CVE-2023-42125 Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability

Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avast Premium Security. An attacker must first obtain the ability to execute low-privileged code on the target...

CVE-2023-42125

This CVE concerns Avast Premium Security. The vulnerability lies in the Sandbox feature implementation: an attacker who can run low-privilege code locally can abuse symbolic links to create arbitrary namespace objects, enabling privilege escalation to SYSTEM and arbitrary code execution. Affected...

CVE-2023-42098

CVE-2023-42098 : Foxit PDF Reader/Editor products are affected by a Use-After-Free in the handling of Annotation objects, caused by not validating the existence of an object before performing operations. This can lead to an information disclosure vulnerability and, in conjunction with other issue...

CVE-2023-42097 Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious...

CVE-2023-42097

CVE-2023-42097 (Foxit PDF Reader) is a Use-After-Free in the handling of Annotation objects that can lead to remote code execution. The flaw arises from not validating the existence of an object before operations, allowing an attacker to run code in the current process context. Exploitation requi...

CVE-2023-42095

CVE-2023-42095 describes a vulnerability in Foxit PDF Reader where the AcroForm handling of Annotation objects can read past the end of an allocated buffer, causing an information disclosure. The issue is triggered by processing unvalidated user-supplied data, and, per the description, an attacke...

CVE-2023-42095 Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability

Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2023-42094 Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious...

CVE-2023-42091 Foxit PDF Reader XFA Doc Object Use-After-Free Remote Code Execution Vulnerability

Foxit PDF Reader XFA Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2023-42090

CVE-2023-42090 is a Foxit PDF Reader XFA Doc Object Out‑Of‑Bounds Read Information Disclosure vulnerability. The NVD entry states that handling of Doc objects allows reading past the end of an allocated buffer, enabling disclosure of sensitive information. Exploitation requires user interaction (...

CVE-2023-42070

PDF-XChange Editor is affected by a Doc Object Out-Of-Bounds Read vulnerability. The issue stems from insufficient validation while handling Doc objects, enabling an attacker to read beyond allocated buffers and disclose sensitive information. User interaction is required (visiting a malicious pa...

CVE-2023-42070 PDF-XChange Editor Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability

PDF-XChange Editor Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-42042 PDF-XChange Editor App Object Out-Of-Bounds Read Remote Code Execution Vulnerability

PDF-XChange Editor App Object Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2023-40473 PDF-XChange Editor Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability

PDF-XChange Editor Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-40471 PDF-XChange Editor App Untrusted Pointer Dereference Remote Code Execution Vulnerability

PDF-XChange Editor App Untrusted Pointer Dereference Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit ...

CVE-2023-39480 Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability

Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of Softing Secure Integration Server. Although authentication is required to exploit this...

CVE-2023-39479

Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability (CVE-2023-39479) affects the OPC UA Gateway handling of FileDirectory OPC UA Objects. The flaw allows remote attackers, bypassing authentication, to create directories by accessing the filesystem, potentially enabli...

SUSE CVE-2024-26957

In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects Tests with hot-plugging crytpo cards on KVM guests with debug kernel build revealed an use after free for the load field of the struct zcryptcard. The reason was an...

CVE-2023-38117 Foxit PDF Reader AcroForm Doc Object Use-After-Free Remote Code Execution Vulnerability

Foxit PDF Reader AcroForm Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2023-38116 Foxit PDF Reader Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability

Foxit PDF Reader Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit...