sumatrapdf 代码问题漏洞

sumatrapdf is sumatrapdfreader open source a PDF reader. sumatrapdf 3.5.2 and previous versions of the code problematic vulnerability , the vulnerability stems from the execution of notepad.exe does not specify the absolute path , which may lead to arbitrary code execution...

MiracleLinux 3 : libvorbis-1.1.2-3.4.1AXS3 (AXSA:2009-422:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-422:02 advisory. Ogg Vorbis is a fully open, non-proprietary, patent-and royalty-free, general-purpose compressed audio format for audio and music at fixed and variable bitrat...

MiracleLinux 3 : libvorbis-1.1.2-3.3.1AXS3 (AXSA:2009-385:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-385:01 advisory. The libvorbis packages contain runtime libraries for use in programs that support Ogg Vorbis. Ogg Vorbis is a fully open, non-proprietary, patent-and...

MiracleLinux 3 : kernel-2.6.18-194.5.AXS3 (AXSA:2010-440:14)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2010-440:14 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating system:...

Algolia Search & Discovery for Magento 2 Has Untrusted Data Handling

Versions of the Algolia Search & Discovery extension for Magento 2 prior to 3.17.2 and 3.16.2 contain a vulnerability where data read from the database was treated as a trusted source during job execution. If an attacker is able to modify records used by the extension’s indexing queue, this could...

Adobe InDesign < 20.5.1 / 21.0 < 21.1.0 Multiple Vulnerabilities (APSB26-02) (macOS)

The version of Adobe InDesign installed on the remote macOS host is prior to 20.5.1, 21.1.0. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-02 advisory. - InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001709)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001709 advisory. Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the badflpintr function. By executi...

Adobe Bridge 15.1.2 < 15.1.3 / 16.x < 16.0.1 Vulnerability (APSB26-07)

The version of Adobe Bridge installed on the remote macOS or Mac OS X host is prior to 15.1.3 or 16.0.1. It is, therefore, affected by a vulnerability as referenced in the apsb26-07 advisory. - Bridge versions 15.1.2, 16.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability tha...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001353)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001353 advisory. The eBPF RINGBUF bpfringbufreserve function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to...

MiracleLinux 4 : libexif-0.6.21-5.AXS4 (AXSA:2012-974:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-974:01 advisory. Most digital cameras produce EXIF files, which are JPEG files with extra tags that contain information about the image. The EXIF library allows you t...

MiracleLinux 3 : libsoup-2.2.98-2AXS3.1 (AXSA:2009-28:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-28:01 advisory. Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and...

MiracleLinux 3 : libpng-1.2.10-16.0.1.AXS3 (AXSA:2012-447:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-447:02 advisory. The libpng package contains a library of functions for creating and manipulating PNG Portable Network Graphics image format files. PNG is a bit-mapped graphic...

Adobe Illustrator < 29.8.4 / 30.0 < 30.1 Multiple Vulnerabilities (APSB26-03)

The version of Adobe Illustrator installed on the remote Windows host is prior to 29.8.4, 30.1. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB26-03 advisory. - Illustrator versions 29.8.3, 30.0 and earlier are affected by an Untrusted Search Path vulnerability th...

Adobe InCopy < 20.5.1 / 21.0 < 21.1.0 Arbitrary code execution (APSB26-04)

The version of Adobe InCopy installed on the remote host is prior to 20.5.1, 21.1.0. It is, therefore, affected by a vulnerability as referenced in the APSB26-04 advisory. - InCopy versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in...

MiracleLinux 3 : libpng-1.2.10-7.1.2.1AXS3 (AXSA:2009-25:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-25:01 advisory. The libpng package contains a library of functions for creating and manipulating PNG Portable Network Graphics image format files. PNG is a bit-mapped...

MiracleLinux 3 : ghostscript-8.15.2-9.4.4.1AXS3 (AXSA:2009-29:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2009-29:01 advisory. Ghostscript is a set of software that provides a PostScriptTM interpreter, a set of C procedures the Ghostscript library, which implements the graphic...

CVE-2024-14021

LlamaIndex run-llama/llamaindex versions up to and including 0.11.6 contain an unsafe deserialization vulnerability in BGEM3Index.loadfromdisk in llamaindex/indices/managed/bgem3/base.py. The function uses pickle.load to deserialize multiembedstore.pkl from a user-supplied persistdir without...

CVE-2023-54334

Explorer32++ 1.3.5.531 contains a buffer overflow vulnerability in Structured Exception Handler SEH records that allows attackers to execute arbitrary code. Attackers can exploit the vulnerability by providing a long file name argument over 396 characters to corrupt the SEH chain and potentially...

CVE-2022-50933

Cain & Abel 4.9.56 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with LocalSystem permissions...

CVE-2022-50922

Audio Conversion Wizard v2.01 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting memory with a specially crafted registration code. Attackers can generate a payload that overwrites the application's memory stack, potentially enabling remote cod...