CVE-2026-3779

The CVE-2026-3779 entry concerns Foxit Reader/Foxit PDF Editor: a use-after-free in the list box calculate array logic, where stale references to page/form objects after deletion/re-creation can be triggered by specially crafted PDFs, potentially enabling arbitrary code execution. Cisco Talos att...

Improper Authorization

Overview Affected versions of this package are vulnerable to Improper Authorization through the APIExport VirtualWorkspace. An attacker can create and delete objects in arbitrary target workspaces without the necessary permissions by exploiting this vulnerability. Workaround This vulnerability ca...

The vulnerability of the `set` function in the `property-expr` library of the Afroa Application Software Center, related to uncontrolled changes to prototype attributes of objects, allows attackers to execute a “prototype pollution” attack.

The vulnerability of the Aurora Application Library is related to uncontrolled changes to object prototypes’ attributes. Exploiting this vulnerability allows a remote attacker to execute an “infection of the prototype” attack...

PT-2010-2245 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue arises from the Windows kernel-mode drivers not properly validating changes in certain kernel objects, allowing local users to execute arbitrary code. This could...