Total
7347 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-30653 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2023-11-07 | 9.3 HIGH | 7.8 HIGH |
| Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-30652 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2023-11-07 | 9.3 HIGH | 7.8 HIGH |
| Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-30651 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2023-11-07 | 9.3 HIGH | 7.8 HIGH |
| Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-30650 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2023-11-07 | 9.3 HIGH | 7.8 HIGH |
| Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-30648 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-30647 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-30634 | 3 Golang, Microsoft, Netapp | 3 Go, Windows, Cloud Insights Telegraf Agent | 2023-11-07 | N/A | 7.5 HIGH |
| Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes. | |||||
| CVE-2022-2622 | 3 Fedoraproject, Google, Microsoft | 3 Fedora, Chrome, Windows | 2023-11-07 | N/A | 6.5 MEDIUM |
| Insufficient validation of untrusted input in Safe Browsing in Google Chrome on Windows prior to 104.0.5112.79 allowed a remote attacker to bypass download restrictions via a crafted file. | |||||
| CVE-2022-2188 | 2 Mcafee, Microsoft | 2 Data Exchange Layer, Windows | 2023-11-07 | N/A | 5.5 MEDIUM |
| Privilege escalation vulnerability in DXL Broker for Windows prior to 6.0.0.280 allows local users to gain elevated privileges by exploiting weak directory controls in the logs directory. This can lead to a denial-of-service attack on the DXL Broker. | |||||
| CVE-2022-2162 | 3 Fedoraproject, Google, Microsoft | 3 Fedora, Chrome, Windows | 2023-11-07 | N/A | 8.8 HIGH |
| Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 103.0.5060.53 allowed a remote attacker to bypass file system access via a crafted HTML page. | |||||
| CVE-2022-2160 | 3 Fedoraproject, Google, Microsoft | 3 Fedora, Chrome, Windows | 2023-11-07 | N/A | 6.5 MEDIUM |
| Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from a user's local files via a crafted HTML page. | |||||
| CVE-2022-29804 | 2 Golang, Microsoft | 2 Go, Windows | 2023-11-07 | N/A | 7.5 HIGH |
| Incorrect conversion of certain invalid paths to valid, absolute paths in Clean in path/filepath before Go 1.17.11 and Go 1.18.3 on Windows allows potential directory traversal attack. | |||||
| CVE-2022-28849 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Bridge version 12.0.1 (and earlier versions) is affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-28848 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-28847 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-28846 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-28845 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2023-11-07 | 9.3 HIGH | 7.8 HIGH |
| Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-28844 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2023-11-07 | 9.3 HIGH | 7.8 HIGH |
| Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-28843 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2023-11-07 | 9.3 HIGH | 7.8 HIGH |
| Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-28842 | 3 Adobe, Apple, Microsoft | 3 Bridge, Macos, Windows | 2023-11-07 | 9.3 HIGH | 7.8 HIGH |
| Adobe Bridge version 12.0.1 (and earlier versions) is affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||