OpenText Brava! Desktop pdf2dl Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

OpenText Brava! Desktop DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

OpenText Brava! Desktop PDF File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

OpenText Brava! Desktop DWF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

OpenText Brava! Desktop DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

OpenText Brava! Desktop DXF File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

OpenText Brava! Desktop DWF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

Slackware 14.0 / 14.1 / 14.2 / current : dhcp (SSA:2021-149-01)

New dhcp packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2021-149-01. The text itself is copyrig...

openSUSE Security Update : grub2 (openSUSE-2021-790)

This update for grub2 fixes the following issues : - Fixed error with the shimlock protocol that is not found on aarch64 bsc1185580. This update was imported from the SUSE:SLE-15-SP2:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package check...

Foxit PhantomPDF XFA Template Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of X...

Siemens Solid Edge Viewer PAR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Siemens Solid Edge Viewer DFT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Solid Edge Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Heap overflow

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. The specific flaw exists within the processing of DSI structures in Netatalk. The issue results fr...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

The vulnerability of the Adobe Animate software for creating multimedia and computer animations lies in its ability to read data beyond the boundaries of the memory buffer. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the Adobe Animate program for creating multimedia and computer animations is related to reading beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information in the context of the current user, usin...

The vulnerability of the CloudForms Management Engine, a software platform for managing virtual environments, lies in the lack of protection against Cross-Site Request Forgery attacks (CSRF). This allows attackers to perform arbitrary actions within the context of the current user.

The vulnerability of the CloudForms Management Engine, a software platform for managing virtual environments, is related to the lack of protection against Cross-Site Request Forgery attacks CSRF. Exploiting this vulnerability allows a malicious actor to perform arbitrary actions on behalf of the...

[slackware-security] libX11

New libX11 packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/libX11-1.7.1-i586-1slack14.2.txz: Upgraded. This update fixes missing request length checks in libX11 that can lead to t...

The vulnerability of the Adobe Framemaker desktop publishing system, related to reading data beyond the buffer in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Framemaker desktop publishing system relates to reading beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary code in the context of the current user...

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to reading beyond the buffer in memory. This allows attackers to gain unauthorized access to protected information.

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to reading data beyond the buffer limit in memory. Exploiting these vulnerabilities can allow an attacker to gain...

The vulnerability of the ColdFusion software platform, related to the lack of measures taken to protect the website structure, allows attackers to execute arbitrary code.

The vulnerability of the ColdFusion software platform is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...