CVE-2022-37350

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

CVE-2022-43649

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 12.0.2.12465. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

PDF-XChange Editor 缓冲区错误漏洞

Tracker Software PDF-XChange Editor is a suite of software for viewing and editing PDF-format files from Tracker Software, a Canadian company. A buffer error vulnerability exists in PDF-XChange Editor, which is caused by a buffer overflow problem in the handling of Collab objects...

CVE-2022-37350

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

PDF-XChange Editor 缓冲区错误漏洞

Tracker Software PDF-XChange Editor is a suite of software for viewing and editing documents in PDF format from Tracker Software, a Canadian company. A buffer error vulnerability exists in PDF-XChange Editor, which is caused by a buffer overflow problem in the handling of Doc objects...

CVE-2022-37385

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

UBUNTU-CVE-2023-0225

A flaw was found in Samba. An incomplete access check on dnsHostName allows authenticated but otherwise unprivileged users to delete this attribute from any object in the directory...

PDF-XChange Editor 缓冲区错误漏洞

Tracker Software PDF-XChange Editor is a suite of software for viewing and editing documents in PDF format from Tracker Software, a Canadian company. A buffer error vulnerability exists in PDF-XChange Editor, which is caused by a buffer overflow problem in the handling of Doc objects...

CVE-2022-37380

Foxit PDF Reader 11.2.1.53537 is affected by a vulnerability in the handling of ADBC objects that can be triggered by JavaScript actions, allowing read past the end of an allocated object. An attacker could leverage this with other vulnerabilities to execute arbitrary code in the context of the c...

CVE-2022-37380

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2022-37368

This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2022-47529

Insecure Win32 memory objects in Endpoint Windows Agents in RSA NetWitness Platform before 12.2 allow local and admin Windows user accounts to modify the endpoint agent service configuration: to either disable it completely or run user-supplied code or commands, thereby bypassing tamper-protectio...

CVE-2022-47529

Insecure Win32 memory objects in Endpoint Windows Agents in RSA NetWitness Platform before 12.2 allow local and admin Windows user accounts to modify the endpoint agent service configuration: to either disable it completely or run user-supplied code or commands, thereby bypassing tamper-protectio...

Code injection

Insecure Win32 memory objects in Endpoint Windows Agents in RSA NetWitness Platform before 12.2 allow local and admin Windows user accounts to modify the endpoint agent service configuration: to either disable it completely or run user-supplied code or commands, thereby bypassing tamper-protectio...

PT-2023-19521 · Unknown · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor version 9.3 Description: A potential memory issue due to insufficient input validation in PDFXEditCore.x64.dll may allow attackers to execute code when a user opens a crafted PDF file. The issue occurs when handling a large...

rubygem-uri -- ReDoS vulnerability

Dominic Couture reports: A ReDoS issue was discovered in the URI component. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects...

CVE-2022-47529

The CVE-2022-47529 issue affects RSA NetWitness Platform’s NetWitness Endpoint EDR Agent prior to version 12.2. It stems from insecure Win32 memory objects that let local or admin Windows users modify the endpoint agent service configuration, enabling actions such as disabling the service or exec...

XSS in Classification Store of Data Objects module in Settings

Description pimcore is vulnerable to XSS at Name field in Classification Store of Data Objects module in Settings. The vulnerability exists in all 3 tabs: Group Collections, Group, Key Definitions. Payload " Proof of Concept 1.Go to https://11.x-dev.pimcore.fun/admin/ and login. 2.In the left men...

XSS in Quantity Value of Data Objects module in Settings

Description pimcore is vulnerable to XSS at Abbreviation and Longname fields in Quantity Value of Data Objects module in Settings. Payload " Proof of Concept 1.Go to https://11.x-dev.pimcore.fun/admin/ and login. 2.In the left menu bar, go to Settings - Data Objects - Quantity Value. 3.In the...

XSS in Classes of Data Objects module in Settings

Description pimcore is vulnerable to XSS at fromDate and toDate fields in Classes of Data Objects module in Settings. Payload " Proof of Concept 1.Go to https://11.x-dev.pimcore.fun/admin/ and login. 2.In the left menu bar, go to Settings - Data Objects - Classes and click on any class. 3.In the...