Adobe Acrobat DC (Continuous) Security Update (APSB21-29) - Windows

Adobe Acrobat DC Continuous Track is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Google Releases Security Updates for Chrome

Google has released Chrome version 99.0.4844.84 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system. CISA encourages users and administrators to review the Chrome Release Note and apply the necessary updates. Thi...

CVE-2022-26285

Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the apply endpoint. This vulnerability allows attackers to dump the application's database via crafted HTTP requests...

CVE-2022-26285

Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the apply endpoint. This vulnerability allows attackers to dump the application's database via crafted HTTP requests...

CVE-2021-45966

An issue was discovered in Pascom Cloud Phone System before 7.20.x. In the management REST API, /services/apply in exd.pl allows remote attackers to execute arbitrary code via shell metacharacters...

Pascom Cloud Phone System 操作系统命令注入漏洞

Pascom Cloud Phone System is a cloud phone system from Pascom. An operating system command injection vulnerability exists in Pascom Cloud Phone System, which stems from the failure of /services/apply in exd.pl to properly filter the special elements of the construct snippet, which can be exploite...

Apple Releases Security Updates for Multiple Products

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security page and apply the necessary updates. This...

Mozilla Releases Security Updates

Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Mozilla security advisories for Firefox...

Multiple vulnerabilities in Trend Micro ServerProtect

Overview Trend Micro Incorporated has released security updates for ServerProtect. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. Impact Remote control execution due to insufficiently protected static credentials Denial-of-servic...

Image-Processing 安全漏洞

Image-Processing is an image-processing code repository that uses C. A security vulnerability exists in Image-Processing versions prior to 1.12.2 that stems from the use of unprocessed user input in the apply method, which allows an attacker to execute system commands...

PT-2022-7269 · Libde265 +3 · Libde265 +3

Name of the Vulnerable Software and Affected Versions: Libde265 version 1.0.8 Description: The issue is related to a segmentation violation via the apply sao internal function in sao.cc, which can be exploited to cause a Denial of Service DoS by using a crafted video file. This can be achieved by...

Apple Mac OS X Security Update (HT213056)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mongodb Server 输入验证错误漏洞

Mongodb Server is an open source NoSQL database from Mongodb, Inc. The database provides collection-oriented storage, dynamic query, data replication and automatic failover, etc. A denial-of-service vulnerability exists in MongoDB Server, which can be exploited by an attacker with basic CRUD...

Citrix Releases Security Updates

Citrix has released security updates to address vulnerabilities affecting multiple versions of Citrix Application Delivery Controller ADC, Gateway, and SD-WAN WANOP. An attacker could exploit these vulnerabilities to cause a denial-of-service condition. CISA encourages users and administrators to...

Debian: Security Advisory (DLA-2803-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in multiple Adobe products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Adobe’s Security Bulletins and apply the necessary updates...

PT-2021-6914

Name of the Vulnerable Software and Affected Versions Java SE version 8u301 Description The issue is related to insufficient input validation in the Deployment component of Java SE, allowing an unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...

Trend Micro ServerProtect family vulnerable to authentication bypass

Overview Trend Micro Incorporated has released security updates for ServerProtect family. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN. Impact A remote attacker may bypass authentication for the products. For more information, refer...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Functional Tester

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.8 and IBM® Runtime Environment Java™ Version 1.8 used by Rational Functional Tester. Rational Functional Tester has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2021-2341 DESCRIPTION: An...

Samba 3.0.0 <= 3.0.25rc3 Remote Code Execution Vulnerability (CVE-2007-2446)

Multiple Heap Overflows Allow remote code execution RCE. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:samba:samba";...