The vulnerability of Adobe InDesign’s computer design automation tool, related to reading data outside the buffer in memory, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to reading data outside the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the QTextLayout component of the cross-platform software development framework for Qt, which allows a hacker to trigger a service failure.

The vulnerability of the QTextLayout component of the cross-platform software development framework for Qt is related to the copying of buffers without checking the input data. Exploiting this vulnerability allows a malicious actor to trigger a service failure using a specially created SVG file...

GHSA-F9G6-FP84-FV92 impl `FromMdbValue` for bool is unsound

The implementation of FromMdbValue has several unsoundness issues. First of all, it allows to reinterpret arbitrary bytes as a bool and could make undefined behavior happen with safe function. Secondly, it allows transmuting pointer without taking memory layout into consideration. The details of...

impl `FromMdbValue` for bool is unsound

The implementation of FromMdbValue has several unsoundness issues. First of all, it allows to reinterpret arbitrary bytes as a bool and could make undefined behavior happen with safe function. Secondly, it allows transmuting pointer without taking memory layout into consideration. The details of...

Medium: libmicrohttpd

Issue Overview: GNU libmicrohttpd before 0.9.76 allows remote DoS Denial of Service due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHDcreatepostprocessor method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0'...

CVE-2021-34121

An Out of Bounds flaw was discovered in htmodoc 1.9.12 in function parsetree in toc.cxx, this possibly leads to memory layout information leaking in the data. This might be used in a chain of vulnerability in order to reach code execution...

Remote code execution

An Out of Bounds flaw was discovered in htmodoc 1.9.12 in function parsetree in toc.cxx, this possibly leads to memory layout information leaking in the data. This might be used in a chain of vulnerability in order to reach code execution...

CVE-2021-34121

An Out of Bounds flaw was discovered in htmodoc 1.9.12 in function parsetree in toc.cxx, this possibly leads to memory layout information leaking in the data. This might be used in a chain of vulnerability in order to reach code execution...

WordPress Product Layouts for Woocommerce ( Product Gallery, Product Showcase, Layout Design, Category Tabs, Product Slider, Product Grid, Product Table ) Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Product Layouts for Woocommerce Product Gallery, Product Showcase, Layout Design, Category Tabs, Product Slider, Product Grid, Product Table Type Plugin Vulnerable versions = 1.1.3 Fixed in 1.1.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch...

CVE-2021-34121

An Out of Bounds flaw was discovered in htmodoc 1.9.12 in function parsetree in toc.cxx, this possibly leads to memory layout information leaking in the data. This might be used in a chain of vulnerability in order to reach code execution...

PT-2023-12244 · Htmodoc +3 · Htmodoc +3

Name of the Vulnerable Software and Affected Versions: htmodoc version 1.9.12 Description: An Out of Bounds flaw was discovered in the parse tree function in toc.cxx, which possibly leads to memory layout information leaking in the data. This might be used in a chain of issues to reach code...

CVE-2021-34121

CVE-2021-34121 affects htmodoc 1.9.12, where an Out-of-Bounds condition in parse_tree() (toc.cxx) can leak memory layout information. The connected sources corroborate this flaw and note the issue could be leveraged in a chain to reach code execution. The available documents specify the vulnerabl...

Adobe InDesign Out-of-Bounds Read Vulnerability (CNVD-2023-59724)

Adobe InDesign is a set of layout and editing applications from the American company Audobee Adobe. Adobe InDesign suffers from an out-of-bounds read vulnerability that can be exploited by an attacker to cause a memory leak...

CVE-2023-29312

Adobe InDesign versions ID18.3 and earlier and ID17.4.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2023-29309

Adobe InDesign versions ID18.3 and earlier and ID17.4.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2023-29311

Adobe InDesign versions ID18.3 and earlier and ID17.4.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2021-43760

Adobe Media Encoder versions 22.0, 15.4.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in th...

CVE-2021-43758

Adobe Media Encoder versions 22.0, 15.4.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in th...

PT-2023-3954 · Adobe · Indesign

Name of the Vulnerable Software and Affected Versions: Adobe InDesign versions ID18.3 and earlier Adobe InDesign versions ID17.4.1 and earlier Description: The issue is related to an out-of-bounds read that could lead to disclosure of sensitive memory. An attacker could leverage this to bypass...

The vulnerability of the Microsoft ODBC Driver for SQL Server’s dynamic layout library, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the Microsoft ODBC Driver for SQL Server’s dynamic layout library is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...