Foxit Reader XFA setElement Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

Microsoft ChakraCore Scripting Engine Remote Memory Corruption Vulnerability (CNVD-2018-21212)

ChakraCore is used in one of the open source core components of the JavaScript engine , can also be used as a separate JavaScript engine . A remote memory corruption vulnerability exists in Microsoft ChakraCore Scripting Engine. An attacker can exploit this vulnerability to execute arbitrary code...

Microsoft Internet Explorer CSS Style Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft Windows VBScript Class_Terminate MSXML6 Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows VBScript. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft SQL Server Management Studio xmla File XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft SQL Server Management Studio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

Delta Industrial Automation ISPSoft DVP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation ISPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

Microsoft SQL Server Management Studio xel File XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft SQL Server Management Studio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

Cisco WebEx Network Recording Player ARF File Out-of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Cisco WebEx Network Recording Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

Microsoft Excel Remote Code Execution Vulnerability (CNVD-2019-00635)

Microsoft Excel is a spreadsheet processing software in the Office suite of the American Microsoft Microsoft company. A remote code execution vulnerability exists in Microsoft Excel due to the software's failure to properly handle objects in Protected View. A remote attacker could exploit the...

Microsoft Internet Explorer CSS Style Double Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft Windows Theme API Remote Code Execution Vulnerability

Microsoft Windows 10 and others are a set of new generation cross-platform operating systems released by Microsoft.Windows Theme API is one of the Windows system theme components. A remote code execution vulnerability exists in Microsoft Windows Theme API, which is caused by the program failing t...

Input validation

Improper input validation in obs-service-tarscm of Open Build Service allows remote attackers to cause access and extract information outside the current build or cause the creation of file in attacker controlled locations. Affected releases are openSUSE Open Build Service: versions prior to...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 14.2 and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-firefox-60.2.2esr-i686-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. For more...

Adobe Acrobat Pro DC ImageConversion JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Adobe Acrobat Pro DC XFA Template Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

Adobe Acrobat Pro DC EMF BMP Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

Adobe Acrobat Pro DC ImageConversion EMF EMR_COMMENT Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Foxit Reader Barcode Calculate Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

Foxit Reader setInterval Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

Foxit Reader TextBox Calculate Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...