CVE-2020-0017

In multiple places, it was possible for the primary user’s dictionary to be visible to and modifiable by secondary users. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8...

PT-2024-32830 · Umbraco · Umbraco

Name of the Vulnerable Software and Affected Versions: Umbraco versions 14.0.0 through 14.3.0 Umbraco versions prior to 15.0.0 Description: The issue allows for cross-site scripting, which can be leveraged to gain access to higher-privilege endpoints. If a user with admin privileges runs the code...

PT-2024-31564 · Overleaf · Overleaf Server Pro +1

Name of the Vulnerable Software and Affected Versions: Overleaf Community Edition and Server Pro versions prior to 5.0.7 Overleaf Community Edition and Server Pro versions 4.x prior to 4.2.7 Description: Overleaf is a web-based collaborative LaTeX editor. The issue allows an arbitrary language...

SUSE CVE-2018-20751

An issue was discovered in croppage in PoDoFo 0.9.6. For a crafted PDF document, pPage-GetObject-GetDictionary.AddKeyPdfName"MediaBox",var can be problematic due to the function GetObject being called for the pPage NULL pointer object. The value of pPage at this point is 0x0, which causes a NULL...

CVE-2020-0017

In multiple places, it was possible for the primary user’s dictionary to be visible to and modifiable by secondary users. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8...