CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Prion•added 2020/04/22 9:15 p.m.•17 views

Design/Logic Flaw

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

4.3CVSS3.3AI score0.03377EPSS

Prion•added 2020/04/22 9:15 p.m.•10 views

Type confusion

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS7.9AI score0.04689EPSS

Prion•added 2020/04/22 9:15 p.m.•15 views

Type confusion

6.8CVSS7.9AI score0.04689EPSS

Prion•added 2020/04/22 9:15 p.m.•21 views

Design/Logic Flaw

6.8CVSS8.8AI score0.0217EPSS

Cvelist•added 2020/04/22 8:50 p.m.•15 views

CVE-2020-10898

7.8CVSS7.7AI score0.04787EPSS

Cvelist•added 2020/04/22 8:50 p.m.•18 views

CVE-2020-10893

7.8CVSS7.8AI score0.04689EPSS

Tenable Nessus•added 2020/04/21 12:0 a.m.•41 views

Security Updates for Microsoft Project Server (April 2020)

The Microsoft Project Server installation on the remote host is missing a security update. It is, therefore, affected by a cross-site-scripting XSS vulnerability. Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An...

5.4CVSS6AI score0.01515EPSS

OSV•added 2020/04/17 2:15 p.m.•2 views

CVE-2019-20769

An issue was discovered in LG PC Suite for LG G3 and earlier aka LG PC Suite v5.3.27 and earlier. DLL Hijacking can occur via a Trojan horse DLL in the current working directory. The LG ID is LVE-MOT-190001 November 2019...

7.8CVSS5.8AI score0.00345EPSS

Snyk•added 2020/04/17 12:0 a.m.•2 views

Malicious Package

Overview current-weather is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

8CVSS6.9AI score

Zero Day Initiative•added 2020/04/16 12:0 a.m.•24 views

Foxit Reader XFA Widget Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of widge...

7.8CVSS2.2AI score0.04787EPSS

CNVD•added 2020/04/16 12:0 a.m.•3 views

Microsoft ChakraCore and Edge Remote Code Execution Vulnerability (CNVD-2020-28238)

Microsoft ChakraCore and Microsoft Edge are both products of Microsoft Corporation.ChakraCore is the core of an open-source Chakra JavaScript scripting engine used in the Edge browser, and is also available as a standalone JavaScript engine. Microsoft Edge is a web browser that comes with Windows...

7.6CVSS7.8AI score0.13303EPSS

Zero Day Initiative•added 2020/04/16 12:0 a.m.•30 views

Foxit PhantomPDF SetFieldValue Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of t...

7.8CVSS2.2AI score0.04689EPSS

Zero Day Initiative•added 2020/04/16 12:0 a.m.•38 views

Foxit PhantomPDF OCRAndExportToExcel Type Confusion Remote Code Execution Vulnerability

7.8CVSS2.5AI score0.06602EPSS

Zero Day Initiative•added 2020/04/16 12:0 a.m.•40 views

Foxit PhantomPDF Export Type Confusion Remote Code Execution Vulnerability

7.8CVSS2.4AI score0.04689EPSS

Zero Day Initiative•added 2020/04/16 12:0 a.m.•30 views

Foxit PhantomPDF U3DBrowser U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

7.8CVSS3.8AI score0.04787EPSS

Zero Day Initiative•added 2020/04/16 12:0 a.m.•40 views

Foxit PhantomPDF GetFieldValue Type Confusion Remote Code Execution Vulnerability

7.8CVSS2.2AI score0.04689EPSS

Zero Day Initiative•added 2020/04/16 12:0 a.m.•25 views

Foxit PhantomPDF U3D File Parsing vertex Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS1.2AI score0.03377EPSS

CNVD•added 2020/04/16 12:0 a.m.•3 views

Microsoft Word Remote Code Execution Vulnerability (CNVD-2020-24069)

Microsoft Word is a word processing software in the Office suite of the U.S. company Microsoft Microsoft. A remote code execution vulnerability exists in Microsoft Word, which arises from the program's failure to properly handle memory objects, and can be exploited by an attacker with the help of...

9.3CVSS7.9AI score0.11548EPSS

CNVD•added 2020/04/16 12:0 a.m.•1 views

Microsoft SharePoint Cross-Site Scripting Vulnerability (CNVD-2020-24068)

Microsoft SharePoint is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A cross-site scriptin...

5.4CVSS5.9AI score0.01515EPSS