‼ CVE-2022-39063 ‼
📖 Read
via "National Vulnerability Database".
When Open5GS UPF receives a PFCP Session Establishment Request, it stores related values for building the PFCP Session Establishment Response. Once UPF receives a request, it gets the f_teid_len from incoming message, and then uses it to copy data from incoming message to struct f_teid without checking the maximum length. If the pdi.local_f_teid.len exceeds the maximum length of the struct of f_teid, the memcpy() overwrites the fields (e.g., f_teid_len) after f_teid in the pdr struct. After parsing the request, the UPF starts to build a response. The f_teid_len with its overwritten value is used as a length for memcpy(). A segmentation fault occurs, as a result of a memcpy(), if this overwritten value is large enough.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-39000 ‼
📖 Read
via "National Vulnerability Database".
The iAware module has a vulnerability in managing malicious apps.Successful exploitation of this vulnerability will cause malicious apps to automatically start upon system startup.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38994 ‼
📖 Read
via "National Vulnerability Database".
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-46836 ‼
📖 Read
via "National Vulnerability Database".
Implementation of the WLAN module interfaces has the information disclosure vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38415 ‼
📖 Read
via "National Vulnerability Database".
Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38992 ‼
📖 Read
via "National Vulnerability Database".
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38997 ‼
📖 Read
via "National Vulnerability Database".
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-36600 ‼
📖 Read
via "National Vulnerability Database".
Out-of-bounds write vulnerability in the power consumption module. Successful exploitation of this vulnerability may cause the system to restart.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38431 ‼
📖 Read
via "National Vulnerability Database".
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38989 ‼
📖 Read
via "National Vulnerability Database".
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30684 ‼
📖 Read
via "National Vulnerability Database".
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires low-privilege access to AEM.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-39008 ‼
📖 Read
via "National Vulnerability Database".
The NFC module has bundle serialization/deserialization vulnerabilities. Successful exploitation of this vulnerability may cause third-party apps to read and write files that are accessible only to system apps.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-28855 ‼
📖 Read
via "National Vulnerability Database".
Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-39006 ‼
📖 Read
via "National Vulnerability Database".
The MPTCP module has the race condition vulnerability. Successful exploitation of this vulnerability may cause the device to restart.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38999 ‼
📖 Read
via "National Vulnerability Database".
The AOD module has the improper update of reference count vulnerability. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-28854 ‼
📖 Read
via "National Vulnerability Database".
Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38988 ‼
📖 Read
via "National Vulnerability Database".
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38429 ‼
📖 Read
via "National Vulnerability Database".
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-39007 ‼
📖 Read
via "National Vulnerability Database".
The location module has a vulnerability of bypassing permission verification.Successful exploitation of this vulnerability may cause privilege escalation.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-39002 ‼
📖 Read
via "National Vulnerability Database".
Double free vulnerability in the storage module. Successful exploitation of this vulnerability will cause the memory to be freed twice.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30681 ‼
📖 Read
via "National Vulnerability Database".
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires low-privilege access to AEM.📖 Read
via "National Vulnerability Database".