CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-22594 – IBM Robotic Process Automation for Cloud Pak cross-site scripting
https://notcve.org/view.php?id=CVE-2023-22594
18 Jan 2023 — IBM Robotic Process Automation for Cloud Pak 20.12.0 through 21.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 244075. IBM Robotic Process Automation para Cloud Pak 20.12.0 a 21.0.4 es vulnerable a cross-site scripting. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbitrario en l... • https://exchange.xforce.ibmcloud.com/vulnerabilities/244075 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-21601 – Adobe Dimension OBJ File Parsing Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-21601
18 Jan 2023 — Adobe Dimension version 3.4.6 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Adobe Dimension versión 3.4.6 (y anteriores) se ve afectado por una vulnerabilidad Use After Free que podría provocar la divulgación de memoria confidencial. Un atacante podría aprovechar es... • https://helpx.adobe.com/security/products/dimension/apsb23-10.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 1%CPEs: 10EXPL: 2CVE-2023-21608 – Adobe Acrobat and Reader Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2023-21608
18 Jan 2023 — Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Las versiones de Adobe Acrobat Reader 22.003.20282 (y anteriores), 22.003.20281 (y anteriores) y 20.005.30418 (y anteriores) se ven afectadas por una vulnerabilidad Use ... • https://github.com/hacksysteam/CVE-2023-21608 • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-21603 – Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-21603
18 Jan 2023 — Adobe Dimension version 3.4.6 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Adobe Dimension versión 3.4.6 (y anteriores) se ve afectado por una vulnerabilidad de lectura fuera de los límites que podría provocar la divulgación de memoria confidencial. Un atacant... • https://helpx.adobe.com/security/products/dimension/apsb23-10.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-21579 – Adobe Acrobat Reader DC Font Parsing Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21579
18 Jan 2023 — Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Las versiones de Adobe Acrobat Reader 22.003.20282 (y anteriores), 22.003.20281 (y anteriores) y 20.005.30418 (y anteriores) se ven afectadas por una vu... • https://helpx.adobe.com/security/products/acrobat/apsb23-01.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-48191 – Trend Micro Maximum Security Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2022-48191
18 Jan 2023 — A vulnerability exists in Trend Micro Maximum Security 2022 (17.7) wherein a low-privileged user can write a known malicious executable to a specific location and in the process of removal and restoral an attacker could replace an original folder with a mount point to an arbitrary location, allowing a escalation of privileges on an affected system. Existe una vulnerabilidad en Trend Micro Maximum Security 2022 (17.7) en la que un usuario con pocos privilegios puede escribir un ejecutable malicioso conocido ... • https://helpcenter.trendmicro.com/en-us/article/tmka-11252 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2023-21585 – Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-21585
18 Jan 2023 — Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Las versiones 22.003.20282 (y anteriores), 22.003.20281 (y anteriores) y 20.005.30418 (y anteriores) de Adobe Acr... • https://helpx.adobe.com/security/products/acrobat/apsb23-01.html • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-21606 – Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21606
18 Jan 2023 — Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Adobe Acrobat Reader versiones 22.003.20282 (y anteriores) y 22.003.20281 (y anteriores) y 20.005.30418 (y anteriores) están afectadas por una vulnerabilidad de es... • https://helpx.adobe.com/security/products/acrobat/apsb23-01.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-21604 – Adobe Acrobat Reader Stack-based Buffer Overflow Arbitrary code execution
https://notcve.org/view.php?id=CVE-2023-21604
18 Jan 2023 — Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Adobe Acrobat Reader versiones 22.003.20282 (y anteriores) 22.003.20281 (y anteriores) y 20.005.30418 ( y anteriores) están afectadas por una vulnerabilidad... • https://helpx.adobe.com/security/products/acrobat/apsb23-01.html • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-21609 – Adobe Acrobat Reader DC AcroForm Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21609
18 Jan 2023 — Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Adobe Acrobat Reader versiones 22.003.20282 (y anteriores) y 22.003.20281 (y anteriores) y 20.005.30418 (y anteriores) están afectadas por una vulnerabilidad de es... • https://helpx.adobe.com/security/products/acrobat/apsb23-01.html • CWE-787: Out-of-bounds Write •