Qt 安全漏洞

Qt is a cross-platform C++ application development framework from the Norwegian company Qt. It is widely used to develop GUI programs, in which case it is also known as the widget toolkit. It can also be used to develop non-GUI programs, such as console tools and servers. A security vulnerability...

Apple macOS libFontParser TTF Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the libFontParser library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

Apple macOS ModelIO STL File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ModelIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the...

Omron CX-One FLN File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Omron CX-One. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FLN...

Apple macOS ImageIO PICT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the ImageIO...

ZOHO ManageEngine Applications Manager 代码问题漏洞

ZOHO ManageEngine Applications Manager is a set of IT operation and maintenance management solutions of the United States ZhuoHao ZOHO company. The product features application performance management, fault management, report generation, and SLA management. A code issue vulnerability exists in Zo...

Apple macOS CoreGraphics PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of PDF...

Adobe After Effects 3GP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe After Effects. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

[slackware-security] util-linux

New util-linux packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/util-linux-2.37.4-i586-1slack15.0.txz: Upgraded. This release fixes a security issue in chsh1 and chfn8: By default, these...

[slackware-security] aaa_base

New aaabase packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/aaabase-15.0-i586-4slack15.0.txz: Rebuilt. If root's mailbox did not already exist, it would be created with insecure permissions...

Foxit PDF Reader JPEG2000 file parsing out-of-bounds read remote code execution vulnerability

Foxit PDF Reader is a PDF reader from Foxit China.A security vulnerability exists in Foxit PDF Reader JPEG2000 file parsing, which stems from the lack of proper validation of user-supplied data and can be exploited by attackers to execute code in the context of the current process...

Foxit PDF Reader JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP...

Adobe Illustrator null pointer dereference vulnerability (CNVD-2022-15929)

Adobe Illustrator is a vector-based image creation software from Adobe. Adobe Illustrator has a security vulnerability that could be exploited by attackers to launch an application denial of service in the context of the current user...

Adobe FrameMaker PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe FrameMaker. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

Adobe Premiere Rush JPEG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Premiere Rush. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Siemens JT2Go PAR File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PAR...

Siemens JT2Go PAR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PAR...

Siemens JT2Go PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

[slackware-security] mariadb

New mariadb packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mariadb-10.5.15-i586-1slack15.0.txz: Upgraded. This update fixes potential denial-of-service vulnerabilities. For more information,...

Foxit PDF Reader Resource Management Error Vulnerability (CNVD-2022-22735)

Foxit PDF Reader is a PDF reader from Foxit, a Chinese company. Foxit PDF Reader is vulnerable due to a lack of verification of the existence of an object before performing operations on it, which can be exploited to execute code in the context of the current process...