[slackware-security] vim

New vim and vim-gvim packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/vim-8.2.4649-i586-2slack15.0.txz: Rebuilt. Fix use after free, out-of-bounds read, and heap based buffer overflow. Thanks to...

kkFileView 跨站脚本漏洞

Keking kkFileView is a Spring-Boot project for online previewing of documents by Keking Technology Keking. A cross-site scripting vulnerability exists in kkFileView v4.1.0, which originates from multiple cross-site scripts in the urls and currentUrl parameters of the...

Slackware: Security Advisory (SSA:2022-227-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apple macOS LaunchServices Sandbox Escape Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escape the sandbox on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of XPC...

CVE-2021-29117

A use-after-free vulnerability when parsing a specially crafted file in Esri ArcReader 10.8.1 and earlier allows an unauthenticated attacker to achieve arbitrary code execution in the context of the current user...

Adobe Illustrator Resource Management Error Vulnerability (CNVD-2023-07324)

Adobe Illustrator is a vector-based image creation software from Adobe. Adobe Illustrator is vulnerable to resource management errors, which can be exploited by attackers to execute arbitrary code in the context of the current user...

Adobe Illustrator 资源管理错误漏洞

Adobe Illustrator is a vector-based image creation software from Adobe. Adobe Illustrator is vulnerable to resource management errors, which can be exploited by attackers to execute arbitrary code in the context of the current user...

编号已被CVE保留

No details are available at this time...

Foxit PDF Editor JavaScript Optimization Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the optimization ...

Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PD...

Foxit PDF Reader AcroForm deletePages Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Foxit PDF Editor JavaScript Array Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

How to view the current EPA Plug-in version on ADC

This article describe how to view current EPA Plug-in version on ADC...

ICONICS GENESIS64 GraphWorX64 TDFX File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of ICONICS GENESIS64. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

OESA-2022-1787 qt5-qtbase security update

Qt is a software toolkit for developing applications. Security Fixes: In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux and UNIX, QProcess could execute a binary from the current working directory when not found in the PATH.CVE-2022-25255...

Slackware: Security Advisory (SSA:2022-209-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-91.12.0-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For mor...

OPC Labs QuickOPC Connectivity Explorer Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OPC Labs QuickOPC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing o...

Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

Slackware Linux 15.0 / current samba Multiple Vulnerabilities (SSA:2022-208-01)

The version of samba installed on the remote host is prior to 4.15.9 / 4.16.4. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2022-208-01 advisory. - A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or...