Adobe Photoshop TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

Adobe Bridge CC GIF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge CC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of GI...

Fortinet FortiWeb Cross-Site Scripting Vulnerability (CNVD-2020-21071)

Fortinet FortiWeb is a Web application layer firewall from the U.S. company Fita Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks to ensure the security of Web applications and protect sensitive database content. A...

pki-core cross-site scripting vulnerability (CNVD-2020-27183)

pki-core is a library that provides an API for PKI operations. A cross-site scripting vulnerability exists in pki-core. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to execute client-side code...

Team Password Manager Cross-Site Scripting Vulnerability

Team Password Manager is a web-based team password manager. A cross-site scripting vulnerability exists in Team Password Manager 7.93.204 and earlier versions. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this...

The vulnerability of the AVX2 decoder in Linux kernel allows a hacker to execute arbitrary code.

The vulnerability of the AVX2 decoder in Linux operating systems exists due to insufficient checking of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

Foxit Studio Photo Buffer Overflow Vulnerability (CNVD-2020-18155)

Foxit Studio Photo is a set of image editing software from the Chinese company Foxit Foxit. A buffer overflow vulnerability exists in the processing of PSD files in Foxit Studio Photo 3.6.6.918 and earlier versions for Windows platforms, which originates when a networked system or product perform...

PrimeTek PrimeFaces Cross-Site Scripting Vulnerability

Primetek Primefaces is an open source use in the Java EE system UI library . A cross-site scripting vulnerability in the tooltip/tooltip.js file in PrimeTek PrimeFaces version 7.0.11, which stems from a lack of proper validation of client-side data in a WEB application, can be exploited by an...

Twisted Input Validation Error Vulnerability

Twisted is an event-driven open source web engine written in the Python language. An input validation error vulnerability exists in Twisted version 19.10.0 and earlier. The vulnerability stems from a network system or product that does not properly validate incoming data. No details of the...

WordPress popup-builder cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Sygnoos Popup Builder is one of the popup plugins used in it. A cross-site scripting vulnerability exists in WordPress popup-builder...

Wyse Management Suite Cross-Site Scripting Vulnerability

Wyse Management Suite WMS is a scalable solution for managing and optimizing Wyse endpoints from Dell, USA. The product includes centralized management of Wyse endpoints, asset tracking and automated device discovery. A cross-site scripting vulnerability exists in Wyse Management Suite versions...

Wyse Management Suite Cross-Site Scripting Vulnerability (CNVD-2020-17378)

Wyse Management Suite WMS is a scalable solution for managing and optimizing Wyse endpoints from Dell, USA. The product includes centralized management of Wyse endpoints, asset tracking and automated device discovery. A cross-site scripting vulnerability exists in Wyse Management Suite versions...

Foxit Studio Photo PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Foxit Studio Photo PSD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

utilitify input validation error vulnerability

utilitify is a utility program for working with collections such as objects, arrays and tuples numbers, strings, etc.. An input validation error vulnerability exists in versions of utilitify prior to 1.0.3. The vulnerability stems from a networked system or product that does not properly validate...

Chadha Software Technologies PHPKB Standard Multi-Language Cross-Site Scripting Vulnerability (CNVD-2020-18656)

Chadha Software Technologies PHPKB Standard Multi-Language is a web-based, multi-language knowledge base management system from Chadha Software Technologies, India. A cross-site scripting vulnerability exists in the way URIs are handled in the admin/header.php file in Chadha Software Technologies...

WordPress RegistrationMagic Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.RegistrationMagic is a user registration plugin used in it. A cross-site scripting vulnerability exists in WordPress RegistrationMagic...

Chadha Software Technologies PHPKB Standard Multi-Language Cross-Site Scripting Vulnerability (CNVD-2020-17953)

Chadha Software Technologies PHPKB Standard Multi-Language is a web-based, multi-language knowledge base management system from Chadha Software Technologies, India. A cross-site scripting vulnerability exists in the way URIs are handled in the admin/header.php file in Chadha PHPKB Standard...

ABB eSOMS Cross-Site Scripting Vulnerability

ABB eSOMS is a plant operations management system from ABB Switzerland. A cross-site scripting vulnerability exists in ABB eSOMS 6.0.2 and prior versions. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this vulnerabilit...

Chadha Software Technologies PHPKB Standard Multi-Language Cross-Site Scripting Vulnerability (CNVD-2020-17957)

Chadha Software Technologies PHPKB Standard Multi-Language is a web-based, multi-language knowledge base management system from Chadha Software Technologies, India. A cross-site scripting vulnerability exists in the way URIs are handled in the admin/header.php file in Chadha Software Technologies...