SAP 3D Visual Enterprise Viewer JT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

Adobe Dimension TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Dimension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

Adobe Premiere Pro MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Premiere Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Adobe After Effects MOV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe After Effects. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Adobe Dimension PCX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Dimension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PCX...

Adobe Dimension TIF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Dimension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

Adobe After Effects MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe After Effects. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Adobe Photoshop Lightroom TIF File Parsing Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of of Adobe Photoshop Lightroom. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

Adobe After Effects JPEG2000 Parsing Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of of Adobe After Effects. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Cronos 安全漏洞

Cronos is a Crypto.org Evm chain. Designed to massively scale the DeFi ecosystem. Cronos suffers from a security vulnerability that stems from the fact that in Cronos nodes running versions prior to v0.6.5, it is possible to collect transaction fees for the current block from the Cosmos SDK's...

GSD-2021-1002608 iio: adc: stm32: fix a current leak by resetting pcsel before disabling vdda

iio: adc: stm32: fix a current leak by resetting pcsel before disabling vdda This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.8 by commit...

GSD-2021-1002521 iio: adc: stm32: fix a current leak by resetting pcsel before disabling vdda

iio: adc: stm32: fix a current leak by resetting pcsel before disabling vdda This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.85 by commit...

Bentley View JT File Parsing Out-of-Bounds Write Remote Code Execution Vulnerability (CNVD-2021-102039)

Bentley View is a free viewer from Bentley Systems, Inc. A security vulnerability exists in Bentley View JT file parsing, which can be exploited by attackers to execute code in the context of the current process...

Bentley View BMP File Parsing Heap Buffer Overflow Remote Code Execution Vulnerability (CNVD-2021-102036)

Bentley View is a free viewer from Bentley Systems, Inc. Bentley View BMP file parsing heap buffer overflow remote code execution vulnerability is due to a failure to properly validate the length of user-supplied data before copying it to the heap buffer. An attacker could exploit this...

Bentley View JT File Parsing Out-of-Bounds Read Remote Code Execution Vulnerability (CNVD-2021-102019)

Bentley View is a free viewer from Bentley Systems, Inc. A security vulnerability exists in Bentley View JT file parsing, which can be exploited by attackers to execute code in the context of the current process...

Bentley View JT File Parsing Out-of-Bounds Write Remote Code Execution Vulnerability (CNVD-2021-102022)

Bentley View is a free viewer from Bentley Systems, Inc. A security vulnerability exists in Bentley View JT file parsing, which can be exploited by attackers to execute code in the context of the current process...

Bentley View JT File Parsing Out-of-Bounds Write Remote Code Execution Vulnerability (CNVD-2021-102021)

Bentley View is a free viewer from Bentley Systems, Inc. A security vulnerability exists in Bentley View JT file parsing, which can be exploited by attackers to execute code in the context of the current process...

Incorrect safeApprove usage

Handle Jujic Vulnerability details Impact safeApprove won't work when current allowance 0, there may be cases when strategies will not use all allowance, so switch to new strategy will be blocked. Proof of Concept Tools Used Recommended Mitigation Steps I recommend approving to zero and then...

Bentley View 3DS File Parsing Out-of-Bounds Write Remote Code Execution Vulnerability

Bentley View is a free viewer from Bentley Systems, Inc. A security vulnerability exists in Bentley View 3DS file parsing, which can be exploited by attackers to execute code in the context of the current process...

Visual Studio 2022 version 17.0.3 update

Visual Studio 2022 version 17.0.3 security update. This update applies to all affected editions of Visual Studio 2022 version lower than 17.0.3 on the Current channel. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the clie...