Lucene search
+L

16763 matches found

zdi
zdi
•added 2021/04/21 12:0 a.m.•40 views

Parallels Desktop IDE Heap-based Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the IDE...

8.2CVSS4.9AI score0.00442EPSS
Exploits0References1
zdi
zdi
•added 2021/04/21 12:0 a.m.•68 views

Microsoft Windows AppX Deployment Service Directory Junction Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...

6.1CVSS4.6AI score0.0098EPSS
Exploits0References1
zdi
zdi
•added 2021/04/21 12:0 a.m.•34 views

Parallels Desktop Toolgate Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6CVSS3.7AI score0.00448EPSS
Exploits0References1
zdi
zdi
•added 2021/04/21 12:0 a.m.•116 views

(Pwn2Own) Canonical Ubuntu ShiftFS File System Double Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Canonical Ubuntu. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the ShiftFS module...

8.8CVSS4AI score0.01547EPSS
Exploits1References1
zdi
zdi
•added 2021/04/21 12:0 a.m.•42 views

Parallels Desktop Tools Integer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Parallel...

8.8CVSS5.8AI score0.00452EPSS
Exploits0References1
zdi
zdi
•added 2021/04/21 12:0 a.m.•47 views

Parallels Desktop Toolgate Directory Traversal Arbitrary File Deletion Vulnerability

This vulnerability allows local attackers to delete arbitrary files on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

3.2CVSS2.5AI score0.00405EPSS
Exploits0References1
zdi
zdi
•added 2021/04/21 12:0 a.m.•46 views

Parallels Desktop Toolgate Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within t...

6.5CVSS3.7AI score0.0043EPSS
Exploits0References1
zdi
zdi
•added 2021/04/21 12:0 a.m.•45 views

Parallels Desktop Toolgate Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within t...

6.5CVSS3.7AI score0.0043EPSS
Exploits0References1
zdi
zdi
•added 2021/04/19 12:0 a.m.•168 views

Microsoft Windows Raw Image Extension CR3 File Parsing Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Raw Image Extension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.5AI score0.05914EPSS
Exploits0References1
zdi
zdi
•added 2021/04/15 12:0 a.m.•30 views

Siemens RobotExpert CELL File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens RobotExpert. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS5.9AI score0.00892EPSS
Exploits0References2
zdi
zdi
•added 2021/04/15 12:0 a.m.•85 views

Microsoft Excel XLS File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XLS...

7.8CVSS4.4AI score0.03138EPSS
Exploits0References1
zdi
zdi
•added 2021/04/15 12:0 a.m.•37 views

Adobe Bridge TTF Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

7.8CVSS4.3AI score0.03868EPSS
Exploits0References1
zdi
zdi
•added 2021/04/15 12:0 a.m.•25 views

Adobe Bridge DCM File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of DCM...

7.8CVSS5.2AI score0.0393EPSS
Exploits0References1
zdi
zdi
•added 2021/04/15 12:0 a.m.•38 views

Trend Micro Antivirus for Mac Improper Access Control Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Antivirus for Mac. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

7.8CVSS5.1AI score0.00527EPSS
Exploits0References1
zdi
zdi
•added 2021/04/15 12:0 a.m.•58 views

Microsoft Windows Installer Service Untrusted File Path Arbitrary File Write Vulnerability

This vulnerability allows local attackers to write data to arbitrary files on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.3CVSS5.1AI score0.03569EPSS
Exploits1References1
zdi
zdi
•added 2021/04/15 12:0 a.m.•29 views

Adobe Bridge Genuine Software Service Incorrect Permission Assignment Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Adobe Bridge. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

6.1CVSS3.3AI score0.00707EPSS
Exploits0References1
zdi
zdi
•added 2021/04/15 12:0 a.m.•20 views

Adobe Bridge PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of PDF...

7.8CVSS4.4AI score0.03868EPSS
Exploits0References1
zdi
zdi
•added 2021/04/15 12:0 a.m.•165 views

(Pwn2Own) Google Chromium V8 XOR Typer Mismatch Out-Of-Bounds Access Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Google Chromium. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation...

8.8CVSS8.8AI score0.70435EPSS
Exploits6References1
zdi
zdi
•added 2021/04/15 12:0 a.m.•30 views

Adobe Bridge SGI File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of SGI...

7.8CVSS5AI score0.0393EPSS
Exploits0References1
zdi
zdi
•added 2021/04/15 12:0 a.m.•66 views

Adobe Bridge HEIC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

3.3CVSS1.7AI score0.02414EPSS
Exploits0References1
zdi
zdi
•added 2021/04/15 12:0 a.m.•55 views

Parallels Desktop Toolgate Directory Traversal Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgat...

8.2CVSS3.3AI score0.00542EPSS
Exploits0References1
zdi
zdi
•added 2021/04/13 12:0 a.m.•18 views

(0Day) Microsoft Print 3D PLY File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Print 3D. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

6.6CVSS5.3AI score
Exploits0
zdi
zdi
•added 2021/04/13 12:0 a.m.•12 views

(0Day) Microsoft 3D Builder PLY File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

6.6CVSS5.5AI score
Exploits0
zdi
zdi
•added 2021/04/13 12:0 a.m.•264 views

(0Day) (Pwn2Own) Samsung Q60T TV Internet Browser Type-Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Q60 Smart QLED TV. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5.5CVSS2.5AI score
Exploits0
zdi
zdi
•added 2021/04/13 12:0 a.m.•34 views

(0Day) Siemens Solid Edge Viewer PAR File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.2AI score0.01044EPSS
Exploits0
zdi
zdi
•added 2021/04/13 12:0 a.m.•249 views

(0Day) (Pwn2Own) Samsung Q60T TV Internet Browser Intermediate Representation Opcode Type-Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Q60 Smart QLED TV. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5.5CVSS2.6AI score
Exploits0
zdi
zdi
•added 2021/04/12 12:0 a.m.•59 views

Trend Micro Apex One Improper Access Control Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the ApexOne...

7.8CVSS4.7AI score0.01909EPSS
Exploits0References1
zdi
zdi
•added 2021/04/12 12:0 a.m.•51 views

Trend Micro Apex One Incorrect Permission Assignment Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the ApexOne...

7.8CVSS4.9AI score0.00508EPSS
Exploits0References1
zdi
zdi
•added 2021/04/12 12:0 a.m.•65 views

Microsoft Windows win32kfull MulGradientFill Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the win32kfull.sys...

7.8CVSS5.9AI score0.01441EPSS
Exploits0References1
zdi
zdi
•added 2021/04/12 12:0 a.m.•53 views

Trend Micro Apex One Improper Access Control Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the ApexOne...

7.8CVSS4.7AI score0.00508EPSS
Exploits0References1
zdi
zdi
•added 2021/03/31 12:0 a.m.•68 views

Phoenix Contact Automationworx XML File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Phoenix Contact Automationworx. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS5.9AI score0.14668EPSS
Exploits0References2
zdi
zdi
•added 2021/03/31 12:0 a.m.•36 views

(0Day) D-Link DIR-882 HNAP Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-882 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP service, which listens on TCP port 80 by default. The issue...

8.8CVSS4.4AI score
Exploits0References1
zdi
zdi
•added 2021/03/30 12:0 a.m.•43 views

Esri ArcReader PMF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Esri ArcReader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PMF...

7.8CVSS5.7AI score0.02412EPSS
Exploits0References1
zdi
zdi
•added 2021/03/30 12:0 a.m.•31 views

Esri ArcReader PMF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Esri ArcReader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PMF...

7.8CVSS5.7AI score0.02412EPSS
Exploits0References1
zdi
zdi
•added 2021/03/30 12:0 a.m.•23 views

Apple macOS AppleIntelKBLGraphics IOCTL 0x10012 Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of IOCTL...

7.8CVSS3.5AI score0.00578EPSS
Exploits0References1
zdi
zdi
•added 2021/03/30 12:0 a.m.•29 views

Esri ArcReader PMF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Esri ArcReader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PMF...

7.8CVSS5.7AI score0.02412EPSS
Exploits0References1
zdi
zdi
•added 2021/03/30 12:0 a.m.•33 views

Apple macOS AppleIntelKBLGraphics IOCTL 0x20001 Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of IOCTL...

7.8CVSS3.5AI score0.00578EPSS
Exploits0References1
zdi
zdi
•added 2021/03/30 12:0 a.m.•33 views

Esri ArcReader PMF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Esri ArcReader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PMF...

7.8CVSS5.7AI score0.02412EPSS
Exploits0References1
zdi
zdi
•added 2021/03/30 12:0 a.m.•23 views

Apple macOS AppleIntelKBLGraphics IOCTL 0x10009 Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of IOCTL...

7.8CVSS3.5AI score0.00578EPSS
Exploits0References1
zdi
zdi
•added 2021/03/30 12:0 a.m.•31 views

Esri ArcReader PMF File Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Esri ArcReader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PMF...

7.8CVSS6.2AI score0.01952EPSS
Exploits0References1
zdi
zdi
•added 2021/03/30 12:0 a.m.•49 views

Apple macOS AudioToolboxCore MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.7AI score0.00817EPSS
Exploits0References1
zdi
zdi
•added 2021/03/30 12:0 a.m.•29 views

Apple macOS AppleIntelKBLGraphics IOCTL 0x10015 Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of IOCTL...

7.8CVSS3.5AI score0.00578EPSS
Exploits0References1
zdi
zdi
•added 2021/03/30 12:0 a.m.•44 views

Apple macOS AudioCodecs MP4 File Parsing Signed to Unsigned Conversion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AudioCodecs module...

7.8CVSS5.6AI score0.01119EPSS
Exploits0References1
zdi
zdi
•added 2021/03/30 12:0 a.m.•34 views

Apple macOS AppleIntelKBLGraphics IOCTL 0x10014 Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of IOCTL...

7.8CVSS3.5AI score0.00578EPSS
Exploits0References1
zdi
zdi
•added 2021/03/30 12:0 a.m.•29 views

Apple macOS AppleIntelKBLGraphics IOCTL 0x30000 Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of IOCTL...

7.8CVSS3.5AI score0.00578EPSS
Exploits0References1
zdi
zdi
•added 2021/03/30 12:0 a.m.•37 views

Esri ArcReader PMF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Esri ArcReader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PMF...

7.8CVSS5.7AI score0.02412EPSS
Exploits0References1
zdi
zdi
•added 2021/03/30 12:0 a.m.•22 views

Apple macOS patch_encoding_common Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AppleIntelKBLGraphic...

7.8CVSS4.2AI score0.01013EPSS
Exploits0References1
zdi
zdi
•added 2021/03/30 12:0 a.m.•24 views

Apple macOS AppleIntelKBLGraphics IOCTL 0x10004 Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of IOCTL...

7.8CVSS3.5AI score0.00578EPSS
Exploits0References1
zdi
zdi
•added 2021/03/30 12:0 a.m.•29 views

Apple macOS AppleIntelKBLGraphics IOCTL 0x1000C Out-Of-Bounds Write Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of IOCTL...

7.8CVSS3.5AI score0.00578EPSS
Exploits0References1
zdi
zdi
•added 2021/03/30 12:0 a.m.•29 views

Esri ArcReader PMF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Esri ArcReader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PMF...

7.8CVSS5.7AI score0.02412EPSS
Exploits0References1
Total number of security vulnerabilities16763