7696 matches found
PT-2019-3556
Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description The issue is related to errors in handling memory objects, which can be exploited by a remote attacker to cause a denial of service. This may allow an attacker to affect the system...
CVE-2009-0368
OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a 1 low level APDU command or 2 debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program...
CVE-2019-13327
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2019-13326
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2019-13328
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2019-13327
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2019-13327
CVE-2019-13327 affects Foxit Reader 9.5.0.20723. The issue is a use-after-free-like flaw in AcroForm field processing, arising from failing to validate the existence of an object before operations, enabling arbitrary code execution in the current process when a user opens a malicious file/page. E...
CVE-2019-13328
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2019-13326
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Ruby: Variant of CVE-2013-0269 (Denial of Service and Unsafe Object Creation Vulnerability in JSON)
During my recent keyword argument separation work on rbscanargs in the master branch, I discovered what I now think is a vulnerability. While the CVE-2013-0269 change fixed most usage of JSON.parse, it ended up not fixing KernelJSON. The reason behind this is that internally, in...
Arbitrary Code Execution
codehaus is vulnerable to arbitrary code execution. An incomplete fix for unsafe deserialization in jackson-databind allows an attacker to inject malicious objects and execute arbitrary code...
Foxit Reader AcroForm Field Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...
Foxit Reader AcroForm Field Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...
PT-2019-13262 · Foxit · Foxit Reader
Name of the Vulnerable Software and Affected Versions: Foxit Reader version 9.5.0.20723 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The fla...
Microsoft Edge Information Disclosure Vulnerability (CNVD-2019-42791)
Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. An information disclosure vulnerability exists in Microsoft Edge EdgeHTML-based, which arises from the program's failure to properly handle memory objects. An attacker could exploit the...
Microsoft DirectX Information Disclosure Vulnerability (CNVD-2019-31843)
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. DirectX is one of the multimedia system libraries. An information disclosure vulnerability...
Microsoft Windows and Microsoft Windows Server Privilege Mobilization Vulnerability (CNVD-2019-31847)
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. An elevation of privilege vulnerability exists in the way ws2ifsl.sys Winsock handles memo...