Lucene search
+L

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•33 views

Cisco UCS Director saveWindowsNetworkConfig Directory Traversal Denial-of-Service Vulnerability

This vulnerability allows remote attackers to overwrite arbitrary files on affected installations of Cisco UCS Director. Authentication is not required to exploit this vulnerability. The specific flaw exists within the saveWindowsNetworkConfig method. The issue results from the lack of proper...

8.2CVSS3.3AI score0.23056EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•35 views

Oracle Business Intelligence AMF Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle Business Intelligence. Authentication is not required to exploit this vulnerability. The specific flaw exists within BIRemotingServlet. The issue results from the lack of proper validation of...

9.8CVSS4.2AI score0.71031EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•25 views

Oracle VirtualBox Virtual USB Numeric Truncation Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the virtual...

7.5CVSS3.5AI score0.00576EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•26 views

Foxit PhantomPDF U3D File Parsing vertex Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS1.2AI score0.03405EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•29 views

Veeam ONE PerformHandshake Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Veeam ONE. Authentication is not required to exploit this vulnerability. The specific flaw exists within the PerformHandshake method. The issue results from the lack of proper validation of...

9.8CVSS3.2AI score0.4703EPSS
Exploits3References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•28 views

Foxit Reader XFA Template Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of XFA...

7.8CVSS2.5AI score0.04689EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•30 views

Foxit PhantomPDF U3DBrowser U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U...

7.8CVSS4.1AI score0.04826EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•25 views

Oracle VirtualBox SLiRP Networking Out-Of-Bounds Access Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle VirtualBox. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of NAT. The issue results from the lack of proper validation of...

7.8CVSS2.2AI score0.00586EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•33 views

Foxit Reader resetForm Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the resetForm method...

7.8CVSS2.6AI score0.04787EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•28 views

Cisco UCS Director ScriptModuleAddJarPage Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco UCS Director. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ScriptModuleAddJarPage method. The issue results from the lack of proper validati...

9.8CVSS3.5AI score0.38693EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•42 views

Foxit PhantomPDF GetFieldValue Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of t...

7.8CVSS2.2AI score0.04689EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•26 views

Cisco UCS Director ApplianceStorageUtil unzip Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco UCS Director. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of zip files by the LargeFileUploadServlet endpoint. The issue results...

9.8CVSS3.9AI score0.73566EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•41 views

Foxit PhantomPDF U3DBrowser U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U...

7.8CVSS3.8AI score0.04826EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•36 views

Foxit PhantomPDF DuplicatePages Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of t...

7.8CVSS2.1AI score0.04689EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•32 views

Foxit PhantomPDF U3DBrowser U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U...

7.8CVSS3.8AI score0.04826EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•26 views

(Pwn2Own) Triangle MicroWorks SCADA Data Gateway DNP3 Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists with the handling of data set descriptors. The issue results fro...

5.3CVSS3.5AI score0.02493EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•21 views

(Pwn2Own) Amazon Echo Show Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Amazon Echo Show. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

8.8CVSS3.5AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•54 views

(Pwn2Own) OPC Foundation UA .NET Standard CreateSessionRequest Race Condition Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of OPC Foundation UA .NET Standard. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of sessions. The issue results from the lack ...

5.3CVSS0.7AI score0.0258EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•53 views

Oracle WebLogic Server T3 Protocol Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle WebLogic. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the T3 protocol. Crafted data in a T3 protocol message can trigger the...

9.8CVSS4AI score0.94928EPSS
Exploits11References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•31 views

(Pwn2Own) Triangle MicroWorks SCADA Data Gateway DNP3 Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of data set elements. The issue results from the lac...

9.8CVSS3.9AI score0.05226EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•30 views

Foxit PhantomPDF CombineFiles Arbitrary File Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the communication...

7.8CVSS3.3AI score0.0217EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•39 views

Foxit PhantomPDF U3DBrowser U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U...

7.8CVSS4.1AI score0.04826EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•37 views

Oracle E-Business Suite Human Resources Organization Hierarchy Viewer PosServer SQL Injection Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Oracle E-Business Suite Human Resources. Authentication is required to exploit this vulnerability. The specific flaw exists within the Organization Hierarchy Viewer. The issue results from the lack of...

8.1CVSS2AI score0.01956EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•41 views

Oracle VirtualBox D3D9 Shader Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle VirtualBox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within handling of D3D9...

8.8CVSS2.3AI score0.00568EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•38 views

Foxit PhantomPDF U3DBrowser U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS1.1AI score0.03476EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•39 views

Foxit PhantomPDF OCRAndExportToExcel Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of t...

7.8CVSS2.5AI score0.06602EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•39 views

Foxit PhantomPDF U3DBrowser U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS1.4AI score0.03405EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•32 views

Oracle E-Business Suite Human Resources Organization Hierarchy Viewer OrgServer SQL Injection Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Oracle E-Business Suite Human Resources. Authentication is required to exploit this vulnerability. The specific flaw exists within the Organization Hierarchy Viewer. The issue results from the lack of...

8.1CVSS2AI score0.4654EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•30 views

Foxit PhantomPDF U3DBrowser U3D File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U...

7.8CVSS4.7AI score0.04689EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/16 12:0 a.m.•27 views

Oracle VirtualBox shader_glsl_get_register_name Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6CVSS2.7AI score0.00631EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•27 views

Adobe After Effects TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe After Effects. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.8AI score0.02288EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•19 views

Microsoft Windows JET Database Engine Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database...

7.8CVSS3.7AI score0.11685EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•38 views

Intel Wi-Fi Link Driver Netwtw06 Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Intel Wi-Fi Link Driver. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of 802.11 frames. The issue results from the lack of...

8.8CVSS1.7AI score0.00395EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•40 views

Microsoft Windows KERNELBASE Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS3.5AI score0.01456EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•27 views

Microsoft Windows JET Database Engine Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database...

7.8CVSS3.7AI score0.11685EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•40 views

Intel Wi-Fi Link Driver Netwtw06 Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Intel Wi-Fi Link Driver. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of 802.11 frames. The issue results from the lack of...

8.8CVSS3.3AI score0.00633EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•34 views

Eaton HMiSoft VU3 File Parsing wTTimeLen Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Eaton HMiSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the...

7.8CVSS4.8AI score0.00805EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•35 views

Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database...

7.8CVSS4AI score0.11685EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•31 views

Microsoft Excel XLSM File Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

3.3CVSS1.3AI score0.11261EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•48 views

Microsoft SharePoint Scorecards Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of controls in the Microsoft.PerformancePoint.Scorecards.Client module...

8.8CVSS3.2AI score0.10695EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•30 views

Microsoft Windows JET Database Engine Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database...

7.8CVSS3.3AI score0.11685EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•36 views

Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database...

7.8CVSS4.1AI score0.11685EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•23 views

Eaton HMiSoft VU3 File Parsing wKPFString Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Eaton HMiSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS4.2AI score0.00805EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•28 views

Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database...

7.8CVSS4AI score0.11685EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•35 views

Intel Wi-Fi Link Driver Netwtw04 Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Intel Wi-Fi Link Driver. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of 802.11 frames. The issue results from the lack of...

8.8CVSS1.7AI score0.00633EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•71 views

Microsoft SharePoint TypeConverter Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the use of TypeConverter classes. The issue results from the lack of proper...

8.8CVSS3.2AI score0.31213EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•48 views

Microsoft Excel XLS File Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

7.8CVSS3.6AI score0.11261EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•34 views

Microsoft Windows user32 Icon Extraction Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS2.2AI score0.01456EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•33 views

Microsoft Windows JET Database Engine Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database...

7CVSS3.7AI score0.11685EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/15 12:0 a.m.•17 views

Eaton HMiSoft VU3 File Parsing GifName Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Eaton HMiSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the...

7.8CVSS4.9AI score0.00805EPSS
Exploits0References1
Total number of security vulnerabilities16763