Lucene search
K

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•4 views

Microsoft Object Detection Solution Accelerator csaddevamlacr Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Object Detection Solution Accelerator. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of Object Detection Solution Accelerato...

9.8CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•10 views

(0Day) VIPRE Advanced Security Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Anti...

7.8CVSS7.2AI score0.00387EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•7 views

(0Day) Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Avast Cleanup Premium. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast...

7.8CVSS7.2AI score0.00347EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•3 views

Microsoft Office Visio DXF File Parsing Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS7.3AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•6 views

(0Day) Panda Security Dome Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the PSANHost...

7.8CVSS7.2AI score0.00337EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•6 views

Linux Kernel ksmbd ACL Inheritance Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication may or may not be required to exploit this vulnerability, depending upon configuration. Furthermore, only systems with ksmbd enabled are vulnerable. The specific flaw...

9CVSS7.2AI score0.26864EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•11 views

AVG AntiVirus Free icarus Arbitrary File Creation Denial of Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

5.3CVSS6.7AI score0.00265EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•7 views

SolarWinds Access Rights Manager deleteTransferFile Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability

This vulnerability allows remote attackers to delete arbitrary files and disclose sensitive information on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the deleteTransferFile method. The...

8.6CVSS8AI score0.01893EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•7 views

(0Day) Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Avast Free Antivirus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast...

7.8CVSS7.2AI score0.00387EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•10 views

AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AVG Service. ...

7.8CVSS7.2AI score0.00352EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•4 views

Microsoft Azure Go Labs microsoftgoproxy Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Go Labs for Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of Go Labs. When installed from the official Microsoft GitH...

9.8CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•9 views

AVG AntiVirus Free Link Following Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within...

6.1CVSS6.7AI score0.00303EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•5 views

Microsoft Word DOC File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DOC...

7.8CVSS7.1AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•6 views

(0Day) Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Avast Cleanup Premium. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast...

7.8CVSS7.2AI score0.00344EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•15 views

AVG AntiVirus Free AVGSvc Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of AVG AntiVirus Free. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AVG Service. ...

7.8CVSS7.2AI score0.00344EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•11 views

(0Day) Avast Free Antivirus AvastSvc Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Avast Free Antivirus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast...

7.8CVSS7.2AI score0.00355EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•6 views

KernelCI SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on KernelCI. Authentication is not required to exploit this vulnerability. The specific flaw exists within the permissions granted to an SAS token. An attacker can leverage this vulnerability to make unauthorized changes to...

8.2CVSS7.3AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•14 views

(Pwn2Own) Docker Desktop extension-manager Exposed Dangerous Function Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop. An attacker must first obtain the ability to execute high-privileged code within the container in order to exploit this vulnerability. The specific flaw exists within the the implemention...

8.2CVSS7.2AI score0.00557EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•6 views

Linux Kernel Netfilter Conntrack Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the DCCP protocol. The issue results from the lack of proper...

4CVSS6.3AI score0.00976EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•11 views

(0Day) VIPRE Advanced Security SBAMSvc Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Anti...

7.8CVSS7.2AI score0.00407EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•5 views

Microsoft Azure MQTT azure-iot-sdks-ci Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of MQTT. When installed from the official Microsoft GitHub repository,...

9.8CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•6 views

Microsoft Azure IoT Edge Dev Tool iotedgetoolscontainerregistry Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Azure IoT Edge Dev Tool. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of Azure IoT Edge Dev Tool. When installed from the...

9.8CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•7 views

Microsoft Azure Machine Learning Forecasting Toolkit azuremlftkrelease Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Forecasting Toolkit for Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of Forecasting Toolkit. When installed from the...

9.8CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•16 views

(0Day) Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Avast Cleanup Premium. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Avast...

7.8CVSS7.2AI score0.00344EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•4 views

Microsoft Office Excel XLW File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

7.8CVSS7.2AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•8 views

Microsoft Excel FBX File Parsing Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

3.3CVSS6.4AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•5 views

Microsoft Azure Service Fabric servicefabricsdkstorage Uncontrolled Search Path Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Service Fabric for Microsoft Azure. Authentication is not required to exploit this vulnerability. The specific flaw exists within the installation of Service Fabric. When installed from the official...

9.8CVSS7.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/29 12:0 a.m.•6 views

Linux Kernel CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SMB...

8.3CVSS7AI score0.01999EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/26 12:0 a.m.•13 views

Docker Desktop Daemon CLI External Control of File Path Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Docker Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

6.1CVSS6.6AI score0.00374EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/26 12:0 a.m.•10 views

IrfanView PSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files...

7.8CVSS6.9AI score0.00523EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/26 12:0 a.m.•9 views

IrfanView AWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of AWD files...

7.8CVSS7AI score0.00523EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/26 12:0 a.m.•8 views

IrfanView RLE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of RLE files...

7.8CVSS6.9AI score0.0058EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/26 12:0 a.m.•9 views

IrfanView PSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files...

7.8CVSS6.9AI score0.00523EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/26 12:0 a.m.•10 views

IrfanView CIN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CIN files...

7.8CVSS6.9AI score0.00523EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/26 12:0 a.m.•10 views

IrfanView PSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files...

7.8CVSS6.9AI score0.0058EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/26 12:0 a.m.•10 views

IrfanView CIN File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CIN files...

7.8CVSS7AI score0.00523EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/26 12:0 a.m.•8 views

IrfanView PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files...

7.8CVSS6.9AI score0.00571EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/26 12:0 a.m.•7 views

Apple macOS VideoToolbox Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of MOV...

8.8CVSS6.7AI score0.00638EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/25 12:0 a.m.•6 views

Autodesk AutoCAD X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XT...

7.8CVSS7.8AI score0.00423EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/25 12:0 a.m.•7 views

Autodesk AutoCAD STEP File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ST...

7.8CVSS7.8AI score0.00427EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/25 12:0 a.m.•8 views

Autodesk AutoCAD X_B File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XB...

7.8CVSS7.8AI score0.00427EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/25 12:0 a.m.•13 views

Autodesk AutoCAD 3DM File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3D...

7.8CVSS7.8AI score0.00403EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/25 12:0 a.m.•9 views

Autodesk AutoCAD X_T File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XT...

7.8CVSS7.7AI score0.00425EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/25 12:0 a.m.•10 views

Autodesk AutoCAD X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XT...

7.8CVSS7.8AI score0.00423EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/25 12:0 a.m.•11 views

Autodesk AutoCAD X_T File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XT...

7.8CVSS6.8AI score0.00418EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/07/23 12:0 a.m.•8 views

(0Day) Comodo Internet Security Pro Directory Traversal Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Internet Security Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS7.2AI score0.00476EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2024/07/23 12:0 a.m.•11 views

(0Day) Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Internet Security Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS7.2AI score0.00319EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2024/07/23 12:0 a.m.•10 views

(0Day) Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Internet Security Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS7.2AI score0.00319EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2024/07/23 12:0 a.m.•11 views

(0Day) Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Internet Security Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS7.2AI score0.00319EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2024/07/23 12:0 a.m.•9 views

(0Day) Comodo Firewall Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Firewall. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the cmdagent...

7.8CVSS7.2AI score0.00309EPSS
Exploits0
Total number of security vulnerabilities16763