(0Day) Soda PDF Desktop PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Soda PDF Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

CVE-2025-55313

Summary: CVE-2025-55313 affects Foxit PDF Editor/Reader for Windows and macOS prior to 13.2 and prior to 2025.2. The issue stems from how memory allocation failures are handled after JavaScript assigns an extremely large value to a form field’s charLimit, leading to memory corruption and potentia...

PT-2025-50644

Name of the Vulnerable Software and Affected Versions libbiosig version 3.9.1 Description The software contains stack-based buffer overflow flaws in the MFER parsing functionality. A malicious MFER file, specifically one with Tag 131, can trigger these flaws, potentially leading to arbitrary code...

TeamViewer DEX Client 安全漏洞

TeamViewer DEX Client is a digital employee experience and endpoint management software from TeamViewer Germany. A security vulnerability exists in TeamViewer DEX Client versions prior to V17.1 that stems from improper handling of executable search paths, which could lead to elevation of privileg...

Sandboxie 输入验证错误漏洞

Sandboxie is sandboxie-plus open source sandbox-based isolation software. An input validation error vulnerability exists in Sandboxie 1.16.6 and earlier versions, which stems from an unchecked overflow that could lead to a heap overflow and execution of arbitrary code...

CVE-2025-55314

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. When pages in a PDF are deleted via JavaScript, the application may fail to properly update internal states. Subsequent annotation management operations assume these states are valid, causing...

CVE-2025-55313

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. They allow potential arbitrary code execution when processing crafted PDF files. The vulnerability stems from insufficient handling of memory allocation failures after assigning an extremely...

IBM Aspera Orchestrator 操作系统命令注入漏洞

IBM Aspera Orchestrator is a Web-based application from International Business Machines IBM, Inc. It can provide an efficient file processing pipeline for data-driven organizations. An operating system command injection vulnerability exists in IBM Aspera Orchestrator versions 4.0.0 through 4.1.0,...

AzeoTech DAQFactory 缓冲区错误漏洞

AzeoTech DAQFactory is a data acquisition and monitoring software developed by AzeoTech, Inc. and commonly used in industrial automation. AzeoTech DAQFactory suffers from a buffer overflow vulnerability that originates from accessing an uninitialized pointer and can be exploited by an attacker to...

编号撤回

AzeoTech DAQFactory is a data acquisition and monitoring software developed by AzeoTech, Inc. and commonly used in industrial automation. AzeoTech DAQFactory suffers from a stack buffer overflow vulnerability that originates from a stack buffer overflow when parsing a specially crafted .ctl file,...

libbiosig 安全漏洞

libbiosig is an open source software library for biomedical signal processing open source by BioSig Project. It has biosignal analysis capabilities. A security vulnerability exists in libbiosig version 3.9.1, which stems from a stack buffer overflow in the MFER parsing function that could lead to...

EasyImages 安全漏洞

EasyImages is a thin wrapper on PIL by Jakub Cieslik individual developer. It is used for exploring, visualizing and sharing images. A security vulnerability exists in EasyImages 2.0 2.8.6 and earlier versions, which stems from improper file upload functionality and could lead to the execution of...

Linux Distros Unpatched Vulnerability : CVE-2025-66045

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER fil...

编号撤回

AzeoTech DAQFactory is a data acquisition and monitoring software developed by AzeoTech, Inc. and commonly used in industrial automation. AzeoTech DAQFactory suffers from a memory corruption vulnerability that exists when parsing a specially crafted .ctl file and can be exploited by an attacker t...

ConnectWise ScreenConnect 安全漏洞

ConnectWise ScreenConnect is a self-hosted remote desktop software application from ConnectWise. A security vulnerability exists in ConnectWise ScreenConnect versions prior to 25.8 that stems from insufficient validation of the extension subsystem and could lead to the execution of arbitrary code...

SPA-CART CMS 跨站脚本漏洞

SPA-CART CMS is a content management system for Oleg Individual Developers. A cross-site scripting vulnerability exists in SPA-CART CMS version 1.9.0.3, which stems from the presence of stored cross-site scripting in the product description parameter that could lead to the execution of arbitrary...

CVE-2025-55312

CVE-2025-55312 affects Foxit PDF Editor for Windows prior to 13.2 and prior to 2025.2. When pages are deleted via JavaScript, the software may fail to update internal states, leading to dereference of invalid memory during subsequent annotation management. This memory corruption can cause crashes...

Linux Distros Unpatched Vulnerability : CVE-2025-66044

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER fil...

(0Day) PDFsam Enhanced XLS File Insufficient UI Warning Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDFsam Enhanced. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

PT-2025-50640

Name of the Vulnerable Software and Affected Versions libbiosig version 3.9.1 Description The software contains stack-based buffer overflow flaws in the MFER parsing functionality. A crafted MFER file can cause arbitrary code execution. An attacker can trigger these flaws by providing a malicious...