In libavcodec in Libav 9.21, ff_h264_execute_ref_pic_marking() has a heap-based buffer over-read.

Source

OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).

Source

Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting (XSS).

Source

A SQL Injection (CWE-89) vulnerability exists in U.motion Builder software version 1.3.4 which could cause unwanted code execution when an improper set of characters is entered.

Source

Adobe Media Encoder version 13.0.2 has an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Source

stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.

Source

Adobe Media Encoder version 13.0.2 has a use-after-free vulnerability. Successful exploitation could lead to remote code execution.

Source

Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

Source

Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier version, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

Source

Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Source