Marc ARNAERT
to main page send mail
 
Based on Open Source »

To do it yourself »

Just follow the ebooks »
About Arnaert Marc Arnaert Open FTP Prefered Links Security Feeds Arnaert Marc Publications Arnaert Marc Games Arnaert genealogy

Arnaert.com

CVE-2019-20816 (phantompdf)

An issue was discovered in Foxit PhantomPDF before 8.3.12. It has a NULL pointer dereference.

CVE-2019-20820 (phantompdf, reader)

An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It has a NULL pointer dereference.

CVE-2019-20817 (phantompdf, reader)

An issue was discovered in Foxit Reader and PhantomPDF before 9.7. It has a NULL pointer dereference.

CVE-2019-20813 (phantompdf)

An issue was discovered in Foxit PhantomPDF before 8.3.12. It has a NULL pointer dereference.

CVE-2020-13809 (phantompdf, reader)

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows resource consumption via long strings in the content stream.

CVE-2020-13807 (phantompdf, reader)

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has circular reference mishandling that causes a loop.

CVE-2020-13806 (phantompdf, reader)

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has a use-after-free because of JavaScript execution after a deletion or close operation.

CVE-2020-13805 (phantompdf, reader)

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It has brute-force attack mishandling because the CAS service lacks a limit on login failures.

CVE-2020-13804 (phantompdf, reader)

An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows information disclosure of a hardcoded username and password in the DocuSign plugin.

CVE-2020-10548 (rconfig)

rConfig 3.9.4 and previous versions has unauthenticated devices.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices.
An aggregation of cybersecurity feeds

Feeds :
ICS, CERT, Exploit-DB, Greenbone, SoldierX
Terms of Use | Privacy Statement (c) Marc Arnaert. All rights reserved