EUVD-2020-30468

Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution...

CVE-2020-12404

For native-to-JS bridging the app requires a unique token to be passed that ensures non-app code can't call the bridging functions. That token could leak when used for downloading files. This vulnerability affects Firefox for iOS 26...

Bitrix24 Code Issue Vulnerability

Bitrix24 is a suite of enterprise social platforms from Bitrix USA. The platform includes features such as online communication, calendar management and CRM Customer Relationship Management. A code issue vulnerability exists in Bitrix24 version 20.0.975 and prior versions. The vulnerability stems...

EUVD-2020-30420

Adobe Framemaker versions 2019.0.5 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution...

EUVD-2020-30421

Adobe Framemaker versions 2019.0.5 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution...

Access-Policy Code Execution Vulnerability

access-policy is an access policy encoder/parser. A security vulnerability exists in access-policy 3.1.0 and earlier versions, which originates when user input provided to the 'template' function is executed by the 'eval' function. An attacker could exploit this vulnerability to execute code...

Arbitrary Code Execution

libvncserver is vulnerable to arbitrsary code execution. An integer overflow in HandleCursorShape results in heap-based buffer overflow allowing for arbitrary code execution...

CVE-2019-17287

...

PT-2020-2479 · Adobe · Bridge

Name of the Vulnerable Software and Affected Versions: Adobe Bridge versions 10.0.1 and earlier Description: The issue is related to an out-of-bounds write vulnerability in the file manager. Successful exploitation could lead to arbitrary code execution, allowing a remote attacker to execute code...

Arbitrary Code Execution

firefox is vulnerable to arbitrary code execution. The vulnerability exists as a web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code as the user running Firefox...

CVE-2020-3950

VMware Fusion 11.x before 11.5.2, VMware Remote Console for Mac 11.x and prior before 11.0.1 and Horizon Client for Mac 5.x and prior before 5.4.0 contain a privilege escalation vulnerability due to improper use of setuid binaries. Successful exploitation of this issue may allow attackers with...

CVE-2014-2914

fish aka fish-shell 2.0.0 before 2.1.1 does not restrict access to the configuration service aka fishconfig, which allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by setprompt...

CVE-2019-20394

A double-free is present in libyang before v1.0-r3 in the function yyparse when a type statement in used in a notification statement. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution...

Updated e2fsprogs packages fix security vulnerability

Updated e2fsprogs packages fix security vulnerability: A code execution vulnerability in the directory rehashing functionality CVE-2019-5188. For other fixes in this update, see the referenced release info...

PT-2020-2002 · Siemens · Tia Portal

Name of the Vulnerable Software and Affected Versions: TIA Portal V14 All versions TIA Portal V15 All versions V15.1 Update 7 TIA Portal V16 All versions V16 Update 6 TIA Portal V17 All versions V17 Update 4 Description: A vulnerability has been identified that could allow an attacker to execute...

SUSE-SU-2020:14266-1 Security update for apache2-mod_perl

This update for apache2-modperl fixes the following issues: - CVE-2011-2767: Fixed a vulnerability which could have allowed perl code execution in the context of user account bsc1156944...

Cisco Data Center Network Manager DbAdminRest runZoneMigrationForBrocade Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

CVE-2019-16454

Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution...

CVE-2019-5081

An exploitable heap buffer overflow vulnerability exists in the iocheckd service ''I/O-Chec'' functionality of WAGO PFC 200 Firmware version 03.01.0713 and 03.00.3912, and WAGO PFC100 Firmware version 03.00.3912. A specially crafted set of packets can cause a heap buffer overflow, potentially...

Input validation

Nova 5i pro and Nova 5 smartphones with versions earlier than 9.1.1.190C00E190R6P2and Versions earlier than 9.1.1.175C00E170R3P2 have an improper validation of array index vulnerability. The system does not properly validate the input value before use it as an array index when processing certain...