The vulnerability of the IBM Sterling Partner Engagement Manager software lies in the improper limitation of XML links to external objects, which allows attackers to disclose protected information.

The vulnerability of the IBM Sterling Partner Engagement Manager software relates to incorrect restrictions on XML links to external objects. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose sensitive information...

GHSA-6VF6-G3PR-J83H pimcore is vulnerable to cross-site scripting via "title field " in data objects

Impact The vulnerability is capable of resulting in stolen user cookies. Proof of Concept Login with dev account https://11.x-dev.pimcore.fun/admin/?dc=1670962076&perspective= Go to setting -- data objects -- classes -- events Click media under genaral settings Add payload in title field. Go to...

pimcore is vulnerable to cross-site scripting via "title field " in data objects

Impact The vulnerability is capable of resulting in stolen user cookies. Proof of Concept Login with dev account https://11.x-dev.pimcore.fun/admin/?dc=1670962076&perspective= Go to setting -- data objects -- classes -- events Click media under genaral settings Add payload in title field. Go to...

PT-2023-2887 · Foxit · Foxit Pdf Reader +1

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader affected versions not specified Foxit PDF Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the...

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

CVE-2022-45927

An issue was discovered in OpenText Content Suite Platform 22.1 16.2.19.1803. The Java application server can be used to bypass the authentication of the QDS endpoints of the Content Server. These endpoints can be used to create objects and execute arbitrary code...

Foxit PDF Reader < 12.1 Vulnerability

According to its version, the Foxit PDF Reader application previously named Foxit Reader installed on the remote Windows host is prior to 12.1. It is, therefore affected by vulnerability: - This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF...

Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

CVE-2022-45927

An issue was discovered in OpenText Content Suite Platform 22.1 16.2.19.1803. The Java application server can be used to bypass the authentication of the QDS endpoints of the Content Server. These endpoints can be used to create objects and execute arbitrary code...

Foxit PDF Editor < 11.2.6 and < 12.1.2 Vulnerability

According to its version, the Foxit PDF Editor application previously named Foxit PhantomPDF installed on the remote Windows host, with versions prior to 11.2.6 and 12.1.2 are vulnerable: - This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF...

CVE-2018-14628

An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store...

ALPINE-CVE-2018-14628

An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store...

AZL-13064 CVE-2018-14628 affecting package samba 4.12.5-7

An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store...

DEBIAN-CVE-2018-14628

An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store...

UBUNTU-CVE-2018-14628

An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store...

Information disclosure

An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store...

GSD-2023-1000429 drm/i915/ttm: consider CCS for backup objects

drm/i915/ttm: consider CCS for backup objects This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.18 by commit...

CVE-2018-14628

An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store...

CVE-2018-14628

An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store...

CVE-2018-14628

An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store...