Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 156185 entries
IDDescriptionPriorityModified date
CVE-2022-31289 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. -- Jun 15, 2022
CVE-2022-30669 Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-30668 Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-30667 Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-30666 Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-30665 Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-30664 Adobe Animate version 22.0.5 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-30663 Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-30662 Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-30661 Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-30660 Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-30658 Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-30657 Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-30655 Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-30654 Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-30653 Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-30652 Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-30651 Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-30650 Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-30649 Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-30648 Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-30647 Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-30311 In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint cecc-x-refresh-request POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection. -- Jun 13, 2022
CVE-2022-30309 In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint cecc-x-web-viewer-request-off POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection. -- Jun 13, 2022
CVE-2022-30308 In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint cecc-x-web-viewer-request-on POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection. -- Jun 13, 2022
CVE-2022-30193 AV1 Video Extension Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30167. -- Jun 16, 2022
CVE-2022-30189 Windows Autopilot Device Management and Enrollment Client Spoofing Vulnerability. -- Jun 16, 2022
CVE-2022-30188 HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22018, CVE-2022-29111, CVE-2022-29119. -- Jun 16, 2022
CVE-2022-30184 .NET and Visual Studio Information Disclosure Vulnerability. -- Jun 16, 2022
CVE-2022-30180 Azure RTOS GUIX Studio Information Disclosure Vulnerability. -- Jun 16, 2022
CVE-2022-30179 Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30177, CVE-2022-30178. -- Jun 16, 2022
CVE-2022-30178 Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30177, CVE-2022-30179. -- Jun 16, 2022
CVE-2022-30177 Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30178, CVE-2022-30179. -- Jun 16, 2022
CVE-2022-30174 Microsoft Office Remote Code Execution Vulnerability. -- Jun 16, 2022
CVE-2022-30173 Microsoft Excel Remote Code Execution Vulnerability. -- Jun 16, 2022
CVE-2022-30172 Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30159, CVE-2022-30171. -- Jun 16, 2022
CVE-2022-30171 Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30159, CVE-2022-30172. -- Jun 16, 2022
CVE-2022-30168 Microsoft Photos App Remote Code Execution Vulnerability. -- Jun 16, 2022
CVE-2022-30167 AV1 Video Extension Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30193. -- Jun 16, 2022
CVE-2022-30166 Local Security Authority Subsystem Service Elevation of Privilege Vulnerability. -- Jun 16, 2022
CVE-2022-30165 Windows Kerberos Elevation of Privilege Vulnerability. -- Jun 16, 2022
CVE-2022-30164 Kerberos AppContainer Security Feature Bypass Vulnerability. -- Jun 16, 2022
CVE-2022-30163 Windows Hyper-V Remote Code Execution Vulnerability. -- Jun 16, 2022
CVE-2022-30162 Windows Kernel Information Disclosure Vulnerability. -- Jun 16, 2022
CVE-2022-30161 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153. -- Jun 16, 2022
CVE-2022-30160 Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability. -- Jun 16, 2022
CVE-2022-30159 Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30171, CVE-2022-30172. -- Jun 16, 2022
CVE-2022-30158 Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30157. -- Jun 16, 2022
CVE-2022-30157 Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30158. -- Jun 16, 2022
CVE-2022-30155 Windows Kernel Denial of Service Vulnerability. -- Jun 16, 2022
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online