CVE-2026-45613 Rizin: Heap-buffer-overflow in OMF parser

Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a heap-buffer-overflow in librz/bin/format/omf/omf.c. This vulnerability is fixed by commit e6d0937c8a083e23ed76ccfb9f631cdc50c7af47...

PT-2026-44976

Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a heap-buffer-overflow in librz/bin/format/omf/omf.c. This vulnerability is fixed by commit e6d0937c8a083e23ed76ccfb9f631cdc50c7af47...

EUVD-2022-45201

Malicious code in bioql PyPI...

EUVD-2023-1490

Malicious code in bioql PyPI...

CVE-2023-33946

The Object module in Liferay Portal 7.4.3.4 through 7.4.3.48, and Liferay DXP 7.4 before update 49 does properly isolate objects in difference virtual instances, which allows remote authenticated users in one virtual instance to view objects in a different virtual instance via OAuth 2 scope...

Tracker Software PDF-XChange Editor 缓冲区错误漏洞

Tracker Software PDF-XChange Editor is a suite of software for viewing and editing PDF format files from Tracker Software, a Canadian company. A buffer error vulnerability exists in Tracker Software PDF-XChange Editor, which stems from the Doc Object module containing an out-of-bounds read issue...

Foxit PDF Reader and Editor Memory Misreference Vulnerability

Foxit PDF Reader is a PDF reader from China Foxit Foxit.Foxit PDF Editor is a PDF editor from China Foxit Foxit. Foxit PDF Reader and Editor has a memory misreference vulnerability, the vulnerability stems from the Doc Object module is responsible for freeing the memory of the instructions of the...

Foxit PDF Reader 安全漏洞

Foxit PDF Reader is a PDF reader from the Chinese company Foxit. A security vulnerability exists in Foxit PDF Reader, which originates from a post-release reuse issue in the Doc Object module. A remote attacker can exploit this vulnerability to execute arbitrary code...

Foxit PDF Reader 安全漏洞

Foxit PDF Reader is a PDF reader from China Foxit Foxit.Foxit PDF Editor is a PDF editor from China Foxit Foxit. Foxit PDF Reader and Editor has a memory misreference vulnerability, the vulnerability stems from the Doc Object module is responsible for freeing the memory of the instructions of the...

BIT-LIFERAY-2023-33946

The Object module in Liferay Portal 7.4.3.4 through 7.4.3.48, and Liferay DXP 7.4 before update 49 does properly isolate objects in difference virtual instances, which allows remote authenticated users in one virtual instance to view objects in a different virtual instance via OAuth 2 scope...

BIT-LIFERAY-2023-33947

The Object module in Liferay Portal 7.4.3.4 through 7.4.3.60, and Liferay DXP 7.4 before update 61 does not segment object definition by virtual instance in search which allows remote authenticated users in one virtual instance to view object definition from a second virtual instance by searching...

Information Disclosure

com.liferay.portal:com.liferay.portal.kernel is vulnerable to Information Disclosure. A remote authorized attacker is able to view the object definition from a second virtual instance because the Object module does not segment object definition by virtual instance in search, resulting in the...

Liferay Portal 7.4.3.4 < 7.4.3.61 Authentication Bypass

The version of Liferay Portal installed on the remote host is 7.4.3.4 = 7.4.3.60. It is, therefore, affected by an authentication bypass vulnerability due to the Object module not segmenting object definition by virtual instance in search. In turn, this allows remote authenticated users in one...

Liferay Portal 7.4.3.4 < 7.4.3.49 Authentication Bypass

The Object module in Liferay Portal and Liferay DXP does properly isolate objects in difference virtual instances, which allows remote authenticated users in one virtual instance to view objects in a different virtual instance via OAuth 2 scope administration page. Note that Nessus has not tested...

Liferay portal has unauthorized access to object definition via search

The Object module in Liferay Portal 7.4.3.4 through 7.4.3.60, and Liferay DXP 7.4 before update 61 does not segment object definition by virtual instance in search which allows remote authenticated users in one virtual instance to view object definition from a second virtual instance by searching...

Liferay portal unauthorized access to objects via OAuth 2 scope

The Object module in Liferay Portal 7.4.3.4 through 7.4.3.48, and Liferay DXP 7.4 before update 49 does properly isolate objects in difference virtual instances, which allows remote authenticated users in one virtual instance to view objects in a different virtual instance via OAuth 2 scope...

CVE-2023-33946

The Object module in Liferay Portal 7.4.3.4 through 7.4.3.48, and Liferay DXP 7.4 before update 49 does properly isolate objects in difference virtual instances, which allows remote authenticated users in one virtual instance to view objects in a different virtual instance via OAuth 2 scope...

CVE-2023-33946

The Object module in Liferay Portal 7.4.3.4 through 7.4.3.48, and Liferay DXP 7.4 before update 49 does properly isolate objects in difference virtual instances, which allows remote authenticated users in one virtual instance to view objects in a different virtual instance via OAuth 2 scope...

CVE-2023-33947

The Object module in Liferay Portal 7.4.3.4 through 7.4.3.60, and Liferay DXP 7.4 before update 61 does not segment object definition by virtual instance in search which allows remote authenticated users in one virtual instance to view object definition from a second virtual instance by searching...

Design/Logic Flaw

The Object module in Liferay Portal 7.4.3.4 through 7.4.3.48, and Liferay DXP 7.4 before update 49 does properly isolate objects in difference virtual instances, which allows remote authenticated users in one virtual instance to view objects in a different virtual instance via OAuth 2 scope...