Lucene search
+L

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•13 views

Advantech WebAccess/SCADA DATACORE IOCTL 0x5213 Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x5213 in datacore.exe. The issue results from the lac...

9.8CVSS7.6AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•20 views

Advantech WebAccess/SCADA BwWebSvc IOCTL 0x00013c80 Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x00013c80 in BwWebSvc.dll. The issue results from the...

9.8CVSS3.5AI score0.07059EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•22 views

Advantech WebAccess/SCADA DATACORE IOCTL 0x0000791e Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of IOCTL 0x0000791e in DATACORE.exe. The issue results fr...

9.8CVSS3.9AI score0.09076EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•21 views

Advantech WebAccess/SCADA DATACORE IOCTL 0x5209 Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x5209 in datacore.exe. The issue results from the lac...

9.8CVSS7.6AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•37 views

Advantech WebAccess/SCADA BacNetDrvJ Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the BwBacNetJ device driver. The issue results from the lack of proper...

9.8CVSS3.4AI score0.09076EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•26 views

Advantech WebAccess/SCADA SyntecUA Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SyntecUA device driver. The issue results from the lack of proper validati...

9.8CVSS4AI score0.09076EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•32 views

Advantech WebAccess/SCADA DATACORE IOCTL 0x00005241 Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of IOCTL 0x00005241 in DATACORE.exe. The issue results from...

9.8CVSS3.7AI score0.09076EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•16 views

Advantech WebAccess/SCADA DATACORE IOCTL 0x521B Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x521B in datacore.exe. The issue results from the lac...

9.8CVSS7.6AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•24 views

Advantech WebAccess/SCADA BwWebSvc IOCTL 0x00013c76 IOCTL 0x00013c77 SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of IOCTL 0x00013c76 and IOCTL 0x00013c77 in...

7.5CVSS1.1AI score0.01529EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•18 views

Advantech WebAccess/SCADA DATACORE IOCTL 0x0000791c Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of IOCTL 0x0000791c in DATACORE.exe. The issue results from...

9.8CVSS3.7AI score0.07059EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•20 views

Advantech WebAccess/SCADA BwWebSvc IOCTL 0x00013c84 Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x00013c84 in BwWebSvc.dll. The issue results from the...

9.8CVSS3.5AI score0.07059EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•22 views

Advantech WebAccess/SCADA GpsET200 Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the GpsET200 device driver. The issue results from the lack of proper validati...

9.8CVSS3.3AI score0.09076EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•20 views

Advantech WebAccess/SCADA BwWebSvc IOCTL 0x00013c77 Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x00013c77 in BwWebSvc.dll. The issue results from the...

9.8CVSS3.5AI score0.07059EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•35 views

Advantech WebAccess/SCADA DrawSrv IOCTL 0x0000277d Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of IOCTL 0x0000277d in DrawSrv.dll. The issue results fro...

9.8CVSS4.2AI score0.02312EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•8 views

Advantech WebAccess IOCTL 0x2711 bwscrp Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within bwscrp.exe when invoked via IOCTL 0x2711. The issue results from the lack of proper...

9.8CVSS7.3AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•21 views

Advantech WebAccess/SCADA BwBacNetJ Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the BwBacNetJ driver. The issue results from the lack of proper validation of...

8.1CVSS3.5AI score0.09076EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•18 views

Advantech WebAccess/SCADA BwWebSvc IOCTL 0x00013c7b Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of IOCTL 0x00013c7b in BwWebSvc.dll. The issue results from...

9.8CVSS3.8AI score0.07059EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•18 views

Advantech WebAccess/SCADA DATACORE IOCTL 0x5208 Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x5208 in datacore.exe. The issue results from the lac...

9.8CVSS7.6AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•18 views

Advantech WebAccess/SCADA BwTCPIP Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the BwTCPIP device driver. The issue results from the lack of proper validatio...

9.8CVSS2.8AI score0.07059EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•16 views

Advantech WebAccess/SCADA BwTCPIP Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the BwTCPIP device driver. The issue results from the lack of proper validatio...

8.1CVSS2.8AI score0.07059EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•19 views

Advantech WebAccess/SCADA DrawSrv IOCTL 0x00002774 Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of IOCTL 0x00002774 in DrawSrv.dll. The issue results from...

9.8CVSS3.8AI score0.07059EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•32 views

Advantech WebAccess/SCADA ViewSrv IOCTL 0x00002723 Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of IOCTL 0x00002723 in ViewSrv.dll. The issue results from...

9.8CVSS3.8AI score0.07059EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•25 views

Advantech WebAccess/SCADA DATACORE IOCTL 0x5218 Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x5218 in datacore.exe. The issue results from the lac...

9.8CVSS7.6AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•25 views

Advantech WebAccess/SCADA BwBacNetJ Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the BwBacNetJ driver. The issue results from the lack of proper validation of...

8.1CVSS3.5AI score0.07059EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•16 views

Advantech WebAccess/SCADA DATACORE IOCTL 0x0000791e Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of IOCTL 0x0000791e in DATACORE.exe. The issue results from...

9.8CVSS3.9AI score0.07059EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•29 views

Advantech WebAccess/SCADA DATACORE IOCTL 0x0000791e Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of IOCTL 0x0000791e in DATACORE.exe. The issue results fr...

9.8CVSS3.9AI score0.03692EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•27 views

Advantech WebAccess/SCADA DATACORE IOCTL 0x0000521e Improper Validation of Array Index Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of IOCTL 0x0000521e in DATACORE.exe. The issue results from...

9.8CVSS2.9AI score0.01672EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•27 views

Advantech WebAccess/SCADA ViewSrv IOCTL 0x0000277d Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of IOCTL 0x0000277d in ViewSrv.dll. The issue results fro...

9.8CVSS4.2AI score0.02312EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•39 views

Advantech WebAccess/SCADA ViewSrv IOCTL 0x00002774 Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of IOCTL 0x00002774 in ViewSrv.dll. The issue results from...

9.8CVSS3.8AI score0.07059EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•13 views

Advantech WebAccess/SCADA DATACORE IOCTL 0x5217 Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x5217 in datacore.exe. The issue results from the lac...

9.8CVSS7.6AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•24 views

Advantech WebAccess/SCADA ViewSrv IOCTL 0x00002775 Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of IOCTL 0x00002775 in ViewSrv.dll. The issue results from...

9.8CVSS3.8AI score0.07059EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•33 views

Advantech WebAccess/SCADA DATACORE IOCTL 0x00005226 Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of IOCTL 0x00005226 in DATACORE.exe. The issue results from...

9.8CVSS3.7AI score0.07059EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•19 views

Advantech WebAccess/SCADA ModDuDrv Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ModDuDrv device driver. The issue results from the lack of proper validati...

9.8CVSS3.7AI score0.07059EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•23 views

Advantech WebAccess/SCADA DATACORE IOCTL 0x00005227 Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of IOCTL 0x00005227 in DATACORE.exe. The issue results from...

9.8CVSS3.7AI score0.09076EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•28 views

Advantech WebAccess/SCADA OPCUA Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the OPCUA device driver. The issue results from the lack of proper validation ...

9.8CVSS3.6AI score0.09076EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•9 views

Advantech WebAccess/SCADA DATACORE IOCTL 0x520B Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x520B in datacore.exe. The issue results from the lac...

9.8CVSS7.6AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•37 views

Advantech WebAccess/SCADA DrawSrv IOCTL 0x00002722 Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of IOCTL 0x00002722 in DrawSrv.dll. The issue resul...

7.5CVSS1.6AI score0.01529EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/08 12:0 a.m.•28 views

Advantech WebAccess/SCADA BwWebSvc IOCTL 0x00013c74 IOCTL 0x00013c75 SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/SCADA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of IOCTL 0x00013c74 and IOCTL 0x00013c75 in...

7.5CVSS1.1AI score0.01529EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/06 12:0 a.m.•15 views

Trading Technologies X_TRADER disconnect_proxy_site Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trading Technologies XTRADER. Authentication is not required to exploit this vulnerability. The specific flaw exists within the messaging daemon. The issue results from the lack of proper validation ...

9.8CVSS4.1AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/06 12:0 a.m.•19 views

Trading Technologies X_TRADER block_proxy_site Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trading Technologies XTRADER. Authentication is not required to exploit this vulnerability. The specific flaw exists within the messaging daemon. The issue results from the lack of proper validation ...

9.8CVSS4.1AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/06 12:0 a.m.•15 views

Trading Technologies X_TRADER unblock_proxy_site Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trading Technologies XTRADER. Authentication is not required to exploit this vulnerability. The specific flaw exists within the messaging daemon. The issue results from the lack of proper validation ...

9.8CVSS4.1AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/06 12:0 a.m.•39 views

Schneider Electric EcoStruxure IT Gateway Improper Access Control Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Schneider Electric EcoStruxure IT Gateway. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

7.8CVSS3.9AI score0.00479EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/06 12:0 a.m.•19 views

Trading Technologies X_TRADER remove_park Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trading Technologies XTRADER. Authentication is not required to exploit this vulnerability. The specific flaw exists within the messaging daemon. The issue results from the lack of proper validation ...

9.8CVSS4.1AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/05/06 12:0 a.m.•48 views

Apple macOS printtool Daemon Improper Input Validation Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the printtool daemon. Th...

7.8CVSS4.9AI score0.00288EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/30 12:0 a.m.•27 views

Adobe Bridge TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows attackers to disclose sensitive information on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF...

3.3CVSS2.2AI score0.02055EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/30 12:0 a.m.•27 views

Adobe After Effects MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe After Effects. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing...

7.8CVSS4.2AI score0.05941EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/30 12:0 a.m.•41 views

(Pwn2Own) Oracle VirtualBox E1000 IP Checksum Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

5.5CVSS2.3AI score0.00575EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/30 12:0 a.m.•24 views

LAquis SCADA LGX File Insufficient UI Warning Arbitrary File Creation Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

7.8CVSS1.7AI score0.00832EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/30 12:0 a.m.•46 views

(Pwn2Own) Oracle VirtualBox OHCI Uninitialized Variable Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS4.4AI score0.00697EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/30 12:0 a.m.•32 views

LAquis SCADA LGX File Insufficient UI Warning Arbitrary File Creation Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

7.8CVSS1.7AI score0.00832EPSS
Exploits0References1
Total number of security vulnerabilities16763