Security News

CVE-2017-11250

National Vulnerability Database - Sat, 05/19/2018 - 13:29
Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, 11.0.22 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Categories: Security News

CVE-2017-11253

National Vulnerability Database - Sat, 05/19/2018 - 13:29
Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, 11.0.22 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Categories: Security News

CVE-2017-11306

National Vulnerability Database - Sat, 05/19/2018 - 13:29
Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, 11.0.22 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Categories: Security News

CVE-2017-11307

National Vulnerability Database - Sat, 05/19/2018 - 13:29
Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, 11.0.22 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Categories: Security News

CVE-2017-11308

National Vulnerability Database - Sat, 05/19/2018 - 13:29
Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, 11.0.22 and earlier have an exploitable heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Categories: Security News

CVE-2018-4873

National Vulnerability Database - Sat, 05/19/2018 - 13:29
Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Unquoted Search Path vulnerability. Successful exploitation could lead to local privilege escalation.
Categories: Security News

CVE-2018-4917

National Vulnerability Database - Sat, 05/19/2018 - 13:29
Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, 2015.006.30394 and earlier have an exploitable heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Categories: Security News

CVE-2018-4918

National Vulnerability Database - Sat, 05/19/2018 - 13:29
Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, 2015.006.30394 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Categories: Security News

CVE-2018-4919

National Vulnerability Database - Sat, 05/19/2018 - 13:29
Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable use after free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Categories: Security News

CVE-2018-4920

National Vulnerability Database - Sat, 05/19/2018 - 13:29
Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Categories: Security News

CVE-2018-4921

National Vulnerability Database - Sat, 05/19/2018 - 13:29
Adobe Connect versions 9.7 and earlier have an exploitable unrestricted SWF file upload vulnerability. Successful exploitation could lead to information disclosure.
Categories: Security News

CVE-2018-4923

National Vulnerability Database - Sat, 05/19/2018 - 13:29
Adobe Connect versions 9.7 and earlier have an exploitable OS Command Injection. Successful exploitation could lead to arbitrary file deletion.
Categories: Security News

CVE-2018-4924

National Vulnerability Database - Sat, 05/19/2018 - 13:29
Adobe Dreamweaver CC versions 18.0 and earlier have an OS Command Injection vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Categories: Security News

CVE-2018-4925

National Vulnerability Database - Sat, 05/19/2018 - 13:29
Adobe Digital Editions versions 4.5.7 and below have an exploitable Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Categories: Security News

CVE-2018-4926

National Vulnerability Database - Sat, 05/19/2018 - 13:29
Adobe Digital Editions versions 4.5.7 and below have an exploitable Stack Overflow vulnerability. Successful exploitation could lead to information disclosure.
Categories: Security News

CVE-2018-4927

National Vulnerability Database - Sat, 05/19/2018 - 13:29
Adobe InDesign versions 13.0 and below have an exploitable Untrusted Search Path vulnerability. Successful exploitation could lead to local privilege escalation.
Categories: Security News

CVE-2018-4928

National Vulnerability Database - Sat, 05/19/2018 - 13:29
Adobe InDesign versions 13.0 and below have an exploitable Memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Categories: Security News

CVE-2018-1147

National Vulnerability Database - Fri, 05/18/2018 - 18:29
In Nessus before 7.1.0, a XSS vulnerability exists due to improper input validation. A remote authenticated attacker could create and upload a .nessus file, which may be viewed by an administrator allowing for the execution of arbitrary script code in a user's browser session. In other scenarios, XSS could also occur by altering variables from the Advanced Settings.
Categories: Security News

CVE-2018-1148

National Vulnerability Database - Fri, 05/18/2018 - 18:29
In Nessus before 7.1.0, Session Fixation exists due to insufficient session management within the application. An authenticated attacker could maintain system access due to session fixation after a user password change.
Categories: Security News

CVE-2018-6562

National Vulnerability Database - Fri, 05/18/2018 - 16:29
totemomail Encryption Gateway before 6.0_b567 allows remote attackers to obtain sensitive information about user sessions and encryption key material via a JSONP hijacking attack.
Categories: Security News

Pages