Adobe Acrobat Reader DC Annotation getAnnots Method Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

Schneider Electric EcoStruxure Power Build SSD File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Power Build. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exist...

Microsoft Excel XLS File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XLS...

Microsoft Excel XLSX File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XLS...

Adobe Acrobat Reader DC Annotation popupOpen Method Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

[slackware-security] dnsmasq

New dnsmasq packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/dnsmasq-2.84-i586-1slack14.2.txz: Upgraded. This update fixes bugs and remotely exploitable security issues: Use the...

CVE-2020-27856

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

Memory corruption

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

VulnCheck KEV: CVE-2021-21017

Acrobat Acrobat and Reader contain a heap-based buffer overflow vulnerability that could allow an unauthenticated attacker to achieve code execution in the context of the current user...

JT2Go 缓冲区错误漏洞

Siemens Jt2go and Siemens Teamcenter Visualization are both products of Siemens, Germany.Siemens Jt2go is a JT file viewer. The software is used for lightweight previewing of 3D graphics with 3D zoom, panorama, rotation, scaling and repositioning, accurate 3D measurements, basic 3D profile viewin...

JT2Go 缓冲区错误漏洞

Siemens Jt2go and Siemens Teamcenter Visualization are both products of Siemens, Germany.Siemens Jt2go is a JT file viewer. The software is used for lightweight previewing of 3D graphics with 3D zoom, panorama, rotation, scaling and repositioning, accurate 3D measurements, basic 3D profile viewin...

The vulnerability of the Adobe Bridge file manager, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Bridge file manager is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user, using a specially crafted file...

The vulnerability of the Adobe Animate program for creating multimedia and computer animations lies in its uncontrolled search element, which allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Animate software for creating multimedia and computer animations is related to an uncontrolled element in the search process. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user, using a specially craft...

Apple macOS ModelIO USD Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the ModelIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the ModelIO...

Apple macOS CoreText TTF Parsing Out-of-Bounds Write Remote Code Execution

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the CoreText library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing o...

Apple macOS ImageIO PICT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the ImageIO library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the ImageIO...

The vulnerability of the cloud-based video editing, annotation, and format conversion application Adobe Prelude lies in its uncontrolled search path, allowing attackers to execute arbitrary code within the context of the current user.

The vulnerability of the cloud-based application for video digitization, annotation, and format conversion in Adobe Prelude is related to an uncontrollable element in the search process. Exploiting this vulnerability could allow a attacker to execute arbitrary code in the context of the current...

The vulnerability of the Adobe Lightroom Classic graphic editor lies in its uncontrolled search path, which allows a hacker to execute arbitrary code.

The vulnerability of Adobe Lightroom Classic’s graphic editor is related to an uncontrolled element in the search process. Exploiting this vulnerability could allow a hacker to execute arbitrary code within the context of the current user...

Schneider Electric IGSS CGF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...