Filtered by vendor Microsoft Subscriptions
Filtered by product Windows Subscriptions
Total 7539 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-21049 3 Adobe, Apple, Microsoft 3 Photoshop, Macos, Windows 2024-09-17 N/A
Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by an Out-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-23196 3 Adobe, Apple, Microsoft 3 Illustrator, Macos, Windows 2024-09-17 5.5 Medium
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-21036 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2024-09-17 7.8 High
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an Integer Overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-30993 3 Acronis, Linux, Microsoft 3 Cyber Protect, Linux Kernel, Windows 2024-09-17 7.5 High
Cleartext transmission of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240
CVE-2020-1984 2 Microsoft, Paloaltonetworks 2 Windows, Secdo 2024-09-17 7.8 High
Secdo tries to execute a script at a hardcoded path if present, which allows a local authenticated user with 'create folders or append data' access to the root of the OS disk (C:\) to gain system privileges if the path does not already exist or is writable. This issue affects all versions of Secdo for Windows.
CVE-2021-39845 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2024-09-17 6.1 Medium
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted PDF file, potentially resulting in memory corruption in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted PDF file in Acrobat Reader.
CVE-2021-38981 3 Ibm, Linux, Microsoft 5 Aix, Security Guardium Key Lifecycle Manager, Security Key Lifecycle Manager and 2 more 2024-09-17 5.3 Medium
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 212788.
CVE-2019-4614 4 Ibm, Linux, Microsoft and 1 more 5 Mq, Mq Appliance, Linux Kernel and 2 more 2024-09-17 6.5 Medium
IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS client connecting to a Queue Manager could cause a SIGSEGV denial of service caused by converting an invalid message. IBM X-Force ID: 168639.
CVE-2021-45051 3 Adobe, Apple, Microsoft 3 Bridge, Macos, Windows 2024-09-17 3.3 Low
Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlier) are affected by an use-after-free vulnerability in the processing of Format event actions that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-42724 2 Adobe, Microsoft 2 Bridge, Windows 2024-09-17 7.8 High
Adobe Bridge version 11.1.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
CVE-2020-9748 2 Adobe, Microsoft 2 Animate, Windows 2024-09-17 7.8 High
Adobe Animate version 20.5 (and earlier) is affected by a stack overflow vulnerability, which could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .fla file in Animate.
CVE-2022-35705 3 Adobe, Apple, Microsoft 3 Bridge, Macos, Windows 2024-09-17 7.8 High
Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2019-4656 5 Hp, Ibm, Linux and 2 more 8 Hp-ux, Aix, Mq and 5 more 2024-09-17 6.5 Medium
IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD is vulnerable to a denial of service attack that would allow an authenticated user to crash the queue and require a restart due to an error processing error messages. IBM X-Force ID: 170967.
CVE-2021-3042 2 Microsoft, Paloaltonetworks 2 Windows, Cortex Xdr Agent 2024-09-17 7.8 High
A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables an authenticated local Windows user to execute programs with SYSTEM privileges. Exploiting this vulnerability requires the user to have file creation privilege in the Windows root directory (such as C:\). This issue impacts: All versions of Cortex XDR agent 6.1 without content update 181 or a later version; All versions of Cortex XDR agent 7.2 without content update 181 or a later version; All versions of Cortex XDR agent 7.3 without content update 181 or a later version. Cortex XDR agent 5.0 versions are not impacted by this issue. Content updates are required to resolve this issue and are automatically applied for the agent.
CVE-2021-29701 3 Ibm, Linux, Microsoft 4 Engineering Workflow Management, Rational Team Concert, Linux Kernel and 1 more 2024-09-17 4.3 Medium
IBM Engineering Workflow Management 7.0, 7.0.1, and 7.0.2 as well as IBM Rational Team Concert 6.0.6 and 6.0.6.1 could allow an authneticated attacker to obtain sensitive information from build definitions that could aid in further attacks against the system. IBM X-Force ID: 200657.
CVE-2020-24414 2 Adobe, Microsoft 2 Illustrator, Windows 2024-09-17 7.8 High
Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit.
CVE-2022-28827 2 Adobe, Microsoft 2 Framemaker, Windows 2024-09-17 N/A
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-28555 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2024-09-17 N/A
Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Out-of-bounds Read vulnerability. An unauthenticated attacker could leverage this vulnerability to get access to sensitive information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-44499 3 Adobe, Apple, Microsoft 3 Illustrator, Macos, Windows 2024-09-17 5.5 Medium
Adobe Illustrator versions 26.5.1 (and earlier), and 27.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-28852 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2024-09-17 7.8 High
Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.