CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2022-35665 – Adobe Acrobat Reader Use-After-Free Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2022-35665
Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/acrobat/apsb22-39.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-35677 – Adobe FrameMaker SVG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-35677
Adobe FrameMaker versions 2019 Update 8 (and earlier) and 2020 Update 4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/framemaker/apsb22-42.html • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-35675 – Adobe FrameMaker SVG File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-35675
Adobe FrameMaker versions 2019 Update 8 (and earlier) and 2020 Update 4 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/framemaker/apsb22-42.html • CWE-416: Use After Free •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-36270
https://notcve.org/view.php?id=CVE-2022-36270
Clinic's Patient Management System v1.0 has arbitrary code execution via url: ip/pms/users.php. • https://github.com/FF9118/bug_report/blob/main/vendors/oretnom23/clinics-patient-management-system/RCE-1.md •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-30580 – Empty Cmd.Path can trigger unintended binary in os/exec on Windows
https://notcve.org/view.php?id=CVE-2022-30580
Code injection in Cmd.Start in os/exec before Go 1.17.11 and Go 1.18.3 allows execution of any binaries in the working directory named either "..com" or "..exe" by calling Cmd.Run, Cmd.Start, Cmd.Output, or Cmd.CombinedOutput when Cmd.Path is unset. • https://go.dev/cl/403759 https://go.dev/issue/52574 https://go.googlesource.com/go/+/960ffa98ce73ef2c2060c84c7ac28d37a83f345e https://groups.google.com/g/golang-announce/c/TzIC9-t8Ytg/m/IWz5T6x7AAAJ https://pkg.go.dev/vuln/GO-2022-0532 • CWE-94: Improper Control of Generation of Code ('Code Injection') •