Foxit Studio Photo Information Disclosure Vulnerability (CNVD-2020-59768)

Foxit Studio Photo is a set of image editing software from the Chinese company Foxit Foxit. An information disclosure vulnerability exists in the handling of SR2 files in Foxit Studio Photo 3.6.6.930 and earlier versions. The vulnerability stems from a lack of proper validation of user-supplied...

Foxit Studio Photo Information Disclosure Vulnerability (CNVD-2020-59785)

Foxit Studio Photo is a set of image editing software from the Chinese company Foxit Foxit. An information disclosure vulnerability exists in the handling of NEF files in Foxit Studio Photo 3.6.6.930 and earlier versions. The vulnerability stems from a lack of proper validation of user-supplied...

Micro Focus Operations Bridge Manager ImpactService Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

Foxit Studio Photo NEF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Foxit Studio Photo CMP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Foxit Studio Photo NEF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

Micro Focus Operations Bridge Manager HistoryService Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

Foxit Studio Photo ARW File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Micro Focus Operations Bridge Manager AutomationMappingService Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

Foxit Studio Photo NEF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing ...

Micro Focus Operations Bridge Manager ClassModelService Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

The vulnerability of Intel Thunderbolt controller interfaces, related to insufficient input data validation, allows attackers to gain unauthorized access to protected information.

The vulnerability of Intel Thunderbolt controller interfaces is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

OPENSUSE-SU-2020:1715-1 Security update for chromium

This update for chromium fixes the following issues: -chromium was updated to 86.0.4240.75 boo1177408: - CVE-2020-15967: Fixed Use after free in payments. - CVE-2020-15968: Fixed Use after free in Blink. - CVE-2020-15969: Fixed Use after free in WebRTC. - CVE-2020-15970: Fixed Use after free in...

WordPress cm-download-manager cross-site scripting vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress cm-download-manager versions prior to 2.8.0. The...

Security update for chromium (critical)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1715-1 Rating: critical References: 1177408 Cross-References: CVE-2020-15967 CVE-2020-15968 CVE-2020-15969 CVE-2020-15970 CVE-2020-15971 CVE-2020-15972 CVE-2020-15973 CVE-2020-15974 CVE-2020-15975...

OPENSUSE-SU-2020:1705-1 Security update for chromium

This update for chromium fixes the following issues: -chromium was updated to 86.0.4240.75 boo1177408: - CVE-2020-15967: Fixed Use after free in payments. - CVE-2020-15968: Fixed Use after free in Blink. - CVE-2020-15969: Fixed Use after free in WebRTC. - CVE-2020-15970: Fixed Use after free in...

Adobe Illustrator PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Illustrator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of P...

Security update for chromium (critical)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:1705-1 Rating: critical References: 1177408 Cross-References: CVE-2020-15967 CVE-2020-15968 CVE-2020-15969 CVE-2020-15970 CVE-2020-15971 CVE-2020-15972 CVE-2020-15973 CVE-2020-15974 CVE-2020-15975...

blinger Blinger.io Cross-Site Scripting Vulnerability

blinger Blinger.io is a web platform of the Russian blinger company. It is used for companies to communicate with their customers. A cross-site scripting vulnerability exists in Blinger.io version v.1.0.2519, which stems from the lack of proper validation of client data by the WEB application, an...

PT-2020-4499

Name of the Vulnerable Software and Affected Versions Java SE versions 7u271, 8u261, 11.0.8, and 15 Java SE Embedded version 8u261 Description The issue is related to insufficient input validation in the Hotspot component of Java SE and Java SE Embedded. It allows an unauthenticated attacker with...