CVE-2022-21606

Vulnerability in the Oracle Services for Microsoft Transaction Server component of Oracle Database Server. The supported version that is affected is 19c. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Services for Microsoft...

CVE-2025-21606

stats is a macOS system monitor in for the menu bar. The Stats application is vulnerable to a local privilege escalation due to the insecure implementation of its XPC service. The application registers a Mach service under the name eu.exelban.Stats.SMC.Helper. The associated binary,...

CVE-2025-21606 Local Privilege Escalation via Exposed XPC Method Due to Client Verification Failure in stats

stats is a macOS system monitor in for the menu bar. The Stats application is vulnerable to a local privilege escalation due to the insecure implementation of its XPC service. The application registers a Mach service under the name eu.exelban.Stats.SMC.Helper. The associated binary,...

CVE-2023-51564 Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-51564 Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-51564

CVE-2023-51564 concerns Kofax Power PDF parsing of PDF files. The flaw is an out-of-bounds read caused by insufficient validation of user-supplied data, allowing a read past the end of an allocated object. This can disclose sensitive information and, with other vulnerabilities, may enable arbitra...

Juniper Junos OS Vulnerability (JSA75747)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA75747 advisory. - A Double Free vulnerability in the flow processing daemon flowd of Juniper Networks Junos OS on SRX Series allows a network-based, unauthenticated attacker to cause a Deni...

USN-6617-1: libde265 vulnerabilities

It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : libde265 vulnerabilities (USN-6617-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6617-1 advisory. It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a...

CVE-2024-21606

creationtimestamp| type| source ---|---|--- 2024-01-12 02:26:37+00:00| seen| https://t.me/ctinow/167021...

CVE-2024-21606

A Double Free vulnerability in the flow processing daemon flowd of Juniper Networks Junos OS on SRX Series allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. In a remote access VPN scenario, if a "tcp-encap-profile" is configured and a sequence of specific packets ...

CVE-2024-21606 Junos OS: SRX Series: When "tcp-encap" is configured and specific packets are received flowd will crash

A Double Free vulnerability in the flow processing daemon flowd of Juniper Networks Junos OS on SRX Series allows a network-based, unauthenticated attacker to cause a Denial of Service DoS. In a remote access VPN scenario, if a "tcp-encap-profile" is configured and a sequence of specific packets ...

CVE-2024-21606

CVE-2024-21606 affects Juniper Networks Junos OS on SRX Series with a Double Free vulnerability in the flowd daemon . In a remote-access VPN, if a tcp-encap-profile is configured and a sequence of specific packets is received, a flowd crash and restart can occur, caused by a faulty free operation...

Mageia: Security Advisory (MGASA-2023-0093)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-21606 Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Adobe Acrobat Reader versions 22.003.20282 and earlier, 22.003.20281 and earlier and 20.005.30418 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction...

CVE-2023-21606

CVE-2023-21606 – Adobe Acrobat/Reader out-of-bounds write (font parsing) . Affects Adobe Acrobat Reader DC/Viewer versions including 22.003.20282 and earlier, 22.003.20281 and earlier, and 20.005.30418 and earlier. The root cause is an out-of-bounds write in font parsing that can lead to arbitrar...

Adobe Reader < 20.005.30436 / 22.003.20310 Multiple Vulnerabilities (APSB23-01) (macOS)

The version of Adobe Reader installed on the remote macOS host is a version prior to 20.005.30436 or 22.003.20310. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat Reader versions 22.003.20282 and earlier, 22.003.20281 and earlier and 20.005.30418 and earlier are affected b...

Adobe Acrobat DC Continuous Security Update (APSB23-01) - Windows

Adobe Acrobat is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatdccontinuous";...

Vulnerabilities fixed in Oracle Database Server

Vulnerabilities have been fixed in Oracle Database Server. The vulnerabilities allow a malicious party to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Remote code execution User rights Access to sensitive data Orac...

CVE-2022-21606

CVE-2022-21606 affects Oracle Database Server 19c, specifically the Oracle Services for Microsoft Transaction Server component on Windows. The vulnerability allows an unauthenticated attacker with network access via HTTP to compromise the Transaction Server component; exploitation requires human ...