293 matches found
SRC-2020-0015 : Foxit Reader Link Index Out-of-Bounds Read Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exis...
SRC-2019-0028 : Foxit Reader PDF Printer proxyDoAction opcode 0x200000 Stack Buffer Overflow Elevation of Privilege Vulnerability
Vulnerability Details: This vulnerability allows local attackers to escalate privileges on vulnerable installations of Foxit Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists withi...
SRC-2019-0026 : Foxit Reader PDF Printer proxyCPDFAction Stack Buffer Overflow Elevation of Privilege Vulnerability
Vulnerability Details: This vulnerability allows local attackers to escalate privileges on vulnerable installations of Foxit Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists withi...
SRC-2019-0027 : Foxit Reader PDF Printer proxyCheckLicence Stack Buffer Overflow Elevation of Privilege Vulnerability
Vulnerability Details: This vulnerability allows local attackers to escalate privileges on vulnerable installations of Foxit Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists withi...
SRC-2019-0007 : Foxit Reader SDK ActiveX Pro TextBox Field OpenFile Action Command Injection Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader SDK ActiveX Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...
SRC-2019-0001 : Foxit Reader SDK ActiveX Pro TextBox Field Mouse Enter Use-After-Free Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader SDK ActiveX Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...
SRC-2019-0054 : Hewlett Packard Enterprise Intelligent Management Center SSHParameterResource addSSHParameterKeyFile Directory Traversal Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...
SRC-2019-0051 : Hewlett Packard Enterprise Intelligent Management Center SqlResource queryDataBySQL Arbitrary SQL Execution Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...
SRC-2017-0027 : Jungo DriverWizard WinDriver Kernel Pool Overflow Privilege Escalation Vulnerability
Vulnerability Details: This vulnerability allows local attackers to escalate privileges on vulnerable installations of Jungo WinDriver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...
SRC-2018-0003 : Delta Industrial Automation Screen Editor Project File Parsing stopbits Out-of-Bounds Write Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation Screen Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file...
SRC-2016-0029 : Foxit Reader ConvertToPDF BMP Parsing Out-of-Bounds Read Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to leak sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
SRC-2016-0026 : Foxit Reader JPXDecode Out-of-Bounds Read Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
SRC-2017-0014 : Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet Expression Language Injection Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...
SRC-2017-0023 : Hewlett Packard Enterprise Intelligent Management Center mibWidgetService Expression Language Injection Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...
SRC-2017-0022 : Hewlett Packard Enterprise Intelligent Management Center soapConfigContent Expression Language Injection Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...
SRC-2016-0001 : ATutor LMS install_modules CSRF Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ATutor. User interaction is required to exploit this vulnerability in that a target administrator must visit a malicious page. The specific flaw exists when sending data to t...
SRC-2019-0073 : Adobe Acrobat Pro DC Type 2 Charstring put Integer Overflow Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...
SRC-2019-0025 : Foxit Reader PDF Printer proxyDoAction opcode Stack Buffer Overflow Elevation of Privilege Vulnerability
Vulnerability Details: This vulnerability allows local attackers to escalate privileges on vulnerable installations of Foxit Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists withi...
SRC-2019-0017 : Adobe Acrobat Pro DC Distiller PostScript File Parsing Type 1 Font FontBBox Stack Buffer Overflow Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SRC-2018-0015 : Foxit Reader PDF Parsing U3D Out-of-Bounds Read Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
SRC-2018-0009 : Foxit Reader BMP Image Parsing BITMAPINFOHEADER biWidth Integer Overflow Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
SRC-2017-0012 : Hewlett Packard Enterprise Intelligent Management Center devGroupSelect Expression Language Injection Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...
SRC-2020-0009 : Cisco Data Center Network Manager SystemFileDAO saveData Directory Traversal Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
SRC-2020-0004 : Cisco Data Center Network Manager SwitchCredentialsHandler deleteCredentials SQL Injection Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
SRC-2019-0082 : Adobe Acrobat Pro DC Type PostScript File Type Confusion Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SRC-2019-0069 : Adobe Acrobat Pro DC Type 2 Charstring put Out-of-Bounds Read Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...
SRC-2019-0070 : Adobe Acrobat Pro DC Type 2 Charstring put Out-of-Bounds Read Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific...
SRC-2019-0030 : Foxit Reader PDF Printer proxyGetAppEdition Stack Buffer Overflow Elevation of Privilege Vulnerability
Vulnerability Details: This vulnerability allows local attackers to escalate privileges on vulnerable installations of Foxit Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists withi...
SRC-2019-0048 : Hewlett Packard Intelligent Management Center Standard DhcpServerDaoImpl queryOptionInfosByIp SQL Injection Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...
SRC-2019-0045 : Hewlett Packard Intelligent Management Center Standard SmscCfgDaoImpl updateSmsSendingWay SQL Injection Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...
SRC-2018-0020 : Foxit Reader Signature Field lineWidth Use-After-Free Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists whe...
SRC-2016-0041 : Foxit Reader FlateDecode Use-After-Free Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
SRC-2016-0034 : Samsung Security Manager Apache Felix Gogo Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Security Manager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific fla...
SRC-2017-0020 : Hewlett Packard Enterprise Intelligent Management Center powershellConfigContent Expression Language Injection Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...
SRC-2020-0005 : Cisco Data Center Network Manager ConfigTemplateHandler getConfigTemplateJobInstance SQL Injection Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
SRC-2020-0002 : Cisco Data Center Network Manager ConfigArchiveRest importConfiguration Directory Traversal Denial of Service Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco Data Center Network Manager. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...
SRC-2019-0036 : Cisco Prime Infrastructure XmpLogFilesDownloadServlet Directory Traversal Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Cisco Prime Infrastructure. Authentication is required to exploit this vulnerability. The specific flaw exists within the XmpLogFilesDownloadServlet servlet. The issu...
SRC-2018-0032 : Vanilla Forums Gdn_Format unserialize Unserialize Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Vanilla Forums. Authentication is required to exploit this vulnerability, however the authentication can be bypassed. The specific flaw exists within the unserialize function...
SRC-2018-0014 : Foxit Reader PDF Parsing U3D Out-of-Bounds Read Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
SRC-2018-0008 : Adobe Digital Editions ePub otf Font Parsing TableRecord offset Out-of-Bounds Read Information Disclosure Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Digital Editions. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specif...
SRC-2018-0002 : Delta Industrial Automation Screen Editor Project File Parsing CDocument Use-After-Free Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation Screen Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file...
SRC-2017-0018 : Hewlett Packard Enterprise Intelligent Management Center ictExpertCSVDownload SyslogIctTableExportToCSVBean Expression Language Injection Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be...
SRC-2016-0002 : ATutor LMS Multiple Reflected Cross Site Scripting Vulnerabilities
Vulnerability Details: A total of 704 reflected Cross Site Scripting XSS vulnerabilities were found that can allow remote attackers to inject arbitrary web script or html via unspecified parameters against vulnerable installations of ATutor. User interaction is required to exploit this...
SRC-2016-0016 : ATutor LMS password_reminder ‘UPDATE’ Type Juggling Authentication Bypass Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to bypass the authentication mechanism on vulnerable installations of ATutor. The specific flaw exists in the ‘passwordreminder.php’ script when performing an password reset. The code uses a loose comparison when comparing the...
SRC-2019-0081 : Adobe Acrobat Pro DC Type PostScript File Type Confusion Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SRC-2019-0066 : Adobe Acrobat Pro DC Type 2 Charstring put Out-of-Bounds Write Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
SRC-2019-0031 : Foxit Reader PDF Printer proxyPreviewAction Stack Buffer Overflow Elevation of Privilege Vulnerability
Vulnerability Details: This vulnerability allows local attackers to escalate privileges on vulnerable installations of Foxit Reader. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists withi...
SRC-2019-0020 : Vanilla Forums AddonManager getSingleIndex Directory Traversal File Inclusion Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Vanilla Forums. Authentication is required to exploit this vulnerability, however the authentication can be bypassed. The specific flaw exists within the getSingleIndex...
SRC-2018-0019 : Foxit Reader field event userName Setter Use-After-Free Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists whe...
SRC-2017-0024 : Jungo DriverWizard WinDriver Kernel Driver Out-of-Bounds Write Privilege Escalation Vulnerability
Vulnerability Details: This vulnerability allows local attackers to escalate privileges on vulnerable installations of Jungo WinDriver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...