‼ CVE-2022-38994 ‼
📖 Read
via "National Vulnerability Database".
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-46836 ‼
📖 Read
via "National Vulnerability Database".
Implementation of the WLAN module interfaces has the information disclosure vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38415 ‼
📖 Read
via "National Vulnerability Database".
Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38992 ‼
📖 Read
via "National Vulnerability Database".
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38997 ‼
📖 Read
via "National Vulnerability Database".
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-36600 ‼
📖 Read
via "National Vulnerability Database".
Out-of-bounds write vulnerability in the power consumption module. Successful exploitation of this vulnerability may cause the system to restart.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38431 ‼
📖 Read
via "National Vulnerability Database".
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38989 ‼
📖 Read
via "National Vulnerability Database".
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect system availability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30684 ‼
📖 Read
via "National Vulnerability Database".
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires low-privilege access to AEM.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-39008 ‼
📖 Read
via "National Vulnerability Database".
The NFC module has bundle serialization/deserialization vulnerabilities. Successful exploitation of this vulnerability may cause third-party apps to read and write files that are accessible only to system apps.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-28855 ‼
📖 Read
via "National Vulnerability Database".
Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-39006 ‼
📖 Read
via "National Vulnerability Database".
The MPTCP module has the race condition vulnerability. Successful exploitation of this vulnerability may cause the device to restart.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38999 ‼
📖 Read
via "National Vulnerability Database".
The AOD module has the improper update of reference count vulnerability. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-28854 ‼
📖 Read
via "National Vulnerability Database".
Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38988 ‼
📖 Read
via "National Vulnerability Database".
The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect data confidentiality.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38429 ‼
📖 Read
via "National Vulnerability Database".
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-39007 ‼
📖 Read
via "National Vulnerability Database".
The location module has a vulnerability of bypassing permission verification.Successful exploitation of this vulnerability may cause privilege escalation.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-39002 ‼
📖 Read
via "National Vulnerability Database".
Double free vulnerability in the storage module. Successful exploitation of this vulnerability will cause the memory to be freed twice.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30681 ‼
📖 Read
via "National Vulnerability Database".
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires low-privilege access to AEM.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38621 ‼
📖 Read
via "National Vulnerability Database".
Doufox v0.0.4 was discovered to contain a remote code execution (RCE) vulnerability via the edit file page. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-35971 ‼
📖 Read
via "National Vulnerability Database".
TensorFlow is an open source platform for machine learning. If `FakeQuantWithMinMaxVars` is given `min` or `max` tensors of a nonzero rank, it results in a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 785d67a78a1d533759fcd2f5e8d6ef778de849e0. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.📖 Read
via "National Vulnerability Database".