The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, and Adobe Acrobat 2020/Adobe Acrobat Reader 2020 involve an exploit where operations are performed outside the buffer in memory, allowing attackers to execute arbitrary code.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Acrobat Reader 2020 are related to the execution of operations beyond the buffer in memory. Exploiting these vulnerabilities can allow attacke...

OPENSUSE-SU-2024:13536-1 deepin-reader-5.10.23-2.1 on GA media

These are all security issues fixed in the deepin-reader-5.10.23-2.1 package on the GA media of openSUSE Tumbleweed...

PT-2024-6699 · Foxit · Foxit Pdf Reader

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader affected versions not specified Description: The issue is related to a buffer overflow operation in the memory of Foxit PDF Reader, which can be exploited by opening a specially crafted PDF file. This allows remote attackers ...

CLSA-2024-1718029281 libxml2: Fix of CVE-2024-25062

CVE-2024-25062: Fix use-after-free issue in XML Reader interface...

fprintd Security Vulnerabilities

fprintd is a D-Bus service access fingerprint reader open-sourced by libfprint. A security vulnerability exists in fprintd version 1.94.3 and earlier versions, which stems from the lack of a security attention mechanism...

Fedora: Security Advisory for rust-bitvec_helpers (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AZL-79044 CVE-2024-24789 affecting package golang 1.25.7-1

The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects...

libxml2: use-after-free in XMLReader

A use-after-free flaw was found in libxml2. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free...

SUSE CVE-2024-24789

The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-1791)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP11 : libxml2 (EulerOS-SA-2024-1791)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude...

EulerOS 2.0 SP11 : libxml2 (EulerOS-SA-2024-1803)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-1803)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-37017

asdcplib aka AS-DCP Lib 2.13.1 has a heap-based buffer over-read in ASDCP::TimedText::MXFReader::hReader::MDtoTimedTextTDesc in ASDCPTimedText.cpp in libasdcp.so...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-1744)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-1767)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP12 : libxml2 (EulerOS-SA-2024-1744)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude...

PT-2024-40786 · Git +1 · Libaom

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A crash occurred due to a segmentation fault on an unknown address. The crash state indicates the involvement of functions such as od ec dec init, aom...

EulerOS 2.0 SP12 : libxml2 (EulerOS-SA-2024-1767)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude...

PT-2024-27245 · Asdcplib · Asdcplib

Name of the Vulnerable Software and Affected Versions: asdcplib versions 2.13.1 Description: The issue is a heap-based buffer over-read in the ASDCP::TimedText::MXFReader::h Reader::MD to TimedText TDesc function, located in AS DCP TimedText.cpp within the libasdcp.so library. Recommendations: Fo...