CVE-2023-38081

Kofax Power PDF JP2 parsing vulnerability (CVE-2023-38081) allows out-of-bounds write, enabling remote code execution. The flaw exists in JP2 file parsing due to insufficient validation of input data, causing writes past allocated object bounds and code execution in the process context. Requires ...

CVE-2023-37354 Kofax Power PDF PNG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Kofax Power PDF PNG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2023-37342

CVE-2023-37342 affects Kofax Power PDF. The flaw is a heap-based buffer overflow in PNG file parsing due to insufficient validation of user-supplied data length, enabling remote code execution when a user opens a malicious PNG or visits a crafted page. The issue impacts parsing logic in Power PDF...

CVE-2023-37338

Kofax Power PDF GIF file parsing vulnerability (CVE-2023-37338) allows local or remote code execution via an out-of-bounds write during GIF parsing. The flaw stems from insufficient validation of GIF data, enabling a write past the end of an allocated object and arbitrary code execution in the pr...

CVE-2023-37336

CVE-2023-37336 affects Kofax Power PDF. The flaw is in the TIF file parsing path, caused by insufficient validation of user-supplied data, which can cause an out-of-bounds write and enable remote code execution in the context of the current process. Exploitation requires user interaction: the tar...

CVE-2023-37333

Kofax Power PDF is affected by a memory corruption vulnerability in the PCX file parsing path that can lead to remote code execution. The flaw arises from insufficient validation of user-supplied PCX data, allowing an attacker to execute code in the context of the vulnerable process. Exploitation...

CVE-2023-37332

Kofax Power PDF is affected by CVE-2023-37332 due to a memory corruption flaw in PNG file parsing. The issue arises from insufficient validation of PNG data, which can lead to arbitrary code execution in the current process when a user opens a malicious file or visits a malicious page. Relevant a...

CVE-2023-35711

CVE-2023-35711 concerns Ashlar-Vellum Cobalt XE. The vulnerability is in the XE file parser where an unvalidated user-supplied value can be dereferenced as a pointer, enabling arbitrary code execution. Multiple sources (NVD, CVE records, ZDI advisory) describe it as a remote code execution vulner...

CVE-2023-35710

Ashlar-Vellum Cobalt is affected. The vulnerability lies in parsing CO files, where insufficient validation of user-supplied data length enables a stack-based buffer overflow that can allow code execution in the current process. Exploitation requires user interaction (e.g., visiting a malicious p...

CVE-2023-34309

The CVE-2023-34309 issue affects Ashlar-Vellum Cobalt. A flaw in the CO file parser occurs from insufficient validation of a user-supplied value before it is dereferenced as a pointer, enabling arbitrary code execution in the current process. Exploitation requires user interaction (visiting a mal...

CVE-2023-34308

Ashlar-Vellum Graphite is affected by CVE-2023-34308 due to an out-of-bounds write in VC6 file parsing. The flaw arises from insufficient validation of user-supplied data, which can cause a write past the end of an allocated buffer and permit remote code execution in the context of the current pr...

CVE-2023-34302 Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Ashlar-Vellum Cobalt CO File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the targ...

CVE-2023-34297 Sante DICOM Viewer Pro JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Sante DICOM Viewer Pro JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. User interaction is required to exploit this vulnerability in that the target...

CVE-2023-34272 Fatek Automation FvDesigner FPJ File Parsing Uninitialized Pointer Remote Code Execution Vulnerability

Fatek Automation FvDesigner FPJ File Parsing Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that...

CVE-2023-34266 Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that t...

CVE-2023-34266

CVE-2023-34266 affects Fatek Automation FvDesigner; vulnerability lies in FPJ file parsing where lack of input validation enables an out-of-bounds write, allowing remote code execution in the target process. Exploitation requires user interaction (visiting a crafted page or opening a malicious FP...

CVE-2023-34265 Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that t...

CVE-2023-34265 Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that t...

CVE-2023-34263 Fatek Automation FvDesigner FPJ File Parsing Uninitialized Pointer Remote Code Execution Vulnerability

Fatek Automation FvDesigner FPJ File Parsing Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that...

CVE-2023-34263 Fatek Automation FvDesigner FPJ File Parsing Uninitialized Pointer Remote Code Execution Vulnerability

Fatek Automation FvDesigner FPJ File Parsing Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that...