PT-2023-3954 · Adobe · Indesign

Name of the Vulnerable Software and Affected Versions: Adobe InDesign versions ID18.3 and earlier Adobe InDesign versions ID17.4.1 and earlier Description: The issue is related to an out-of-bounds read that could lead to disclosure of sensitive memory. An attacker could leverage this to bypass...

USN-6206-1: Linux kernel (OEM) vulnerabilities

Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-35788, LP: 2023577 It was discovered that the NTFS...

PT-2023-4766 · Adobe · Acrobat Reader

Name of the Vulnerable Software and Affected Versions: Adobe Acrobat Reader versions 23.003.20244 and earlier Adobe Acrobat Reader versions 20.005.30467 and earlier Description: The issue is related to an out-of-bounds read vulnerability in Adobe Acrobat and Reader, which could lead to disclosure...

Unveiling the Minas Miner’s Deceptive Tactics

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Minas is a multi-stage cryptocurrency miner with a concealed presence. It evades detection through encryption, randomization, and persistence techniques, showcasing determined network compromise. To...

CLSA-2023-1684277794 Fix CVE(s): CVE-2022-1012

Bionic update: upstream stable patchset 2022-09-12 LP: 1989374 // CVE-2022-1012 - tcp: use different parts of the portoffset for index and offset - tcp: add small random increments to the source port - tcp: dynamically allocate the perturb table used by source ports - tcp: increase source port...

CVE-2023-29286

Adobe Substance 3D Painter versions 8.3.0 and earlier is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2023-29277

Adobe Substance 3D Painter versions 8.3.0 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in tha...

CVE-2023-26387

Adobe Substance 3D Stager version 2.0.1 and earlier is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2023-26386

Adobe Substance 3D Stager version 2.0.1 and earlier is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2023-26397

Adobe Acrobat Reader versions 23.001.20093 and earlier and 20.005.30441 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue...

CVE-2023-26401

Adobe Dimension version 3.4.8 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim...

CVE-2023-26377

Adobe Dimension version 3.4.8 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim...

CVE-2023-26374

Adobe Dimension version 3.4.8 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim...

PT-2023-6610 · Adobe · Dimension

Name of the Vulnerable Software and Affected Versions: Adobe Dimension versions 3.4.8 and earlier Description: The issue is related to an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as...

SUSE-SU-2023:1710-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes. - CVE-2022-3523: Fixed a use after free related to device private page handling bsc1204363. - CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in vmwgfx driver bsc1203332. -...

CVE-2023-26352

Adobe Dimension versions 3.4.7 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim...

CVE-2023-26356

Adobe Dimension versions 3.4.7 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim...

CVE-2023-26346

Adobe Dimension versions 3.4.7 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim...

CVE-2023-26344

Adobe Dimension versions 3.4.7 and earlier is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in...

CVE-2023-26340

Adobe Dimension versions 3.4.7 and earlier is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim...