Caldera Forms <= 1.5.4 - Authenticated Cross-Site Scripting (XSS)

Version 1.5.4 and earlier of Caldera Forms is vulnerable to a reflected cross-site scripting vulnerability in the "edit" parameter, which is not properly escaped before being printed in an HTML attribute. An attacker can use this to craft URLs that, when clicked, result in malicious JavaScript...

The vulnerability of the XFA program visualization mechanism in Adobe Reader and Document Cloud, as well as the Adobe Acrobat programs for editing PDF files in Document Cloud, allows a perpetrator to execute arbitrary code.

The vulnerability of the XFA program visualization mechanism in Adobe Reader, Document Cloud, and Adobe Acrobat Document Cloud PDF file editing programs is related to the use of memory after it is released. Exploiting this vulnerability can allow a malicious actor to execute arbitrary code remote...

Liveforms < 3.4.0 - XSS

The Live Forms – Easy Drag and Drop Form Builder Plugin for WordPress WordPress plugin was affected by a XSS security vulnerability...

Adobe Acrobat/Reader Remote Code Execution Vulnerability (CNVD-2017-28434)

Adobe Reader is a PDF document reading software.Acrobat is a PDF document editing software. Adobe Acrobat Reader has a remote code execution vulnerability when using the XFA layout engine to generate content, which can be exploited by an attacker to execute arbitrary code...

CVE-2017-11223

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the core of the XFA engine. Successful exploitation could lead to arbitrary code execution...

CVE-2017-11229

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability when manipulating Forms Data Format FDF...

Security feature bypass

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability when manipulating Forms Data Format FDF...

CVE-2017-11229

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability when manipulating Forms Data Format FDF...

CVE-2017-11229

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability when manipulating Forms Data Format FDF...

CVE-2017-11229

Technical details for CVE-2017-11229 are not provided in the supplied connected documents; information about affected products, exploitability, or remediation is not available here. Monitor for updates.

Adobe Acrobat Pro DC Forms Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Wordpress Vospari Forms plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . wordpress Vospari Forms is one of the registration form plugin . form submission is one of the form submission...

CVE-2017-11736

SQL injection vulnerability in core\admin\auto-modules\forms\process.php in BigTree 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via the tags array parameter...

CVE-2017-11736

SQL injection vulnerability in core\admin\auto-modules\forms\process.php in BigTree 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via the tags array parameter...

CVE-2017-11736

SQL injection vulnerability in core\admin\auto-modules\forms\process.php in BigTree 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via the tags array parameter...

CVE-2017-9810

There are no Anti-CSRF tokens in any forms on the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 version 8.0.4.312. This would allow an attacker to submit authenticated requests when an authenticated user browses an attacker-controlled domain...

CVE-2017-1000033

Wordpress Plugin Vospari Forms version 1.4 is vulnerable to a reflected cross site scripting in the form submission resulting in javascript code execution in the context on the current user...

CVE-2017-1000033

Wordpress Plugin Vospari Forms version 1.4 is vulnerable to a reflected cross site scripting in the form submission resulting in javascript code execution in the context on the current user...

Cross site scripting

Wordpress Plugin Vospari Forms version 1.4 is vulnerable to a reflected cross site scripting in the form submission resulting in javascript code execution in the context on the current user...

[SECURITY] Fedora 25 Update: evince-3.22.1-5.fc25

Evince is simple multi-page document viewer. It can display and print Portable Document Format PDF, PostScript PS and Encapsulated PostScript EPS files. When supported by the document format, evince allows searching for text, copying text to the clipboard, hypertext navigation, table-of-contents...