Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-B. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-B. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Delta Electronics CNCSoft-B DOPSoft DPA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics CNCSoft-B. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

[slackware-security] openssl

New openssl packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/openssl-1.1.1u-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: Possible DoS translating ASN.1 object identifiers...

SAP 3D Visual Enterprise Author DST File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Author. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

The vulnerability of the Syngo fastView image viewing software, related to the execution of operations outside the buffer boundaries, allows a hacker to execute arbitrary code within the context of the current process.

The vulnerability of the Syngo fastView image viewing software is related to the execution of operations outside the buffer boundaries. Exploiting this vulnerability allows an attacker to execute arbitrary code within the context of the current process...

(0Day) Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

(0Day) Microsoft 3D Viewer FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft 3D Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

[slackware-security] ntfs-3g

New ntfs-3g packages are available for Slackware 14.2 and 15.0 to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/ntfs-3g-2022.10.3-i586-1slack15.0.txz: Upgraded. Fixed vulnerabilities that may allow an attacker using a maliciously crafted...

Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

Adobe Dimension SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Dimension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP...

Slackware: Security Advisory (SSA:2023-142-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] c-ares

New c-ares packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/c-ares-1.19.1-i586-1slack15.0.txz: Upgraded. This update fixes bugs and security issues: 0-byte UDP payload causes Denial of Service...

Slackware: Security Advisory (SSA:2023-139-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] cups-filters

New cups-filters packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/cups-filters-1.28.17-i586-1slack15.0.txz: Upgraded. PATCH Merge pull request from GHSA-gpxc-v2m8-fr3x. With execv command line...

Slackware: Security Advisory (SSA:2023-137-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apple macOS AppleScript UASIsConstant SCPT File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the AppleScript library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within th...

Apple macOS AudioToolbox CAF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Apple Safari PDFPluginAnnotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current curl Multiple Vulnerabilities (SSA:2023-137-01)

The version of curl installed on the remote host is prior to 8.1.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-137-01 advisory. - A use after free vulnerability exists in curl v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key...