‼ CVE-2022-30651 ‼
📖 Read
via "National Vulnerability Database".
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-35597 ‼
📖 Read
via "National Vulnerability Database".
Victor CMS 1.0 is vulnerable to SQL injection via c_id parameter of admin_edit_comment.php, p_id parameter of admin_edit_post.php, u_id parameter of admin_edit_user.php, and edit parameter of admin_update_categories.php.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2085 ‼
📖 Read
via "National Vulnerability Database".
A NULL pointer dereference vulnerability was found in Ghostscript, which occurs when it tries to render a large number of bits in memory. When allocating a buffer device, it relies on an init_device_procs defined for the device that uses it as a prototype that depends upon the number of bits per pixel. For bpp > 64, mem_x_device is used and does not have an init_device_procs defined. This flaw allows an attacker to parse a large number of bits (more than 64 bits per pixel), which triggers a NULL pointer dereference flaw, causing an application to crash.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-29864 ‼
📖 Read
via "National Vulnerability Database".
OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to cause a server to crash via a large number of messages that trigger Uncontrolled Resource Consumption.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30655 ‼
📖 Read
via "National Vulnerability Database".
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2022-30653 ‼
📖 Read
via "National Vulnerability Database".
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30657 ‼
📖 Read
via "National Vulnerability Database".
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-32547 ‼
📖 Read
via "National Vulnerability Database".
In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-29866 ‼
📖 Read
via "National Vulnerability Database".
OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to exhaust the memory resources of a server via a crafted request that triggers Uncontrolled Resource Consumption.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30656 ‼
📖 Read
via "National Vulnerability Database".
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30652 ‼
📖 Read
via "National Vulnerability Database".
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27512 ‼
📖 Read
via "National Vulnerability Database".
Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30654 ‼
📖 Read
via "National Vulnerability Database".
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-32545 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41487 ‼
📖 Read
via "National Vulnerability Database".
NOKIA VitalSuite SPM 2020 is affected by SQL injection through UserName'.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31464 ‼
📖 Read
via "National Vulnerability Database".
Insecure permissions configuration in Adaware Protect v1.2.439.4251 allows attackers to escalate privileges via changing the service binary path.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31301 ‼
📖 Read
via "National Vulnerability Database".
Haraj v3.7 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Post Ads component.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-32546 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31294 ‼
📖 Read
via "National Vulnerability Database".
An issue in the save_users() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily create or update user accounts.📖 Read
via "National Vulnerability Database".
🕴 Microsoft 365 Function Leaves SharePoint, OneDrive Files Open to Ransomware Attacks 🕴
📖 Read
via "Dark Reading".
SharePoint and OneDrive libraries can be encrypted in ransomware attack, researchers say.📖 Read
via "Dark Reading".
Dark Reading
Microsoft 365 Function Leaves SharePoint, OneDrive Files Open to Ransomware Attacks
SharePoint and OneDrive libraries can be encrypted in ransomware attack, researchers say.
🕴 BlastWave Announces Enhancements to Its Zero-Trust Security Software Solution, BlastShield 🕴
📖 Read
via "Dark Reading".
Update allows BlastShield users to link with hybrid cloud network providers like AWS, Google, and the most recent addition, Azure, in one secure environment.📖 Read
via "Dark Reading".
Dark Reading
BlastWave Announces Enhancements to Its Zero-Trust Security Software Solution, BlastShield
Update allows BlastShield users to link with hybrid cloud network providers like AWS, Google, and the most recent addition, Azure, in one secure environment.