CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-22237 – Adobe After Effects Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-22237
After Affects versions 23.1 (and earlier), 22.6.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/after_effects/apsb23-02.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 7%CPEs: 4EXPL: 0CVE-2023-22226 – Adobe Bridge SVG file Stack-based Buffer Overflow Arbitrary code execution
https://notcve.org/view.php?id=CVE-2023-22226
Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/bridge/apsb23-09.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-21622 – Adobe FrameMaker Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-21622
FrameMaker 2020 Update 4 (and earlier), 2022 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/framemaker/apsb23-06.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-22229 – Adobe Bridge Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-22229
Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/bridge/apsb23-09.html • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-26277 – Security Advisory | PendingIntent hijacking vulnerability in Framework Services
https://notcve.org/view.php?id=CVE-2021-26277
The framework service handles pendingIntent incorrectly, allowing a malicious application with certain privileges to perform privileged actions. • https://www.vivo.com/en/support/security-advisory-detail?id=8 • CWE-94: Improper Control of Generation of Code ('Code Injection') •