62 matches found
Buffer overflow
A buffer overflow in SumatraPDF Reader v3.4.6 allows attackers to cause a Denial of Service DoS via a crafted text file...
Sumatra PDF 安全漏洞
Sumatra PDF is a software application. PDF, ePub, MOBI, CHM, XPS, DjVu, CBZ, CBR readers for Windows. A security vulnerability exists in Sumatra PDF Reader version v3.4.6, which originated from a vulnerability that allows an attacker to cause a denial of service DoS via a crafted text file...
EMQ X 路径遍历漏洞
EMQ X is a fully open source, highly scalable and highly available distributed MQTT message broker. Ideal for IoT, M2M and mobile applications, it can handle tens of millions of concurrent clients. A security vulnerability exists in EMQ X v4.3.8. An attacker exploited the vulnerability to perform...
CVE-2022-25581
Classcms v2.5 and below contains an arbitrary file upload via the component \class\classupload. This vulnerability allows attackers to execute code injection via a crafted .txt file...
RGCMS 代码问题漏洞
RGCMS is a web CMS. v1.06 of RGCMS contains a security vulnerability that can be exploited by attackers to execute arbitrary code via a crafted .txt file, which will later be changed to a PHP file...
CVE-2021-1772
A stack overflow was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted text file may lead to arbitrary code...
Apple CoreText Buffer Error Vulnerability
Apple CoreText is a core component from Apple Inc. that is used in mobile devices for drawing text drawings. A security vulnerability exists in Apple CoreText, which exists as a result of a boundary Apple macOS error within the CoreText component in macOS. A remote attacker can create a specially...
CVE-2020-9999
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iTunes for Windows 12.10.9. Processing a maliciously crafted text file may lead to arbitrary code execution...
Apple macOS Catalina Information Disclosure Vulnerability
Apple macOS Catalina is a specialized operating system developed by Apple for Mac computers, of which UIFoundation is a UI framework component. A security vulnerability exists in the UIFoundation component in Apple macOS Catalina versions prior to 10.15.1. The vulnerability can be exploited to...
Apple macOS, iCloud for Windows and iTunes for Windows UIFoundation Component Buffer Overflow Vulnerability
Apple iTunes for Windows and others are products of Apple Inc.Apple iTunes for Windows is a media player application based on the Windows platform.Apple iCloud for Windows is a cloud service based on the Windows platform. The product supports storage of music, photos, apps, contacts, etc. Apple...
CVE-2018-4198
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "UIKit" component. It allows remote attackers to cause a denial of service via a crafted text fi...
Denial of Service Vulnerability in Multiple Apple Products (CNVD-2018-12244)
Apple iOS, macOS High Sierra, tvOS, and watchOS are products of Apple Inc. Apple iOS is an operating system for mobile devices; macOS High Sierra is a specialized operating system for Mac computers; tvOS is a smart TV operating system; watchOS is a smart watch operating system; and UIKit is one o...
DeviceLock Plug and Play Auditor Buffer Overflow Vulnerability
DeviceLock Plug and Play Auditor freeware is a plug-and-play device scanning program from DeviceLock, Inc. that scans devices that have been or are being accessed by hosts on the LAN. A buffer overflow vulnerability exists in the DLPnpAuditor.exe file in version 5.72 of DeviceLock Plug and Play...
Design/Logic Flaw
An issue was discovered in certain Apple products. iOS before 11.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service application crash via a crafted text file...
CVE-2017-13849
An issue was discovered in certain Apple products. iOS before 11.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issue involves the "CoreText" component. It allows remote attackers to cause a denial of service application crash via a crafted text file...
The vulnerability of the iOS operating system allows a perpetrator to execute arbitrary code or cause a service failure.
The vulnerability of the Data Detectors Engine component in the iOS operating system arises due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or trigger a service denial using a specially crafted text file...
Memory corruption
Data Detectors Engine in Apple iOS before 9 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted text file...
CVE-2015-3689
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3688...
CVE-2015-3685
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted text file, a different vulnerability than CVE-2015-3686, CVE-2015-3687, CVE-2015-3688, and CVE-2015-3689...
Memory corruption
CoreText in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted text file, a different vulnerability than CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, and CVE-2015-3689...