PT-2023-25150 · Jjson · Jjson

Name of the Vulnerable Software and Affected Versions: jjson versions 0.1.7 and earlier Description: An issue in jjson allows attackers to cause a denial of service or other unspecified impacts via crafted objects that use cyclic dependencies or have deeply nested structures. Recommendations: For...

CVE-2023-35110

An issue was discovered jjson thru 0.1.7 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...

PT-2023-5498 · Pdf Xchange · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this, where the target must...

CVE-2023-34623

An issue was discovered jtidy thru r938 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies...

PT-2023-35871 · Unknown · Javaparser

Name of the Vulnerable Software and Affected Versions: JavaParser affected versions not specified Description: The issue is related to a security exception in the CommentsInserter.insertComments function. It involves the java.base/java.util.Objects.equals and com.github.javaparser.Position.equals...

PT-2023-24956 · Hjson · Hjson

Name of the Vulnerable Software and Affected Versions: hjson versions 3.0.0 and earlier Description: An issue in hjson allows attackers to cause a denial of service or other unspecified impacts via crafted objects that use cyclic dependencies or have deeply nested structures. Recommendations: For...

PT-2023-24954 · Genson · Genson

Name of the Vulnerable Software and Affected Versions: genson versions 1.6 and earlier Description: An issue allows attackers to cause a denial of service or other unspecified impacts via crafted objects that use cyclic dependencies or have deeply nested structures. Recommendations: For genson...

CVE-2023-27465

A vulnerability has been identified in SIMOTION C240 All versions = V5.4 = V5.4 = V5.4 = V5.4 = V5.4 = V5.4 = V5.4 = V5.4 = V5.4, SIMOTION D445-2 DP/PN All versions = V5.4 = V5.4 = V5.4, SIMOTION P320-4 S All versions = V5.4. When operated with Security Level Low the device does not protect acces...

PT-2023-16691 · WordPress · Intuitive Custom Post Order

Name of the Vulnerable Software and Affected Versions: Intuitive Custom Post Order plugin for WordPress versions up to, and including, 3.1.3 Description: The issue arises from insufficient escaping on the user-supplied objects and tags parameters and a lack of sufficient preparation in the update...

The vulnerability of the Fortinet FortiNAC network access control mechanism lies in improper restrictions on XML links to external objects. This allows attackers to gain unauthorized access to protected information or cause service failures.

The vulnerability of the Fortinet FortiNAC network access control mechanism is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information or cause service...

json-smart: Uncontrolled Resource Consumption vulnerability in json-smart (Resource Exhaustion)

A flaw was found in the json-smart package. This security flaw occurs when reaching a ‘‘ or ‘‘ character in the JSON input, and the code parses an array or an object, respectively. The 3PP does not have any limit to the nesting of such arrays or objects. Since nested arrays and objects are parsed...

IT threat evolution in Q1 2023. Non-mobile statistics

IT threat evolution in Q1 2023 IT threat evolution in Q1 2023. Non-mobile statistics IT threat evolution in Q1 2023. Mobile statistics These statistics are based on detection verdicts of Kaspersky products and services received from users who consented to providing statistical data. Quarterly...

PT-2023-5844 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this, where the target must visi...

PT-2023-5843 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this, where the target...

PT-2023-35856 · Git +1 · Libredwg

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A heap-buffer-overflow READ crash has been reported, involving functions such as json write TF, dwg json LTYPE, and json objects write. Recommendations: ...

CVE-2023-25731

Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affects Firefox 110...

CVE-2023-25731

Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affects Firefox 110...

CVE-2023-25731

Due to URL previews in the network panel of developer tools improperly storing URLs, query parameters could potentially be used to overwrite global objects in privileged code. This vulnerability affects Firefox 110...

CVE-2023-25731

CVE-2023-25731 affects Mozilla Firefox prior to 110, where URL previews in the network panel’s developer tools could allow query parameters to overwrite global objects in privileged code. The issue is confirmed by multiple sources stating Firefox

SUSE CVE-2023-33951

A race condition vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of GEM objects. The issue results from improper locking when performing operations on an object. This flaw allows a local privileged user to disclose information in the context o...