CVE-2022-30676

Adobe InDesign versions 16.4.2 and earlier and 17.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

USN-5616-1 linux-intel-iotg vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 Moshe Kol, Amit Klein and Yossi Gilad discovered that the I...

Adobe Illustrator 缓冲区错误漏洞

Adobe Illustrator is a software released by Adobe Systems, Inc. for graphics production. An out-of-bounds read vulnerability exists in Adobe Illustrator, which can be exploited by attackers to bypass mitigations such as ASLR and cause sensitive memory leaks...

Adobe Illustrator 缓冲区错误漏洞

Adobe Illustrator is a software released by Adobe Systems, Inc. for graphics production. An out-of-bounds read vulnerability exists in Adobe Illustrator, which can be exploited by attackers to bypass mitigations such as ASLR and cause sensitive memory leaks...

PT-2022-5083 · Adobe · Indesign

Name of the Vulnerable Software and Affected Versions: Adobe InDesign versions 16.4.2 and earlier Adobe InDesign versions 17.3 and earlier Description: The issue is related to an out-of-bounds read in memory, which could allow an attacker to disclose sensitive information. This could potentially ...

USN-5602-1 linux-raspi vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 Moshe Kol, Amit Klein and Yossi Gilad discovered that the I...

USN-4976-2 dnsmasq vulnerability

USN-4976-1 fixed a vulnerability in Dnsmasq. This update provides the corresponding update for Ubuntu 16.04 ESM. Dnsmasq has been updated to 2.79-1 for Ubuntu 16.04 ESM in order to fix some security issues. Original advisory details: Petr Mensik discovered that Dnsmasq incorrectly randomized sour...

USN-5599-1 linux-oracle vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 Moshe Kol, Amit Klein and Yossi Gilad discovered that the I...

USN-5594-1 linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gke-5.15, linux-gkeop, linux-ibm, linux-kvm, linux-lowlatency vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 Moshe Kol, Amit Klein and Yossi Gilad discovered that the I...

USN-5594-1: Linux kernel vulnerabilities

Asaf Modelevsky discovered that the IntelR 10GbE PCI Express ixgbe Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. CVE-2021-33061 Moshe Kol, Amit Klein and Yossi Gilad discovered that the I...

Session tickets lack random ticket_age_add in crypto/tls

...

CVE-2022-35670

Adobe Acrobat Reader versions 22.001.20169 and earlier, 20.005.30362 and earlier and 17.012.30249 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR...

CVE-2022-34264

Adobe FrameMaker versions 2019 Update 8 and earlier and 2020 Update 4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue...

GO-2022-0531 Session tickets lack random ticket_age_add in crypto/tls

An attacker can correlate a resumed TLS session with a previous connection. Session tickets generated by crypto/tls do not contain a randomly generated ticketageadd, which allows an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during sessio...

CVE-2022-34244

Adobe Photoshop versions 22.5.7 and earlier and 23.3.2 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue...

WordPress plugin ARMember 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress ARMember plugin versions prior to 3.4.8 have a security vulnerability that stems from the plugin's...

CVE-2022-34295

totd before 1.5.3 does not properly randomize mesg IDs...

totd 安全特征问题漏洞

totd is a small DNS proxy nameserver by the individual developer F.W. Dillema. A security vulnerability exists in versions of totd prior to 1.5.3, which stems from the application's inability to randomize message IDs...

CVE-2022-30669

Adobe Illustrator versions 26.0.2 and earlier and 25.4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2022-30667

Adobe Illustrator versions 26.0.2 and earlier and 25.4.5 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...