CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-47074 – ZDI-CAN-21812: Adobe Illustrator JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-47074
13 Dec 2023 — Adobe Illustrator versions 28.0 (and earlier) and 27.9 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Las versiones 28.0 (y anteriores) y 27.9 (y anteriores) de Adobe Illustrator se ven afecta... • https://helpx.adobe.com/security/products/illustrator/apsb23-68.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 14%CPEs: 4EXPL: 0CVE-2023-47075 – ZDI-CAN-22006: Adobe Illustrator JP2 File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-47075
13 Dec 2023 — Adobe Illustrator versions 28.0 (and earlier) and 27.9 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Las versiones 28.0 (y anteriores) y 27.9 (y anteriores) de Adobe Illustrator se ven afectadas por una vulnerabilidad Use After Free que podría provocar la ejecución de código arbitrario en el contexto del usuario act... • https://helpx.adobe.com/security/products/illustrator/apsb23-68.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2023-6753 – Path Traversal in mlflow/mlflow
https://notcve.org/view.php?id=CVE-2023-6753
13 Dec 2023 — Path Traversal in GitHub repository mlflow/mlflow prior to 2.9.2. Path traversal en el repositorio de GitHub mlflow/mlflow anterior a 2.9.2. • https://github.com/mlflow/mlflow/commit/1c6309f884798fbf56017a3cc808016869ee8de4 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 0CVE-2023-50443
https://notcve.org/view.php?id=CVE-2023-50443
13 Dec 2023 — Encrypted disks created by PRIMX CRYHOD for Windows before Q.2020.4 (ANSSI qualification submission) or CRYHOD for Windows before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger outbound network traffic from computers on which disks are opened. Un atacante no autenticado puede modificar los discos cifrados creados por PRIMX CRYHOD para Windows antes de Q.2020.4 (envío de calificación ANSSI) o CRYHOD para Windows antes de 2023.5 para incluir una refer... • https://www.primx.eu/en/bulletins/security-bulletin-23B3093B •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-35622 – Windows DNS Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2023-35622
12 Dec 2023 — Windows DNS Spoofing Vulnerability Vulnerabilidad de suplantación de DNS de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35622 •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-35635 – Windows Kernel Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-35635
12 Dec 2023 — Windows Kernel Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del kernel de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35635 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-35634 – Windows Bluetooth Driver Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-35634
12 Dec 2023 — Windows Bluetooth Driver Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del controlador Bluetooth de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35634 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2023-35633 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35633
12 Dec 2023 — Windows Kernel Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios del kernel de Windows Predefined keys in the Microsoft Windows Registry may lead to confused deputy problems and local privilege escalation. • https://packetstorm.news/files/id/176451 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-35632 – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35632
12 Dec 2023 — Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Controlador de función auxiliar de Windows para la vulnerabilidad de elevación de privilegios de WinSock • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35632 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-35631 – Win32k Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-35631
12 Dec 2023 — Win32k Elevation of Privilege Vulnerability Vulnerabilidad de elevación de privilegios en Win32k • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35631 •