[SECURITY] Fedora 40 Update: osgi-annotation-8.1.0-6.fc40

Annotations for use in compiling OSGi bundles. This package is not normally needed at run-time...

[SECURITY] Fedora 40 Update: jcip-annotations-1-43.20060626.fc40

This package provides class, field, and method level annotations for describing thread-safety policies. These annotations are relatively unintrusive and are beneficial to both users and maintainers. Users can see immediately whether a class is thread-safe, and maintainers can see immediately...

[SECURITY] Fedora 40 Update: jakarta-annotations-1.3.5-22.fc40

Jakarta Annotations defines a collection of annotations representing common semantic concepts that enable a declarative style of programming that applies across a variety of Java technologies...

[SECURITY] Fedora 40 Update: jackson-annotations-2.16.1-3.fc40

Core annotations used for value types, used by Jackson data-binding package...

[SECURITY] Fedora 40 Update: jackson-databind-2.16.1-4.fc40

The general-purpose data-binding functionality and tree-model for Jackson Data Processor. It builds on core streaming parser/generator package, and uses Jackson Annotations for configuration...

[SECURITY] Fedora 40 Update: beust-jcommander-1.82-9.fc40

JCommander is a very small Java framework that makes it trivial to parse command line parameters with annotations...

BIT-ARGO-CD-2023-40029

Argo CD is a declarative continuous deployment for Kubernetes. Argo CD Cluster secrets might be managed declaratively using Argo CD / kubectl apply. As a result, the full secret body is stored inkubectl.kubernetes.io/last-applied-configuration annotation. pull request 7139 introduced the ability ...

PT-2024-8058 · Foxit · Foxit Pdf Reader +1

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader affected versions not specified Foxit PDF Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the...

CVE-2023-6267 Quarkus: json payload getting processed prior to security checks when rest resources are used with annotations.

A flaw was found in the json payload. If annotation based security is used to secure a REST resource, the JSON body that the resource may consume is being processed deserialized prior to the security constraints being evaluated and applied. This does not happen with configuration based security...

Foxit PDF Editor < 11.2.8 Multiple Vulnerabilities

According to its version, the Foxit PDF Editor application previously named Foxit PhantomPDF installed on the remote Windows host is prior to 11.2.8. It is, therefore affected by multiple vulnerabilities: - A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles 3D...

CVE-2023-5118

The application is vulnerable to Stored Cross-Site Scripting XSS in the endpoint /sofer/DocumentService.asc/SaveAnnotation, where input data transmitted via the POST method in the parameters author and text are not adequately sanitized and validated. This allows for the injection of malicious...

MAL-2023-8719 Malicious code in figma-include-accessibility-annotations (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fcb17fd8a376f1c1967e4a54049e96bf34f63f71f41e75262db53f96e883d43d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-32616

A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles 3D annotations. A specially crafted Javascript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An...

CVE-2023-32616

A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles 3D annotations. A specially crafted Javascript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An...

CVE-2023-32616

Summary: CVE-2023-32616 is a use-after-free in Foxit Reader 12.1.2.15356 affecting 3D annotations. A specially crafted Javascript in a malicious PDF can reuse a freed object, causing memory corruption and arbitrary code execution. Exploitation requires user action (opening the malicious PDF) or, ...

CVE-2023-32616

A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles 3D annotations. A specially crafted Javascript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An...

Apache Superset has Incorrect Default Permissions

Unnecessary read permissions within the Gamma role would allow authenticated users to read configured CSS templates and annotations. This issue affects Apache Superset: before 2.1.2. Users should upgrade to version or above 2.1.2 and run superset init to reconstruct the Gamma role or remove canre...

CVE-2023-42501

Unnecessary read permissions within the Gamma role would allow authenticated users to read configured CSS templates and annotations. This issue affects Apache Superset: before 2.1.2. Users should upgrade to version or above 2.1.2 and run superset init to reconstruct the Gamma role or remove canre...

CVE-2023-42501

Unnecessary read permissions within the Gamma role would allow authenticated users to read configured CSS templates and annotations. This issue affects Apache Superset: before 2.1.2. Users should upgrade to version or above 2.1.2 and run superset init to reconstruct the Gamma role or remove canre...

Design/Logic Flaw

Unnecessary read permissions within the Gamma role would allow authenticated users to read configured CSS templates and annotations. This issue affects Apache Superset: before 2.1.2. Users should upgrade to version or above 2.1.2 and run superset init to reconstruct the Gamma role or remove canre...