Exploitation of this issue requires user interaction in that a victim must open a malicious file.Īdobe ColdFusion Deserialization of Untrusted Data vulnerabilityĪdobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Deserialization of Untrusted Data vulnerability.
An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.Īdobe Acrobat and Reader Use-After-Free VulnerabilityĪcrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability.
Accellion FTA OS Command Injection VulnerabilityĪccellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints.Īccellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service call.Īccellion FTA SQL Injection VulnerabilityĪccellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html.Īccellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html.Īdobe Acrobat and Reader Heap-based Buffer Overflow VulnerabilityĪcrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability.
0 kommentar(er)
