Page 484 of 8799 results (0.023 seconds)

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2022-38408 – Adobe Illustrator Improper Input Validation Arbitrary code execution

https://notcve.org/view.php?id=CVE-2022-38408

Adobe Illustrator versions 26.4 (and earlier) and 25.4.7 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/illustrator/apsb22-55.html • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2022-38411 – Adobe Animate SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2022-38411

Adobe Animate version 21.0.11 (and earlier) and 22.0.7 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/animate/apsb22-54.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1

CVE-2022-38877

https://notcve.org/view.php?id=CVE-2022-38877

Garage Management System v1.0 is vulnerable to Arbitrary code execution via ip/garage/php_action/editProductImage.php? • https://github.com/MagicWHat/bug_report/blob/main/vendors/mayuri_k/garage-management-system/RCE-1.md • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 8.8EPSS: 2%CPEs: 1EXPL: 0

CVE-2022-2998 – Chrome LinkToTextMenuObserver::CompleteWithError Heap Use-After-Free

https://notcve.org/view.php?id=CVE-2022-2998

Processing maliciously crafted web content may lead to arbitrary code execution in the browser process. • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html https://crbug.com/1329794 • CWE-416: Use After Free •

CVSS: 8.1EPSS: 0%CPEs: 6EXPL: 0

CVE-2022-40674 – expat: a use-after-free in the doContent function in xmlparse.c

https://notcve.org/view.php?id=CVE-2022-40674

Using this vulnerability in the doContent function allows an attacker to triage a denial of service or potentially arbitrary code execution. • https://github.com/libexpat/libexpat/pull/629 https://github.com/libexpat/libexpat/pull/640 https://lists.debian.org/debian-lts-announce/2022/09/msg00029.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GSVZN3IJ6OCPSJL7AEX3ZHSHAHFOGESK https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J2IGJNHFV53PYST7VQV3T4NHVYAMXA36 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LQB6FJAM5YQ35SF5B2MN25Y2FX56EOEZ https • CWE-416: Use After Free •