91 matches found
Foxit Reader < 9.3 Multiple Vulnerabilities
The version of Foxit Reader installed on the remote Windows host is prior to 9.3. It is, therefore, affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid118093; scriptversion"1.7"; scriptsetattributeattribute:"pluginmodificationdate",...
CVE-2018-3940
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused. An attacker needs to trick the user to open the malicious file to trigger...
CVE-2018-3940
CVE-2018-3940 concerns Foxit PDF Reader’s JavaScript engine. The issue is a use-after-free vulnerability in Foxit PDF Reader 9.1.0.5096 that can be triggered by a specially crafted PDF, allowing memory reuse of a previously freed object. An attacker must entice the user to open the malicious file...
Foxit Reader and PhantomPDF Multiple Use After Free Vulnerabilities (CVE-2018-3940; CVE-2018-3941; CVE-2018-3942; CVE-2018-3943; CVE-2018-3944; CVE-2018-3945; CVE-2018-3946)
A remote code execution vulnerability exists in Foxit Reader and PhantomPDF. The vulnerability is due to a use-after-free error while handling a specially crafted PDF file. Successful exploitation could lead to arbitrary code execution. Additional CVEs: CVE-2018-3957, CVE-2018-3958, CVE-2018-3959...
CVE-2017-3940
...
CVE-2017-3940
CVE-2017-3940 is rejected/not used; this entry does not represent an active vulnerability.
Debian DSA-3940-1 : cvs - security update
It was discovered that CVS, a centralised version control system, did not correctly handle maliciously constructed repository URLs, which allowed an attacker to run an arbitrary shell command. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
Debian: Security Advisory (DSA-3940-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
natwest.com XSS vulnerability
Vulnerable URL: http://www.natwest.com/apps/secure/tools/ibannew/Iban/IBANChecker.aspx?Theme='-confirmOPENBUGBOUNTY-' Details: Description| Value ---|--- Patched:| No Latest check for patch:| 10.08.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 3940 VIP websit...
CVE-2016-3940
CVE-2016-3940 affects the Android Synaptics touchscreen driver on Nexus 6P and Android One devices, prior to the 2016-10-05 patch level. The issue allows a local attacker to escalate privileges through a crafted application, due to a vulnerability in the Synaptics touchscreen driver (internal bug...
Oracle: Security Advisory (ELSA-2015-0290)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2015-1272)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-3940
CVE-2015-3940 describes an untrusted search path vulnerability (CWE-427) in Schneider Electric Wonderware System Platform, affecting 2014 R2 and earlier versions. The issue allows local privilege escalation when a local user runs the vulnerable application and loads a Trojan-horse DLL from an uns...
Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 7. This is the first regular update. Red Hat Product Security has rated this...
Microsoft Graphics Device Interface Integer Overflow - Ver2 (CVE-2013-3940)
An integer overflow vulnerability has been reported in the way that the Windows Graphics Device Interface GDI processes specially crafted image files. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted Windows Write file. Successful exploitation of this...
Fedora Update for kernel FEDORA-2014-16632
Check the version of kernel SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868583";...
Fedora Update for kernel FEDORA-2014-13045
Check the version of kernel SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868403";...
Fedora Update for kernel FEDORA-2014-8487
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 6 : kernel-rt (RHSA-2014:0913)
Updated kernel-rt packages that fix multiple security issues are now available for Red Hat Enterprise MRG 2.5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...
Important: Red Hat Security Advisory: kernel-rt security update
Updated kernel-rt packages that fix multiple security issues are now available for Red Hat Enterprise MRG 2.5. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...