Unspecified Vulnerability in Foxit Reader and PhantomPDF (CNVD-2021-04405)

Foxit Reader and Foxit PhantomPDF are both Chinese Foxit Foxit company a PDF document reader. A security vulnerability exists in Foxit Reader and PhantomPDF, which can be exploited by attackers to spoof authenticated PDF documents via a malicious annotation attack, as the product does not take in...

CVE-2020-35931

An issue was discovered in Foxit Reader before 10.1.1 and before 4.1.1 on macOS and PhantomPDF before 9.7.5 and 10.x before 10.1.1 and before 4.1.1 on macOS. An attacker can spoof a certified PDF document via an Evil Annotation Attack because the products fail to consider a null value for a Subty...

Foxit Reader和Foxit PhantomPDF 代码问题漏洞

Foxit Reader and Foxit PhantomPDF are both Chinese Foxit Foxit company a PDF document reader. A security vulnerability exists in Foxit Reader and PhantomPDF, which can be exploited by attackers to spoof authenticated PDF documents via a malicious annotation attack, as the product does not take in...

h1-ctf: Invading Grinch Network and Saving Christmas

How we saved Christmas As usual with H1 CTF challenges we are provided with a target URL. In our case it is the following: https://hackyholidays.h1ctf.com/ We started by visiting the URL and see what is going on. All we could see is a page with an image with a warning message. F1125722 We quickly...

Digital Error Vulnerability in Multiple Qualcomm Products

A Qualcomm chip is a chip from Qualcomm Incorporated USA. It is a way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc. and is often fabricated on the surface of semiconductor wafers. A numeric error vulnerability exists in several Qualcomm products, which...

Pyre-Check - Performant Type-Checking For Python

Pyre is a performant type checker for Python compliant with PEP 484. Pyre can analyze codebases with millions of lines of code incrementally – providing instantaneous feedback to developers as they write code. Pyre ships with Pysa , a security focused static analysis tool we've built on top of Py...

[SECURITY] Fedora 30 Update: timeshift-20.03-1.fc30

Timeshift for Linux is an application that provides functionality similar to the System Restore feature in Windows and the Time Machine tool in Mac OS. Timeshift protects your system by taking incremental snapshots of the file system at regular intervals. These snapshots can be restored at a late...

[SECURITY] Fedora 31 Update: timeshift-20.03-1.fc31

Timeshift for Linux is an application that provides functionality similar to the System Restore feature in Windows and the Time Machine tool in Mac OS. Timeshift protects your system by taking incremental snapshots of the file system at regular intervals. These snapshots can be restored at a late...

Fedora: Security Advisory for timeshift (FEDORA-2020-6b3ae09449)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 32 Update: timeshift-20.03-1.fc32

Timeshift for Linux is an application that provides functionality similar to the System Restore feature in Windows and the Time Machine tool in Mac OS. Timeshift protects your system by taking incremental snapshots of the file system at regular intervals. These snapshots can be restored at a late...

Cumulative Update 10 for Microsoft Dynamics 365 Business Central April'19 on-premises (Application Build 14.11.41204, Platform Build 14.0.41143)

None None...

Acunetix v13 - Web Application Security Scanner

Acunetix, the pioneer in automated web application security software, has announced the release of Acunetix Version 13. The new release comes with an improved user interface and introduces innovations such as the SmartScan engine, malware detection functionality, comprehensive network scanning,...

PHPStan - PHP Static Analysis Tool (Discover Bugs In Your Code Without Running It!)

PHPStan focuses on finding errors in your code without actually running it. It catches whole classes of bugs even before you write tests for the code. It moves PHP closer to compiled languages in the sense that the correctness of each line of the code can be checked before you run the actual line...

cPanel Authorization Issues Vulnerability (CNVD-2019-29606)

cPanel is a set of Web-based automated colocation platforms from the American company cPanel. The platform is primarily used to automate the management of websites and servers. The security vulnerability in cPanel versions prior to 68.0.15 stems from the program assigning weak privileges for...

CVE-2017-18390

cPanel before 68.0.15 allows code execution in the context of the root account because of weak permissions on incremental backups SEC-322...

Code injection

cPanel before 68.0.15 allows code execution in the context of the root account because of weak permissions on incremental backups SEC-322...

CVE-2017-18390

CVE-2017-18390 affects cPanel prior to 68.0.15. It enables code execution in the root context due to weak permissions on incremental backups (SEC-322). The vulnerability is documented as high-severity with local access requirements. Remediation: upgrade to 68.0.15 or later. Exploitation details a...

CVE-2017-18390

cPanel before 68.0.15 allows code execution in the context of the root account because of weak permissions on incremental backups SEC-322...

CVE-2018-20909

cPanel before 70.0.23 allows arbitrary file-chmod operations during legacy incremental backups SEC-338...

CVE-2018-20909

CVE-2018-20909 affects cPanel prior to 70.0.23, where arbitrary file-chmod operations can occur during legacy incremental backups (SEC-338). Multiple sources (NVD, Red Hat advisory, CNVD) confirm the issue and link it to cPanel’s backup handling. The vulnerability arises in the backup process, en...