610 matches found
CVE-2024-49576
A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a checkbox CBFWidget object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An...
CVE-2024-49576
A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a checkbox CBFWidget object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An...
CVE-2024-47810
A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a 3D page object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs ...
CVE-2024-47810
A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a 3D page object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker needs ...
PT-2024-9691 · Foxit · Foxit Reader
Name of the Vulnerable Software and Affected Versions: Foxit Reader version 2024.3.0.26795 Description: A use-after-free vulnerability exists in the way Foxit Reader handles a checkbox CBF Widget object. This vulnerability can be triggered by a specially crafted Javascript code inside a malicious...
PT-2024-10303 · Foxit · Foxit Reader
Name of the Vulnerable Software and Affected Versions: Foxit Reader version 2024.3.0.26795 Description: A use-after-free vulnerability exists in the way Foxit Reader handles a 3D page object. This can be triggered by a specially crafted Javascript code inside a malicious PDF document, leading to...
CVE-2024-28888
A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a checkbox field object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An attacker...
CVE-2024-28888
CVE-2024-28888 is a use-after-free vulnerability in Foxit Reader/Foxit PDF Editor affecting components that handle a checkbox field object. The root cause is memory management in the checkbox handling path, allowing a specially crafted JavaScript inside a malicious PDF (or a crafted site when the...
CVE-2024-0981
Okta Browser Plugin versions 6.5.0 through 6.31.0 Chrome/Edge/Firefox/Safari are vulnerable to cross-site scripting. This issue occurs when the plugin prompts the user to save these credentials within Okta Personal. A fix was implemented to properly escape these fields, addressing the...
CVE-2024-0981
Okta Browser Plugin versions 6.5.0 through 6.31.0 Chrome/Edge/Firefox/Safari are vulnerable to cross-site scripting. This issue occurs when the plugin prompts the user to save these credentials within Okta Personal. A fix was implemented to properly escape these fields, addressing the...
CVE-2024-0981
Okta Browser Plugin versions 6.5.0 through 6.31.0 Chrome/Edge/Firefox/Safari are vulnerable to cross-site scripting. This issue occurs when the plugin prompts the user to save these credentials within Okta Personal. A fix was implemented to properly escape these fields, addressing the...
CVE-2024-0981
The CVE-2024-0981 affect is: Okta Browser Plugin versions 6.5.0–6.31.0 (Chrome/Edge/Firefox/Safari) allow cross-site scripting when the plugin prompts to save credentials in Okta Personal. Root cause: improper escaping of fields in the credential-save prompt. Impact: potential XSS; remediation: u...
PT-2024-15959 · Okta · Workforce Identity Cloud +2
Name of the Vulnerable Software and Affected Versions: Okta Browser Plugin versions 6.5.0 through 6.31.0 Description: The issue occurs due to a cross-site scripting flaw when the Okta Browser Plugin prompts the user to save credentials within Okta Personal. This is resolved by properly escaping...
Okta Browser Plugin 安全漏洞
Okta Browser Plugin is a browser plugin from Okta USA. A security vulnerability exists in Okta Browser Plugin versions 6.5.0 through 6.31.0 that stems from vulnerability to cross-site scripting attacks...
[SECURITY] Fedora 40 Update: djvulibre-3.5.28-9.fc40
DjVu is a web-centric format and software platform for distributing documents and images. DjVu can advantageously replace PDF, PS, TIFF, JPEG, and GIF for distributing scanned documents, digital documents, or high-resolution picture s. DjVu content downloads faster, displays and renders faster,...
[SECURITY] Fedora 39 Update: djvulibre-3.5.28-7.fc39
DjVu is a web-centric format and software platform for distributing documents and images. DjVu can advantageously replace PDF, PS, TIFF, JPEG, and GIF for distributing scanned documents, digital documents, or high-resolution picture s. DjVu content downloads faster, displays and renders faster,...
CVE-2024-25938
A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Barcode widget. A specially crafted JavaScript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An...
CVE-2024-25575
A type confusion vulnerability vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Lock object. A specially crafted Javascript code inside a malicious PDF document can trigger this vulnerability, which can lead to memory corruption and result in arbitrary code execution. An...
CVE-2024-25648
A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a ComboBox widget. A specially crafted JavaScript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. A...
CVE-2024-25938
A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Barcode widget. A specially crafted JavaScript code inside a malicious PDF document can trigger reuse of a previously freed object, which can lead to memory corruption and result in arbitrary code execution. An...