Foxit PhantomPDF HTML2PDF HTML Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion ...

Adobe Acrobat ImageConversion EMF EmfPlusDrawBeziers Out-Of-Bounds Read Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

Microsoft Internet Explorer CSS Style Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Adobe Acrobat Pro DC ImageConversion EMF EMR_COMMENT Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

The vulnerability of the CA Release Automation system arises from the restoration of an unreliable data structure in memory, allowing a perpetrator to execute arbitrary code.

The vulnerability of the CA Release Automation system arises from the restoration of a dubious data structure in memory. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code using a specially crafted serialized object...

Vulnerability of Microsoft COM components in Windows operating systems, allowing attackers to execute arbitrary code

The vulnerability of the Microsoft Component Object Model COM in Windows operating systems is related to the restoration of a dubious data structure in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file or script...

UBUNTU-CVE-2018-16058

In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure...

Microsoft Windows EMF File Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

The vulnerability of the library for working with SVG images in Apache Batik, related to the restoration of unreliable data structures in memory, allows attackers to gain access to protected data or cause service failures.

The vulnerability of the Apache Batik library for working with SVG images is related to the restoration of a dubious data structure in memory the “AbstractDocument” class. Exploiting this vulnerability could allow an attacker to gain access to protected data or cause service failures using the HT...

FreeBSD -- Resource exhaustion in TCP reassembly

Problem Description: One of the data structures that holds TCP segments uses an inefficient algorithm to reassemble the data. This causes the CPU time spent on segment processing to grow linearly with the number of segments in the reassembly queue. Impact: An attacker who has the ability to send...

[SECURITY] Fedora 27 Update: redis-4.0.10-1.fc27

Redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing se...

Code injection

In the MDSS driver in all Android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the Linux kernel, a data structure may be used without being initialized correctly...

CVE-2018-5860

In the MDSS driver in all Android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the Linux kernel, a data structure may be used without being initialized correctly...

CVE-2018-5860

In the MDSS driver in all Android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the Linux kernel, a data structure may be used without being initialized correctly...

CVE-2018-5860

CVE-2018-5860 affects the MDSS (multimedia display) driver in Android builds for MSM, Firefox OS for MSM, and QRD Android, provided by CAF on Linux-based kernels. The root cause is that a data structure may be used without proper initialization, as described in multiple sources. According to the ...

Foxit Reader U3D Texture Height Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within U3D Texture...

Foxit Reader U3D Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

Foxit Reader U3D Key Frame Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

Design/Logic Flaw

The Device Administrator code in Android before 4.4.1r1 might allow attackers to spoof device administrators and consequently bypass MDM restrictions by leveraging failure to update the mAdminMap data structure...

The vulnerability of the Cisco Secure Access Control System’s access control software lies in the ability to restore a questionable data structure in memory, allowing an intruder to execute arbitrary commands with root privileges.

The vulnerability of the Cisco Secure Access Control System ACS management software exists due to insufficient validation of input data and the inability to restore a reliable data structure in memory. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary...