Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.4.1.16828. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.16811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Studio Photo 3.6.6. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2019-6760

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.4.16811. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

CVE-2019-6755

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.3.10826. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

CVE-2019-6751

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Studio Photo 3.6.6.779. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Zimbra Collaboration Server Cross-Site Scripting Vulnerability

Zimbra Collaboration Server ZCS is a suite of email and collaboration solutions from Zimbra, USA. The solution provides email, contacts, calendaring, file sharing, social networking, and more. A cross-site scripting vulnerability exists in the admin console in version 8.x of Zimbra ZCS prior to...

The vulnerability of SINAMICS PERFECT HARMONY GH180 software drivers, related to insufficient validation of input data, allows a perpetrator to trigger a service failure.

The vulnerability of SINAMICS PERFECT HARMONY GH180 driver software is related to insufficient verification of input data. Exploiting this vulnerability could allow an attacker with access to the device over the network to cause service failures...

The vulnerability of the User Data Services (UDS) software interface of the Cisco Unified Communications Manager (Unified CM) platform allows a perpetrator to trigger a service failure.

The vulnerability of the User Data Services UDS software interface of the Cisco Unified Communications Manager Unified CM platform is related to insufficient validation of entered data. Exploiting this vulnerability could allow a malicious actor to cause service failures by sending specially...

Hewlett Packard Enterprise Intelligent Management Center ByteMessageResource transformEntity Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

Fortinet FortiManager and Fortinet FortiAnalyzer Cross-Site Scripting Vulnerabilities (CNVD-2019-16608)

Fortinet FortiManager and Fortinet FortiAnalyzer are both products from Fortinet, Inc. Fortinet FortiManager is a centralized network security management platform. The platform supports centralized management of any number of Fortinet devices, and can be grouped into different management domains...

ZOHO ManageEngine Application Manager Cross-Site Scripting Vulnerability

ZOHO ManageEngine Application Manager is a set of application monitoring and management system of the United States ZhuoHao ZOHO company. The system is mainly used to monitor server and application performance. A cross-site scripting vulnerability exists in ZOHO ManageEngine Application Manager...

Buffer overflow

Data length received from firmware is not validated against the max allowed size which can result in buffer overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064,...

IBM Cognos Analytics Cross-Site Scripting Vulnerability (CNVD-2019-25041)

IBM Cognos Analytics is a suite of business intelligence software from IBM in the United States. The software includes reports, dashboards, and scorecards, and can assist companies in adjusting their decisions by analyzing such things as key factors and key people. A cross-site scripting...

The vulnerability of Intel Broadwell processors stems from insufficient validation of input data, allowing attackers to exploit their privileges, cause system failures, or compromise the confidentiality of protected information.

The vulnerability of Intel Broadwell processors exists due to insufficient testing of input data. Exploiting this vulnerability can allow attackers to enhance their privileges, cause service failures, or compromise the confidentiality of protected information...

Open-Xchange OX App Suite Cross-Site Scripting Vulnerability (CNVD-2019-16167)

Open-Xchange OX App Suite is a set of Web-based cloud desktop environments from Open-Xchange USA. The environment allows users to manage email, tasks, files, etc. more intuitively. A cross-site scripting vulnerability exists in Open-Xchange OX App Suite 7.8.4 and earlier versions. The vulnerabili...

Open-Xchange GmbH OX App Suite Cross-Site Scripting Vulnerability

Open-Xchange OX App Suite is a set of Web-based cloud desktop environments from Open-Xchange USA. The environment allows users to manage email, tasks, files, etc. more intuitively. A cross-site scripting vulnerability exists in Open-Xchange OX App Suite. The vulnerability stems from a lack of...

Mozilla Firefox Cross-Site Scripting Vulnerability (CNVD-2019-15665)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A cross-site scripting vulnerability exists in Mozilla Firefox versions prior to 67, which stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit thi...

Fortinet FortiOS Buffer Overflow Vulnerability

Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam and other security features. A buffer overflow vulnerability...

Microsoft Windows Jet Database Engine Buffer Overflow Vulnerability (CNVD-2019-24763)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Windows Jet Database Engine is one of the database engines. A buffer overflow vulnerabilit...