20 matches found
CVE-2026-33638
Ech0 is an open-source, self-hosted publishing platform for personal idea sharing. Prior to version 4.2.0, GET /api/allusers is mounted as a public endpoint and returns user records without authentication. This allows remote unauthenticated user enumeration and exposure of user profile metadata. ...
SUSE CVE-2026-33638
Ech0 is an open-source, self-hosted publishing platform for personal idea sharing. Prior to version 4.2.0, GET /api/allusers is mounted as a public endpoint and returns user records without authentication. This allows remote unauthenticated user enumeration and exposure of user profile metadata. ...
CVE-2026-33638
Ech0 is an open-source, self-hosted publishing platform for personal idea sharing. Prior to version 4.2.0, GET /api/allusers is mounted as a public endpoint and returns user records without authentication. This allows remote unauthenticated user enumeration and exposure of user profile metadata. ...
CVE-2026-33638 Ech0 authenticated user-list exposed data via public `/api/allusers` endpoint
Ech0 is an open-source, self-hosted publishing platform for personal idea sharing. Prior to version 4.2.0, GET /api/allusers is mounted as a public endpoint and returns user records without authentication. This allows remote unauthenticated user enumeration and exposure of user profile metadata. ...
CVE-2026-33638 Ech0 authenticated user-list exposed data via public `/api/allusers` endpoint
Ech0 is an open-source, self-hosted publishing platform for personal idea sharing. Prior to version 4.2.0, GET /api/allusers is mounted as a public endpoint and returns user records without authentication. This allows remote unauthenticated user enumeration and exposure of user profile metadata. ...
Adobe Acrobat < 11.0.19 / 15.006.30279 / 15.023.20053 Multiple Vulnerabilities (APSB17-01) (macOS)
The version of Adobe Acrobat installed on the remote macOS host is a version prior to 11.0.19, 15.006.30279, or 15.023.20053. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an...
SUSE CVE-2017-3083
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the Primetime SDK functionality related to the profile metadata of the media stream. Successful exploitation could lead to arbitrary code execution...
CVE-2017-3083
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the Primetime SDK functionality related to the profile metadata of the media stream. Successful exploitation could lead to arbitrary code execution...
CVE-2017-3083
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the Primetime SDK functionality related to the profile metadata of the media stream. Successful exploitation could lead to arbitrary code execution...
Design/Logic Flaw
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the Primetime SDK functionality related to the profile metadata of the media stream. Successful exploitation could lead to arbitrary code execution...
UBUNTU-CVE-2017-3083
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the Primetime SDK functionality related to the profile metadata of the media stream. Successful exploitation could lead to arbitrary code execution...
CVE-2017-3083
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the Primetime SDK functionality related to the profile metadata of the media stream. Successful exploitation could lead to arbitrary code execution...
CVE-2017-3083
Adobe Flash Player versions 25.0.0.171 and earlier have an exploitable use after free vulnerability in the Primetime SDK functionality related to the profile metadata of the media stream. Successful exploitation could lead to arbitrary code execution...
The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, allow attackers to execute arbitrary code.
The vulnerability in the image processing core of PDF viewer software such as Adobe Reader and Document Cloud, as well as PDF editing software like Adobe Acrobat Document Cloud and Adobe Acrobat, arises due to an operation that goes beyond the buffer in memory. Exploiting this vulnerability allow...
Adobe Acrobat < 11.0.19 / 15.006.30279 / 15.023.20053 Multiple Vulnerabilities (APSB17-01)
The version of Adobe Acrobat installed on the remote Windows host is a version prior to 11.0.19, 15.006.30279, or 15.023.20053. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an...
Adobe Reader < 15.006.30279 / 15.023.20053 Multiple Vulnerabilities (APSB17-01)
The version of Adobe Reader installed on the remote Windows host is a version prior to 15.006.30279 or 15.023.20053. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable...
CVE-2017-2959
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to parsing of color profile metadata. Successful exploitation could lead to arbitrary code execution...
Heap overflow
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to parsing of color profile metadata. Successful exploitation could lead to arbitrary code execution...
CVE-2017-2959
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to parsing of color profile metadata. Successful exploitation could lead to arbitrary code execution...
CVE-2017-2959
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine, related to parsing of color profile metadata. Successful exploitation could lead to arbitrary code execution...