Adobe Acrobat Reader DC Continuous Security Update (APSB24-07) - Mac OS X

Adobe Acrobat Reader DC Continuous is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2024-4947

The CVE-2024-4947 entry corresponds to a Type Confusion vulnerability in Google Chrome/Chromium V8 that allows a remote attacker to execute arbitrary code inside the sandbox via a crafted HTML page. Affected software is the Chrome/Chromium stack using V8 prior to version 125.0.6422.60. The root c...

CVE-2024-34909

An arbitrary file upload vulnerability in KYKMS v1.0.1 and below allows attackers to execute arbitrary code via uploading a crafted PDF file...

CVE-2024-34909

An arbitrary file upload vulnerability in KYKMS v1.0.1 and below allows attackers to execute arbitrary code via uploading a crafted PDF file...

CVE-2024-31803

Buffer Overflow vulnerability in emp-ot v.0.2.4 allows a remote attacker to execute arbitrary code via the FerretCOT::readpredata128fromfile function...

RHEL 7 : qpdf (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - qpdf: stack exhaustion in QPDFObjectHandle and QPDFDictionary classes in libqpdf.a CVE-2018-9918 - A...

RHEL 5 : php (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - php: buffer overflow in handling of long link names in tar phar archives CVE-2016-2554 - php: Uninitializ...

RHEL 5 : gimp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gimp: Heap-based buffer overflow in readchanneldata function in plug-ins/common/file-psp.c CVE-2017-17789...

CVE-2024-20862

CVE-2024-20862 affects SveService on Samsung Mobile devices prior to SMR May-2024 Release 1. The vulnerability is an out-of-bounds write that enables local privileged attackers to execute arbitrary code. Exploitation details are not provided in the sources, and no in-the-wild exploit information ...

Security Bulletin: Vulnerability in node.js package affects IBM Storage Scale GUI (CVE-2023-42282)

Summary There is a vulnerability in node.js package, used by IBM Storage Scale GUI. Fix for this issue is available in all versions. Vulnerability Details CVEID:CVE-2023-42282 DESCRIPTION: Node.js IP package could allow a remote attacker to execute arbitrary code on the system, caused by a...

CVE-2023-39457

Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Triangle MicroWorks SCADA Data Gateway. Authentication is not required to exploit this vulnerability. The specific flaw...

CVE-2023-27322

Parallels Desktop Service Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host...

CVE-2023-35741

The CVE-2023-35741 entry concerns the D-Link DAP-2622 DDP service. Affected component: DDP configuration backup filename handling in the DAP-2622 router. Root cause: length-validation flaw when copying user-supplied data into a fixed-length stack-based buffer, leading to a stack buffer overflow. ...

CVE-2024-25290

An issue in Casa Systems NL1901ACV R6B032 allows a remote attacker to execute arbitrary code via the userName parameter of the add function...

CVE-2024-33429

Buffer-Overflow vulnerability at pcmconvert.h:513 of phiola v2.0-rc22 allows a remote attacker to execute arbitrary code via a crafted .wav file...

CVE-2024-31820

An issue in Ecommerce-CodeIgniter-Bootstrap commit v. d22b54e8915f167a135046ceb857caaf8479c4da allows a remote attacker to execute arbitrary code via the getLangFolderForEdit method of the Languages.php component...

CVE-2024-33445

An issue in hisiphp v2.0.111 allows a remote attacker to execute arbitrary code via a crafted script to the SystemPlugins::mkInfo parameter in the SystemPlugins.php component...

CVE-2024-31666

An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via a crafted script to the editaddonpost.php component...

CVE-2024-29661

A File Upload vulnerability in DedeCMS v5.7 allows a local attacker to execute arbitrary code via a crafted payload...

CVE-2023-50009

FFmpeg vulnerability CVE-2023-50009: a heap-based buffer overflow is triggered in the ff_gaussian_blur_8 function (libavfilter/edge_template.c:116:5) on FFmpeg v.n6.1-3-g466799d4f5. The issue is locally exploitable (LOCAL attack vector, no user interaction) with high impact (I/H; A high), as desc...