Filtered by vendor Microsoft
Subscriptions
Total
19815 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-42029 | 4 Hp, Ibm, Linux and 1 more | 6 Hp-ux, Aix, Cics Tx and 3 more | 2024-09-05 | 4.8 Medium |
IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 266059. | ||||
CVE-2024-7262 | 2 Kingsoft, Microsoft | 2 Wps Office, Windows | 2024-09-05 | 7.8 High |
Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.16412 (exclusive) on Windows allows an attacker to load an arbitrary Windows library. The vulnerability was found weaponized as a single-click exploit in the form of a deceptive spreadsheet document | ||||
CVE-2023-47040 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2024-09-04 | 7.8 High |
Adobe Media Encoder version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
CVE-2023-47052 | 3 Adobe, Apple, Microsoft | 3 Audition, Macos, Windows | 2024-09-04 | 5.5 Medium |
Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
CVE-2023-47053 | 3 Adobe, Apple, Microsoft | 3 Audition, Macos, Windows | 2024-09-04 | 5.5 Medium |
Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
CVE-2023-26368 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2024-09-04 | 7.8 High |
Adobe InCopy versions 18.5 (and earlier) and 17.4.2 (and earlier) are affected by are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
CVE-2023-47057 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2024-09-04 | 7.8 High |
Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
CVE-2023-47055 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2024-09-04 | 7.8 High |
Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
CVE-2023-47059 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2024-09-04 | 7.8 High |
Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
CVE-2023-35896 | 3 Ibm, Linux, Microsoft | 3 Content Navigator, Linux Kernel, Windows | 2024-09-04 | 5.4 Medium |
IBM Content Navigator 3.0.13 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 259247. | ||||
CVE-2023-47058 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2024-09-04 | 7.8 High |
Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
CVE-2023-47066 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-09-04 | 7.8 High |
Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
CVE-2023-47072 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-09-04 | 3.3 Low |
Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
CVE-2023-47068 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-09-04 | 7.8 High |
Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
CVE-2023-22273 | 2 Adobe, Microsoft | 2 Robohelp Server, Windows | 2024-09-04 | 7.2 High |
Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to Remote Code Execution by an admin authenticated attacker. Exploitation of this issue does not require user interaction. | ||||
CVE-2023-22274 | 2 Adobe, Microsoft | 2 Robohelp Server, Windows | 2024-09-04 | 7.5 High |
Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could lead to information disclosure by an unauthenticated attacker. Exploitation of this issue does not require user interaction. | ||||
CVE-2023-22268 | 2 Adobe, Microsoft | 2 Robohelp Server, Windows | 2024-09-04 | 6.5 Medium |
Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead to information disclosure by an low-privileged authenticated attacker. Exploitation of this issue does not require user interaction. | ||||
CVE-2023-46264 | 2 Ivanti, Microsoft | 2 Avalanche, Windows | 2024-09-04 | 9.8 Critical |
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remove code execution. | ||||
CVE-2023-22272 | 2 Adobe, Microsoft | 2 Robohelp Server, Windows | 2024-09-04 | 7.5 High |
Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Input Validation vulnerability that could lead to information disclosure by an unauthenticated attacker. Exploitation of this issue does not require user interaction. | ||||
CVE-2023-22275 | 2 Adobe, Microsoft | 2 Robohelp Server, Windows | 2024-09-04 | 7.5 High |
Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead to information disclosure by an unauthenticated attacker. Exploitation of this issue does not require user interaction. |