Security Bulletin: IBM Watson Query on IBM Cloud does not govern all of the columns of a published object

Summary IBM Watson Query on IBM Cloud integrates with IBM Knowledge Catalog IKC - formerly Watson Knowledge Catalog WKC - to enforce data protection rules on governed objects. When you publish objects from Watson Query to catalogs or projects, only the first 100 columns are registered in the...

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing software lies in the possibility of an operation going beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of PDF-XChange Editor’s PDF document viewing and editing functionality lies in the issue of operations going beyond the buffer in memory when processing Doc objects. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

firefox: thunderbird: Potential memory corruption may occur when cloning certain objects

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: It is currently unknown if this issue is exploitable, but a condition may arise where the structured clone of certain objects could lead to memory corruption...

firefox: thunderbird: Potential memory corruption may occur when cloning certain objects

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: It is currently unknown if this issue is exploitable, but a condition may arise where the structured clone of certain objects could lead to memory corruption...

Threat landscape for industrial automation systems, Q2 2024

Statistics across all threats In the second quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 0.9 pp from the previous quarter to 23.5%. The percentage has decreased by 3.3 pp compared to the second quarter of 2023, when the indicator reached it...

Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

CVE-2022-2439

The Easy Digital Downloads – Simple eCommerce for Selling Digital Files plugin for WordPress is vulnerable to deserialization of untrusted input via the 'uploadfile' parameter in versions up to, and including 3.3.3. This makes it possible for authenticated administrative users to call files using...

CVE-2022-2439

CVE-2022-2439 (Easy Digital Downloads) details : WordPress plugin Easy Digital Downloads – Simple eCommerce for Selling Digital Files (

The vulnerability of the PDO::quote function in the ext/pdo_sqlite/sqlite_driver.c component of the PHP programming language is related to integer overflow. This vulnerability allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the PDO::quote function in the ext/pdosqlite/sqlitedriver.c component of the PHP programming language is related to integer overflow. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures...

Ubuntu: Security Advisory (USN-6968-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

mozilla: Garbage collection could mis-color cross-compartment objects in OOM conditions

The Mozilla Foundation's Security Advisory: The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption...

mozilla: Garbage collection could mis-color cross-compartment objects in OOM conditions

The Mozilla Foundation's Security Advisory: The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption...

CVE-2024-46740 binder: fix UAF caused by offsets overwrite

In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF caused by offsets overwrite Binder objects are processed and copied individually into the target buffer during transactions. Any raw data in-between these objects is copied as well. However, this raw data copy lac...

VulnCheck KEV: CVE-2020-4450

IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects. IBM X-Force ID: 181231...

mozilla: Garbage collection could mis-color cross-compartment objects in OOM conditions

The Mozilla Foundation's Security Advisory: The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption...

mozilla: Garbage collection could mis-color cross-compartment objects in OOM conditions

The Mozilla Foundation's Security Advisory: The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption...

RLSA-2024:6684 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: 115.15/128.2 mozilla: Type confusion when looking up a property name in a "with" block CVE-2024-8381 mozilla: Internal event interfaces were exposed to web content when browser EventHandler listener...

PT-2025-4089 · Pdf Xchange · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability, as the...

mozilla: Garbage collection could mis-color cross-compartment objects in OOM conditions

The Mozilla Foundation's Security Advisory: The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption...