Adobe Acrobat Reader DC for Windows – Use of Uninitialized Pointer due to Malformed JBIG2Globals Stream
>> ARCHIVE: 2019-11
iMessage – Decoding NSSharedKeyDictionary can read ObjC Object at Attacker Controlled Address
XML Notepad 2.8.0.4 – XML External Entity Injection
Alps HID Monitor Service 8.1.0.10 – ‘ApHidMonitorService’ Unquote Service Path
Jenkins Build-Metrics plugin version 1.3 suffers from a cross site scripting vulnerability.
SolarWinds Kiwi Syslog Server version 8.3.52 suffers from a Kiwi Syslog Service unquoted service path vulnerability.
Adive Framework version 2.0.7 suffers from a privilege escalation vulnerability.
Nextcloud 17 suffers from multiple cross site request forgery vulnerabilities.
The Chrome Payment Handler API suffers from site isolation bypass and local file disclosure vulnerabilities.
Adaware Web Companion version 4.8.2078.3950 suffers from an unquoted service path vulnerability.