An issue exists where Adobe Acrobat Reader DC for Windows makes use of an uninitialized pointer due to a malformed OTF font (CFF table).
bae53b75b8cc138268f5e6384fcb5d63An issue exists with Adobe Acrobat Reader DC for Windows use of an uninitialized pointer due to malformed JBIG2Globals stream.
2e0983da88e101353889315463cb5bd1iMessage suffers from an issue where decoding NSSharedKeyDictionary can lead to out-of-bounds reads.
a2b5e05c79091ab5459b0ba4514324d3iMessage suffers from an issue where decoding NSSharedKeyDictionary can read an ObjC object at attacker controlled address.
44b9493651f02f67170dee4980389e1aThe Chrome Payment Handler API suffers from site isolation bypass and local file disclosure vulnerabilities.
a0e44b48eda93d22f89c1bb42d02f804WebKit suffers from an integer overflow in NodeRareData::m_connectedFrameCount that can lead to universal cross site scripting and type confusion.
ab1e8dd57e42d668deb196080d883ef1XNU has an issue where missing locking in checkdirs_callback() enables a race condition with fchdir_common().
85e06607829ab208006bfe5a5ef59847WebKit suffers from a universal cross site scripting vulnerability in JSObject::putInlineSlow and JSValue::putToPrimitive.
892e0418e043bd54adfbb3915904b063JSC suffers from a type confusion vulnerability during bailout when reconstructing arguments objects.
6a4caa0c9a9e7558705c23bf516ebff4JavaScriptCore (JSC) GetterSetter suffers from a type confusion vulnerability during DFG compilation.
63f1952a7a692ab451a162d31ee902edMicrosoft Windows suffers from an insecure CSharedStream object privilege escalation vulnerability.
687f585eaab9feeb5d38e13cc05c1c00WebKit suffers from an HTMLFrameElementBase::isURLAllowed universal cross site scripting vulnerability.
ef966e699de1dd172f00de299de7c0a2Adobe Acrobat Reader DC for Windows suffers from a heap-based buffer overflow vulnerability that can be leveraged via malformed JP2 streams.
6d502d5ca8f705d8234dd901fb623916Visual Studio Code enables its remote debugger by default when installed.
e2bed7919efd579b180ac1c498c16541The Microsoft Windows kernel suffers from an out-of-bounds read vulnerability in nt!MiRelocateImage while parsing a malformed PE file.
b11e264135a1ee9c14ee6d0a6b9be23aThe Microsoft Windows kernel suffers from an out-of-bounds read vulnerability in CI!HashKComputeFirstPageHash while parsing a malformed PE file.
2b4d1890b1779ec523e266b0696a2645The Microsoft Windows kernel suffers from an out-of-bounds read in nt!MiParseImageLoadConfig while parsing a malformed PE file.
ed96bcdeedbf757ded338f82d7252f0dThe Microsoft Windows kernel suffers from an out-of-bounds read vulnerability in CI!CipFixImageType while parsing a malformed PE file.
234236a84a29251053125f4a4e7b7d46The Microsoft Windows kernel suffers from a null pointer dereference vulnerability in nt!MiOffsetToProtos while parsing a malformed PE file.
00131f510a52f3d940c140421ce76ea4Microsoft Windows Kernel suffers from a TTF font processing win32k!ulClearTypeFilter pool corruption vulnerability in win32k.sys.
119f19b3c20bb86e4d4a2c8e4636479cWebKit suffers from a same-origin policy bypass vulnerability in FrameLoader::clear.
68c6220522a24fcd9a591457a3c19b6fXNU suffers from a remote double-free vulnerability due to a data race in IPComp input path.
f107571d24ce915ad24992a19c351dc1There is a logic error in Signal that can cause an incoming call to be answered even if the callee does not pick it up.
cfd5f34a2c4720cf69df48f6e4d12c1cAndroid suffers from a use-after-free vulnerability in the binder driver at /drivers/android/binder.c.
0de8384215b8df385b050005e3962884WebKit suffers from a universal cross site scripting vulnerability using cached pages.
feb75421e7efde640b47418cf364c390
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed