Open-Xchange OX App Suite suffers from a content spoofing, cross site scripting, and information disclosure vulnerabilities. Versions affected vary depending on the vulnerability.
WordPress Download Manager plugin version 2.5 suffers from a cross site request forgery vulnerability.
ABC2MTEX version 1.6.1 suffers from a command-line stack overflow vulnerability.
ManageEngine opManager version 12.3.150 suffers from an authenticated code execution vulnerability.
This Metasploit module exploits a command injection vulnerability in the Tesla Agent botnet panel.
Adobe Acrobat CoolType (AFDKO) suffers from a memory corruption vulnerability in the handling of Type 1 font load/store operators.
Adobe Acrobat CoolType (AFDKO) performs a call from uninitialized memory due to an empty FDArray in Type 1 fonts.
The Microsoft Font Subsetting DLL (fontsub.dll) is a default Windows helper library for subsetting TTF fonts. It has an issue where it returns a dangling pointer via MergeFontPackage.
Microsoft Font Subsetting DLL suffers from a heap-based out-of-bounds read vulnerability in GetGlyphIdx.
Microsoft Font Subsetting DLL suffers from a double free vulnerability in MergeFormat12Cmap / MakeFormat12MergedGlyphList.