306 matches found
Suricata Buffer Overflow Vulnerability
Suricata is a set of network intrusion detection system IDS, intrusion prevention system IPS and network security monitoring engine developed by the Open Information Security Foundation OISF and its supported vendors, which supports multi-threading, built-in IPv6, and the ability to load...
libpng buffer overflow vulnerability (CNVD-2019-13088)
libpng is a PNG reference library that can create, read and write PNG graphics files. A buffer overflow vulnerability exists in the 'contrib/pngminus/pnm2png.c:gettoken' function in libpng, which originates when a networked system or product performs an operation in memory without properly...
PT-2019-18309 · Foxit · Foxit Studio Photo
Name of the Vulnerable Software and Affected Versions: Foxit Studio Photo version 3.6.6 Description: This issue allows remote attackers to execute arbitrary code on vulnerable installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The...
Fortinet FortiSandbox Cross-Site Scripting Vulnerability (CNVD-2019-13555)
Fortinet FortiSandbox is an APT Advanced Persistent Threat protection appliance from Fortinet. The appliance offers dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting. A cross-site scripting vulnerability exists in Fortinet FortiSandbox versions...
GPAC Buffer Overflow Vulnerability (CNVD-2019-13567)
GPAC is an open source multimedia framework. A buffer error vulnerability exists in gfbin128parse in the utils/osdivers.c file in GPAC version 0.7.1. The vulnerability stems from a networked system or product performing operations in memory without properly validating data boundaries, resulting i...
waimai Super Cms Cross-Site Scripting Vulnerability (CNVD-2019-13569)
Waimai Super Cms is a takeaway ordering system. A cross-site scripting vulnerability exists in Waimai Super Cms version 20150505. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this vulnerability to execute client-side...
Buffer overflow vulnerability in SGO South satellite navigation platform software
Guangzhou Nanfang Satellite Navigation Instrument Co., Ltd. is subordinate to Nanfang Surveying and Mapping Group, and is the first national high-tech enterprise in China that has passed through the high-precision GNSS technology industry chain and realized large-scale and market-oriented...
Samsung Galaxy Apps Elevation of Privilege Vulnerability
Samsung Galaxy Apps is an application store program from Samsung South Korea that is used in Samsung cell phones. An elevation of privilege vulnerability exists in the handling of URLs in Samsung Galaxy Apps, which stems from the program failing to properly validate user-submitted data. A local...
Foxit Reader and PhantomPDF Remote Code Execution Vulnerability (CNVD-2018-11903)
Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. A remote code execution vulnerability exists in Foxit Reader versions prior to 9.1 and PhantomPDF versions prior to 9.1, which results from the program failing to properly...
Foxit Reader XFA field remote code execution vulnerability
Foxit Reader is a small PDF document viewer and printing program. Foxit Reader has a security vulnerability in the XFA field element, which can be exploited by an attacker to execute arbitrary code in the current process context due to a lack of proper validation of user-supplied data...
Foxit Reader openList Remote Code Execution Vulnerability
Foxit Reader is a small PDF document viewer and printing program. Foxit Reader has a security vulnerability in the openList method, which can be exploited by an attacker to execute arbitrary code in the current process context due to a lack of proper validation of user-supplied data...
Foxit Reader XFA subform remote code execution vulnerability
Foxit Reader is a small PDF document viewer and printing program. Foxit Reader has a security vulnerability in the XFA subform element, which can be exploited by an attacker to execute arbitrary code in the current process context due to a lack of proper validation of user-supplied data...
Foxit Reader XFA rlayout sheet remote code execution vulnerability
Foxit Reader is a small PDF document viewer and printing program. Foxit Reader has a security vulnerability in the layout sheet property, which can be exploited by an attacker to execute arbitrary code in the current process context due to a lack of proper validation of user-supplied data...
CVE-2018-6406
The function ParseVP9SuperFrameIndex in common/libwebmutil.cc in libwebm through 2018-01-30 does not validate the childframelength data obtained from a .webm file, which allows remote attackers to cause an information leak or a denial of service heap-based buffer over-read and later out-of-bounds...
CVE-2017-17411
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Linksys WVBR0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web management portal. The issue lies in the lack of proper validation of user data...
CVE-2017-16578
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.2.25013. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2017-14826
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2017-16571
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.1.21155. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Foxit Reader Information Disclosure Vulnerability (CNVD-2018-00173)
Foxit Reader is China's Foxit Foxit Software Corporation, a PDF document reader. A security vulnerability exists in Foxit Reader version 8.3.1.21155, which is caused by the program failing to properly validate user-submitted data. The vulnerability can be exploited by a remote attacker to disclos...
CVE-2017-14344
This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL...