CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-38143 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-38143
Windows Common Log File System Driver Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios del Controlador del Sistema de Windows Common Log File This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the CLFS driver. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to disclose information in the context of the kernel. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38143 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2023-38144 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2023-38144
Windows Common Log File System Driver Elevation of Privilege Vulnerability Vulnerabilidad de Elevación de Privilegios del Controlador del Sistema de Windows Common Log File This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the clfs.sys driver. A crafted BLF file can trigger can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38144 • CWE-126: Buffer Over-read •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2019-16471 – Use-After-Free in app.measureDialog - Tianfu Cup
https://notcve.org/view.php?id=CVE-2019-16471
Adobe Acrobat Reader versions 2019.021.20056 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Las versiones 2019.021.20056 y anteriores de Adobe Acrobat Reader se ven afectadas por una vulnerabilidad Use After Free que podría provocar la ejecución de código arbitrario en el contexto del usuario actual. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso. • https://helpx.adobe.com/security/products/acrobat/apsb19-55.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 6%CPEs: 10EXPL: 0CVE-2019-16470 – CoolType.dll crash - Tianfu Cup
https://notcve.org/view.php?id=CVE-2019-16470
Adobe Acrobat Reader versions 2019.021.20056 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Las versiones 2019.021.20056 y anteriores de Adobe Acrobat Reader se ven afectadas por una vulnerabilidad de Desbordamiento de Búfer que podría provocar la ejecución de código arbitrario en el contexto del usuario actual. La explotación de este problema requiere la interacción del usuario, ya que la víctima debe abrir un archivo malicioso. • https://helpx.adobe.com/security/products/acrobat/apsb19-55.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2019-7819 – Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-7819
Adobe Acrobat Reader versions 2019.010.20098 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Las versiones 2019.010.20098 y anteriores de Adobe Acrobat Reader se ven afectadas por una vulnerabilidad de Lectura Fuera de Límites que podría provocar la divulgación de memoria confidencial. Un atacante podría aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. • https://helpx.adobe.com/security/products/acrobat/apsb19-17.html • CWE-125: Out-of-bounds Read •