» 2022 » 8월

CVE-2021-41785

Posted on 2022년 8월 29일2022년 8월 29일 by admin

CVE-2021-41785

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

Source: CVE-2021-41785

CVE-2021-41784

Posted on 2022년 8월 29일2022년 8월 29일 by admin

CVE-2021-41784

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

Source: CVE-2021-41784

CVE-2022-25641

Posted on 2022년 8월 29일2022년 8월 29일 by admin

CVE-2022-25641

Foxit PDF Reader before 11.2.2 and PDF Editor before 11.2.2, and PhantomPDF before 10.1.8, mishandle cross-reference information during compressed-object parsing within signed documents. This leads to delivery of incorrect signature information via an Incremental Saving Attack and a Shadow Attack.

Source: CVE-2022-25641

CVE-2021-41781

Posted on 2022년 8월 29일2022년 8월 29일 by admin

CVE-2021-41781

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

Source: CVE-2021-41781

CVE-2021-41780

Posted on 2022년 8월 29일2022년 8월 29일 by admin

CVE-2021-41780

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

Source: CVE-2021-41780

CVE-2021-41782

Posted on 2022년 8월 29일2022년 8월 29일 by admin

CVE-2021-41782

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

Source: CVE-2021-41782

CVE-2021-40326

Posted on 2022년 8월 29일2022년 8월 29일 by admin

CVE-2021-40326

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, mishandle hidden and incremental data in signed documents. An attacker can write to an arbitrary file, and display controlled contents, during signature verification.

Source: CVE-2021-40326

CVE-2021-41783

Posted on 2022년 8월 29일2022년 8월 29일 by admin

CVE-2021-41783

Foxit PDF Reader before 11.1 and PDF Editor before 11.1, and PhantomPDF before 10.1.6, allow attackers to trigger a use-after-free and execute arbitrary code because JavaScript is mishandled.

Source: CVE-2021-41783

CVE-2022-34668

Posted on 2022년 8월 29일2022년 8월 29일 by admin

CVE-2022-34668

NVFLARE, versions prior to 2.1.4, contains a vulnerability that deserialization of Untrusted Data due to Pickle usage may allow an unprivileged network attacker to cause Remote Code Execution, Denial Of Service, and Impact to both Confidentiality and Integrity.

Source: CVE-2022-34668

CVE-2022-36572

Posted on 2022년 8월 29일2022년 8월 29일 by admin

CVE-2022-36572

Sinsiu Sinsiu Enterprise Website System v1.1.1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component /upload/admin.php?/deal/.

Source: CVE-2022-36572