msgpack5 is a msgpack v5 implementation for node.js and the browser. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
A stack overflow in pupnp before version 1.14.5 can cause the denial of service through the Parser_parseDocument() function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The package printf before 0.6.1 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex string /\%(?:\(([\w_.]+)\)|([1-9]\d*)\$)?([0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Switchboard Bluetooth Plug for elementary OS from version 2.3.0 and before version version 2.3.5 has an incorrect authorization vulnerability. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity.
Race Condition within a Thread vulnerability in iscsi_snapshot_comm_core in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to execute arbitrary code via crafted web. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Dell SupportAssist Client for Consumer PCs versions 3.7.x, 3.6.x, 3.4.x, 3.3.x, Dell SupportAssist Client for Business PCs versions 2.0.x, 2.1.x, 2.2.x, and Dell SupportAssist Client ProManage 1.x. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Adobe Connect version 11.0.7 (and earlier) is affected by an Input Validation vulnerability in the export feature. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Adobe Photoshop versions 21.2.5 (and earlier) and 22.2 (and earlier) are affected by a Memory Corruption vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Adobe Animate version 21.0.3 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Adobe Animate version 21.0.3 (and earlier) is affected by a Memory Corruption vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.
Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is affected by a local privilege escalation vulnerability that could allow an attacker to call functions against the installer to. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
Adobe Photoshop versions 21.2.5 (and earlier) and 22.2 (and earlier) are affected by an Out-of-bounds Write vulnerability in the CoolType library. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Adobe Framemaker version 2020.0.1 (and earlier) is affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Untrusted search path vulnerability in Installer of MagicConnect Client program distributed before 2021 March 1 allows an attacker to gain privileges and via a Trojan horse DLL in an unspecified. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The is-svg package 2.1.0 through 4.2.1 for Node.js uses a regular expression that is vulnerable to Regular Expression Denial of Service (ReDoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in the fltk crate before 0.15.3 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in the fltk crate before 0.15.3 for Rust. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.
Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.
Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.
Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.
Adobe Animate version 21.0.3 (and earlier) is affected by an Out-of-bounds Read vulnerability. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.