293 matches found
CVE-2021-39859
Acrobat Reader DC versions 2021.005.20060 and earlier, 2020.004.30006 and earlier and 2017.011.30199 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR...
CVE-2023-38248
Adobe Acrobat Reader versions 23.003.20244 and earlier and 20.005.30467 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue...
CVE-2023-38242
Adobe Acrobat Reader versions 23.003.20244 and earlier and 20.005.30467 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue...
CVE-2023-38213
Adobe Dimension version 3.4.9 is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a...
PT-2023-7643 · Adobe · Prelude
Name of the Vulnerable Software and Affected Versions: Adobe Prelude versions 22.6 and earlier Description: The issue is related to an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigatio...
CVE-2023-29317
Adobe InDesign versions ID18.3 and earlier and ID17.4.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...
PT-2023-3949 · Adobe · Indesign
Name of the Vulnerable Software and Affected Versions: Adobe InDesign versions ID18.3 and earlier Adobe InDesign versions ID17.4.1 and earlier Description: The issue is related to an out-of-bounds read that could lead to disclosure of sensitive memory. An attacker could leverage this to bypass...
CVE-2023-26387
Adobe Substance 3D Stager version 2.0.1 and earlier is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...
CVE-2023-26386
Adobe Substance 3D Stager version 2.0.1 and earlier is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...
PT-2023-6610 · Adobe · Dimension
Name of the Vulnerable Software and Affected Versions: Adobe Dimension versions 3.4.8 and earlier Description: The issue is related to an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as...
CVE-2023-26352
Adobe Dimension versions 3.4.7 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim...
CVE-2023-26327
Adobe Dimension versions 3.4.7 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim...
CVE-2023-25875
Adobe Substance 3D Stager versions 2.0.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in tha...
PT-2023-1817 · Adobe · Dimension
Name of the Vulnerable Software and Affected Versions: Adobe Dimension versions 3.4.7 and earlier Description: The issue is related to an out-of-bounds read that could lead to the disclosure of sensitive memory. An attacker could leverage this to bypass mitigations such as ASLR. Exploitation...
PT-2023-1814 · Adobe · Dimension
Name of the Vulnerable Software and Affected Versions: Adobe Dimension versions 3.4.7 and earlier Description: The issue is related to an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as...
PT-2023-1808 · Adobe · Dimension
Name of the Vulnerable Software and Affected Versions: Adobe Dimension versions 3.4.7 and earlier Description: The issue is related to an out-of-bounds read vulnerability in the memory, which could lead to the disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass...
CVE-2023-21620
FrameMaker 2020 Update 4 and earlier, 2022 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in...
SUSE CVE-2011-0726
The dotaskstat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not perform an expected uid check, which makes it easier for local users to defeat the ASLR protection mechanism by reading the startcode and endcode fields in the /proc//stat file for a process executing a PIE...
SUSE CVE-2012-1568
The ExecShield feature in a certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux RHEL 5 and 6 and Fedora 15 and 16 does not properly handle use of many shared libraries by a 32-bit executable file, which makes it easier for context-dependent attackers to bypass the ASLR protecti...
SUSE CVE-2014-7825
kernel/trace/tracesyscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the perf subsystem, which allows local users to cause a denial of service out-of-bounds read and OOPS or bypass the ASLR protection mechanism via a crafted application...