5836 matches found
The vulnerability of Microsoft Word’s text editor lies in the lack of thorough verification of input data, allowing attackers to execute arbitrary code.
The vulnerability of Microsoft Word relates to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2024-26151 Potentially untrusted input is rendered as HTML in final output
The mjml PyPI package, found at the FelixSchwarz/mjml-python GitHub repo, is an unofficial Python port of MJML, a markup language created by Mailjet. All users of FelixSchwarz/mjml-python who insert untrusted data into mjml templates unless that data is checked in a very strict manner. User input...
CVE-2024-26148 Querybook's Stored Cross-Site Scripting vulnerability allows Privilege Elevation
Querybook is a user interface for querying big data. Prior to version 3.31.1, there is a vulnerability in Querybook's rich text editor that enables users to input arbitrary URLs without undergoing necessary validation. This particular security flaw allows the use of javascript: protocol which can...
CVE-2023-6247
The PKCS7 parser in OpenVPN 3 Core Library versions through 3.8.3 did not properly validate the parsed data, which would result in the application crashing...
GLSA-202402-23 : Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202402-23 Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities - Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216 allowed an attacker in a privileged network position to install a...
The vulnerability of the application programming interface for accessing ActiveX Data Objects (ADO) on Windows operating systems allows a perpetrator to execute arbitrary code.
The vulnerability of the application programming interface for accessing ActiveX Data Objects ADO on Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, and Adobe Acrobat 2020, as well as Adobe Acrobat Reader 2020, are related to insufficient input data validation. This vulnerability allows attackers to trigger service interruptions.
The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 are related to insufficient validation of input data. Exploiting these vulnerabilities can allow attackers to cause...
The vulnerability of the Windows operating system’s Network Address Translation (NAT) technology allows a hacker to induce a service failure.
The vulnerability of the Network Address Translation NAT technology implementation in the Windows operating system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions...
The vulnerability of the Microsoft Outlook email client, related to insufficient validation of input data, allows a hacker to execute arbitrary code.
The vulnerability of the Microsoft Outlook email client is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the USB Generic Parent driver in Windows operating systems allows a hacker to execute arbitrary code.
The vulnerability of the USB Generic Driver in Windows operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Adobe Acrobat Pro DC AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Autodesk AutoCAD STP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ST...
Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ST...
Autodesk AutoCAD STP File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ST...
Autodesk AutoCAD 3DM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 3D...