7655 matches found
CVE-2022-30637 Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Adobe Illustrator versions 26.0.2 and earlier and 25.4.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...
CVE-2021-43027 Adobe After Effects TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Adobe After Effects versions 22.0 and earlier and 18.4.2 and earlier are affected by an out-of-bounds read vulnerability which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/installation/setThumbnailRc endpoint. The issue results from the lack of prope...
CVE-2023-4616 thumbnail Directory Path Traversal Allows Unauthenticated Arbitrary File Read Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/thumbnail endpoint. The issue results from the lack of proper validati...
LG LED Assistant Path Traversal Vulnerability
LG LED Assistant is a software from Luckin LG Korea. It is used to set up LED lights. A security vulnerability exists in LG LED Assistant that originates from failure to properly validate a user-supplied path before using it in a file operation, allowing remote attackers to disclose information...
The vulnerability of Adobe Dimension’s 3D design software arises from buffer overflows in its dynamic memory; this allows attackers to execute arbitrary code in the context of the current user.
The vulnerability of Adobe Dimension’s 3D design software arises from an overflow in the dynamic memory buffer. Exploiting this vulnerability allows a hacker to execute arbitrary code in the context of the current user...
The vulnerability of the software interface for PDF viewing and editing programs like Acrobat Reader and Adobe Acrobat lies in the lack of access control mechanisms. This allows attackers to execute arbitrary code within the context of the current user.
The vulnerability of the PDF file viewing and editing software interface of Acrobat Reader, as well as the Adobe Acrobat PDF editing software, is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to execute arbitrary code within the context of the...
Delta Electronics DIAScreen DPA File Parsing Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIAScreen. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Delta Electronics DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-115.2.0-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For mor...
SUSE CVE-2023-40590
GitPython is a python library used to interact with Git repositories. When resolving a program, Python/Windows look for the current working directory, and after that the PATH environment. GitPython defaults to use the git command, if a user runs GitPython from a repo has a git.exe or git...
CVE-2023-40590
A flaw was found in Python/Windows. When resolving a program, it looks for the current working directory followed by the PATH environment. GitPython defaults to use the git command if a user runs GitPython from a repo, has a git.exe, or git executable, that program will run instead of the one in...
PYSEC-2023-161
GitPython is a python library used to interact with Git repositories. When resolving a program, Python/Windows look for the current working directory, and after that the PATH environment. GitPython defaults to use the git command, if a user runs GitPython from a repo has a git.exe or git...
LG LED Assistant upload Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/settings/upload endpoint. The issue results from the lack of proper validation...
(0Day) Maxon Cinema 4D SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Maxon Cinema 4D. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP...
(0Day) Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Maxon Cinema 4D. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP...
7-Zip 7Z File Parsing Integer Underflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of 7Z files. The...
7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SQFS files. T...
PDF-XChange Editor exportAsText Exposed Dangerous Method Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the exportAsTex...
PDF-XChange Editor TIF File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...