CVE-2018-4990 Adobe Reader code execution exploit analysis-exploit warning-the black bar safety net

2018 5 on 15 September, ESET released the article“A tale of two zero-days”, the article disclosed this year 3 month ESET in malware scan engine VirusTotal on the capture of the one used to attack the test PDF document. The PDF document contains a sample of two pieces of 0-day Vulnerability,...

[SECURITY] Fedora 27 Update: graphviz-2.40.1-11.fc27

A collection of tools for the manipulation and layout of graphs as in nodes and edges, not as in barcharts...

[SECURITY] Fedora 28 Update: graphviz-2.40.1-22.fc28

A collection of tools for the manipulation and layout of graphs as in nodes and edges, not as in barcharts...

uk.beta-layout.com XSS vulnerability

Open Bug Bounty ID: OBB-622716 Description| Value ---|--- Affected Website:| uk.beta-layout.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2018-9939

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2018-9940

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2018-9939

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Type confusion

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Type confusion

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

SiteOmat Station Automation Software Multiple Vulnerabilities

A few months ago, while undertaking unrelated research into online connected devices, we uncovered something surprising and realized almost immediately that we could be looking at a critical security threat. What we found was a simple purple web interface that was in fact a link to a real-life ga...

UBUNTU-CVE-2018-5155

A use-after-free vulnerability can occur while adjusting layout during SVG animations with text paths. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.8, Thunderbird ESR 52.8, Firefox 60, and Firefox ESR 52.8...

it.beta-layout.com XSS vulnerability

Open Bug Bounty ID: OBB-613454 Description| Value ---|--- Affected Website:| it.beta-layout.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Integrated GPUs may allow side-channel and rowhammer attacks using WebGL ("Glitch")

Overview Some platforms with integrated GPUs, such as smartphones, may allow both side-channel and rowhammer attacks via WebGL, which may allow a remote attacker to compromise the browser on an affected platform. An attack technique that leverages these vulnerabilities is called "GLitch."...

Foxit Reader XFA rlayout sheet remote code execution vulnerability

Foxit Reader is a small PDF document viewer and printing program. Foxit Reader has a security vulnerability in the layout sheet property, which can be exploited by an attacker to execute arbitrary code in the current process context due to a lack of proper validation of user-supplied data...

CVE-2018-10320

Frog CMS 0.9.5 has XSS via the admin/?/layout/edit layoutname parameter, aka Edit Layout...

Design/Logic Flaw

Frog CMS 0.9.5 has XSS via the admin/?/layout/edit layoutname parameter, aka Edit Layout...

CVE-2018-10320

Frog CMS 0.9.5 has XSS via the admin/?/layout/edit layoutname parameter, aka Edit Layout...

CVE-2018-10320

Frog CMS 0.9.5 has XSS via the admin/?/layout/edit layoutname parameter, aka Edit Layout...

CVE-2018-10320

CVE-2018-10320 affects Frog CMS 0.9.5 with a stored/reflected XSS via the admin/?/layout/edit layout[name] parameter (Edit Layout). The CNVD entry and NVD description confirm a cross-site scripting vulnerability in Frog CMS 0.9.5, exploitable remotely by crafting the name input to inject script. ...

Frog CMS Cross-Site Scripting Vulnerability (CNVD-2018-08554)

Frog CMS is a content management system CMS developed by software developer Philippe Archambault. The system provides tools for page templates, user rights management, and document management. A cross-site scripting vulnerability exists in Frog CMS version 0.9.5. A remote attacker can exploit the...