SUSE SLES15 Security Update : kernel (SUSE-SU-2021:3806-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3806-1 advisory. - In bpfskbchangehead of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of...

CVE-2023-29312

Adobe InDesign versions ID18.3 and earlier and ID17.4.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2023-29317

Adobe InDesign versions ID18.3 and earlier and ID17.4.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2023-29310

Adobe InDesign versions ID18.3 and earlier and ID17.4.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2021-43758

Adobe Media Encoder versions 22.0, 15.4.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in th...

CVE-2021-43760

Adobe Media Encoder versions 22.0, 15.4.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in th...

WordPress Plugin Forminator – Contact Form, Payment Form & Custom Form Builder 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site request forgery vulnerability exists in...

PT-2023-3954 · Adobe · Indesign

Name of the Vulnerable Software and Affected Versions: Adobe InDesign versions ID18.3 and earlier Adobe InDesign versions ID17.4.1 and earlier Description: The issue is related to an out-of-bounds read that could lead to disclosure of sensitive memory. An attacker could leverage this to bypass...

PT-2023-3949 · Adobe · Indesign

Name of the Vulnerable Software and Affected Versions: Adobe InDesign versions ID18.3 and earlier Adobe InDesign versions ID17.4.1 and earlier Description: The issue is related to an out-of-bounds read that could lead to disclosure of sensitive memory. An attacker could leverage this to bypass...

USN-6206-1: Linux kernel (OEM) vulnerabilities

Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-35788, LP: 2023577 It was discovered that the NTFS...

PT-2023-4766 · Adobe · Acrobat Reader

Name of the Vulnerable Software and Affected Versions: Adobe Acrobat Reader versions 23.003.20244 and earlier Adobe Acrobat Reader versions 20.005.30467 and earlier Description: The issue is related to an out-of-bounds read vulnerability in Adobe Acrobat and Reader, which could lead to disclosure...

Unveiling the Minas Miner’s Deceptive Tactics

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Minas is a multi-stage cryptocurrency miner with a concealed presence. It evades detection through encryption, randomization, and persistence techniques, showcasing determined network compromise. To...

CLSA-2023-1684277794 Fix CVE(s): CVE-2022-1012

Bionic update: upstream stable patchset 2022-09-12 LP: 1989374 // CVE-2022-1012 - tcp: use different parts of the portoffset for index and offset - tcp: add small random increments to the source port - tcp: dynamically allocate the perturb table used by source ports - tcp: increase source port...

CVE-2023-29286

Adobe Substance 3D Painter versions 8.3.0 and earlier is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2023-29277

Adobe Substance 3D Painter versions 8.3.0 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in tha...

CVE-2023-26387

Adobe Substance 3D Stager version 2.0.1 and earlier is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2023-26386

Adobe Substance 3D Stager version 2.0.1 and earlier is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2023-26397

Adobe Acrobat Reader versions 23.001.20093 and earlier and 20.005.30441 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue...

CVE-2023-26401

Adobe Dimension version 3.4.8 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim...

CVE-2023-26377

Adobe Dimension version 3.4.8 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim...