Total
2350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-28276 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2023-01-24 | 9.3 HIGH | 7.8 HIGH |
| Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-28274 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2023-01-24 | 9.3 HIGH | 7.8 HIGH |
| Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-28277 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2023-01-24 | 9.3 HIGH | 7.8 HIGH |
| Adobe Photoshop versions 22.5.6 (and earlier) and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious PDF file. | |||||
| CVE-2022-28279 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2023-01-24 | 9.3 HIGH | 7.8 HIGH |
| Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2013-0899 | 6 Apple, Google, Linux and 3 more | 9 Ipados, Iphone Os, Mac Os X and 6 more | 2023-01-23 | 5.0 MEDIUM | N/A |
| Integer overflow in the padding implementation in the opus_packet_parse_impl function in src/opus_decoder.c in Opus before 1.0.2, as used in Google Chrome before 25.0.1364.97 on Windows and Linux and before 25.0.1364.99 on Mac OS X and other products, allows remote attackers to cause a denial of service (out-of-bounds read) via a long packet. | |||||
| CVE-2022-42855 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2023-01-23 | N/A | 7.1 HIGH |
| A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2. An app may be able to use arbitrary entitlements. | |||||
| CVE-2023-21596 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2023-01-23 | N/A | 7.8 HIGH |
| Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21595 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2023-01-23 | N/A | 7.8 HIGH |
| Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21598 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2023-01-23 | N/A | 5.5 MEDIUM |
| Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21594 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2023-01-23 | N/A | 7.8 HIGH |
| Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21599 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2023-01-23 | N/A | 5.5 MEDIUM |
| Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21591 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2023-01-23 | N/A | 5.5 MEDIUM |
| Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21590 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2023-01-23 | N/A | 7.8 HIGH |
| Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21592 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2023-01-23 | N/A | 5.5 MEDIUM |
| Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-26386 | 3 Apple, Linux, Mozilla | 4 Macos, Linux Kernel, Firefox Esr and 1 more | 2023-01-23 | N/A | 6.5 MEDIUM |
| Previously Firefox for macOS and Linux would download temporary files to a user-specific directory in <code>/tmp</code>, but this behavior was changed to download them to <code>/tmp</code> where they could be affected by other local users. This behavior was reverted to the original, user-specific directory. <br>*This bug only affects Firefox for macOS and Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.7 and Thunderbird < 91.7. | |||||
| CVE-2023-21597 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2023-01-20 | N/A | 7.3 HIGH |
| Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21587 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2023-01-20 | N/A | 7.8 HIGH |
| Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21588 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2023-01-20 | N/A | 7.8 HIGH |
| Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21589 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2023-01-20 | N/A | 7.8 HIGH |
| Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-26981 | 3 Apple, Fedoraproject, Liblouis | 7 Ipados, Iphone Os, Macos and 4 more | 2023-01-13 | 6.8 MEDIUM | 7.8 HIGH |
| Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c (called, indirectly, by tools/lou_checktable.c). | |||||