Adobe Acrobat Reader DC Font Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

kernel: tcp: tcp_make_synack() can be called from process context

In the Linux kernel, the following vulnerability has been resolved: tcp: tcpmakesynack can be called from process context tcprtxsynack now could be called in process context as explained in 0a375c822497 "tcp: tcprtxsynack can be called from process context". tcprtxsynack might call tcpmakesynack,...

Siemens Tecnomatix Plant Simulation Out-of-Bounds Write Vulnerability (CNVD-2023-75586)

Siemens Tecnomatix Plant Simulation is an industrial control device from Siemens, Germany. Using the function of discrete event simulation for production volume analysis and optimization, and thus improve the manufacturing system performance. An out-of-bounds write vulnerability exists in Siemens...

(Pwn2Own) Microsoft Teams Cross-Site Scripting Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Teams. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

Autodesk AutoCAD STP File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ST...

Siemens Parasolid Out-of-Bounds Write Vulnerability (CNVD-2023-69812)

Siemens Parasolid is a 3D geometric modeling tool that supports a variety of techniques including solid modeling, direct editing and free-form surface/drawing modeling. An out-of-bounds write vulnerability exists in Siemens Parasolid, which can be exploited by an attacker to execute code in the...

Design/Logic Flaw

A vulnerability has been identified in JT2Go All versions V14.3.0.1, Teamcenter Visualization V13.3 All versions V13.3.0.12, Teamcenter Visualization V14.0 All versions, Teamcenter Visualization V14.1 All versions V14.1.0.11, Teamcenter Visualization V14.2 All versions V14.2.0.6, Teamcenter...

Heap overflow

A vulnerability has been identified in JT2Go All versions V14.3.0.1, Teamcenter Visualization V13.3 All versions V13.3.0.12, Teamcenter Visualization V14.0 All versions, Teamcenter Visualization V14.1 All versions V14.1.0.11, Teamcenter Visualization V14.2 All versions V14.2.0.6, Teamcenter...

CVE-2023-41846

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 All versions V2201.0008, Tecnomatix Plant Simulation V2302 All versions V2302.0002. The affected application is vulnerable to memory corruption while parsing specially crafted SPP files. This could allow an attacker to execu...

Siemens Parasolid 缓冲区错误漏洞

Siemens Parasolid is a 3D geometric modeling tool that supports a variety of techniques including solid modeling, direct editing and free-form surface/drawing modeling. An out-of-bounds write vulnerability exists in Siemens Parasolid, which can be exploited by an attacker to execute code in the...

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

(0Day) Maxon Cinema 4D SKP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Maxon Cinema 4D. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP...

PDF-XChange Editor JavaScript String Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

PDF-XChange Editor JPG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

(Pwn2Own) Adobe Acrobat Reader DC Protected API Restrictions Bypass Vulnerability

This vulnerability allows remote attackers to bypass JavaScript API restrictions on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists withi...

Siemens Parasolid and Teamcenter Visualization Null Pointer Dereference Vulnerability

Parasolid is a 3D geometric modeling tool that supports a variety of techniques including solid modeling, direct editing, and free-form surface/table modeling.Teamcenter Visualization enables organizations to enhance their product lifecycle management PLM environments with a range of comprehensiv...

CVE-2023-39186

A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 7. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the curre...

Out-of-bounds

A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 7. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the curre...

CVE-2023-39185

A vulnerability has been identified in Solid Edge SE2023 All versions V223.0 Update 7. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the curre...