CVE-2021-34280

Polaris Office v9.103.83.44230 is affected by a Uninitialized Pointer Vulnerability in PolarisOffice.exe and EngineDLL.dll that may cause a Remote Code Execution. To exploit the vulnerability, someone must open a crafted PDF file...

CVE-2021-34280

CVE-2021-34280 affects Polaris Office v9.103.83.44230, with an uninitialized pointer vulnerability in PolarisOffice.exe and EngineDLL.dll that may enable remote code execution when a user opens a crafted PDF. Connected data corroborate the vulnerability’s impact and affected components; the CVSS ...

PolarisOffice 缓冲区错误漏洞

Polaris Office is an application from Polaris Office, a South Korean company that provides greater convenience by improving file opening speed, storage reliability and printing performance. A security vulnerability exists in PolarisOffice v9.103.83.44230, which originates from PolarisOffice...

Schneider Electric IGSS

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Schneider Electric Equipment: IGSS Interactive Graphical SCADA System Vulnerabilities: Out-of-bounds Write, Out-of-bounds Read, Access of Uninitialized Pointer, Use After Free, Release of Invalid Pointer or Reference,...

OpenText Brava! 缓冲区错误漏洞

OpenText Brava! Desktop is a Windows-based viewing and collaboration tool that lets you easily view and collaborate on almost any file. A remote code execution vulnerability exists in the parsing of PDF files in OpenText Brava! Desktop. The vulnerability stems from a failure to properly initializ...

OpenText Brava! Desktop pdf2dl Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

PT-2021-19360 · Opentext · Opentext Brava! Desktop

Name of the Vulnerable Software and Affected Versions: OpenText Brava! Desktop version 16.6.3.84 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file...

poppler: pdftohtml: access to uninitialized pointer could lead to DoS

A flaw was found in Poppler in the way certain PDF files were converted into HTML. This flaw allows a remote attacker to provide a malicious PDF file that, when processed by the 'pdftohtml' program, crashes the application, causing a denial of service. The highest threat from this vulnerability i...

Esri ArcReader PMF File Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Esri ArcReader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PMF...

Null pointer dereference

Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 and earlier allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account...

CVE-2021-29098 ArcGIS general raster security update: uninitialized pointer

Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 and earlier and ArcGIS Pro 2.7 and earlier allow an unauthenticated attacker to achieve arbitrary code execution in the context of the current user...

CVE-2021-29098 ArcGIS general raster security update: uninitialized pointer

Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcReader, ArcGIS Desktop, ArcGIS Engine 10.8.1 and earlier and ArcGIS Pro 2.7 and earlier allow an unauthenticated attacker to achieve arbitrary code execution in the context of the current user...

CVE-2021-29095 ArcGIS Server image service and raster analytics security update: uninitialized pointer

Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 and earlier allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account...

PT-2021-18086 · Esri · Arcgis Desktop +3

Name of the Vulnerable Software and Affected Versions: Esri ArcReader versions 10.8.1 and earlier ArcGIS Desktop versions 10.8.1 and earlier ArcGIS Engine versions 10.8.1 and earlier ArcGIS Pro versions 2.7 and earlier Description: The issue arises from multiple uninitialized pointer...

CVE-2021-22670

An uninitialized pointer may be exploited in Fatek FvDesigner Version 1.5.76 and prior while the application is processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution...

Code injection

An uninitialized pointer may be exploited in Fatek FvDesigner Version 1.5.76 and prior while the application is processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution...

CVE-2021-22670

An uninitialized pointer may be exploited in Fatek FvDesigner Version 1.5.76 and prior while the application is processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution...

CVE-2021-22670

CVE-2021-22670 affects FATEK Automation FvDesigner (Version 1.5.76 and earlier). The root cause is an uninitialized pointer during FPJ/project-file processing, enabling an attacker to craft a specially formed project file that may permit arbitrary code execution. Public sources describe exploitat...

Fatek FvDesigner Uninitialized Pointer Access Vulnerability

Fatek FvDesigner is a software tool for designing and developing projects for the FATEK FV HMI series. An uninitialized pointer access vulnerability exists in Fatek FvDesigner 1.5.76 and earlier versions when handling project files. An attacker can exploit this vulnerability to execute arbitrary...

Fatek Automation FvDesigner FPJ File Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...