664 matches found
CVE-2026-5943 Foxit PDF Editor/Reader AcroForm Annotation Use-After-Free Remote Code Execution Vulnerability
Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, leading to a crash when accessing an invalid pointer during page information...
Foxit PDF Reader AcroForm Annotation Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011126)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011126 advisory. In the Linux kernel, the following vulnerability has been resolved: sctp: prevent possible shift-out-of-bounds in sctptransportupdaterto syzbot reported a possible...
jetty-annotations-9.4.58-4.1 on GA media (moderate)
jetty-annotations-9.4.58-4.1 on GA media Announcement ID: openSUSE-SU-2026:10574-1 Rating: moderate Cross-References: CVE-2026-2332 CVE-2026-5795 CVSS scores: CVE-2026-2332 SUSE : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2026-5795 SUSE : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:...
OPENSUSE-SU-2026:10574-1 jetty-annotations-9.4.58-4.1 on GA media
These are all security issues fixed in the jetty-annotations-9.4.58-4.1 package on the GA media of openSUSE Tumbleweed...
How Digital Annotations Are Replacing Paper Markups in Business
Digital Annotations replace paper markups in business, enabling real time collaboration, version control, and secure document workflows across teams...
kube-router: BGP Peer Passwords Exposed in Logs at Verbose Logging Level
Summary When kube-router is configured with per-node BGP peer passwords using the kube-router.io/peer.passwords node annotation, and verbose logging is enabled --v=2 or higher, the raw Kubernetes node annotation map is logged verbatim — including the base64-encoded BGP MD5 passwords. Anyone with...
GHSA-FCMH-QFXC-W685 kube-router: BGP Peer Passwords Exposed in Logs at Verbose Logging Level
Summary When kube-router is configured with per-node BGP peer passwords using the kube-router.io/peer.passwords node annotation, and verbose logging is enabled --v=2 or higher, the raw Kubernetes node annotation map is logged verbatim — including the base64-encoded BGP MD5 passwords. Anyone with...
CVE-2026-3774
The application allows PDF JavaScript and document/print actions such as WillPrint/DidPrint to update form fields, annotations, or optional content groups OCGs immediately before or after redaction, encryption, or printing. These script‑driven updates are not fully covered by the existing...
CVE-2026-3776
The application does not validate the presence of required appearance AP data before accessing stamp annotation resources. When a PDF contains a stamp annotation missing its AP entry, the code continues to dereference the associated object without a prior null or validity check, which allows a...
EUVD-2026-17749
The application allows PDF JavaScript and document/print actions such as WillPrint/DidPrint to update form fields, annotations, or optional content groups OCGs immediately before or after redaction, encryption, or printing. These script‑driven updates are not fully covered by the existing...
CVE-2026-3774
The application allows PDF JavaScript and document/print actions such as WillPrint/DidPrint to update form fields, annotations, or optional content groups OCGs immediately before or after redaction, encryption, or printing. These script‑driven updates are not fully covered by the existing...
CVE-2026-3774 Self-Modifications Affecting Altered Printing and Redaction in Foxit PDF Editor
The application allows PDF JavaScript and document/print actions such as WillPrint/DidPrint to update form fields, annotations, or optional content groups OCGs immediately before or after redaction, encryption, or printing. These script‑driven updates are not fully covered by the existing...
CVE-2026-3774 Self-Modifications Affecting Altered Printing and Redaction in Foxit PDF Editor
The application allows PDF JavaScript and document/print actions such as WillPrint/DidPrint to update form fields, annotations, or optional content groups OCGs immediately before or after redaction, encryption, or printing. These script‑driven updates are not fully covered by the existing...
CVE-2026-3776
The application does not validate the presence of required appearance AP data before accessing stamp annotation resources. When a PDF contains a stamp annotation missing its AP entry, the code continues to dereference the associated object without a prior null or validity check, which allows a...
PT-2026-29438
The application does not detect or guard against cyclic PDF object references while handling JavaScript in PDF. When pages and annotations are crafted that reference each other in a loop, passing the document to APIs e.g., SOAP that perform deep traversal can cause uncontrolled recursion, stack...
Foxit PDF Reader和Foxit PDF Editor 安全漏洞
Foxit PDF Reader and Foxit PDF Editor are products of Foxit Corporation, a Chinese company. Foxit PDF Reader is a PDF reader. Foxit PDF Editor is a PDF editor. Both Foxit PDF Reader and Foxit PDF Editor have security vulnerabilities. These vulnerabilities stem from the lack of verification of the...
SUSE CVE-2026-32241
Flannel is a network fabric for containers, designed for Kubernetes. The Flannel project includes an experimental Extension backend that allows users to easily prototype new backend types. In versions of Flannel prior to 0.28.2, this Extension backend is vulnerable to a command injection that...
CVE-2026-32241
Flannel is a network fabric for containers, designed for Kubernetes. The Flannel project includes an experimental Extension backend that allows users to easily prototype new backend types. In versions of Flannel prior to 0.28.2, this Extension backend is vulnerable to a command injection that...
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection in the Extension backend process. An attacker can execute arbitrary commands with root privileges on affected nodes by injecting malicious data into the flannel.alpha.coreos.com/backend-data annotation, which is then...