28 matches found
CVE-2019-18957
Microstrategy Library in MicroStrategy before 2019 before 11.1.3 has reflected XSS...
Security Bulletin: IBM Event Endpoint Management is vulnerable to a denial of service attack (CVE-2023-51074).
Summary IBM Event Endpoint Management is vulnerable to a denial of service due to json-path component, caused by a stack-based buffer overflow in the Criteria.parse method.It is a query language for JSON, similar to XPath for XML. It allows you to select and extract data from a JSON document...
MariaDB DoS Vulnerability (CVE-2023-22084) - Windows
MariaDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if...
CVE-2022-35708
Adobe Bridge version 12.0.2 and earlier and 11.1.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...
CVE-2022-35701
Adobe Bridge version 12.0.2 and earlier and 11.1.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
Cross site scripting
Adobe Bridge version 12.0.2 and earlier and 11.1.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
Cross site scripting
Adobe Bridge version 12.0.2 and earlier and 11.1.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
Design/Logic Flaw
Adobe Bridge version 12.0.2 and earlier and 11.1.3 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context ...
Design/Logic Flaw
Adobe Bridge version 12.0.2 and earlier and 11.1.3 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context ...
Heap overflow
Adobe Bridge version 12.0.2 and earlier and 11.1.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...
CVE-2022-35706 Adobe Bridge SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
Adobe Bridge version 12.0.2 and earlier and 11.1.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...
CVE-2022-35707
Adobe Bridge 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by an out-of-bounds read when parsing crafted files, potentially allowing code execution under the current user. The issue is caused by parsing a crafted file and requires user interaction (victim must open the malicious file...
CVE-2022-35704 Adobe Bridge SVG File Parsing Use-After-Free Remote Code Execution Vulnerability
Adobe Bridge version 12.0.2 and earlier and 11.1.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2022-35699 Adobe Bridge Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Adobe Bridge version 12.0.2 and earlier and 11.1.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2022-35705 Adobe Bridge MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
Adobe Bridge version 12.0.2 and earlier and 11.1.3 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context ...
PT-2022-5235 · Adobe · Bridge
Name of the Vulnerable Software and Affected Versions: Adobe Bridge versions 11.1.3 and earlier Adobe Bridge versions 12.0.2 and earlier Description: The issue is related to a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this...
CVE-2022-40305
A Server-Side Request Forgery issue in Canto Cumulus through 11.1.3 allows attackers to enumerate the internal network, overload network resources, and possibly have unspecified other impact via the server parameter to the /cwc/login login form...
CVE-2021-43803
Next.js is a React framework. In versions of Next.js prior to 12.0.5 or 11.1.3, invalid or malformed URLs could lead to a server crash. In order to be affected by this issue, the deployment must use Next.js versions above 11.1.0 and below 12.0.5, Node.js above 15.0.0, and next start or a custom...
CVE-2021-43803
Next.js is a React framework. In versions of Next.js prior to 12.0.5 or 11.1.3, invalid or malformed URLs could lead to a server crash. In order to be affected by this issue, the deployment must use Next.js versions above 11.1.0 and below 12.0.5, Node.js above 15.0.0, and next start or a custom...
Unexpected server crash in Next.js.
Next.js is a React framework. In versions of Next.js prior to 12.0.5 or 11.1.3, invalid or malformed URLs could lead to a server crash. In order to be affected by this issue, the deployment must use Next.js versions above 11.1.0 and below 12.0.5, Node.js above 15.0.0, and next start or a custom...