Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_display_node located at fitz/list-device.c, allowing remote attackers to execute arbitrary code via a crafted PDF file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In Xpdf 4.01.01, there is a use-after-free vulnerability in the function JBIG2Stream::close() located at JBIG2Stream.cc. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DCTStream::decodeImage() in Stream.cc when writing to frameBuf memory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x00000000003283eb. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000328384. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000327a07. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x000000000032e566. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000328165. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x00000000003273aa. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x000000000032e849. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000327464. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x000000000032e808. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000385474. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP_SetColorProfile+0x00000000001172b0. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP_SetColorProfile+0x00000000000c47ff. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP_SetColorProfile+0x00000000000b9c2f. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP_SetColorProfile+0x00000000000b9e7a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!JPEGTransW+0x0000000000002450. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!JPEGTransW+0x00000000000024ed. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
FastStone Image Viewer 7.0 has a User Mode Write AV starting at image00400000+0x00000000001a9601. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
FastStone Image Viewer 7.0 has a User Mode Write AV starting at image00400000+0x00000000001a95b1. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
FastStone Image Viewer 7.0 has a User Mode Write AV starting at image00400000+0x0000000000002d7d. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
IrfanView 4.52 has a User Mode Write AV starting at image00400000+0x00000000000249c6. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
IrfanView 4.52 has a User Mode Write AV starting at image00400000+0x0000000000013a98. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
FlightCrew v0.9.2 and older are vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in a ZIP archive entry that is mishandled during extraction. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in Bento4 1.5.1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX. Rated high severity (CVSS 7.0). Public exploit code available.
A vulnerability in the HTTPS decryption feature of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Jabber for Windows could allow an authenticated, local attacker to perform a DLL preloading attack. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.
A vulnerability in the REST API for software device management in Cisco Application Policy Infrastructure Controller (APIC) Software could allow an authenticated, remote attacker to escalate. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
deepin-clone before 1.1.3 uses a predictable path /tmp/.deepin-clone/mount/<block-dev-basename> in the Helper::temporaryMountDevice() function to temporarily mount a file system as root. Rated high severity (CVSS 7.0).