10 matches found
CVE-2026-56423
Summary: CVE-2026-56423 affects MISP Core where bulk deletion (Event Reports and Sharing Groups) used broad role permissions instead of per-object authorization checks, enabling instance-wide deletions by eligible users. What was vulnerable: EventReportsController::deleteSelection relied on the g...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990260)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990260 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Whitelist dtl slub object for copying to userspace Reading the dispatch trace lo...
CVE-2021-47657
In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Ensure that objs is not NULL in virtiogpuarrayputfree If virtiogpuobjectshmeminit fails e.g. due to fault injection, as it happened in the bug report by syzbot, virtiogpuarrayputfree could be called with objs equal to...
Invalid Memory Access
firefox is vulnerable of Invalid Memory Access. The vulnerability due to incorrect object was checked for NULL in the built-in profiler which potentially leads to invalid memory access and undefined behavior...
SUSE CVE-2014-1524
The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of...
Bentley Systems MicroStation 资源管理错误漏洞
Bentley MicroStation CONNECT is a Cad software platform for 2D and 3D design and drafting from Bentley Systems, Inc. A remote code execution vulnerability exists in Bentley MicroStation CONNECT 10.16.0.80 when parsing JT files, which stems from The program does not verify the existence of an obje...
Bentley Systems MicroStation 资源管理错误漏洞
Bentley MicroStation CONNECT is a Cad software platform for 2D and 3D design and drafting from Bentley Systems, Inc. A remote code execution vulnerability exists in Bentley MicroStation CONNECT 10.16.0.80 when parsing PDF files, which stems from failure to verify the existence of an object before...
CVE-2021-46347
There is an Assertion 'ecmaobjectcheckclassnameisobject objp' failed at /jerry-core/ecma/operations/ecma-objects.c in JerryScript 3.0.0...
Foxit Reader and Foxit PhantomPDF for Windows Information Disclosure Vulnerability (CNVD-2019-13809)
Foxit Reader and Foxit PhantomPDF are both Chinese Foxit Foxit company a PDF document reader. A security vulnerability exists in the parsing of HTML files in Foxit Reader 9.4.1.16828 and earlier, Foxit PhantomPDF 8.3.9.41099 and earlier, and Foxit PhantomPDF 9.4.1.16828 and earlier on Windows...
CVE-2018-17694
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...