ONLYOFFICE Docs 跨站脚本漏洞

ONLYOFFICE Docs is an online office software from ONLYOFFICE, Inc. A cross-site scripting vulnerability exists in versions of ONLYOFFICE Docs prior to 9.2.1, which stems from improper handling of the Font field in the Multi-Level List Settings window, which could lead to a cross-site scripting...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from powerpcpseriesiommu not properly canceling the settings window...

Adobe Shockwave Player Use-After-Free Vulnerability

Adobe Shockwave Player is prone to a use after free vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

Use-after-free vulnerability in an unspecified compatibility component in Adobe Shockwave Player before 11.5.9.620 allows user-assisted remote attackers to execute arbitrary code via a crafted web site, related to the Shockwave Settings window and an unloaded library. NOTE: some of these details...

Adobe Shockwave Player Shockwave Settings窗口释放后使用漏洞

BUGTRAQ ID: 44617 Adobe Shockwave Player是专门播放使用Director Shockwave Studio制作的网页的外挂软件。 Shockwave Player中自动安装的兼容性组件中存在释放后使用错误，其实是可能会调用已被卸载的函数库中的函数。如果用户在浏览网页的时候打开了Shockwave Settings窗口就可以触发这个漏洞，导致执行任意代码。 Adobe Shockwave Player 11.5.9.615 厂商补丁： Adobe ----- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...