Lucene search
K

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•4 views

Autodesk AutoCAD PRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PR...

7.8CVSS6.4AI score0.00163EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•7 views

Apple macOS USD importNodeAnimations Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the USD...

3.3CVSS5.5AI score0.00217EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•4 views

Apple Safari getHourCycles Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of...

8.8CVSS6.1AI score0.00882EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•6 views

Apple macOS ICC Profile Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ICC...

7.8CVSS6.3AI score0.00231EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•4 views

Apple macOS USD importNodeAnimations Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the USD...

3.3CVSS5.4AI score0.00261EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•8 views

Autodesk AutoCAD 3DM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3D...

7.8CVSS6.3AI score0.00163EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•4 views

Apple macOS USD readColor Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the USD...

3.3CVSS5.5AI score0.00227EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•7 views

Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3D...

7.8CVSS6.4AI score0.00163EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•5 views

Autodesk AutoCAD PRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PR...

7.8CVSS6.4AI score0.00163EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•3 views

Apple Safari JavaScriptCore WasmToJSException Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

8.8CVSS6.2AI score0.00961EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•6 views

Avast Cleanup Premium TuneupSvc Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Avast Cleanup Premium. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast...

7.8CVSS6.7AI score0.00184EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•5 views

Apple macOS MediaToolbox Framework Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the MediaToolbox...

8.8CVSS6.3AI score0.0037EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•6 views

AVG TuneUp for PC TuneupSvc Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of AVG TuneUp for PC. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AVG TuneUp...

7.8CVSS6.7AI score0.00137EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•5 views

Delta Electronics DTN Soft Project File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DTN Soft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS6.4AI score0.0026EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•5 views

Apple macOS AudioToolbox MP4 File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AudioToolbox...

7.8CVSS6.3AI score0.01114EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•3 views

SolarWinds Platform SolarWindsAgent64 Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Platform. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS6.6AI score0.00279EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•6 views

Autodesk AutoCAD PRT File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PR...

7.8CVSS6.4AI score0.00163EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•5 views

Autodesk AutoCAD X_T File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XT...

7.8CVSS6.5AI score0.00163EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•6 views

Norton Utilities Ultimate NortonUtilitiesSvc Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Norton Utilities Ultimate. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Norton...

7.8CVSS6.7AI score0.00137EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•4 views

AVG TuneUp for PC TuneUp Service Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of AVG TuneUp for PC. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the TuneUp Service...

7.8CVSS6.7AI score0.00142EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•6 views

(Pwn2Own) Tesla Wall Connector Firmware Downgrade Vulnerability

This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Tesla Wall Connector devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware upgrade feature. The issue results from the lack o...

6.8CVSS6.7AI score0.00365EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•6 views

Apple macOS USD readAccessorDataToFloat Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the USD...

3.3CVSS5.4AI score0.01127EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•5 views

Apple macOS USD importAnimations Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the USD...

3.3CVSS5.5AI score0.00217EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•5 views

Apple macOS USD readAccessorInts Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the USD...

3.3CVSS5.5AI score0.00287EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•6 views

Apple macOS USD importMeshes Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the USD library. T...

7.8CVSS6.6AI score0.00401EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•6 views

Apple macOS USD importNodeAnimations Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the USD...

3.3CVSS5.4AI score0.00261EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•7 views

AVG TuneUp for PC TuneupSvc Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of AVG TuneUp for PC. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AVG TuneUp...

7.8CVSS6.7AI score0.00184EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•4 views

Autodesk AutoCAD PRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PR...

7.8CVSS6.4AI score0.00163EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•3 views

Mozilla Firefox Web Page Download Mark-Of-The-Web Protection Mechanism Failure Vulnerability

This vulnerability allows remote attackers to bypass the Mark-Of-The-Web protection mechanism on affected installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must perform a specific action on a malicious page. The specific flaw exists...

7.5CVSS7.8AI score0.00812EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•10 views

(Pwn2Own) Tesla Wall Connector Content-Length Header Improper Input Validation Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Tesla Wall Connector devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of the HTTP Content-Length header. The issue results...

8.8CVSS8.9AI score0.00323EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•6 views

Apple macOS USD importNodeAnimations Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the USD...

3.3CVSS5.4AI score0.00261EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•8 views

Apple macOS USD importMeshJointWeights Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the USD library. T...

7.8CVSS6.6AI score0.00401EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•3 views

Avast Cleanup Premium TuneupSvc Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Avast Cleanup Premium. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast...

7.8CVSS6.7AI score0.00142EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•6 views

Apple macOS USD CustomLoadImageData Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the USD...

3.3CVSS5.5AI score0.00213EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•6 views

Apple macOS USD importSkeletons Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the USD library. T...

7.8CVSS6.6AI score0.00427EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•10 views

Oracle VirtualBox VirtIO-SCSI Uninitialized Memory Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

5.3CVSS6.1AI score0.005EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•5 views

Apple macOS AppleIntelKBLGraphics Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

6.5CVSS5.2AI score0.00185EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/29 12:0 a.m.•6 views

Apple macOS USD importNodeAnimations Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the USD library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the USD library. T...

7.8CVSS6.4AI score0.01127EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/28 12:0 a.m.•4 views

Samsung MagicINFO 9 Server MagicInfoCache Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RMI service. The issue results from the lack of proper validation of...

9.8CVSS6.9AI score0.00645EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/28 12:0 a.m.•5 views

Samsung MagicINFO 9 Server ServletAuthenticationProcessingFilter Authentication Bypass Vulnerability

This vulnerability allows remote attackers to partially bypass authentication on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ServletAuthenticationProcessingFilter class. The issue results...

7.3CVSS6.4AI score0.00389EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/28 12:0 a.m.•5 views

Samsung MagicINFO 9 Server filenameHasExecutableType Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the filenameHasExecutableType method. The issue results...

9.8CVSS7AI score0.00473EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/28 12:0 a.m.•6 views

Samsung MagicINFO 9 Server getZipFileListForImport Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the implementatio...

8.8CVSS7.1AI score0.06862EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/28 12:0 a.m.•7 views

Samsung MagicINFO 9 Server OpenApiController Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the OpenApiController class. The issue results from the lack of proper...

8.1CVSS7AI score0.00464EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/28 12:0 a.m.•4 views

Samsung MagicINFO 9 Server FtpMetaUploadServlet Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

8.8CVSS7AI score0.00638EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/28 12:0 a.m.•4 views

Samsung MagicINFO 9 Server PremiumClientService Hard-coded Cryptographic Key Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PremiumClientService class. The issue results from a hard-coded...

9.1CVSS6.3AI score0.00543EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/28 12:0 a.m.•4 views

Samsung MagicINFO 9 Server getFontFileFromMagicInfoServer Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the implementatio...

8.8CVSS7.1AI score0.07388EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/28 12:0 a.m.•5 views

Samsung MagicINFO 9 Server filenameHasExecutableType Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the filenameHasExecutableType method. The issue results...

9.8CVSS7AI score0.00597EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/28 12:0 a.m.•3 views

Samsung MagicINFO 9 Server copyResourceToFile Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the copyResourceToFile method. The issue results from t...

9.8CVSS7AI score0.00597EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/28 12:0 a.m.•3 views

Samsung MagicINFO 9 Server ResponseUploadActivity Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ResponseUploadActivity class. The issue results from the lack of proper...

9.8CVSS6.8AI score0.00616EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2025/07/28 12:0 a.m.•6 views

Samsung MagicINFO 9 Server parseXMLString XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Samsung MagicINFO 9 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the parseXMLString method. Due to the improper...

8.2CVSS5.7AI score0.09221EPSS
Exploits0References1
Total number of security vulnerabilities16763