Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:x86:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-4594 |
Stored XSS vulnerability. This vulnerability could allow an attacker to store a malicious JavaScript payload via GET and POST methods on multiple parameters in the MailAdmin_dll.htm file. Published: November 23, 2023; 8:15:12 AM -0500 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-4593 |
Path traversal vulnerability whose exploitation could allow an authenticated remote user to bypass SecurityManager's intended restrictions and list a parent directory via any filename, such as a multiple ..%2F value affecting the 'dodoc' parameter in the /MailAdmin_dll.htm file. Published: November 23, 2023; 8:15:11 AM -0500 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2023-46814 |
A binary hijacking vulnerability exists within the VideoLAN VLC media player before 3.0.19 on Windows. The uninstaller attempts to execute code with elevated privileges out of a standard user writable location. Standard users may use this to gain arbitrary code execution as SYSTEM. Published: November 22, 2023; 12:15:07 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-40363 |
IBM InfoSphere Information Server 11.7 could allow an authenticated user to change installation files due to incorrect file permission settings. IBM X-Force ID: 263332. Published: November 18, 2023; 1:15:08 PM -0500 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2023-44324 |
Adobe FrameMaker Publishing Server versions 2022 and earlier are affected by an Improper Authentication vulnerability that could result in a Security feature bypass. An unauthenticated attacker can abuse this vulnerability to access the API and leak default admin's password. Exploitation of this issue does not require user interaction. Published: November 17, 2023; 8:15:08 AM -0500 |
V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-22275 |
Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead to information disclosure by an unauthenticated attacker. Exploitation of this issue does not require user interaction. Published: November 17, 2023; 8:15:08 AM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-22274 |
Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could lead to information disclosure by an unauthenticated attacker. Exploitation of this issue does not require user interaction. Published: November 17, 2023; 8:15:08 AM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-22273 |
Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to Remote Code Execution by an admin authenticated attacker. Exploitation of this issue does not require user interaction. Published: November 17, 2023; 8:15:08 AM -0500 |
V3.1: 7.2 HIGH V2.0:(not available) |
CVE-2023-22272 |
Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Input Validation vulnerability that could lead to information disclosure by an unauthenticated attacker. Exploitation of this issue does not require user interaction. Published: November 17, 2023; 8:15:07 AM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-22268 |
Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead to information disclosure by an low-privileged authenticated attacker. Exploitation of this issue does not require user interaction. Published: November 17, 2023; 8:15:07 AM -0500 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2023-47073 |
Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Published: November 17, 2023; 6:15:09 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-47072 |
Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Published: November 17, 2023; 6:15:08 AM -0500 |
V3.1: 3.3 LOW V2.0:(not available) |
CVE-2023-47071 |
Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Published: November 17, 2023; 6:15:08 AM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-47070 |
Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Published: November 17, 2023; 6:15:08 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-47069 |
Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Published: November 17, 2023; 6:15:08 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-47068 |
Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Published: November 17, 2023; 6:15:07 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-47067 |
Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Published: November 17, 2023; 6:15:07 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-47066 |
Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Published: November 17, 2023; 6:15:07 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-44326 |
Adobe Dimension versions 3.4.9 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Published: November 17, 2023; 4:15:23 AM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-44325 |
Adobe Animate versions 23.0.2 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Published: November 17, 2023; 4:15:23 AM -0500 |
V3.1: 5.5 MEDIUM V2.0:(not available) |