Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in YITH Maintenance Mode (WordPress plugin) versions cache`, which causes an `heap-use-after-free` problem.
An attacker could leverage this vulnerability to execute code in the context of the current process. This could lead to a stack-based buffer overflow while trying to copy to a buffer during font string handling. It allows an attacker to cause Denial of Service.ĭelta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. A NULL pointer dereference exists in the function Font::Size() located in font.cpp. An issue was discovered in pdftools through 20200714.
