Apple iOS and iPadOS Buffer Overflow Vulnerability

Apple iOS and iPadOS contain a buffer overflow vulnerability that could allow an application to execute code with kernel privileges...

Apple Multiple Products Memory Corruption Vulnerability

Apple iOS, iPadOS, and tvOS contain a memory corruption vulnerability that could allow an application to execute code with kernel privileges...

CVE-2022-1824

An uncontrolled search path vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local attacker to perform a sideloading attack by using a specific file name. This could result in the user gaining elevated permissions and being able to execute arbitrary co...

Oracle Linux 8 : olcne (ELSA-2022-9494)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9494 advisory. 1.4.5-1 - Address qemu CVE-2022-26353, CVE-2021-3748 Tenable has extracted the preceding description block directly from the Oracle Linux security...

SUSE SLES12 Security Update : kernel (SUSE-SU-2022:2083-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2083-1 advisory. - An issue was discovered in the Linux kernel before 5.0.6. In rxqueueaddkobject and netdevqueueaddkobject in net/core/net-sysfs.c,...

Vulnerabilities fixed in Microsoft Office

Vulnerabilities have been fixed in several Microsoft Office products. The table below lists the vulnerabilities that have been fixed by Microsoft with the corresponding CVSSv3 scores. Misuse of the vulnerabilities in SharePoint requires prior authentication. Abuse of the vulnerabilities in Excel...

Adobe Reader and Acrobat Universal 3D Memory Corruption Vulnerability

The Universal 3D U3D component in Adobe Reader and Acrobat contains a memory corruption vulnerability which could allow remote attackers to execute code or cause denial-of-service DoS...

Microsoft Office Object Record Corruption Vulnerability

Microsoft Office contains an object record corruption vulnerability that allows remote attackers to execute code via a crafted Excel file with a malformed record object...

UBUNTU-CVE-2022-1652

Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the badflpintr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service...

CVE-2022-21831

A code injection vulnerability exists in the Active Storage = v5.2.0 that could allow an attacker to execute code via imageprocessing arguments...

Microsoft Internet Explorer Memory Corruption Vulnerability

Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service DoS...

Microsoft Internet Explorer Memory Corruption Vulnerability

Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause a denial-of-service DoS via a crafted website...

CVE-2021-42704

Inkscape version 0.91 is vulnerable to an out-of-bounds write, which may allow an attacker to arbitrary execute code...

Out-of-bounds

Inkscape version 0.91 is vulnerable to an out-of-bounds write, which may allow an attacker to arbitrary execute code...

CVE-2021-42704 Inkscape Out-of-bounds Write

Inkscape version 0.91 is vulnerable to an out-of-bounds write, which may allow an attacker to arbitrary execute code...

ROS-20220518-01

A vulnerability in the Mozilla Firefox browser is related to improper permission management in the application. Exploitation of the vulnerability could allow an attacker acting remotely to create a web page that Bypasses the existing browser hint and inherits top-level permissions improperly The...

Formidable arbitrary file upload

Withdrawn: This advisory was improperly assigned. An arbitrary file upload vulnerability in formidable v3.2.4 allows attackers to execute arbitrary code via a crafted filename...

PT-2022-18063 · Apple · Ios +2

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 12.4 iOS versions prior to 15.5 iPadOS versions prior to 15.5 Description: A memory corruption issue was addressed with improved memory handling, which could allow a malicious application to execute arbitrary code with...

Foxit PDF Reader Doc Object Remote Code Execution Vulnerability (CNVD-2023-07881)

Foxit PDF Reader is a PDF reader from Foxit China.A remote code execution vulnerability exists in the Foxit PDF Reader Doc object, which can be exploited by attackers to execute code in the context of the current process...

CVE-2022-28243

Acrobat Reader DC version 22.001.2011x and earlier, 20.005.3033x and earlier and 17.012.3022x and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this...