Skip to main content
CVE-2022-28238 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
11.9%
CVE-2022-28237 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.7%
CVE-2022-28236 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Memory Corruption RCE Buffer Overflow Acrobat Dc +3
NVD
CVSS 3.1
7.8
EPSS
11.6%
CVE-2022-28235 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.7%
CVE-2022-28234 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a heap-based buffer overflow vulnerability due to insecure handling of. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Buffer Overflow Heap Overflow Acrobat Dc +3
NVD
CVSS 3.1
7.8
EPSS
4.9%
CVE-2022-28233 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
12.5%
CVE-2022-28232 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the collab object. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
12.5%
CVE-2022-28231 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by an out-of-bounds read vulnerability when processing a doc object, which. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Buffer Overflow Information Disclosure Acrobat Dc Acrobat Reader Dc +2
NVD
CVSS 3.0
7.8
EPSS
3.3%
CVE-2022-28230 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
12.5%
CVE-2022-27802 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.7%
CVE-2022-27801 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.7%
CVE-2022-27800 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.7%
CVE-2022-27799 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
17.2%
CVE-2022-27798 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Memory Corruption RCE Buffer Overflow Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
2.9%
CVE-2022-27797 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.7%
CVE-2022-27796 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
12.5%
CVE-2022-27795 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.7%
CVE-2022-27794 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by the use of a variable that has not been initialized when processing of. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Adobe Acrobat Dc Acrobat Reader Dc +2
NVD
CVSS 3.1
7.8
EPSS
14.3%
CVE-2022-27793 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Memory Corruption RCE Buffer Overflow Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
9.8%
CVE-2022-27792 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Memory Corruption RCE Buffer Overflow Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
9.8%
CVE-2022-27791 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a stack-based buffer overflow vulnerability due to insecure processing. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Adobe Stack Overflow Buffer Overflow Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
17.8%
CVE-2022-27790 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
11.9%
CVE-2022-27789 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.6%
CVE-2022-27788 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Memory Corruption RCE Buffer Overflow Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
2.9%
CVE-2022-27787 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Memory Corruption RCE Buffer Overflow Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
10.3%
CVE-2022-27786 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
12.1%
CVE-2022-27785 HIGH This Week

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of fonts that could. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
12.5%
CVE-2022-24104 HIGH This Week

Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
11.1%
CVE-2022-24103 HIGH This Week

Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.0
7.8
EPSS
3.4%
CVE-2022-24102 HIGH This Week

Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Adobe Acrobat Dc +3
NVD
CVSS 3.1
7.8
EPSS
12.6%
CVE-2022-23743 HIGH This Week

Check Point ZoneAlarm before version 15.8.200.19118 allows a local actor to escalate privileges during the upgrade process. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Checkpoint Zonealarm
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-28214 HIGH This Week

During an update of SAP BusinessObjects Enterprise, Central Management Server (CMS) - versions 420, 430, authentication credentials are being exposed in Sysmon event logs. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

SAP Information Disclosure Businessobjects Businessobjects Business Intelligence
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-30557 HIGH PATCH This Week

Foxit PDF Reader and PDF Editor before 11.2.2 have a Type Confusion issue that causes a crash because of Unsigned32 mishandling during JavaScript execution. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Denial Of Service Memory Corruption Pdf Editor Pdf Reader
NVD
CVSS 3.1
7.5
EPSS
4.2%
CVE-2022-29616 HIGH This Week

SAP Host Agent, SAP NetWeaver and ABAP Platform allow an attacker to leverage logical errors in memory management to cause a memory corruption. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow SAP Netweaver As Abap Kernel Netweaver As Abap Krnl64nuc +1
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-1510 HIGH This Week

An issue has been discovered in GitLab affecting all versions starting from 13.9 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Gitlab
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2022-28247 HIGH This Week

Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an uncontrolled search path vulnerability that could lead to local. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Adobe Acrobat Dc Acrobat Reader Dc Acrobat +1
NVD
CVSS 3.1
7.3
EPSS
0.5%
CVE-2022-0024 HIGH This Week

A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated network-based PAN-OS administrator to upload a specifically created configuration that disrupts system. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Paloalto Pan Os
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2022-0026 MEDIUM This Month

A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Paloalto Cortex Xdr Agent
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-0025 MEDIUM This Month

A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Paloalto Cortex Xdr Agent
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-22975 MEDIUM This Month

An issue was discovered in the Pinniped Supervisor with either LADPIdentityProvider or ActiveDirectoryIdentityProvider resources. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Kubernetes Code Injection Pinniped
NVD GitHub
CVSS 3.1
6.6
EPSS
0.9%
CVE-2022-1406 MEDIUM This Month

Improper input validation in GitLab CE/EE affecting all versions from 8.12 prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0 allows a Developer to read protected Group or Project. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Gitlab Information Disclosure
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2022-28078 MEDIUM This Month

Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET['page'] parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Home Owners Collection Management System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
1.1%
CVE-2022-28244 MEDIUM This Month

Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a violation of secure design principles through bypassing the content. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Adobe Acrobat Dc Acrobat Reader Dc Acrobat +1
NVD
CVSS 3.1
6.3
EPSS
3.5%
CVE-2022-28077 MEDIUM This Month

Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET['s'] parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Home Owners Collection Management System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.8%
CVE-2022-23137 MEDIUM This Month

ZTE's ZXCDN product has a reflective XSS vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Zte XSS Zxcdn Firmware
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-27656 MEDIUM This Month

The Web administration UI of SAP Web Dispatcher and the Internet Communication Manager (ICM) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS SAP Netweaver As Abap Kernel Netweaver As Abap Krnl64uc Webdispatcher
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-1433 MEDIUM This Month

An issue has been discovered in GitLab affecting all versions starting from 14.4 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Gitlab XSS
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2022-29728 MEDIUM This Month

Survey Sparrow Enterprise Survey Software 2022 has a Reflected cross-site scripting (XSS) vulnerability in the test parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Enterprise Survey Software
NVD GitHub
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-28837 MEDIUM This Month

Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Use After Free Adobe Information Disclosure Acrobat Dc +3
NVD
CVSS 3.1
5.5
EPSS
2.0%
CVE-2022-28267 MEDIUM This Month

Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe Buffer Overflow Information Disclosure Acrobat Dc Acrobat Reader Dc +2
NVD
CVSS 3.1
5.5
EPSS
2.5%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy