Adobe Acrobat Pro DC JPEG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing o...

JetBrains TeamCity Cross-Site Scripting Vulnerability

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A cross-site scripting vulnerability exists in use...

Linear eMerge E3-Series Cross-Site Scripting Vulnerability

The Nortek Security & Control Linear eMerge E3-Series is an access control device from Nortek Security & Control USA. A cross-site scripting vulnerability exists in the Linear eMerge E3-Series. The vulnerability stems from a lack of proper validation of client data by the web application. An...

Synology Note Station Cross-Site Scripting Vulnerability (CNVD-2019-20979)

Synology Note Station is a cloud-based note management application from Synology Inc. of Taiwan, China. A cross-site scripting vulnerability exists in SYNO.NoteStation.Shard in Synology Note Station versions prior to 2.5.3-0863. The vulnerability stems from the WEB application lacking proper...

Advantech WebAccess Node bwdraw Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess Node. Authentication is not required to exploit this vulnerability. The specific flaw exists within bwdraw.exe, which is accessed through the 0x2711 IOCTL in the webvrpcs process...

Arastta eCommerce Cross-Site Scripting Vulnerability

Arastta eCommerce is an open source eCommerce platform. A cross-site scripting vulnerability exists in Arastta eCommerce version 1.6.2. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this vulnerability to execute...

CVE-2019-10983

In WebAccess/SCADA Versions 8.3.5 and prior, an out-of-bounds read vulnerability is caused by a lack of proper validation of user-supplied data. Exploitation of this vulnerability may allow disclosure of information...

Remote code execution

In WebAccess/SCADA Versions 8.3.5 and prior, multiple out-of-bounds write vulnerabilities are caused by a lack of proper validation of the length of user-supplied data. Exploitation of these vulnerabilities may allow remote code execution...

Magento Cross-Site Scripting Vulnerability (CNVD-2019-26219)

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engine and payment gateway and other functions. A cross-site scripting vulnerability exists in Magento. The vulnerability stems from the lack of proper validation ...

ABB PB610 IDAL FTP server buffer overflow vulnerability

ABB PB610 is a software from ABB Switzerland designed for the CP600 control panel platform with a graphical user interface.IDAL FTP server is one of the FTP File Transfer Protocol servers. A buffer overflow vulnerability exists in the IDAL FTP server in the ABB PB610. The vulnerability arises fro...

Magento cross-site scripting vulnerability (CNVD-2019-26233)

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions. A cross-site scripting vulnerability exists in Magento version 2.1.18 before version 2.1, version 2.2.9 before...

Magento Cross-Site Scripting Vulnerability (CNVD-2019-26216)

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management, search engine and payment gateway and other functions. A cross-site scripting vulnerability exists in Magento Open Source, Magento Commerce and Magento. The vulnerability...

Magento cross-site scripting vulnerability (CNVD-2019-26217)

Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engine and payment gateway and other functions. A cross-site scripting vulnerability exists in Magento Open Source, Magento Commerce and Magento. The vulnerability...

CVE-2019-5834

Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to perform domain spoofing via a crafted HTML page...

CVE-2019-5834

Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to perform domain spoofing via a crafted HTML page...

CVE-2019-5839

Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80 allowed a remote attacker who convinced a user to input a URL to bypass website URL validation via a crafted URL...

CVE-2019-5819

Insufficient data validation in developer tools in Google Chrome on OS X prior to 74.0.3729.108 allowed a local attacker to execute arbitrary code via a crafted string copied to clipboard...

CVE-2019-5819

Insufficient data validation in developer tools in Google Chrome on OS X prior to 74.0.3729.108 allowed a local attacker to execute arbitrary code via a crafted string copied to clipboard...

CVE-2018-6154

Insufficient data validation in WebGL in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2018-6145

Insufficient data validation in HTML parser in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to bypass same origin policy via a crafted HTML page...