Foxit PDF Reader 资源管理错误漏洞

Foxit PDF Reader is a PDF reader from Foxit China. Foxit PDF Reader is vulnerable to resource management errors, which can be exploited by attackers to execute code in the current process...

The vulnerability of software for storing images with a wide dynamic range of brightness, related to pointer swapping errors, allows attackers to trigger a service failure.

The vulnerability of software for storing images with a wide dynamic range of brightness in OpenEXR is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause service interruptions...

The vulnerability of the Slapi-nis package for 389 Directory Server allows a hacker to trigger a service failure.

The vulnerability of the Slapi-nis package for 389 Directory Server is related to pointer assignment errors. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of the `derive_boundaryStrength` function in the deblock.cc component of the h.265 Libde265 video codec implementation, which allows a hacker to cause a service failure.

The vulnerability of the deriveboundaryStrength function in the deblock.cc component of the h.265 Libde265 video codec implementation is related to errors during resource release. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

Microsoft Edge’s vulnerability, related to synchronization errors when using a shared resource, allows attackers to escalate their privileges.

The vulnerability of Microsoft Edge is related to synchronization errors when using a shared resource “Race Situation”. Exploiting this vulnerability can allow an attacker to gain increased privileges...

The vulnerability of the Link Layer Discovery Protocol (LLDP) implementation in the Cisco NX-OS operating system of Cisco Nexus 9000 Series Fabric Switches in ACI mode allows a attacker to cause a service failure.

The vulnerability of the Link Layer Discovery Protocol LLDP implementation in the Cisco NX-OS operating system of Cisco Nexus 9000 Series Fabric Switches in ACI mode is related to memory release errors. Exploiting this vulnerability could allow a malicious actor to cause service failure by sendin...

Microsoft Edge’s vulnerability, related to security configuration errors, allows attackers to circumvent security restrictions.

The vulnerability of Microsoft Edge is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to bypass security restrictions by opening a specially created malicious web page...

The vulnerability of the kvm_vcpu_ioctl_x86_getdebugregss() function (arch/x86/kvm/x86.c) in the KVM virtualization subsystem of the Linux operating system allows a attacker to gain access to protected information.

The vulnerability of the kvmvcpuioctlx86getdebugregss function arch/x86/kvm/x86.c in the KVM virtualization subsystem of the Linux operating system is related to errors during initialization. Exploiting this vulnerability can allow an attacker to gain access to protected information...

The vulnerability of the `process.mainModule.require()` function in the Node.js software platform allows attackers to gain increased privileges.

The vulnerability of the process.mainModule.require function in the Node.js software platform is related to authentication errors. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

Upgraded Q -> 2 from #215 [1679863603573]

Judge has assessed an item in Issue 215 as 2 risk. The relevant finding follows: L1 + L2 --- The text was updated successfully, but these errors were encountered: All reactions...

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird, related to information representation errors in the user interface, allow attackers to perform spear-phishing attacks.

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are related to information representation errors in the user interface. Exploiting these vulnerabilities can allow attackers to perform spear-phishing attacks remotely...

Upgraded Q -> 2 from #215 [1679863647530]

Judge has assessed an item in Issue 215 as 2 risk. The relevant finding follows: NC1 --- The text was updated successfully, but these errors were encountered: All reactions...

CVE-2022-20499

In validateForCommonR1andR2 of PasspointConfiguration.java, uncaught errors in parsing stored configs could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L...

UBUNTU-CVE-2022-20499

In validateForCommonR1andR2 of PasspointConfiguration.java, uncaught errors in parsing stored configs could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12L...

PT-2023-17782 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-11 through Android-13 Description: The issue is related to uncaught exceptions in multiple functions of SnoozeHelper.java, which could lead to a failure to persist settings. This might result in a local escalation of...

PT-2023-12656 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-12 through Android-13 Description: The issue arises from uncaught errors in parsing stored configurations within the validateForCommonR1andR2 function of PasspointConfiguration.java. This can lead to a local persisten...

Workspace App for Mac - Known Issue - March 23rd 2023

When using Citrix Workspace App for Mac, users may receive the following errors: - Unable to communicate with Authentication Manager service - The Store doesn't exist. Please retry or contact support. - Citrix Workspace cannot connect to the server. Check your network connection. -Could not...

PT-2023-1978 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge Chromium-based affected versions not specified Description: The issue is related to synchronization errors, specifically a "race condition" scenario, which can be exploited to elevate privileges. Recommendations: At the moment,...

The vulnerability of Microsoft Defender for Endpoint’s Windows operating system allows a hacker to bypass existing security restrictions.

The vulnerability of Microsoft Defender for Endpoint’s Windows operating system is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor to bypass existing security restrictions remotely...

The vulnerability of the Resilient File System (ReFS) in Windows operating systems allows a hacker to increase their privileges within the system.

The vulnerability of the Resilient File System ReFS in Windows operating systems is related to errors in code generation. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...