CVE-2022-40655

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2019-13331

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...

CVE-2024-21474

Memory corruption when size of buffer from previous call is used without validation or re-initialization...

CLSA-2025-1738170565 vim: Fix of 5 CVEs

CVE-2023-2610: limit the text length to MAXCOL - CVE-2023-4735: don't overflow buf2, check size in for loop - CVE-2023-4750: check buffer is valid before accessing it - CVE-2023-4752: validate buffer before accessing it - CVE-2023-4781: disallow exchanging windows when textlock is active - Drop...

CVE-2024-9720

Trimble SketchUp Viewer SKP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target...

CVE-2024-8838

PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visi...

CVE-2024-11568

IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page...

CVE-2024-11561

IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page...

CVE-2024-8814

CVE-2024-8814 affects PDF-XChange Editor. The issue is in the U3D file parsing path where insufficient validation can cause a read past the end of an allocated buffer, enabling a remote code execution when a user visits a malicious page or opens a malicious file. The vulnerability is an out-of-bo...

CVE-2024-8814 PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visi...

CVE-2024-9746 Tungsten Automation Power PDF TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Tungsten Automation Power PDF TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in th...

CVE-2024-9718 Trimble SketchUp Viewer SKP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Trimble SketchUp Viewer SKP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target...

CVE-2024-11533

CVE-2024-11533 refers to an out-of-bounds write in IrfanView’s DXF file parsing, enabling remote code execution. The flaw stems from insufficient validation of user-supplied data during DXF parsing, which can write past the end of an allocated buffer and execute code in the current process. Explo...

CVE-2024-5877 IrfanView PIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

IrfanView PIC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious pag...

CVE-2024-5875 IrfanView SHP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

IrfanView SHP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious pag...

Luxion KeyShot JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of jt...

PT-2024-17036 · Irfan Skiljan · Irfanview

Name of the Vulnerable Software and Affected Versions: IrfanView affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this, where the target must visit a malicious...

CVE-2023-39176

A flaw was found within the parsing of SMB2 requests that have a transform header in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this to disclose...

CLSA-2024-1729193618 Fix CVE(s): CVE-2024-43802

SECURITY UPDATE: prevent heap-buffer overflow in typeahead buffer flushing - debian/patches/CVE-2024-43802.patch: fix heap-buffer-overflow in instypebuf by validating enough space left when flushing typeahead buffer - CVE-2024-43802...

PDF-XChange Editor Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...