoft Exchange Server ECP Authentication Bypass Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Exchange Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authentication of requests to web services within the ecp web...

6.5CVSS1.2AI score0.97502EPSS
Exploits2References1
zdi
zdi
•added 2021/07/15 12:0 a.m.•224 views

Adobe Acrobat Pro DC embedDocAsDataObject Type Confusion Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

3.3CVSS3.1AI score0.01919EPSS
Exploits0References1
zdi
zdi
•added 2021/07/15 12:0 a.m.•65 views

Adobe Bridge JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

7.8CVSS4.3AI score0.02762EPSS
Exploits0References1
zdi
zdi
•added 2021/07/15 12:0 a.m.•60 views

Adobe Acrobat Reader DC launchURL Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS2.7AI score0.03797EPSS
Exploits0References1
zdi
zdi
•added 2021/07/15 12:0 a.m.•64 views

Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS2.8AI score0.03919EPSS
Exploits0References1
zdi
zdi
•added 2021/07/15 12:0 a.m.•65 views

Adobe FrameMaker PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe FrameMaker. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

7.8CVSS4.3AI score0.02323EPSS
Exploits0References1
zdi
zdi
•added 2021/07/15 12:0 a.m.•64 views

Adobe Illustrator PostScript File Parsing Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Illustrator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS1.9AI score0.01834EPSS
Exploits0References1
zdi
zdi
•added 2021/07/15 12:0 a.m.•65 views

Adobe Acrobat Reader DC PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS5.8AI score0.04942EPSS
Exploits0References1
zdi
zdi
•added 2021/07/15 12:0 a.m.•61 views

Adobe Illustrator JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Illustrator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing o...

7.8CVSS4.4AI score0.0194EPSS
Exploits0References1
zdi
zdi
•added 2021/07/15 12:0 a.m.•56 views

Adobe Bridge PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of PDF...

7.8CVSS4.4AI score0.02762EPSS
Exploits0References1
zdi
zdi
•added 2021/07/15 12:0 a.m.•66 views

Adobe Acrobat Reader DC setAction Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS3.1AI score0.66052EPSS
Exploits0References1
zdi
zdi
•added 2021/07/15 12:0 a.m.•236 views

Adobe Acrobat Pro DC getAnnot Type Confusion Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.2AI score0.02721EPSS
Exploits0References1
zdi
zdi
•added 2021/07/13 12:0 a.m.•44 views

(0Day) GoPro Player MOV File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GoPro Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of MOV...

7.8CVSS4.3AI score
Exploits0
zdi
zdi
•added 2021/07/13 12:0 a.m.•49 views

Apple macOS ModelIO USD Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ModelIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

3.3CVSS4AI score0.00975EPSS
Exploits0References1
zdi
zdi
•added 2021/07/13 12:0 a.m.•59 views

Trend Micro Apex One Incorrect Permission Assignment Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists withi...

6.1CVSS3.4AI score0.00355EPSS
Exploits0References1
zdi
zdi
•added 2021/07/13 12:0 a.m.•43 views

(0Day) GoPro Player MOV File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GoPro Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of MOV...

7.8CVSS4.6AI score
Exploits0
zdi
zdi
•added 2021/07/13 12:0 a.m.•18 views

Apple macOS ModelIO USD Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ModelIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

3.3CVSS4AI score0.00992EPSS
Exploits0References1
zdi
zdi
•added 2021/07/13 12:0 a.m.•87 views

Apple macOS CVMServer Integer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the CVMServer daemon. Th...

7.8CVSS6.5AI score0.00809EPSS
Exploits0References1
zdi
zdi
•added 2021/07/13 12:0 a.m.•47 views

(Pwn2Own) Apple macOS process_token_VPHAL Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppleIntelKBLGraphic...

7.8CVSS4.2AI score0.01373EPSS
Exploits1References1
zdi
zdi
•added 2021/07/13 12:0 a.m.•51 views

Apple macOS vImage PICT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the vImage library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the vImage...

7.8CVSS5.4AI score0.01142EPSS
Exploits0References1
zdi
zdi
•added 2021/07/13 12:0 a.m.•53 views

Apple macOS vImage PICT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the vImage library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the vImage...

7.8CVSS5.4AI score0.01142EPSS
Exploits0References1
zdi
zdi
•added 2021/07/13 12:0 a.m.•68 views

(0Day) GoPro Player MOV File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GoPro Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of MOV...

7.8CVSS4.5AI score
Exploits0
zdi
zdi
•added 2021/07/13 12:0 a.m.•30 views

Apple macOS ModelIO USD Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the ModelIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the ModelIO...

7.8CVSS5.1AI score0.01222EPSS
Exploits0References1
zdi
zdi
•added 2021/07/12 12:0 a.m.•77 views

Apple macOS ImageIO PICT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the ImageIO...

7.8CVSS5.2AI score0.01142EPSS
Exploits0References1
zdi
zdi
•added 2021/07/12 12:0 a.m.•87 views

Apple macOS ImageIO PICT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ImageIO framework...

7.8CVSS5.3AI score0.01196EPSS
Exploits0References1
zdi
zdi
•added 2021/07/08 12:0 a.m.•71 views

QNAP NAS Hybrid Backup Missing Authentication for Critical Function Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of QNAP NAS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RTSS server, which listens on TCP port 8899 by default. The issue results from the lack of...

9.8CVSS2.7AI score0.15802EPSS
Exploits0References1
zdi
zdi
•added 2021/07/07 12:0 a.m.•71 views

(0Day) Autodesk Design Review DWF File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Design Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS5.4AI score0.07734EPSS
Exploits0References1
zdi
zdi
•added 2021/07/07 12:0 a.m.•101 views

Phoenix Contact Automationworx BCP File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Phoenix Contact Automationworx. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.2AI score0.01756EPSS
Exploits0References1
Total number of security vulnerabilities16763