3011 matches found
CVE-2023-34273
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that t...
CVE-2023-51598 Hancom Office Word DOC File Parsing Use-After-Free Remote Code Execution Vulnerability
Hancom Office Word DOC File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hancom Office Word. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2023-34266
Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that t...
CVE-2023-27364
Foxit PDF Editor XLS File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must...
CVE-2023-27364
Foxit PDF Editor XLS File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must...
CVE-2023-51566
Kofax Power PDF is affected by an OXPS file parsing vulnerability described as a stack-based buffer overflow that can lead to Remote Code Execution. The flaw results from inadequate validation of the length of user-supplied data before copying it into a fixed-length stack buffer during OXPS parsi...
CVE-2023-51565
Affected product: Kofax Power PDF. Vulnerability in XPS file parsing leads to use-after-free, allowing remote code execution when a user opens a malicious file or visits a malicious page. Exploitation requires user interaction; root cause is failure to validate object existence before operations....
CVE-2023-51556 Foxit PDF Reader AcroForm Doc Use-After-Free Remote Code Execution Vulnerability
Foxit PDF Reader AcroForm Doc Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a maliciou...
CVE-2023-51552
CVE-2023-51552 affects Foxit PDF Reader/Editor (AcroForm Signature) and is a Use-After-Free in how Signature objects are handled. The flaw stems from not validating object existence before operations, enabling code execution in the process context when a user opens a malicious file or visits a ma...
CVE-2023-50235
CVE-2023-50235 affects Hancom Office Show. The vulnerability lies in PPT file parsing where a lack of proper validation of the length of user-supplied data before copying to a stack-based buffer can enable remote code execution in the context of the current process. The issue requires user intera...
CVE-2023-50189 Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target mus...
CVE-2023-50187
CVE-2023-50187 : Trimble SketchUp Viewer is affected by a memory corruption vulnerability in the SKP file parser. The flaw arises from insufficient validation of user-supplied SKP data, enabling remote code execution in the context of the target process. Exploitation requires user interaction (ta...
CVE-2023-44435 Kofax Power PDF File Parsing Use-After-Free Remote Code Execution Vulnerability
Kofax Power PDF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious...
CVE-2023-44434
CVE-2023-44434 (Kofax Power PDF) is a PDF parsing vulnerability where improper validation of user-supplied data allows an out-of-bounds read, potentially disclosing sensitive information. Affected product: Kofax Power PDF. The issue resides in the PDF handling code and can be triggered when a use...
CVE-2023-44430 Bentley View SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
Bentley View SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious pa...
CVE-2023-44428
CVE-2023-44428 affects MuseScore’s CAP file parser. The issue is a heap-based buffer overflow caused by insufficient validation of the length of user-supplied CAP data before copying it into a heap buffer. This leads to remote code execution in the context of the current process. Exploitation req...
CVE-2023-42131
CVE-2023-42131 targets Ansys SpaceClaim, exploiting an out-of-bounds write in the parsing of X_B files. The flaw arises from insufficient validation of user-supplied data, allowing an attacker to write past the end of an allocated data structure and execute arbitrary code in the target process. E...
CVE-2023-42078 PDF-XChange Editor JP2 File Parsing Memory Corruption Remote Code Execution Vulnerability
PDF-XChange Editor JP2 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit...
CVE-2023-42074 PDF-XChange Editor addScript Type Confusion Remote Code Execution Vulnerability
PDF-XChange Editor addScript Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicio...
CVE-2023-42074
PDF-XChange Editor contains a Type Confusion vulnerability in the addScript method that can lead to remote code execution. The flaw arises from inadequate validation of user-supplied data, enabling an attacker to execute code in the context of the current process. Exploitation requires user inter...