20 matches found
Medium: amazon-ecr-credential-helper
Issue Overview: Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption in programs compiled with...
MiracleLinux 7 : firefox-102.11.0-2.0.1.el7.AXS7 (AXSA:2023-5464:18)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5464:18 advisory. Mozilla: Browser prompts could have been obscured by popups CVE-2023-32205 Mozilla: Crash in RLBox Expat driver CVE-2023-32206 Mozilla: Potential...
`Reader::open_mmap` unsoundly marks unsafe memmap operation as safe
maxminddb prior to version 0.27 declared Reader::openmmap as safe despite wrapping an inherently unsafe memmap2 operation with no extra step done to guarantee safety. This could have led to undefined behaviour if the file were to be modified on disk while the memory map was still active...
EUVD-2017-12173
Malware in sbrugna...
EUVD-2021-8453
Malicious code in bioql PyPI...
EUVD-2021-31859
Malicious code in bioql PyPI...
Foxit PDF Reader < 2025.2 Multiple Vulnerabilities
According to its version, the Foxit PDF Reader application previously named Foxit Reader installed on the remote Windows host is prior to 2025.2. It is, therefore affected by multiple vulnerabilities: - A memory corruption vulnerability exists in Foxit Reader 2025.1.0.27937 due to the use of an...
Linux Distros Unpatched Vulnerability : CVE-2012-4151
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service...
Johnson Controls Kantech EntraPass 安全漏洞
Johnson Controls Kantech EntraPass is a menu-driven security management system from Johnson Controls, Inc. A security vulnerability exists in Johnson Controls Kantech EntraPass, which stems from the fact that, under certain circumstances, an attacker with physical access to the reader could recov...
PYSEC-2022-43180
It is possible for a Reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 previously known as avro-rs. Users should update to apache-avro version 0.14.0 which addresses...
PT-2022-23211
Name of the Vulnerable Software and Affected Versions Apache Avro Rust SDK versions prior to 0.14.0 Description The issue allows a Reader to consume memory beyond the allowed constraints, leading to out of memory on the system. This affects Rust applications using the Apache Avro Rust SDK...
Memory Misreference Vulnerability in Multiple Adobe Products (CNVD-2021-11024)
Adobe Acrobat is a PDF editing software developed by Adobe.Adobe Reader also known as Acrobat Reader is a PDF file reader developed by Adobe. A memory misreference vulnerability exists in several Adobe products. An attacker can exploit this vulnerability to execute arbitrary code...
The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, Adobe Acrobat 2015, and Adobe Acrobat Reader 2015 are related to memory usage after it is freed. This allows attackers to execute arbitrary code.
The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015/Reader 2015 is related to the use of memory after it is freed. Exploiting this vulnerability can...
Adobe Acrobat/Reader Memory Misreference Vulnerability (CNVD-2019-35611)
Adobe Acrobat is a PDF editing software developed by Adobe.Adobe Reader also known as Acrobat Reader is a PDF file reader developed by Adobe. Adobe Acrobat/Reader has a memory misreference vulnerability. An attacker can exploit this vulnerability to execute arbitrary code...
Adobe Acrobat/Reader Memory Misreference Vulnerability (CNVD-2019-22796)
Adobe Reader also known as Acrobat Reader is a PDF file reader developed by Adobe.Adobe Acrobat is a PDF editing software developed by Adobe. A memory misreference vulnerability exists in Adobe Acrobat/Reader. An attacker can exploit this vulnerability to execute arbitrary code...
Adobe Acrobat/Reader Memory Misreference Vulnerability (CNVD-2019-18853)
Adobe Acrobat is a PDF editing software developed by Adobe.Adobe Reader also known as Acrobat Reader is a PDF file reader developed by Adobe. Adobe Acrobat/Reader has a memory misreference vulnerability. An attacker can exploit this vulnerability to execute arbitrary code...
CVE-2018-3965
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.0.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the...
CVE-2017-3054
Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to manipulation of EMF files. Successful exploitation could lead to arbitrary code execution...
Foxit Products GIF Conversion - 'DataSubBlock' Memory Corruption
Application: Foxit Products GIF Conversion Memory Corruption Vulnerabilities DataSubBlock Platforms: Windows Versions: The vulnerability is confirmed in version Foxit Reader 7.x. Other versions may also be affected. Secunia: SA63346 PRL: 2015-02 Author: Francis Provencher Protek Research Lab’s...
Adobe Acrobat and Reader Embedded TTF Integer Overflow (APSB12-16; CVE-2012-4154)
A memory corruption vulnerability has been reported in Adobe Acrobat and Reader...