KLA20009 Multiple vulnerabilities in Adobe Acrobat and Adobe Acrobat Reader

Multiple vulnerabilities were found in Adobe Acrobat and Adobe Acrobat Reader. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Use after free vulnerability can be exploited to cause denial of...

CVE-2022-41512

An arbitrary file upload vulnerability in the component /phpaction/editFile.php of Online Diagnostic Lab Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-41379

An arbitrary file upload vulnerability in the component /leavesystem/classes/Users.php?f=save of Online Leave Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

USN-5614-2: Wayland vulnerability

USN-5614-1 fixed a vulnerability in Wayland. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Wayland incorrectly handled reference counting certain objects. An attacker could use this issue to cause Wayland to crash, resulting ...

CVE-2022-40341

mojoPortal v2.7 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted PNG file...

CVE-2022-39256 Orckestra C1 CMS's deserialization of untrusted data allows for arbitrary code execution.

Orckestra C1 CMS is a .NET based Web Content Management System. A vulnerability in versions prior to 6.13 allows remote attackers to execute arbitrary code on affected installations of Orckestra C1 CMS. Authentication is required to exploit this vulnerability. The authenticated user may perform t...

Ubuntu: Security Advisory (USN-5630-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Adobe InDesign Heap Buffer Overflow Vulnerability (CNVD-2022-79422)

Adobe InDesign is a set of typesetting and editing applications from Adobe, which is vulnerable to a heap buffer overflow that could be exploited to execute arbitrary code...

Ubuntu: Security Advisory (USN-5614-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

USN-5613-1: Vim vulnerabilities

It was discovered that Vim was not properly performing bounds checks when executing spell suggestion commands. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2022-0943 It was discovered that Vim was using freed memory when dealing with regula...

Two Zero-day vulnerabilities in macOS BigSur

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Apple addresses ten vulnerabilities, two of which are actively exploited. The vulnerabilities have been assigned CVE-2022-32917 and CVE-2022-32894 and could allow an attacker to execute arbitrary...

USN-5606-1: poppler vulnerability

It was discovered that poppler incorrectly handled certain PDF. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

Security Bulletin: Apache Commons Configuration Vulnerability affects IBM SPSS Analytic Server [CVE-2022-33980]

Summary There is a vulnerability in the version of Apache Commons Configuration that was included in IBM SPSS Analytic Server. This vulnerability has been addressed. CVE-2022-33980 Vulnerability Details CVEID:CVE-2022-33980 DESCRIPTION: Apache Commons Configuration could allow a remote attacker t...

Apple Mac OS X Security Update (HT212325)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Google Chrome WebSQL Memory Misreference Vulnerability

Google Chrome is a web browser from Google, an American company. A memory misreference vulnerability exists in versions of Google Chrome prior to 105.0.5195.52, which stems from a mix-up in instructions responsible for freeing memory in WebSQL. An attacker could exploit this vulnerability to...

Privilege escalation

An arbitrary file upload vulnerability in the component /phpaction/createProduct.php of Garage Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-36582

An arbitrary file upload vulnerability in the component /phpaction/createProduct.php of Garage Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...

Tenda AX180 Stack Overflow Vulnerability (CNVD-2022-78477)

Tenda AX1803 is a dual-band gigabit WIFI6 router from Tenda China.Tenda AX1803 is vulnerable to a stack overflow vulnerability caused by improper boundary checking in the fromSetRouteStatic function. An attacker could exploit this vulnerability to cause a buffer overflow and execute arbitrary cod...

Tenda AC1206 Buffer Overflow Vulnerability (CNVD-2022-78498)

Tenda AC1206 is a wireless pass-through gigabit router from Tenda, China.Tenda AC1206 version V15.03.06.23 is vulnerable to a buffer overflow vulnerability caused by improper boundary checking of the formSetQosBand function. An attacker could exploit this vulnerability to overflow the buffer and...