Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-34685

Summary
Assigner-microsoft
Assigner Org ID-f38d906d-7342-40ea-92c1-6c4a2c6478c8
Published At-09 Aug, 2022 | 19:51
Updated At-02 Jan, 2025 | 19:33
Rejected At-
Credits

Azure RTOS GUIX Studio Information Disclosure Vulnerability

Azure RTOS GUIX Studio Information Disclosure Vulnerability

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:microsoft
Assigner Org ID:f38d906d-7342-40ea-92c1-6c4a2c6478c8
Published At:09 Aug, 2022 | 19:51
Updated At:02 Jan, 2025 | 19:33
Rejected At:
▼CVE Numbering Authority (CNA)
Azure RTOS GUIX Studio Information Disclosure Vulnerability

Azure RTOS GUIX Studio Information Disclosure Vulnerability

Affected Products
Vendor
Microsoft CorporationMicrosoft
Product
Azure RTOS GUIX Studio
Platforms
  • Unknown
Versions
Affected
  • From 6.0.0.0 before 6.1.12.0 (custom)
Problem Types
TypeCWE IDDescription
ImpactN/AInformation Disclosure
Type: Impact
CWE ID: N/A
Description: Information Disclosure
Metrics
VersionBase scoreBase severityVector
3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34685
vendor-advisory
Hyperlink: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34685
Resource:
vendor-advisory
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34685
vendor-advisory
x_transferred
Hyperlink: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34685
Resource:
vendor-advisory
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secure@microsoft.com
Published At:09 Aug, 2022 | 20:15
Updated At:01 Jun, 2023 | 01:15

Azure RTOS GUIX Studio Information Disclosure Vulnerability

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Type: Primary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CPE Matches
Microsoft Corporation
microsoft
>>azure_real_time_operating_system_guix_studio>>-
cpe:2.3:a:microsoft:azure_real_time_operating_system_guix_studio:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34685secure@microsoft.com
N/A
Hyperlink: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34685
Source: secure@microsoft.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

456Records found
CVE-2023-36563
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.73% / 71.66%
||
7 Day CHG~0.00%
Published-10 Oct, 2023 | 17:08
Updated-30 Jul, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-10-31||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Microsoft WordPad Information Disclosure Vulnerability

Microsoft WordPad Information Disclosure Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1507windows_11_21h2windows_11_22h2windows_10_1809windows_10_21h2windows_server_2008windows_server_2019windows_10_22h2windows_server_2016windows_10_1607windows_server_2022windows_server_2012Windows 10 Version 1809Windows 10 Version 22H2Windows 10 Version 1507Windows 10 Version 1607Windows 11 version 21H2Windows Server 2019Windows 10 Version 21H2Windows Server 2008 Service Pack 2Windows 11 version 22H2Windows Server 2008 Service Pack 2Windows Server 2022Windows Server 2016Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016 (Server Core installation)Windows Server 2012Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)WordPad
CWE ID-CWE-20
Improper Input Validation
CVE-2023-36766
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.33% / 55.58%
||
7 Day CHG~0.00%
Published-12 Sep, 2023 | 16:58
Updated-27 Feb, 2025 | 20:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Excel Information Disclosure Vulnerability

Microsoft Excel Information Disclosure Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-office_long_term_servicing_channeloffice_online_serverofficeexcel365_appsMicrosoft Office 2019 for MacMicrosoft Excel 2013 Service Pack 1Microsoft Office 2019Microsoft 365 Apps for EnterpriseMicrosoft Office LTSC 2021Microsoft Office LTSC for Mac 2021Microsoft Office Online ServerMicrosoft Excel 2016
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-33162
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.77% / 72.52%
||
7 Day CHG~0.00%
Published-11 Jul, 2023 | 17:03
Updated-28 Feb, 2025 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Excel Information Disclosure Vulnerability

Microsoft Excel Information Disclosure Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-365_appsoffice_online_serverofficeMicrosoft Office 2019 for MacMicrosoft Excel 2013 Service Pack 1Microsoft Office 2019Microsoft 365 Apps for EnterpriseMicrosoft Office LTSC 2021Microsoft Office LTSC for Mac 2021Microsoft Office Online ServerMicrosoft Excel 2016
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-33139
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-1.14% / 77.50%
||
7 Day CHG~0.00%
Published-13 Jun, 2023 | 23:25
Updated-01 Jan, 2025 | 01:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Visual Studio Information Disclosure Vulnerability

Visual Studio Information Disclosure Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-visual_studio_2019visual_studio_2017visual_studio_2022visual_studioMicrosoft Visual Studio 2013 Update 5Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)Microsoft Visual Studio 2015 Update 3Microsoft Visual Studio 2022 version 17.6Microsoft Visual Studio 2022 version 17.4Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)Microsoft Visual Studio 2022 version 17.2Microsoft Visual Studio 2022 version 17.0
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-43579
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 24.67%
||
7 Day CHG~0.00%
Published-10 Jun, 2025 | 19:11
Updated-27 Jun, 2025 | 15:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Acrobat Reader | Information Exposure (CWE-200)

Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by an Information Exposure vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain unauthorized access to sensitive information. Exploitation of this issue does not require user interaction.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-acrobat_dcacrobat_readeracrobatmacosacrobat_reader_dcwindowsAcrobat Reader
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2021-36008
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-3.3||LOW
EPSS-0.81% / 73.29%
||
7 Day CHG~0.00%
Published-20 Aug, 2021 | 18:10
Updated-23 Apr, 2025 | 19:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Illustrator PDF File Parsing Use-After-Free Information Disclosure Vulnerability

Adobe Illustrator version 25.2.3 (and earlier) is affected by an Use-after-free vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to read arbitrary file system information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Adobe Inc.Microsoft Corporation
Product-windowsillustratorIllustrator
CWE ID-CWE-416
Use After Free
CVE-2025-43551
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 6.73%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 20:19
Updated-19 May, 2025 | 17:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Substance3D - Stager | Out-of-bounds Read (CWE-125)

Substance3D - Stager versions 3.1.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Adobe Inc.Microsoft CorporationApple Inc.
Product-windowssubstance_3d_stagermacosSubstance3D - Stager
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-36929
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-6.3||MEDIUM
EPSS-2.32% / 84.17%
||
7 Day CHG~0.00%
Published-26 Aug, 2021 | 17:20
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-edge_chromiumMicrosoft Edge (Chromium-based)
CVE-2023-29318
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 7.63%
||
7 Day CHG~0.00%
Published-12 Jul, 2023 | 15:56
Updated-05 Mar, 2025 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
[FG-VD-23-011] Adobe InDesign 2023 Out-of-Bound Read Vulnerability VIII Notification

Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsindesignmacosInDesign
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-29319
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.45%
||
7 Day CHG~0.00%
Published-12 Jul, 2023 | 15:56
Updated-05 Mar, 2025 | 18:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
[FG-VD-23-010] Adobe InDesign 2023 Out-of-Bound Read Vulnerability VII Notification

Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsindesignmacosInDesign
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-29312
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.45%
||
7 Day CHG~0.00%
Published-12 Jul, 2023 | 15:56
Updated-05 Mar, 2025 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
[FG-VD-23-004] Adobe InDesign 2023 Out-of-Bound Read Vulnerability II Notification

Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsindesignmacosInDesign
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-29311
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 7.63%
||
7 Day CHG~0.00%
Published-12 Jul, 2023 | 15:56
Updated-05 Mar, 2025 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
[FG-VD-23-006] Adobe InDesign 2023 Out-of-Bound Read Vulnerability IV Notification

Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsindesignmacosInDesign
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-29309
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 7.63%
||
7 Day CHG~0.00%
Published-12 Jul, 2023 | 15:56
Updated-05 Mar, 2025 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
[FG-VD-23-003] Adobe InDesign 2023 Out-of-Bound Read Vulnerability Notification

Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsindesignmacosInDesign
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-29316
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.45%
||
7 Day CHG~0.00%
Published-12 Jul, 2023 | 15:56
Updated-05 Mar, 2025 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
[FG-VD-23-012] Adobe InDesign 2023 Out-of-Bound Read Vulnerability IX Notification

Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsindesignmacosInDesign
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-29317
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 7.63%
||
7 Day CHG~0.00%
Published-12 Jul, 2023 | 15:56
Updated-05 Mar, 2025 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
[FG-VD-23-005] Adobe InDesign 2023 Out-of-Bound Read Vulnerability III Notification

Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsindesignmacosInDesign
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-29315
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 7.63%
||
7 Day CHG~0.00%
Published-12 Jul, 2023 | 15:56
Updated-05 Mar, 2025 | 18:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
[FG-VD-23-008] Adobe InDesign 2023 Out-of-Bound Read Vulnerability VI Notification

Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsindesignmacosInDesign
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-29310
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 7.63%
||
7 Day CHG~0.00%
Published-12 Jul, 2023 | 15:56
Updated-05 Mar, 2025 | 18:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
[FG-VD-23-007] Adobe InDesign 2023 Out-of-Bound Read Vulnerability V Notification

Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsindesignmacosInDesign
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-29303
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.12% / 31.52%
||
7 Day CHG+0.02%
Published-10 Aug, 2023 | 13:17
Updated-02 Aug, 2024 | 14:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZDI-CAN-20970: Adobe Acrobat Reader DC AcroForm Annotation Use-After-Free Information Disclosure Vulnerability

Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcacrobat_readeracrobatacrobat_reader_dcwindowsmacosAcrobat Reader
CWE ID-CWE-416
Use After Free
CVE-2023-26397
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.10% / 27.39%
||
7 Day CHG~0.00%
Published-12 Apr, 2023 | 00:00
Updated-05 Mar, 2025 | 19:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
[ZS-VR-22-112] Adobe Acrobat Out-of-bounds Read Memory leak

Adobe Acrobat Reader versions 23.001.20093 (and earlier) and 20.005.30441 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-acrobat_dcacrobat_readeracrobatacrobat_reader_dcwindowsmacosAcrobat Reader
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-25875
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 7.43%
||
7 Day CHG~0.00%
Published-27 Mar, 2023 | 00:00
Updated-05 Mar, 2025 | 19:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Substance 3D Stager OBJ File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsmacossubstance_3d_stagerSubstance3D - Stager
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-26378
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 8.09%
||
7 Day CHG~0.00%
Published-12 Apr, 2023 | 00:00
Updated-05 Mar, 2025 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZDI-CAN-20148: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsdimensionmacosDimension
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-26387
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 4.71%
||
7 Day CHG~0.00%
Published-12 Apr, 2023 | 00:00
Updated-05 Mar, 2025 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZDI-CAN-20265: Adobe Substance 3D Stager USDC File Parsing Uninitialized Variable Information Disclosure Vulnerability

Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsmacossubstance_3d_stagerSubstance3D - Stager
CWE ID-CWE-824
Access of Uninitialized Pointer
CVE-2023-26401
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 8.09%
||
7 Day CHG~0.00%
Published-12 Apr, 2023 | 00:00
Updated-05 Mar, 2025 | 19:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZDI-CAN-20278: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsdimensionmacosDimension
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-26374
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 8.09%
||
7 Day CHG~0.00%
Published-12 Apr, 2023 | 00:00
Updated-05 Mar, 2025 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZDI-CAN-20045: Adobe Dimension USD File Parsing Out-Of-Bounds Read Memory leak Vulnerability

Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsdimensionmacosDimension
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-26400
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 8.09%
||
7 Day CHG~0.00%
Published-12 Apr, 2023 | 00:00
Updated-05 Mar, 2025 | 19:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZDI-CAN-20232: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsdimensionmacosDimension
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-26381
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 8.09%
||
7 Day CHG~0.00%
Published-12 Apr, 2023 | 00:00
Updated-05 Mar, 2025 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZDI-CAN-20147: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsdimensionmacosDimension
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-43578
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 6.73%
||
7 Day CHG~0.00%
Published-10 Jun, 2025 | 19:11
Updated-27 Jun, 2025 | 15:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Acrobat Reader | Out-of-bounds Read (CWE-125)

Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-acrobat_dcacrobat_readeracrobatmacosacrobat_reader_dcwindowsAcrobat Reader
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-26403
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 4.71%
||
7 Day CHG~0.00%
Published-12 Apr, 2023 | 00:00
Updated-05 Mar, 2025 | 19:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZDI-CAN-20259: Adobe Substance 3D Stager USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsmacossubstance_3d_stagerSubstance3D - Stager
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-26340
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 7.43%
||
7 Day CHG~0.00%
Published-28 Mar, 2023 | 00:00
Updated-05 Mar, 2025 | 19:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZDI-CAN-19387: Adobe Dimension OBJ File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Dimension versions 3.4.7 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsdimensionmacosDimension
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-26376
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 8.09%
||
7 Day CHG~0.00%
Published-12 Apr, 2023 | 00:00
Updated-05 Mar, 2025 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZDI-CAN-20155: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsdimensionmacosDimension
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-26339
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 7.43%
||
7 Day CHG~0.00%
Published-28 Mar, 2023 | 00:00
Updated-05 Mar, 2025 | 19:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZDI-CAN-19388: Adobe Dimension OBJ File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Dimension versions 3.4.7 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsdimensionmacosDimension
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-25878
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 7.43%
||
7 Day CHG~0.00%
Published-27 Mar, 2023 | 00:00
Updated-05 Mar, 2025 | 19:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Substance 3D Stager OBJ File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsmacossubstance_3d_stagerSubstance3D - Stager
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-26386
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 4.71%
||
7 Day CHG~0.00%
Published-12 Apr, 2023 | 00:00
Updated-05 Mar, 2025 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZDI-CAN-20266: Adobe Substance 3D Stager USDC File Parsing Uninitialized Variable Information Disclosure Vulnerability

Adobe Substance 3D Stager version 2.0.1 (and earlier) is affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsmacossubstance_3d_stagerSubstance3D - Stager
CWE ID-CWE-824
Access of Uninitialized Pointer
CVE-2023-26380
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 8.09%
||
7 Day CHG~0.00%
Published-12 Apr, 2023 | 00:00
Updated-05 Mar, 2025 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZDI-CAN-20150: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsdimensionmacosDimension
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-26382
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 8.09%
||
7 Day CHG~0.00%
Published-12 Apr, 2023 | 00:00
Updated-05 Mar, 2025 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZDI-CAN-20156: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsdimensionmacosDimension
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-26375
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 8.09%
||
7 Day CHG~0.00%
Published-12 Apr, 2023 | 00:00
Updated-05 Mar, 2025 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZDI-CAN-20231: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsdimensionmacosDimension
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-26404
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 8.09%
||
7 Day CHG~0.00%
Published-12 Apr, 2023 | 00:00
Updated-05 Mar, 2025 | 19:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZDI-CAN-20143: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsdimensionmacosDimension
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-26379
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 8.09%
||
7 Day CHG~0.00%
Published-12 Apr, 2023 | 00:00
Updated-05 Mar, 2025 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ZDI-CAN-20233: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Dimension version 3.4.8 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsdimensionmacosDimension
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-24923
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.41% / 60.29%
||
7 Day CHG~0.00%
Published-14 Mar, 2023 | 16:55
Updated-28 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft OneDrive for Android Information Disclosure Vulnerability

Microsoft OneDrive for Android Information Disclosure Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-onedriveOneDrive for Android
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2023-24934
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-6.2||MEDIUM
EPSS-0.94% / 75.33%
||
7 Day CHG~0.00%
Published-14 Apr, 2023 | 21:27
Updated-23 Jan, 2025 | 01:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Defender Security Feature Bypass Vulnerability

Microsoft Defender Security Feature Bypass Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-malware_protection_platformMicrosoft Malware Protection Platform
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2021-36003
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.40% / 59.80%
||
7 Day CHG~0.00%
Published-19 Nov, 2021 | 16:00
Updated-23 Apr, 2025 | 19:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Audition MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Audition version 14.2 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Adobe Inc.Microsoft Corporation
Product-windowsauditionAudition
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21714
Matching Score-8
Assigner-Microsoft Corporation
ShareView Details
Matching Score-8
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.28% / 50.78%
||
7 Day CHG~0.00%
Published-14 Feb, 2023 | 19:33
Updated-01 Jan, 2025 | 00:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft Office Information Disclosure Vulnerability

Microsoft Office Information Disclosure Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-office_long_term_servicing_channel365_appsMicrosoft 365 Apps for EnterpriseMicrosoft Office LTSC 2021
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2025-43587
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 5.42%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 16:25
Updated-14 Jul, 2025 | 15:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
After Effects | Out-of-bounds Read (CWE-125)

After Effects versions 25.2, 24.6.6 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-macoswindowsafter_effectsAfter Effects
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21583
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 4.71%
||
7 Day CHG~0.00%
Published-17 Feb, 2023 | 00:00
Updated-05 Mar, 2025 | 19:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Bridge Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Bridge versions 12.0.3 (and earlier) and 13.0.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsbridgemacosBridge
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21585
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.11% / 29.67%
||
7 Day CHG-0.04%
Published-18 Jan, 2023 | 00:00
Updated-05 Mar, 2025 | 19:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-acrobat_dcacrobat_readeracrobatacrobat_reader_dcwindowsmacosAcrobat Reader
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21591
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 5.05%
||
7 Day CHG~0.00%
Published-13 Jan, 2023 | 00:00
Updated-05 Mar, 2025 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe InDesign Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe InDesign version 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsindesignmacosInDesign
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21614
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 22.93%
||
7 Day CHG-0.03%
Published-18 Jan, 2023 | 00:00
Updated-05 Mar, 2025 | 19:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-acrobat_dcacrobat_readeracrobatacrobat_reader_dcwindowsmacosAcrobat Reader
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21601
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 6.30%
||
7 Day CHG~0.00%
Published-18 Jan, 2023 | 00:00
Updated-05 Mar, 2025 | 19:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Dimension OBJ File Parsing Use-After-Free Information Disclosure Vulnerability

Adobe Dimension version 3.4.6 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-windowsdimensionmacosDimension
CWE ID-CWE-416
Use After Free
CVE-2023-21598
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 5.71%
||
7 Day CHG~0.00%
Published-13 Jan, 2023 | 00:00
Updated-05 Mar, 2025 | 19:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe InCopy Font Parsing Use-After-Free Information Disclosure Vulnerability

Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Adobe Inc.Microsoft Corporation
Product-incopywindowsmacosInCopy
CWE ID-CWE-416
Use After Free
CVE-2023-21577
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 4.71%
||
7 Day CHG~0.00%
Published-17 Feb, 2023 | 00:00
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Adobe Photoshop Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Photoshop version 23.5.3 (and earlier), 24.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-windowsphotoshopmacosPhotoshop
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • ...
  • 9
  • 10
  • Next
Details not found