| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally. |
| Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
| Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally. |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. |
| Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| Improper handling of insufficient permissions or privileges in Microsoft Dataverse allows an authorized attacker to elevate privileges over a network. |
| Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| Use after free in Windows DWM allows an authorized attacker to elevate privileges locally. |
| Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. |
| Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. |
| Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. |
| Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network. |
| Time-of-check time-of-use (toctou) race condition in Windows Virtual Machine Bus allows an unauthorized attacker to execute code locally. |
| Stack-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network. |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service allows an authorized attacker to elevate privileges locally. |
| Acceptance of extraneous untrusted data with trusted data in UrlMon allows an unauthorized attacker to bypass a security feature over a network. |
| Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network. |
