Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Base Score: 7.8 HIGH
https://helpx.adobe.com/security/products/indesign/apsb23-07.html
_____________________________________________________________________
Description
Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Base Score: 7.8 HIGH
https://helpx.adobe.com/security/products/indesign/apsb23-07.html
__________________________________________________________
Description
Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Base Score: 7.8 HIGH
https://helpx.adobe.com/security/products/indesign/apsb23-07.html
_____________________________________________________________
Description
Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Base Score: 7.3 HIGH
https://helpx.adobe.com/security/products/incopy/apsb23-08.html
CVE-2023-0138 Description Heap buffer overflow in libphonenumber in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low) Base Score: 8.8 HIGH https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop.html _____________________________ CVE-2023-0136 Description Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414.74 allowed a remote […]
CVE-2013-0880 Description Use-after-free vulnerability in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to databases. Base Score: 7.5 HIGH http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_21.html
CVE-2023-21819 Description Windows Secure Channel Denial of Service Vulnerability Base Score: 7.5 HIGH https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21819 CVE-2023-21820 Description Windows Distributed File System (DFS) Remote Code Execution Vulnerability Base Score: 7.4 HIGH https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21820 CVE-2023-21822 Description Windows Graphics Component Elevation of Privilege Vulnerability Base Score: 7.8 HIGH https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21822 CVE-2023-23374 Description Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Base Score: 8.3 […]
Leave a Reply