Bentley View 3DS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

Bentley View JT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

Bentley View JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

Bentley Systems Bentley View 缓冲区错误漏洞

Bentley View is a free viewer from Bentley Systems, Inc. A security vulnerability exists in Bentley View, which is caused by a lack of proper validation of user-supplied data and can be exploited by an attacker to execute code in the context of the current process...

DouCo DouPHP 跨站脚本漏洞

DouPHP is a lightweight enterprise content management system CMS from China DouShell Network Technology, Inc. A cross-site scripting vulnerability exists in DouPHP, which stems from a lack of data validation filtering of user-supplied and output data in /admin/cloud.php. An attacker could exploit...

Adobe Bridge SGI File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

GHSA-6R7C-6W96-8PVW Remote Code Execution in AjaxNetProfessional

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to the possibility of deserialization of arbitrary .NET classes, which can be abused to gain remote code execution. Description Serialization is a process of converting an object into a sequence of...

Tencent WeChat WXAM Decoder Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tencent WeChat. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WXAM...

Esri ArcGIS 跨站脚本漏洞

Esri Arcgis Server is a Web-oriented enterprise software platform that can be used to provide geolocation services from Esri Corporation. A cross-site scripting vulnerability exists in Esri ArcGIS that stems from a lack of proper validation of client-side data by the WEB application. An attacker...

Tencent WeChat WXAM Decoder Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent WeChat. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WXAM decoder. T...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser from Google, Inc. A data validation error vulnerability exists in the loader component of Google Chrome prior to version 96.0.4664.93. It allows remote attackers to compromise cross-domain data via crafted HTML pages...

Stable Channel Update for Desktop

The Stable channel has been updated to 96.0.4664.93 for Windows, Mac and Linux which will roll out over the coming days/weeks. Extended stable channel has also been updated to 96.0.4664.93 for Windows and Mac which will roll out over the coming days/weeks A full list of changes in this build is...

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 22 security fixes, including: 1267661 High CVE-2021-4052: Use after free in web apps. Reported by Wei Yuan of MoyunSec VLab on 2021-11-07 1267791 High CVE-2021-4053: Use after free in UI. Reported by Rox on 2021-11-08 1265806 High CVE-2021-4079: Out ...

SakuraPanel Cross-Site Scripting Vulnerability

SakuraPanel is an open source, Frp-based intranet penetration management panel application. a cross-site scripting vulnerability exists in SakuraPanel, which stems from an exit function in the product/master/core/PostHandler.php file that does not validate data. An attacker could print...

Crafter CMS Cross-Site Scripting Vulnerability

Crafter CMS is an open source content management system CMS for digital experience applications.A cross-site scripting vulnerability exists in Crafter CMS, which stems from a lack of data validation filtering of user-supplied data and output. An attacker with a Site role could exploit the...

OpenText Brava! Desktop JXR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

OpenText Brava! Desktop DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

OpenText Brava! Desktop JXR File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

OpenText Brava! Desktop XGL File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

OpenText Brava! Desktop EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...