116 matches found
CVE-2024-21497
Versions of the package github.com/greenpau/caddy-security are vulnerable to Open Redirect via the redirecturl parameter. An attacker could perform a phishing attack and trick users into visiting a malicious website by crafting a convincing URL with this parameter. To exploit this vulnerability,...
CVE-2024-11363
The Same but Different – Related Posts by Taxonomy plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 1.0.16. This makes it possible for unauthenticated...
CVE-2019-10924
A vulnerability has been identified in LOGO! Soft Comfort All versions V8.3. The vulnerability could allow an attacker to execute arbitrary code if the attacker tricks a legitimate user to open a manipulated project. In order to exploit the vulnerability, a valid user must open a manipulated...
PT-2025-11567 · National Instruments · Ni Vision Builder Ai
Name of the Vulnerable Software and Affected Versions: NI Vision Builder AI affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of NI Vision Builder AI. User interaction is required to exploit this, as the target must...
CVE-2024-13045
Ashlar-Vellum Cobalt AR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the targ...
CVE-2024-9752
Tungsten Automation Power PDF JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerabili...
CVE-2024-9717
Trimble SketchUp Viewer SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the...
CVE-2024-8844
PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target...
PT-2024-39784 · Trimble · Trimble Sketchup Viewer
Name of the Vulnerable Software and Affected Versions: Trimble SketchUp Viewer affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this issue, where...
PT-2024-37884 · Irfan Skiljan · Irfanview
Name of the Vulnerable Software and Affected Versions: IrfanView affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this issue, where the target must visit a...
CVE-2021-34969
Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2021-34964
Foxit PDF Editor Polygon Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2023-40470
PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target...
CVE-2023-35715
Ashlar-Vellum Cobalt AR File Parsing Uninitialized Memory Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must...
CVE-2024-22092
in OpenHarmony v3.2.4 and prior versions allow a remote attacker bypass permission verification to install apps, although these require user action...
PT-2024-7749 · Foxit · Foxit Pdf Reader +1
Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader affected versions not specified Foxit PDF Editor affected versions not specified Description: The issue is related to a use-after-free vulnerability in the handling of Doc objects in AcroForms, which can be exploited by remot...
PT-2023-26979 · Unknown · Pdf-Xchange Editor
Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a...
CVE-2022-37368
This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
PT-2022-25680 · Pdf Xchange · Pdf-Xchange Editor
Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a...
PT-2022-26411 · Pdf Xchange · Pdf-Xchange Editor
Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. User interaction is required, where the target must visit a malicious page or open...