Open-Xchange OX Guard versions 7.10.2 and below suffer from a cross site scripting vulnerability. Open-Xchange OX Guard versions 7.10.1 and below, 2.10.2 and below suffer from a signature validation vulnerability.
>> CATEGORY: exploit
Open-Xchange OX App Suite suffers from a content spoofing, cross site scripting, and information disclosure vulnerabilities. Versions affected vary depending on the vulnerability.
WordPress Download Manager plugin version 2.5 suffers from a cross site request forgery vulnerability.
ManageEngine opManager version 12.3.150 suffers from an authenticated code execution vulnerability.
ABC2MTEX version 1.6.1 suffers from a command-line stack overflow vulnerability.
This Metasploit module exploits a command injection vulnerability in the Tesla Agent botnet panel.
Adobe Acrobat CoolType (AFDKO) suffers from a memory corruption vulnerability in the handling of Type 1 font load/store operators.
Adobe Acrobat CoolType (AFDKO) performs a call from uninitialized memory due to an empty FDArray in Type 1 fonts.
The Microsoft Font Subsetting DLL (fontsub.dll) is a default Windows helper library for subsetting TTF fonts. It has an issue where it returns a dangling pointer via MergeFontPackage.
Microsoft Font Subsetting DLL suffers from a heap-based out-of-bounds read vulnerability in GetGlyphIdx.