Description
IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on the system, caused by a YAML deserialization flaw. By sending a specially crafted obsolete API call, an attacker could exploit this vulnerability to execute arbitrary code on the system. The obsolete API call was removed in Faspex 4.4.2 PL2. IBM X-Force ID: 243512.
Base Score: 9.8 CRITICAL
CVE-2023-21575 Description Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Base Score: 7.8 HIGH https://helpx.adobe.com/security/products/photoshop/apsb23-11.html ____________ CVE-2023-21576 Description Photoshop […]
CVE-2022-2536 Description The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient validation of settings on the ‘tp_translation’ AJAX action which makes it possible for unauthenticated attackers to bypass any restrictions and influence the data shown on […]
CVE-2022-4337 Description An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch. Base Score: 9.8 CRITICAL https://www.openwall.com/lists/oss-security/2022/12/21/4 ______________________________ CVE-2022-4338 Description An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch. Base Score: 9.8 CRITICAL https://www.openwall.com/lists/oss-security/2022/12/21/4 _______________________________ CVE-2022-3715 Description A flaw was found in the bash package, where a heap-buffer […]
Leave a Reply