Lucene search
K

31714 matches found

Zero Day Initiative
Zero Day Initiative
added 2024/09/26 12:0 a.m.8 views

Foxit PDF Reader AcroForm Use-After-Free Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

3.3CVSS6AI score0.00448EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/09/26 12:0 a.m.13 views

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS6.7AI score0.0062EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/09/26 12:0 a.m.8 views

Foxit PDF Reader Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

7.8CVSS6.8AI score0.0043EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/09/26 12:0 a.m.4 views

Foxit PDF Reader 安全漏洞

Foxit PDF Reader is a PDF reader from the Chinese company Foxit Foxit. A security vulnerability exists in Foxit PDF Reader version v.2024.2.2.25170, which originates from a vulnerability that allows local attackers to execute arbitrary code via the FoxitPDFReaderUpdater.exe component...

8.4CVSS7.6AI score0.00163EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/09/26 12:0 a.m.24 views

Foxit PDF Reader for Mac < 2024.3 Multiple Vulnerabilities

According to its version, the Foxit PDF Reader for Mac application previously named Foxit Reader for Mac installed on the remote macOS host is prior to 2024.3. It is, therefore affected by multiple vulnerabilities: - Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Th...

8.8CVSS7.9AI score0.0193EPSS
Exploits1References5
CVE
CVE
added 2024/09/26 12:0 a.m.59 views

CVE-2024-41605

CVE-2024-41605 affects Foxit PDF Reader before 2024.3 and Foxit PDF Editor before 2024.3, and 13.x before 13.1.4. The issue is that the updater lacks integrity validation, allowing an attacker to replace an update file with a Trojan horse and execute attacker-controlled code via side loading. Thi...

8.4CVSS8.4AI score0.00163EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/09/24 3:5 a.m.5 views

kernel: ring-buffer: Fix a race between readers and resize checks

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix a race between readers and resize checks The reader code in rbgetreaderpage swaps a new reader page into the ring buffer by doing cmpxchg on old-list.prev-next to point it to the new page. Following that, if the...

4.7CVSS6.9AI score0.00175EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/09/24 12:0 a.m.26 views

EulerOS 2.0 SP8 : libxml2 (EulerOS-SA-2024-2478)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude...

7.5CVSS6.9AI score0.01375EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2024/09/24 12:0 a.m.25 views

Foxit PDF Reader < 2024.2.3 Multiple Vulnerabilities

According to its version, the Foxit PDF Reader application previously named Foxit PhantomPDF installed on the remote Windows host is prior to 2024.2.3. It is, therefore affected by multiple vulnerabilities: - Foxit PDF Reader Doc Object Use-After-Free Information Disclosure Vulnerability. This...

8.8CVSS6AI score0.00734EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/09/23 12:0 a.m.4 views

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020, particularly those related to memory usage after it is freed, allow attackers to execute arbitrary code.

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute...

7.8CVSS6AI score0.02315EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2024/09/20 7:0 a.m.3 views

An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.

...

7.5CVSS6.7AI score0.01375EPSS
Exploits3
Talos Blog
Talos Blog
added 2024/09/19 6:0 p.m.30 views

Talk of election security is good, but we still need more money to solve the problem

Last week, six Secretaries of State testified to U.S. Congress about the current state of election security ahead of November's Presidential election. Some of the same topics came up as usual -- disinformation campaigns, influence from foreign actors, and the physical protection of poll workers o...

7.5CVSS8.9AI score0.04469EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/09/18 9:32 a.m.28 views

North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware

A North Korea-linked cyber-espionage group has been observed leveraging job-themed phishing lures to target prospective victims in energy and aerospace verticals and infect them with a previously undocumented backdoor dubbed MISTPEN. The activity cluster is being tracked by Google-owned Mandiant...

7.3AI score
Exploits0
OpenVAS
OpenVAS
added 2024/09/17 12:0 a.m.9 views

Adobe Reader Classic 2020 Security Update (APSB24-70) - Mac OS X

Adobe Acrobat Reader Classic 2020 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.8CVSS7.7AI score0.02315EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/09/17 12:0 a.m.9 views

Adobe Reader Classic 2020 Security Update (APSB24-70) - Windows

Adobe Acrobat Reader Classic 2020 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.8CVSS7.7AI score0.02315EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/09/17 12:0 a.m.9 views

Adobe Acrobat Reader DC Continuous Security Update (APSB24-70) - Windows

Adobe Acrobat Reader DC Continuous is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.8CVSS7.7AI score0.02315EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/09/17 12:0 a.m.11 views

Adobe Acrobat Reader DC Continuous Security Update (APSB24-70) - Mac OS X

Adobe Acrobat Reader DC Continuous is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.8CVSS7.7AI score0.02315EPSS
Exploits0References1
NVD
NVD
added 2024/09/16 7:15 a.m.24 views

CVE-2024-1578

The MiCard PLUS Ci and MiCard PLUS BLE reader products developed by rf IDEAS and rebranded by NT-ware have a firmware fault that may result in characters randomly being dropped from some ID card reads, which would result in the wrong ID card number being assigned during ID card self-registration...

5.3CVSS0.00204EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/09/16 6:59 a.m.30 views

CVE-2024-1578 Multiple MiCard PLUS card reader dropped characters

The MiCard PLUS Ci and MiCard PLUS BLE reader products developed by rf IDEAS and rebranded by NT-ware have a firmware fault that may result in characters randomly being dropped from some ID card reads, which would result in the wrong ID card number being assigned during ID card self-registration...

5.3CVSS0.00204EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/09/16 6:59 a.m.18 views

CVE-2024-1578 Multiple MiCard PLUS card reader dropped characters

The MiCard PLUS Ci and MiCard PLUS BLE reader products developed by rf IDEAS and rebranded by NT-ware have a firmware fault that may result in characters randomly being dropped from some ID card reads, which would result in the wrong ID card number being assigned during ID card self-registration...

5.3CVSS7.1AI score0.00204EPSS
Exploits0References2
Rows per page
Query Builder