Foxit Reader TextBox Validate Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

Foxit Reader templates Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Foxit Reader Annotation subject Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

PyOpenSSL Use-After-Free vulnerability

It was discovered that pyOpenSSL incorrectly handled memory when handling X509 objects. A remote attacker could use this issue to cause pyOpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. This attack appears to be exploitable via Depends on the calling...

GHSA-P28M-34F6-967Q PyOpenSSL Use-After-Free vulnerability

It was discovered that pyOpenSSL incorrectly handled memory when handling X509 objects. A remote attacker could use this issue to cause pyOpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. This attack appears to be exploitable via Depends on the calling...

CVE-2018-8333

An Elevation of Privilege vulnerability exists in Filter Manager when it improperly handles objects in memory, aka "Microsoft Filter Manager Elevation Of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows...

CVE-2018-8497

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers...

CVE-2018-8506

An Information Disclosure vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka "Microsoft Windows Codecs Library Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10, Windows Server 2019...

Microsoft Excel Remote Code Execution Vulnerability (CNVD-2019-00635)

Microsoft Excel is a spreadsheet processing software in the Office suite of the American Microsoft Microsoft company. A remote code execution vulnerability exists in Microsoft Excel due to the software's failure to properly handle objects in Protected View. A remote attacker could exploit the...

SAP BusinessObjects Web Intelligence Cross-Site Scripting Vulnerability (CNVD-2019-08548)

SAP BusinessObjects Business Intelligence Platform is a suite of business intelligence software and enterprise performance solutions from SAP. The product has report generation, analysis, data visualization and other functions. A cross-site scripting vulnerability exists in SAP BusinessObjects...

Microsoft Windows Graphics Component Information Disclosure Vulnerability (CNVD-2018-20734)

Microsoft Windows Server 2008 SP2 and others are products of Microsoft Corporation.Microsoft Windows Server 2008 SP2 is a set of operating systems used by servers.PowerPoint Viewer 2007 is a presentation handling program. Graphics Components is one of the graphics components. An information...

Foxit PDF Reader JavaScript Engine Remote Code Execution Vulnerability (CNVD-2018-20711)

Foxit PDF Reader is China's Foxit Foxit Software Corporation of a PDF document reader. JavaScript engine is one of the JavaScript scripting engine. A remote code execution vulnerability exists in the this.dataObjects object of the JavaScript engine in Foxit PDF Reader. A remote attacker can explo...

CVE-2018-2467

In the Software Development Kit in SAP BusinessObjects BI Platform Servers, versions 4.1 and 4.2, using the specially crafted URL in a Web Browser such as Chrome the system returns an error with the path of the used application server...

Microsoft Windows Codecs Library Information Disclosure Vulnerability

An Information Disclosure vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. Exploitation of the vulnerability requires that a...

Foxit Reader for Windows Memory Misreference Vulnerability (CNVD-2018-20655)

Foxit Reader for Windows is China's Foxit Foxit Software Corporation, a Windows-based platform for PDF document reader. A memory misreference vulnerability exists in the handling of Link objects in Foxit Reader 9.2.0.9297 and earlier versions for Windows platforms, where the program fails to dete...

CVE-2018-17781

Foxit PhantomPDF and Reader before 9.3 allow remote attackers to trigger Uninitialized Object Information Disclosure because creation of ArrayBuffer and DataView objects is mishandled...

CVE-2018-17607

Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service use-after-free because properties of Annotation objects are mishandled. This relates to one of five distinct types of Annotation objects...

CVE-2018-17611

Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service use-after-free because properties of Annotation objects are mishandled. This relates to one of five distinct types of Annotation objects...

CVE-2018-17610

Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service use-after-free because properties of Annotation objects are mishandled. This relates to one of five distinct types of Annotation objects...

CVE-2018-17609

Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service use-after-free because properties of Annotation objects are mishandled. This relates to one of five distinct types of Annotation objects...