U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
There are 5,795 matching records.
Displaying matches 101 through 120.
Vuln ID Summary CVSS Severity
CVE-2023-48634

Adobe After Effects versions 24.0.3 (and earlier) and 23.6.0 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: December 13, 2023; 9:15:46 AM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-48633

Adobe After Effects versions 24.0.3 (and earlier) and 23.6.0 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: December 13, 2023; 9:15:45 AM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-48632

Adobe After Effects versions 24.0.3 (and earlier) and 23.6.0 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: December 13, 2023; 9:15:45 AM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-47081

Adobe Substance 3D Stager versions 2.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: December 13, 2023; 9:15:43 AM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-47080

Adobe Substance 3D Stager versions 2.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: December 13, 2023; 9:15:43 AM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-47079

Adobe Dimension versions 3.4.10 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: December 13, 2023; 8:15:08 AM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-47078

Adobe Dimension versions 3.4.10 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: December 13, 2023; 8:15:08 AM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-47062

Adobe Dimension versions 3.4.10 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: December 13, 2023; 8:15:08 AM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-47061

Adobe Dimension versions 3.4.10 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: December 13, 2023; 8:15:07 AM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-44362

Adobe Prelude versions 22.6 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: December 13, 2023; 7:15:07 AM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-47077

Adobe InDesign versions 19.0 (and earlier) and 17.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: December 13, 2023; 5:15:09 AM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-47076

Adobe InDesign versions 19.0 (and earlier) and 17.4.2 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: December 13, 2023; 5:15:09 AM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-47075

Adobe Illustrator versions 28.0 (and earlier) and 27.9 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: December 13, 2023; 5:15:09 AM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-47074

Adobe Illustrator versions 28.0 (and earlier) and 27.9 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: December 13, 2023; 5:15:08 AM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-47063

Adobe Illustrator versions 28.0 (and earlier) and 27.9 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: December 13, 2023; 5:15:08 AM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-6753

Path Traversal in GitHub repository mlflow/mlflow prior to 2.9.2.

Published: December 12, 2023; 7:15:07 PM -0500
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-48677

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40901.

Published: December 12, 2023; 4:15:08 AM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-48861

DLL hijacking vulnerability in TTplayer version 7.0.2, allows local attackers to escalate privileges and execute arbitrary code via urlmon.dll.

Published: December 07, 2023; 3:15:07 AM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-5808

SMU versions prior to 14.8.7825.01 are susceptible to unintended information disclosure, through URL manipulation. Authenticated users in a Storage administrative role are able to access HNAS configuration backup and diagnostic data, that would normally be barred to that specific administrative role.

Published: December 04, 2023; 7:15:09 PM -0500
V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2023-41613

EzViz Studio v2.2.0 is vulnerable to DLL hijacking.

Published: December 04, 2023; 9:15:07 AM -0500
V3.1: 7.8 HIGH
V2.0:(not available)