CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-35701 – Adobe Bridge SVG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-35701
Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/bridge/apsb22-49.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-35704 – Adobe Bridge SVG File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-35704
Adobe Bridge version 12.0.2 (and earlier) and 11.1.3 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/bridge/apsb22-49.html • CWE-416: Use After Free •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-35664 – AEM Reflected XSS Arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-35664
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires low-privilege access to AEM. Adobe Experience Manager versiones 6.5.13.0 (y anteriores), están afectadas por una vulnerabilidad de tipo Cross-Site Scripting (XSS) reflejada. Si un atacante es capaz de convencer a una víctima de que visite una URL que haga referencia a una página vulnerable, puede ejecutarse contenido JavaScript malicioso en el contexto del navegador de la víctima. • https://helpx.adobe.com/security/products/experience-manager/apsb22-40.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-30681 – AEM Reflected XSS Arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-30681
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires low-privilege access to AEM. Adobe Experience Manager versiones 6.5.13.0 (y anteriores), están afectadas por una vulnerabilidad de tipo Cross-Site Scripting (XSS) reflejado. Si un atacante es capaz de convencer a una víctima de que visite una URL que haga referencia a una página vulnerable, puede ejecutarse contenido JavaScript malicioso en el contexto del navegador de la víctima. • https://helpx.adobe.com/security/products/experience-manager/apsb22-40.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-30684 – AEM Reflected XSS Arbitrary code execution
https://notcve.org/view.php?id=CVE-2022-30684
Adobe Experience Manager versions 6.5.13.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. Exploitation of this issue requires low-privilege access to AEM. Adobe Experience Manager versiones 6.5.13.0 (y anteriores), están afectadas por una vulnerabilidad de tipo Cross-Site Scripting (XSS) reflejado. Si un atacante es capaz de convencer a una víctima de que visite una URL que haga referencia a una página vulnerable, puede ejecutarse contenido JavaScript malicioso en el contexto del navegador de la víctima. • https://helpx.adobe.com/security/products/experience-manager/apsb22-40.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •