The vulnerability of the cloud-based video conversion, annotation, and format conversion application for Adobe Prelude involves writing data beyond the buffer boundaries into memory, allowing an attacker to execute arbitrary code.

The vulnerability of the cloud-based application for video digitization, annotation, and format conversion in Adobe Prelude involves writing data beyond the buffer boundaries into memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

xstream: Infinite loop DoS via unsafe deserialization of sun.reflect.annotation.AnnotationInvocationHandler

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by...

The vulnerability of the cloud-based video conversion, annotation, and format conversion application for Adobe Prelude involves writing data beyond the buffer boundaries into memory, allowing an attacker to execute arbitrary code.

The vulnerability of the cloud-based application for video digitization, annotation, and format conversion in Adobe Prelude involves writing data beyond the buffer boundaries into memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the cloud-based video conversion, annotation, and format conversion application for Adobe Prelude involves writing data beyond the buffer boundaries into memory, allowing an attacker to execute arbitrary code.

The vulnerability of the cloud-based application for video digitization, annotation, and format conversion in Adobe Prelude involves writing data beyond the buffer boundaries into memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

GHSA-P9M8-27X8-RG87 Critical vulnerability found in cron-utils

Impact A Template Injection was identified in cron-utils enabling attackers to inject arbitrary Java EL expressions, leading to unauthenticated Remote Code Execution RCE vulnerability. Versions up to 9.1.2 are susceptible to this vulnerability. Please note, that only projects using the @Cron...

CVE-2021-41269

cron-utils is a Java library to define, parse, validate, migrate crons as well as get human readable descriptions for them. In affected versions A template Injection was identified in cron-utils enabling attackers to inject arbitrary Java EL expressions, leading to unauthenticated Remote Code...

Remote code execution

cron-utils is a Java library to define, parse, validate, migrate crons as well as get human readable descriptions for them. In affected versions A template Injection was identified in cron-utils enabling attackers to inject arbitrary Java EL expressions, leading to unauthenticated Remote Code...

CVE-2021-41269 Unauthenticated remote code injection in cron-utils

cron-utils is a Java library to define, parse, validate, migrate crons as well as get human readable descriptions for them. In affected versions A template Injection was identified in cron-utils enabling attackers to inject arbitrary Java EL expressions, leading to unauthenticated Remote Code...

ALBA-2021:4266 cldr-emoji-annotation bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

cldr-emoji-annotation bug fix and enhancement update

An update is available for cldr-emoji-annotation. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...

nuclei-templates

This repository is an offensive tool for nuclei templates, which are used to find security vulnerabilities in applications. The primary CVE ID present in the context is not explicitly mentioned, but the repository contains a workflow for CVE annotation. The target product/service or framework is...

Kubernetes: Ingress-nginx annotation injection allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces

I submitted the following report to [email protected]: I've been exploring CVE-2021-25742 and believe I've discovered a variant although it appears there may be many. Most template variables are not escaped properly in nginx.tmpl, leading to injection of arbitrary nginx directives. For...

Foxit PDF Reader Buffer Overflow Vulnerability (CNVD-2025-00964)

Foxit PDF Reader is China Foxit Foxit company a PDF reader. A buffer overflow vulnerability exists in Foxit PDF Reader due to a failure to validate the existence of an Annotation object prior to manipulating it. This vulnerability can be exploited to cause malicious code to be executed after the...

Foxit PDF Editor Remote Code Execution Vulnerability

Foxit PDF Editor is a PDF editor from Foxit, a Chinese company. A security vulnerability exists in Foxit PDF Editor, which stems from the fact that the product does not verify the existence of an Annotation object before operating on it. The vulnerability can be exploited to cause malicious code...

Foxit PDF Reader Information Disclosure Vulnerability (CNVD-2021-100578)

Foxit PDF Reader is a PDF reader from Foxit China. Foxit PDF Reader is vulnerable to an information disclosure vulnerability that originates when the product does not verify the existence of an Annotation object before operating on it. An attacker could use this and other vulnerabilities to execu...

Foxit PDF Reader Annotation Use of Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Foxit PDF Reader Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Foxit PDF Reader 缓冲区错误漏洞

Foxit PDF Reader is a PDF reader from Foxit China. Foxit PDF Reader is vulnerable to an information disclosure vulnerability that originates when the product does not verify the existence of an Annotation object before operating on it. An attacker could use this and other vulnerabilities to execu...

Foxit PDF Reader 缓冲区错误漏洞

Foxit PDF Reader is a PDF reader from the Chinese company Foxit. A buffer error vulnerability exists in Foxit PDF Reader due to a lack of proper initialization before the product accesses a pointer to an Annotation object. The vulnerability can be exploited to cause malicious code execution by...

Foxit PDF Editor Ink Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...