Lucene search
K

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2024/01/04 12:0 a.m.•18 views

Kofax Power PDF XPS File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of XP...

7.8CVSS7.2AI score0.00541EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/01/04 12:0 a.m.•19 views

Kofax Power PDF OXPS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of OXP...

7.8CVSS7.2AI score0.0087EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/01/04 12:0 a.m.•36 views

X.Org Server DeepCopyPointerClasses Out-Of-Bounds Access Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Button...

7.8CVSS7.7AI score0.01587EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/01/04 12:0 a.m.•19 views

oFono SMS Decoder Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of oFono. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of SMS PDUs. The issue results from the lack of proper validation of the length of...

8.1CVSS7.6AI score0.00936EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2024/01/04 12:0 a.m.•34 views

X.Org Server RecalculateMasterButtons Out-Of-Bounds Access Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of Button...

7.8CVSS7.7AI score0.01587EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/01/04 12:0 a.m.•34 views

X.Org Server RRChangeOutputProperty Integer Overflow Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling...

5.5CVSS7.5AI score0.01631EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2024/01/04 12:0 a.m.•26 views

SolarWinds Access Rights Manager Hardcoded Credentials Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of a RabbitMQ instance. The issue results from the use...

8.6CVSS7AI score0.00799EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/21 12:0 a.m.•24 views

(0Day) BlueZ Audio Profile AVRCP Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the...

7.1CVSS7.3AI score0.01563EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/21 12:0 a.m.•24 views

Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation Arena Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

7.8CVSS7.2AI score0.0085EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/21 12:0 a.m.•23 views

(0Day) Kofax Power PDF J2K File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K...

7.8CVSS7.3AI score0.00534EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/21 12:0 a.m.•20 views

Rockwell Automation Arena Simulation DOE File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation Arena Simulation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

7.8CVSS7.2AI score0.0085EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/21 12:0 a.m.•15 views

(0Day) Kofax Power PDF U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D...

7.8CVSS7.2AI score0.00525EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/21 12:0 a.m.•20 views

(0Day) Kofax Power PDF U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D...

7.8CVSS7.2AI score0.00534EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/21 12:0 a.m.•24 views

(0Day) BlueZ Audio Profile AVRCP avrcp_parse_attribute_list Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling o...

5.4CVSS6.5AI score0.00956EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/21 12:0 a.m.•31 views

(0Day) BlueZ OBEX Library Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The specific flaw exists within the handling of OB...

2.6CVSS6.4AI score0.00949EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/21 12:0 a.m.•32 views

(0Day) BlueZ Audio Profile AVRCP parse_media_element Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling o...

5.4CVSS6.5AI score0.00808EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/21 12:0 a.m.•28 views

(0Day) BlueZ Audio Profile AVRCP parse_media_folder Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling o...

5.4CVSS6.5AI score0.00808EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/21 12:0 a.m.•25 views

(0Day) BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The specific flaw exists within the handling of the Phone...

7.1CVSS7.3AI score0.01493EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•30 views

Trimble SketchUp Viewer SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS7.2AI score0.00423EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•20 views

Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS6.3AI score0.00397EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•29 views

D-Link G416 ovpncfg Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack...

8.8CVSS7.5AI score0.00637EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•25 views

(0Day) Voltronic Power ViewPower Pro getMacAddressByIp Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getMacAddressByIP function. The issue results from the lack of proper...

9.8CVSS7.6AI score0.38423EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•16 views

oFono SMS Decoder Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of oFono. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of SMS PDUs. The issue results from the lack of proper validation of the length of...

8.1CVSS7.6AI score0.0124EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•27 views

BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The specific flaw exists within the handling of the Phone...

7.1CVSS7.3AI score0.01493EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•20 views

Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS7.2AI score0.00445EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•129 views

D-Link G416 httpd API-AUTH Digest Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack...

8.8CVSS7.5AI score0.00637EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•17 views

Trimble SketchUp Viewer SKP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS7.2AI score0.00399EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•14 views

(0Day) Voltronic Power ViewPower LinuxMonitorConsole Exposed Dangerous Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability. The specific flaw exists within the LinuxMonitorConsole class. The issue results from an exposed dangerous...

9.8CVSS7.7AI score0.01483EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•21 views

Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS7.2AI score0.00445EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•14 views

(0Day) Voltronic Power ViewPower updateManagerPassword Exposed Dangerous Method Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability. The specific flaw exists within the updateManagerPassword method. The issue results from the exposure of a...

9.8CVSS7.2AI score0.01553EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•24 views

D-Link G416 cfgsave Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from...

8.8CVSS7.5AI score0.01187EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•25 views

(0Day) Hancom Office Word DOC File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hancom Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7CVSS7.2AI score0.00722EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•28 views

D-Link G416 nodered tar File Handling Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack...

8.8CVSS7.5AI score0.00946EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•28 views

D-Link G416 awsfile chmod Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack...

8.8CVSS7.5AI score0.00916EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•20 views

Trimble SketchUp Viewer SKP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS7.2AI score0.00399EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•22 views

oFono SMS Decoder Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of oFono. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of SMS PDUs. The issue results from the lack of proper validation of the length of...

8.1CVSS7.6AI score0.00947EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•19 views

oFono SMS Decoder Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of oFono. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of SMS PDUs. The issue results from the lack of proper validation of the length of...

8.1CVSS7.6AI score0.01006EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•20 views

Foxit PDF Reader Doc Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS6.3AI score0.00397EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•19 views

(0Day) Voltronic Power ViewPower getModbusPassword Missing Authentication Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getModbusPassword method. The issue results from the lack of...

7.5CVSS6.5AI score0.36038EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•20 views

Inductive Automation Ignition ModuleInvoke Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Inductive Automation Ignition. Authentication is required to exploit this vulnerability. The specific flaw exists within the ModuleInvoke class. The issue results from the lack of proper validation o...

8.8CVSS7.8AI score0.55031EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•26 views

D-Link G416 cfgsave Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from...

8.8CVSS7.5AI score0.00637EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•23 views

D-Link G416 httpd Missing Authentication for Critical Function Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack ...

8.8CVSS7.4AI score0.00696EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•22 views

(0Day) Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

5.5CVSS6.2AI score0.00784EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•22 views

Foxit PDF Reader Bookmark Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS6.3AI score0.00391EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•27 views

Linux Mint Xreader EPUB File Parsing Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS7.2AI score0.0177EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•31 views

Foxit PDF Reader AcroForm Doc Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of D...

7.8CVSS7.2AI score0.00422EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•27 views

(0Day) Honeywell Saia PG5 Controls Suite CAB File Parsing Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

7.8CVSS7.2AI score0.01572EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•18 views

D-Link G416 cfgsave upusb Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack...

8.8CVSS7.5AI score0.00916EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•31 views

(0Day) Hancom Office Show PPT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hancom Office Show. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS7.2AI score0.0039EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•21 views

Trimble SketchUp Viewer SKP File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS7.3AI score0.00399EPSS
Exploits0
Total number of security vulnerabilities16763