The vulnerability of Adobe Audition for Windows and macOS, related to recording beyond buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of Adobe Audition for Windows and macOS relates to recording beyond the buffer limits in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code in the context of the current user...

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in the ability to write code beyond the buffer boundaries in memory, allowing attackers to execute arbitrary code.

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in the writing of code beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code within the context of the current user...

The vulnerability of the Adobe Framemaker desktop publishing system arises from the possibility of an operation going beyond the buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of the Adobe Framemaker desktop publishing system lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to the use of a null pointer pointer, which allows attackers to execute arbitrary code.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to the use of a null pointer. Exploiting these vulnerabilities can allow an attacker...

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015/Reader 2015 involve a flaw related to writing beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 is related to writing beyond the buffer in memory. Exploiting this vulnerability can allow a...

(0Day) Delta Industrial Automation DOPSoft DPA File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Delta Industrial Automation DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exis...

Microsoft Windows hevcdecoder_store HEIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

The vulnerability of the Windows Shell component of the Windows operating system, which allows a hacker to execute arbitrary code

The vulnerability of the Windows Shell component of the Windows operating system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user, using a specially created file...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-firefox-68.10.0esr-i686-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. For more...

[slackware-security] curl

New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/curl-7.71.0-i586-1slack14.2.txz: Upgraded. This update fixes security issues: curl overwrite local file with -J 111 Partial...

Slackware 14.0 / 14.1 / 14.2 / current : ntp (SSA:2020-175-01)

New ntp packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2020-175-01. The text itself is copyright C Slackware Linux,...

Adobe Premiere Pro MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Premiere Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing ...

Adobe Premiere Rush MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Premiere Rush. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing...

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to buffer overflows in dynamic memory, allowing attackers to execute arbitrary code.

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attack...

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, Adobe Acrobat 2015, and Adobe Acrobat Reader 2015 are related to privilege management errors, allowing an attacker to execute arbitrary code.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015/Reader 2015 are related to privilege management errors. Exploiting these vulnerabilities can all...

Microsoft SharePoint Cross-Site Scripting Vulnerability (CNVD-2020-60832)

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A cross-site scriptin...

Microsoft SharePoint Spoofing Vulnerability (CNVD-2020-64011)

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A security...

Microsoft SharePoint Cross-Site Scripting Vulnerability (CNVD-2020-35936)

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A security...

Microsoft ChakraCore and Edge Remote Code Execution Vulnerability (CNVD-2020-37835)

Microsoft ChakraCore and Microsoft Edge are both products of Microsoft Corporation.ChakraCore is the core of an open-source Chakra JavaScript scripting engine used in the Edge browser, and is also available as a standalone JavaScript engine. Microsoft Edge is a web browser that comes with Windows...

CVE-2020-1286

A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths.An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user, aka 'Windows Shell Remote Code Execution Vulnerability'...