Lucene search
K

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•27 views

(0Day) Voltronic Power ViewPower Pro updateManagerPassword Exposed Dangerous Function Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within the updateManagerPassword function. The issue results from the exposure of ...

9.8CVSS7.2AI score0.45744EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•25 views

(0Day) Honeywell Saia PG5 Controls Suite Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

7.8CVSS7.2AI score0.01572EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•33 views

Foxit PDF Reader Annotation Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS7.2AI score0.00421EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•22 views

D-Link G416 nodered chmod Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack...

8.8CVSS7.5AI score0.00946EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•13 views

(0Day) Voltronic Power ViewPower Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RMI interface, which listens on TCP port 51099 by default. The issue resul...

9.8CVSS7.8AI score0.01549EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•26 views

Foxit PDF Reader AcroForm Doc Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of D...

7.8CVSS7.2AI score0.00422EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•19 views

Foxit PDF Reader AcroForm Signature Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS7.2AI score0.00422EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•17 views

Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS7.2AI score0.00445EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•24 views

D-Link G416 flupl pythonmodules Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from...

8.8CVSS7.5AI score0.00916EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•25 views

D-Link G416 awsfile rm Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack...

8.8CVSS7.5AI score0.00916EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•25 views

D-Link G416 nodered File Handling Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack...

8.8CVSS7.5AI score0.00916EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•21 views

D-Link G416 flupl filename Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack...

8.8CVSS7.5AI score0.00916EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•13 views

(0Day) Voltronic Power ViewPower Pro MySQL Use of Hard-coded Credentials Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS7.4AI score0.00234EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•18 views

D-Link G416 cfgsave backusb Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack...

8.8CVSS7.5AI score0.00916EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•22 views

D-Link G416 nodered gz File Handling Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack...

8.8CVSS7.5AI score0.00946EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•31 views

Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS7.2AI score0.00344EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•34 views

(0Day) Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

5.5CVSS6.2AI score0.00784EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•26 views

(0Day) Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

5.5CVSS6.2AI score0.00784EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•19 views

(0Day) Voltronic Power ViewPower Pro doDocument XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within the doDocument method. Due to the improper restriction of XML...

6.5CVSS6.5AI score0.01108EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•20 views

D-Link G416 httpd API-AUTH Timestamp Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack...

8.8CVSS7.5AI score0.00637EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•12 views

(0Day) Voltronic Power ViewPower Pro selectEventConfig SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within the selectEventConfig method. The issue results from the lack of proper...

9.8CVSS8.1AI score0.01331EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•28 views

QEMU NVMe Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of QEMU. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the NVMe...

6CVSS6AI score0.00409EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•20 views

Foxit PDF Reader AcroForm Doc Object Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of D...

7.8CVSS7.2AI score0.00415EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•22 views

(0Day) Voltronic Power ViewPower USBCommEx shutdown Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. User interaction is required to exploit this vulnerability in that an administrator must trigger a shutdown operation. The specific flaw exists within the shutdown...

8.8CVSS7.4AI score0.01396EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•24 views

Foxit PDF Reader Signature Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS6.4AI score0.00413EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•25 views

Foxit PDF Reader AcroForm Signature Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS7.2AI score0.00422EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•27 views

Foxit PDF Reader Doc Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of D...

3.3CVSS7.2AI score0.00319EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•17 views

Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS7.2AI score0.00445EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•24 views

NETGEAR ProSAFE Network Management System saveNodeLabel Cross-Site Scripting Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Minimal user interaction is required to exploit this vulnerability. The specific flaw exists within the saveNodeLabel method. The issue results from the lack o...

8CVSS7.4AI score0.53303EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•14 views

(0Day) Voltronic Power ViewPower MonitorConsole Exposed Dangerous Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MonitorConsole class. The issue results from an exposed dangerous method. ...

9.8CVSS7.7AI score0.01483EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•20 views

(0Day) Voltronic Power ViewPower Pro SocketService Missing Authentication Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SocketService module, which listens on UDP port 41222 by...

7.5CVSS7.1AI score0.00667EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•10 views

(0Day) Voltronic Power ViewPower MacMonitorConsole Exposed Dangerous Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MacMonitorConsole class. The issue results from an exposed dangerous metho...

9.8CVSS7.7AI score0.01483EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•22 views

(0Day) Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

5.5CVSS6.2AI score0.00784EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•24 views

D-Link G416 flupl query_type edit Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack...

8.8CVSS7.5AI score0.00916EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•20 views

Trimble SketchUp Viewer SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

7.8CVSS7.2AI score0.00399EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•25 views

(0Day) Voltronic Power ViewPower Pro Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Struts2 dependency. The issue results from the use of a library that i...

9.8CVSS8AI score0.01603EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•31 views

(0Day) Hancom Office Cell XLS File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hancom Office Cell. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS7.2AI score0.00338EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•16 views

(0Day) Voltronic Power ViewPower Incorrect Permission Assignment Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the produc...

7.8CVSS7.5AI score0.00234EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•29 views

(0Day) Voltronic Power ViewPower Pro selectDeviceListBy SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within the selectDeviceListBy method. The issue results from the lack of proper...

9.8CVSS8.1AI score0.48168EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•20 views

(0Day) Honeywell Saia PG5 Controls Suite XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Honeywell Saia PG5 Controls Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

5.5CVSS6.2AI score0.00784EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•19 views

D-Link G416 awsfile tar File Handling Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from the lack...

8.8CVSS7.5AI score0.00916EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•19 views

D-Link G416 httpd Improper Handling of Exceptional Conditions Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link G416 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from...

4.3CVSS6.6AI score0.00514EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•25 views

Foxit PDF Reader AcroForm Doc Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS6.3AI score0.00397EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•16 views

(0Day) Voltronic Power ViewPower setShutdown Exposed Dangerous Method Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Voltronic Power ViewPower. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.8CVSS7.5AI score0.0031EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•18 views

D-Link G416 flupl pythonapp Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link G416 wireless routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP service listening on TCP port 80. The issue results from...

8.8CVSS7.5AI score0.00946EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•24 views

oFono SMS Decoder Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of oFono. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of SMS PDUs. The issue results from the lack of proper validation of the length of...

8.1CVSS7.6AI score0.01149EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•22 views

Foxit PDF Reader combobox Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS6.3AI score0.00391EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•31 views

(0Day) Voltronic Power ViewPower Pro Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RMI interface, which listens on TCP port 41009 by default. The issue...

9.8CVSS7.8AI score0.0104EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•20 views

(0Day) Voltronic Power ViewPower USBCommEx shutdown Exposed Dangerous Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Voltronic Power ViewPower Pro. User interaction is required to exploit this vulnerability in that an administrator must trigger a shutdown operation. The specific flaw exists within the shutdown...

8.8CVSS7.5AI score0.01127EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2023/12/20 12:0 a.m.•28 views

BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The specific flaw exists within the handling of the Phone...

7.1CVSS7.3AI score0.0229EPSS
Exploits0References1
Total number of security vulnerabilities16763