32 matches found
EUVD-2021-25016
Malware in sbrugna...
CVE-2021-38571
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows DLL hijacking, aka CNVD-C-2021-68000 and CNVD-C-2021-68502...
CVE-2021-38574
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows SQL Injection via crafted data at the end of a string...
PT-2024-28178 · Microsoft · Import Spreadsheets From Microsoft Excel
Name of the Vulnerable Software and Affected Versions: Import Spreadsheets from Microsoft Excel versions 10.1.4 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, potentially enabling code injection. This is related to the Import Spreadsheets from...
WordPress Import Spreadsheets from Microsoft Excel Plugin <= 10.1.3 is vulnerable to Cross Site Scripting (XSS)
Software Import Spreadsheets from Microsoft Excel Type Plugin Vulnerable versions = 10.1.3 Fixed in 10.1.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-48289 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 42e6092284d8 Credits Khalid Yusu...
Vulnerability fixed in Drupal
Drupal has fixed a vulnerability in Drupal core. The vulnerability is located in the JSON:API module and allows an unauthenticated malicious party to gain access to sensitive data. No CVE ID has been disclosed for this vulnerability yet. Drupal has released updates to fix the vulnerability in...
Security Bulletin: IBM QRadar WinCollect Agent is vulnerable to execution with unnecessary privileges (CVE-2023-26277)
Summary IBM QRadar WinCollect Agent is vulnerable to execution with unnecessary privileges. IBM has addressed the relevant vulnerability Vulnerability Details CVEID:CVE-2023-26277 DESCRIPTION: IBM QRadar WinCollect Agent could allow a local user to execute commands on the system due to execution...
Security Bulletin: IBM QRadar WinCollect Agent is vulnerable to priviledge escalation (CVE-2023-26278)
Summary IBM QRadar WinCollect Agent is vulnerable to priviledge escalation. IBM has addressed the relevant vulnerability Vulnerability Details CVEID:CVE-2023-26278 DESCRIPTION: IBM QRadar WinCollect Agent could allow a local authenticated attacker to gain elevated privileges on the system. CVSS...
[R1] Nessus Agent Version 10.1.4 Fixes Multiple Vulnerabilities
R1 Nessus Agent Version 10.1.4 Fixes Multiple Vulnerabilities Arnie Cabral Wed, 06/15/2022 - 12:36 Custom audit files bring tremendous power and flexibility when assessing the configuration of your assets. Two separate vulnerabilities that utilize this custom Audit functionality were identified,...
Foxit Reader and Foxit PhantomPDF Arbitrary File Write Vulnerability
Foxit Reader and Foxit PhantomPDF are both Chinese Foxit Foxit company a PDF document reader. An arbitrary file write vulnerability exists in Foxit Reader versions prior to 10.1.4 and PhantomPDF versions prior to 10.1.4, which stems from a failure to validate the CombineFiles pathname and can be...
CVE-2021-38574
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows SQL Injection via crafted data at the end of a string...
CVE-2021-38571
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows DLL hijacking, aka CNVD-C-2021-68000 and CNVD-C-2021-68502...
CVE-2021-38568
An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows memory corruption during conversion of a PDF document to a different document format...
Foxit Reader和Foxit PhantomPDF 安全漏洞
Foxit Reader and Foxit PhantomPDF are both PDF document readers from the Chinese company Foxit. A security vulnerability exists in Foxit Reader and PhantomPDF versions prior to 10.1.4, which stems from the application allowing arbitrary files to be written because the extractPages pathname is not...
Foxit Reader和Foxit PhantomPDF 缓冲区错误漏洞
Foxit Reader and Foxit PhantomPDF are both PDF document readers from Foxit, a Chinese company. Foxit Reader and PhantomPDF versions prior to 10.1.4 have a security vulnerability that could be exploited to corrupt memory during the conversion of PDF documents to a different document format...
CVE-2021-33795
Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 produce incorrect PDF document signatures because the certificate name, document owner, and signature author are mishandled...
Design/Logic Flaw
IBM Spectrum Protect Plus 10.1.0 through 10.1.4 uses insecure file permissions on restored files and directories in Windows which could allow a local user to obtain sensitive information or perform unauthorized actions. IBM X-Force ID: 170963...
CVE-2019-4652
IBM Spectrum Protect Plus 10.1.0 through 10.1.4 uses insecure file permissions on restored files and directories in Windows which could allow a local user to obtain sensitive information or perform unauthorized actions. IBM X-Force ID: 170963...
IBM Spectrum Protect Plus CVE-2019-4652 Insecure File Permission Vulnerability
Description IBM Spectrum Protect Plus is prone to insecure file-permission vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks. IBM Spectrum Protect Plus versions 10.1.0 through 10.1....
Security Bulletin: Guardium StealthBits Integration is affected by an OpenSSL vulnerability
Summary IBM Security Guardium is aware of the following vulnerability Vulnerability Details CVE-ID: CVE-2019-1559 Description: OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts encounter a zero-leng...