CVE-2022-35670

Adobe Acrobat Reader versions 22.001.20169 and earlier, 20.005.30362 and earlier and 17.012.30249 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR...

CVE-2022-34264

Adobe FrameMaker versions 2019 Update 8 and earlier and 2020 Update 4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue...

GO-2022-0531 Session tickets lack random ticket_age_add in crypto/tls

An attacker can correlate a resumed TLS session with a previous connection. Session tickets generated by crypto/tls do not contain a randomly generated ticketageadd, which allows an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during sessio...

CVE-2022-34244

Adobe Photoshop versions 22.5.7 and earlier and 23.3.2 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue...

WordPress plugin ARMember 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress ARMember plugin versions prior to 3.4.8 have a security vulnerability that stems from the plugin's...

CVE-2022-34295

totd before 1.5.3 does not properly randomize mesg IDs...

totd 安全特征问题漏洞

totd is a small DNS proxy nameserver by the individual developer F.W. Dillema. A security vulnerability exists in versions of totd prior to 1.5.3, which stems from the application's inability to randomize message IDs...

CVE-2022-30669

Adobe Illustrator versions 26.0.2 and earlier and 25.4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2022-30667

Adobe Illustrator versions 26.0.2 and earlier and 25.4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel 5.17, which stems from a small table perturbation that causes insufficient randomization in net/ipv4/tcp.c when the Linux kernel...

kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies

A flaw in the processing of received ICMP errors ICMP fragment needed and ICMP redirect in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest...

kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies

A flaw in the processing of received ICMP errors ICMP fragment needed and ICMP redirect in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest...

Microsoft Internet Explorer ASLR Bypass Vulnerability

Microsoft Internet Explorer allows remote attackers to bypass the address space layout randomization ASLR protection mechanism via a crafted web site...

CVE-2022-28262

Acrobat Reader DC version 22.001.2011x and earlier, 20.005.3033x and earlier and 17.012.3022x and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this...

CVE-2022-28264

Acrobat Reader DC version 22.001.2011x and earlier, 20.005.3033x and earlier and 17.012.3022x and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this...

CVE-2022-28258

Acrobat Reader DC version 22.001.2011x and earlier, 20.005.3033x and earlier and 17.012.3022x and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this...

CVE-2022-28261

Acrobat Reader DC version 22.001.2011x and earlier, 20.005.3033x and earlier and 17.012.3022x and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this...

CVE-2022-28254

Acrobat Reader DC version 22.001.2011x and earlier, 20.005.3033x and earlier and 17.012.3022x and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this...

CVE-2022-28260

Acrobat Reader DC version 22.001.2011x and earlier, 20.005.3033x and earlier and 17.012.3022x and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this...

CVE-2022-28255

Acrobat Reader DC version 22.001.2011x and earlier, 20.005.3033x and earlier and 17.012.3022x and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this...