| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the delay property. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13928. |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.4.37651. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Document objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13741. |
| TeamViewer before 14.7.48644 on Windows loads untrusted DLLs in certain situations. |
| iDrive RemotePC before 7.6.48 on Windows allows privilege escalation. A local and low-privileged user can force RemotePC to execute an attacker-controlled executable with SYSTEM privileges. |
| iDrive RemotePC before 7.6.48 on Windows allows authentication bypass. A remote and unauthenticated attacker can bypass cloud authentication to connect and control a system via TCP port 5970 and 5980. |
| iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read the system's Personal Key in world-readable %PROGRAMDATA% log files. |
| iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A locally authenticated attacker can read an encrypted version of the system's Personal Key in world-readable %PROGRAMDATA% log files. The encryption is done using a hard-coded static key and is therefore reversible by an attacker. |
| iDrive RemotePC before 7.6.48 on Windows allows information disclosure. A man in the middle can recover a system's Personal Key when a client attempts to make a LAN connection. The Personal Key is transmitted over the network while only being encrypted via a substitution cipher. |
| PHPMailer before 6.5.0 on Windows allows remote code execution if lang_path is untrusted data and has a UNC pathname. |
| Windows Bluetooth Driver Elevation of Privilege Vulnerability |
| Windows MSHTML Platform Remote Code Execution Vulnerability |
| Windows Graphics Component Font Parsing Remote Code Execution Vulnerability |
| ASP.NET Core and Visual Studio Information Disclosure Vulnerability |
| Windows Graphics Component Remote Code Execution Vulnerability |
| Visual Studio Code Remote Code Execution Vulnerability |
| Visual Studio Code Remote Code Execution Vulnerability |
| Windows DNS Server Remote Code Execution Vulnerability |
| Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability |
| Microsoft Defender Remote Code Execution Vulnerability |
| Raw Image Extension Remote Code Execution Vulnerability |
