This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
Category Archives: Advisories
ZDI-22-1281: Adobe Photoshop U3D File Parsing Uninitialized Variable Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-1280: Adobe Photoshop U3D File Parsing Uninitialized Variable Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-1279: Adobe Bridge SGI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-1278: Adobe Animate SVG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Animate. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-1289: Apple macOS vImage ICC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-1288: Microsoft SharePoint Workflow Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability.
webkitgtk-2.38.0-1.fc37
FEDORA-2022-4f12baa610
Packages in this update:
webkitgtk-2.38.0-1.fc37
Update description:
Update to 2.38.0
Security fixes: CVE-2022-32886
DSA-5231 connman – security update
Several vulnerabilities were discovered in ConnMan, a network manager
for embedded devices, which could result in denial of service or the
execution of arbitrary code.
webkit2gtk3-2.38.0-2.fc35
FEDORA-2022-ece798a8d4
Packages in this update:
webkit2gtk3-2.38.0-2.fc35
Update description:
New media controls UI style.
Add new API to set WebView’s Content-Security-Policy for web extensions support.
Make it possible to use the remote inspector from other browsers using WEBKIT_INSPECTOR_HTTP_SERVER env var.
MediaSession is enabled by default, allowing remote media control using MPRIS.
Add support for PDF documents using PDF.js.
Security fixes: CVE-2022-32886