Category Archives: Advisories

Advisories

ZDI-23-736: Adobe Acrobat Reader DC Highlight Annotation noView Use-After-Free Remote Code Execution Vulnerability

Read Time:12 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Read More

Advisories

CVE-2022-30025

Read Time:9 Second

SQL injection in “/Framewrk/Home.jsp” file (POST method) in tCredence Analytics iDEAL Wealth and Funds – 1.0 iallows authenticated remote attackers to inject payload via “v” parameter.

Read More

Advisories

CVE-2022-41221

Read Time:25 Second

The client in OpenText Archive Center Administration through 21.2 allows XXE attacks. Authenticated users of the OpenText Archive Center Administration client (Versions 16.2.3, 21.2, and older versions) could upload XML files to the application that it did not sufficiently validate. As a result, attackers could craft XML files that, when processed by the application, would cause a negative security impact such as data exfiltration or localized denial of service against the application instance and system of the user running it.

Read More

Advisories

USN-6105-2: ca-certificates update

Read Time:16 Second

USN-6105-1 updated ca-certificates. This provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.

Original advisory details:

The ca-certificates package contained outdated CA certificates. This update
refreshes the included certificates to those contained in the 2.60 version
of the Mozilla certificate authority bundle.

Read More