Lucene search
+L

16763 matches found

zdi
zdi
•added 2021/06/02 12:0 a.m.•30 views

OpenText Brava! Desktop DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.6AI score0.01419EPSS
Exploits0
zdi
zdi
•added 2021/06/02 12:0 a.m.•29 views

OpenText Brava! Desktop DWG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

3.3CVSS2.4AI score0.01097EPSS
Exploits0
zdi
zdi
•added 2021/06/02 12:0 a.m.•36 views

OpenText Brava! Desktop DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.6AI score0.01419EPSS
Exploits0
zdi
zdi
•added 2021/06/02 12:0 a.m.•29 views

OpenText Brava! Desktop DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.6AI score0.01419EPSS
Exploits0
zdi
zdi
•added 2021/06/02 12:0 a.m.•47 views

OpenText Brava! Desktop DXF File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS5.1AI score0.01513EPSS
Exploits0
zdi
zdi
•added 2021/06/02 12:0 a.m.•34 views

OpenText Brava! Desktop DWF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS5.8AI score0.01419EPSS
Exploits0
zdi
zdi
•added 2021/06/02 12:0 a.m.•45 views

OpenText Brava! Desktop DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.6AI score0.01419EPSS
Exploits0
zdi
zdi
•added 2021/06/02 12:0 a.m.•27 views

OpenText Brava! Desktop pdf2dl Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS5.9AI score0.01419EPSS
Exploits0
zdi
zdi
•added 2021/06/02 12:0 a.m.•31 views

OpenText Brava! Desktop DXF File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS5.1AI score0.01556EPSS
Exploits0
zdi
zdi
•added 2021/06/02 12:0 a.m.•46 views

OpenText Brava! Desktop DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.6AI score0.01419EPSS
Exploits0
zdi
zdi
•added 2021/06/02 12:0 a.m.•37 views

OpenText Brava! Desktop pdf2dl Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS5.7AI score0.01419EPSS
Exploits0
zdi
zdi
•added 2021/06/02 12:0 a.m.•187 views

OpenText Brava! Desktop dwg2dl Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.9AI score0.01419EPSS
Exploits0
zdi
zdi
•added 2021/06/02 12:0 a.m.•34 views

OpenText Brava! Desktop DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.6AI score0.01419EPSS
Exploits0
zdi
zdi
•added 2021/06/02 12:0 a.m.•32 views

OpenText Brava! Desktop SLDPRT File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.6AI score0.01419EPSS
Exploits0
zdi
zdi
•added 2021/06/02 12:0 a.m.•32 views

OpenText Brava! Desktop DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS4.6AI score0.01419EPSS
Exploits0
zdi
zdi
•added 2021/06/02 12:0 a.m.•34 views

OpenText Brava! Desktop DWF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS5.8AI score0.01419EPSS
Exploits0
zdi
zdi
•added 2021/06/02 12:0 a.m.•36 views

Apple macOS ImageIO PICT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

3.3CVSS3.7AI score0.0107EPSS
Exploits0References1
zdi
zdi
•added 2021/06/02 12:0 a.m.•25 views

OpenText Brava! Desktop DWG File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4.4AI score0.01419EPSS
Exploits0
zdi
zdi
•added 2021/05/27 12:0 a.m.•32 views

GE Reason RPV311 Use of Hard-coded Credentials Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of GE Reason RPV311. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware and filesystem of the device. The firmware and filesystem contain hard-cod...

6.3CVSS5.7AI score0.0264EPSS
Exploits0References1
zdi
zdi
•added 2021/05/26 12:0 a.m.•12 views

Cisco WebEx Network Recording Player ARF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Cisco WebEx Network Recording Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

3.3CVSS3AI score
Exploits0References2
zdi
zdi
•added 2021/05/26 12:0 a.m.•215 views

Foxit PhantomPDF XFA Template Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of X...

7.8CVSS2.4AI score0.06379EPSS
Exploits0References1
zdi
zdi
•added 2021/05/26 12:0 a.m.•72 views

(Pwn2Own) Microsoft Exchange Server Missing Check of Message Integrity Vulnerability

This vulnerability allows network-adjacent attackers to tamper with update data on affected installations of Microsoft Exchange Server. User interaction is required to exploit this vulnerability. The specific flaw exists within the handling of Exchange Server Help updates. The issue results from ...

3.5CVSS1.4AI score0.02627EPSS
Exploits0References1
zdi
zdi
•added 2021/05/25 12:0 a.m.•36 views

VMware Workstation ThinPrint JPEG2000 Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6.5CVSS2.8AI score0.00453EPSS
Exploits0References1
zdi
zdi
•added 2021/05/25 12:0 a.m.•44 views

VMware Workstation ThinPrint TTCHeader Integer Overflow Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6.5CVSS4.3AI score0.00453EPSS
Exploits0References1
zdi
zdi
•added 2021/05/25 12:0 a.m.•42 views

Siemens Solid Edge Viewer PAR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS4.7AI score0.0144EPSS
Exploits0References2
zdi
zdi
•added 2021/05/25 12:0 a.m.•51 views

Synology DiskStation Manager webapi CRLF Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Synology DS418play. Authentication is not required to exploit this vulnerability. The specific flaw exists within the webapi component. The issue results from incorrect neutralization of CRLF...

7.5CVSS0.2AI score0.01332EPSS
Exploits0References1
zdi
zdi
•added 2021/05/25 12:0 a.m.•38 views

VMware Workstation ThinPrint TTCHeader Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

5.6CVSS2.7AI score0.00559EPSS
Exploits0References1
zdi
zdi
•added 2021/05/25 12:0 a.m.•40 views

Advantech BB-ESWGP506-2SFP-T Use of Hard-coded Credentials Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech BB-ESWGP506-2SFP-T industrial switches. Authentication is not required to exploit this vulnerability. The specific flaw exists within the telnet service, which listens on TCP port 23 by...

9.8CVSS3.7AI score0.03612EPSS
Exploits0References1
zdi
zdi
•added 2021/05/25 12:0 a.m.•164 views

(Pwn2Own) Canonical Ubuntu eBPF Out-Of-Bounds Access Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Canonical Ubuntu. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBP...

8.8CVSS8AI score0.27477EPSS
Exploits8References1
zdi
zdi
•added 2021/05/25 12:0 a.m.•62 views

Siemens Solid Edge Viewer DFT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.9AI score0.02303EPSS
Exploits0References1
zdi
zdi
•added 2021/05/21 12:0 a.m.•46 views

Dräger X-dock Use of Hard-coded Credentials Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dr��ger X-dock. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware and filesystem of the display. The firmware and filesystem contain hard-code...

9.8CVSS5.6AI score0.03102EPSS
Exploits0References1
zdi
zdi
•added 2021/05/21 12:0 a.m.•31 views

Trend Micro Maximum Security Improper Access Control Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS4.8AI score0.00301EPSS
Exploits0References1
zdi
zdi
•added 2021/05/21 12:0 a.m.•43 views

SolarWinds Orion Job Scheduler JobRouterService Improper Authorization Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Job Scheduler. Authentication is required to exploit this vulnerability. The specific flaw exists within the JobRouterService WCF service. The issue is due to the WCF service...

8.8CVSS6.5AI score0.06485EPSS
Exploits0References1
zdi
zdi
•added 2021/05/20 12:0 a.m.•65 views

Apple macOS libFontParser OTF Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the GetFDIndex...

4.3CVSS3.4AI score0.01421EPSS
Exploits0References1
zdi
zdi
•added 2021/05/20 12:0 a.m.•68 views

Ubiquiti Networks EdgeOS Improper Certificate Validation Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ubiquiti Networks EdgeOS on EdgeRouter X, EdgeRouter Pro X SFP, EdgeRouter 10X and EdgePoint 6-port routers. User interaction is required to exploit this vulnerability in that an administrator must...

7.5CVSS4.1AI score0.01292EPSS
Exploits0References1
zdi
zdi
•added 2021/05/20 12:0 a.m.•45 views

Apple macOS AppleIntelKBLGraphics IOCTL 0x30005 Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of IOCTL...

7.8CVSS3.5AI score0.02975EPSS
Exploits0References1
zdi
zdi
•added 2021/05/20 12:0 a.m.•197 views

Apple macOS QuartzCore Type Confusion Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the QuartzCore Framework...

7.8CVSS5.7AI score
Exploits0References1
zdi
zdi
•added 2021/05/20 12:0 a.m.•72 views

Apple macOS ImageIO DDS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

3.3CVSS3.6AI score0.01182EPSS
Exploits0References1
zdi
zdi
•added 2021/05/20 12:0 a.m.•56 views

Apple macOS KTX Image DecodeRow Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the DecodeRow...

4.3CVSS3.2AI score0.01142EPSS
Exploits0References1
zdi
zdi
•added 2021/05/20 12:0 a.m.•59 views

Apple macOS AppleIntelKBLGraphics IOCTL 0x30002 Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of IOCTL...

7.8CVSS3.5AI score0.02975EPSS
Exploits0References1
zdi
zdi
•added 2021/05/18 12:0 a.m.•45 views

(0Day) Microsoft Windows JET Database Engine Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database...

7.8CVSS3.7AI score
Exploits0
zdi
zdi
•added 2021/05/14 12:0 a.m.•94 views

QNAP NAS MusicStation Directory Traversal Arbitrary File Creation Vulnerability

This vulnerability allows network-adjacent attackers to create arbitrary files on affected installations of QNAP NAS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MusicStation application. When parsing the arttype request parameter, the process...

7.1CVSS3.2AI score0.18497EPSS
Exploits2References1
zdi
zdi
•added 2021/05/14 12:0 a.m.•61 views

QNAP NAS Malware Remover Command Injection Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of QNAP NAS. Authentication is required to exploit this vulnerability. The specific flaw exists within the Malware Remover application. A crafted TAR file in the file system can trigger execution of a syste...

6.7CVSS3.5AI score0.01123EPSS
Exploits2References1
zdi
zdi
•added 2021/05/14 12:0 a.m.•60 views

(Pwn2Own) Canonical Ubuntu eBPF Out-Of-Bounds Access Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Canonical Ubuntu. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBP...

8.8CVSS8.3AI score0.0055EPSS
Exploits0References1
zdi
zdi
•added 2021/05/13 12:0 a.m.•58 views

Siemens Tecnomatix Plant Simulation SPP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Tecnomatix Plant Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

7.8CVSS5.2AI score0.0145EPSS
Exploits0References2
zdi
zdi
•added 2021/05/13 12:0 a.m.•47 views

Adobe InCopy DOCX File Parsing Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe InCopy. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of DOC...

7.8CVSS5.2AI score0.05371EPSS
Exploits0References1
zdi
zdi
•added 2021/05/13 12:0 a.m.•55 views

Microsoft Windows win32kfull Font Entry Use-After-Free Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

6.5CVSS3.9AI score0.01368EPSS
Exploits0References1
zdi
zdi
•added 2021/05/13 12:0 a.m.•70 views

Microsoft SharePoint Server-Side Control Interpretation Conflict Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of server-side controls. By specifying a control using a non-canonical...

8.8CVSS3.1AI score0.50628EPSS
Exploits1References1
zdi
zdi
•added 2021/05/13 12:0 a.m.•39 views

Omron CX-One CX-Position NCI File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of NCI...

7.8CVSS5.9AI score0.09987EPSS
Exploits0References1
zdi
zdi
•added 2021/05/13 12:0 a.m.•51 views

Adobe InDesign PCX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe InDesign. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PCX...

7.8CVSS4.6AI score0.05751EPSS
Exploits0References1
Total number of security vulnerabilities16763