U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
There are 5,795 matching records.
Displaying matches 141 through 160.
Vuln ID Summary CVSS Severity
CVE-2023-4593

Path traversal vulnerability whose exploitation could allow an authenticated remote user to bypass SecurityManager's intended restrictions and list a parent directory via any filename, such as a multiple ..%2F value affecting the 'dodoc' parameter in the /MailAdmin_dll.htm file.

Published: November 23, 2023; 8:15:11 AM -0500
V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2023-46814

A binary hijacking vulnerability exists within the VideoLAN VLC media player before 3.0.19 on Windows. The uninstaller attempts to execute code with elevated privileges out of a standard user writable location. Standard users may use this to gain arbitrary code execution as SYSTEM.

Published: November 22, 2023; 12:15:07 AM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-40363

IBM InfoSphere Information Server 11.7 could allow an authenticated user to change installation files due to incorrect file permission settings. IBM X-Force ID: 263332.

Published: November 18, 2023; 1:15:08 PM -0500
V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2023-44324

Adobe FrameMaker Publishing Server versions 2022 and earlier are affected by an Improper Authentication vulnerability that could result in a Security feature bypass. An unauthenticated attacker can abuse this vulnerability to access the API and leak default admin's password. Exploitation of this issue does not require user interaction.

Published: November 17, 2023; 8:15:08 AM -0500
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2023-22275

Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead to information disclosure by an unauthenticated attacker. Exploitation of this issue does not require user interaction.

Published: November 17, 2023; 8:15:08 AM -0500
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-22274

Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could lead to information disclosure by an unauthenticated attacker. Exploitation of this issue does not require user interaction.

Published: November 17, 2023; 8:15:08 AM -0500
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-22273

Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to Remote Code Execution by an admin authenticated attacker. Exploitation of this issue does not require user interaction.

Published: November 17, 2023; 8:15:08 AM -0500
V3.1: 7.2 HIGH
V2.0:(not available)
CVE-2023-22272

Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Input Validation vulnerability that could lead to information disclosure by an unauthenticated attacker. Exploitation of this issue does not require user interaction.

Published: November 17, 2023; 8:15:07 AM -0500
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-22268

Adobe RoboHelp Server versions 11.4 and earlier are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead to information disclosure by an low-privileged authenticated attacker. Exploitation of this issue does not require user interaction.

Published: November 17, 2023; 8:15:07 AM -0500
V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2023-47073

Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: November 17, 2023; 6:15:09 AM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-47072

Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: November 17, 2023; 6:15:08 AM -0500
V3.1: 3.3 LOW
V2.0:(not available)
CVE-2023-47071

Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: November 17, 2023; 6:15:08 AM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-47070

Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: November 17, 2023; 6:15:08 AM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-47069

Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: November 17, 2023; 6:15:08 AM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-47068

Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: November 17, 2023; 6:15:07 AM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-47067

Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: November 17, 2023; 6:15:07 AM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-47066

Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: November 17, 2023; 6:15:07 AM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-44326

Adobe Dimension versions 3.4.9 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: November 17, 2023; 4:15:23 AM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-44325

Adobe Animate versions 23.0.2 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: November 17, 2023; 4:15:23 AM -0500
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2023-47060

Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Published: November 16, 2023; 12:15:08 PM -0500
V3.1: 3.3 LOW
V2.0:(not available)