ISHACK AI BOT

Microsoft Windows: CVE-2023-36025: Windows SmartScreen Security Feature Bypass Vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/14/2023 Created 11/15/2023 Added 11/14/2023 Modified 09/06/2024 Description Windows SmartScreen Security Feature Bypass Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5032199 microsoft-windows-windows_10-1607-kb5032197 microsoft-windows-windows_10-1809-kb5032196 microsoft-windows-windows_10-21h2-kb5032189 microsoft-windows-windows_10-22h2-kb5032189 microsoft-windows-windows_11-21h2-kb5032192 microsoft-windows-windows_11-22h2-kb5032190 microsoft-windows-windows_11-23h2-kb5032190 microsoft-windows-windows_server_2012-kb5032247 microsoft-windows-windows_server_2012_r2-kb5032249 microsoft-windows-windows_server_2016-1607-kb5032197 microsoft-windows-windows_server_2019-1809-kb5032196 microsoft-windows-windows_server_2022-21h2-kb5032198 microsoft-windows-windows_server_2022-22h2-kb5032198 microsoft-windows-windows_server_2022-23h2-kb5032202 msft-kb5032248-06a12477-d077-4fd3-8043-74c85e3d34cc msft-kb5032248-558aba2e-6f78-4637-bcc8-7120eefb8770 msft-kb5032250-2671b498-e9e2-44dc-b130-30770b02e3f4 References https://attackerkb.com/topics/cve-2023-36025 CVE - 2023-36025 https://support.microsoft.com/help/5032189 https://support.microsoft.com/help/5032190 https://support.microsoft.com/help/5032192 https://support.microsoft.com/help/5032196 https://support.microsoft.com/help/5032197 https://support.microsoft.com/help/5032198 https://support.microsoft.com/help/5032199 https://support.microsoft.com/help/5032202 https://support.microsoft.com/help/5032247 https://support.microsoft.com/help/5032249 View more

APSB23-54:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-44348) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 11/14/2023 Created 11/16/2023 Added 11/15/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-44348 CVE - 2023-44348 https://helpx.adobe.com/security/products/reader/apsb23-54.html

APSB23-54:Adobe Acrobat and Reader for Windows and macOS (CVE-2023-44361) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 11/14/2023 Created 11/16/2023 Added 11/15/2023 Modified 01/28/2025 Description Deprecated Solution(s) References https://attackerkb.com/topics/cve-2023-44361 CVE - 2023-44361 https://helpx.adobe.com/security/products/reader/apsb23-54.html

Debian: CVE-2023-47627: python-aiohttp -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 11/14/2023 Created 12/17/2024 Added 12/16/2024 Modified 02/05/2025 Description aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. The HTTP parser in AIOHTTP has numerous problems with header parsing, which could lead to request smuggling. This parser is only used when AIOHTTP_NO_EXTENSIONS is enabled (or not using a prebuilt wheel). These bugs have been addressed in commit `d5c12ba89` which has been included in release version 3.8.6. Users are advised to upgrade. There are no known workarounds for these issues. Solution(s) debian-upgrade-python-aiohttp References https://attackerkb.com/topics/cve-2023-47627 CVE - 2023-47627 DSA-5828-1

Debian: CVE-2023-46445: python-asyncssh -- security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 11/14/2023 Created 10/01/2024 Added 09/30/2024 Modified 01/30/2025 Description An issue in AsyncSSH before 2.14.1 allows attackers to control the extension info message (RFC 8308) via a man-in-the-middle attack, aka a "Rogue Extension Negotiation." Solution(s) debian-upgrade-python-asyncssh References https://attackerkb.com/topics/cve-2023-46445 CVE - 2023-46445 DLA-3899-1

Red Hat: CVE-2023-44441: gimp: dds buffer overflow RCE (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 11/14/2023 Created 02/08/2024 Added 02/07/2024 Modified 09/20/2024 Description GIMP DDS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DDS files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-22093. Solution(s) redhat-upgrade-gimp redhat-upgrade-gimp-debuginfo redhat-upgrade-gimp-debugsource redhat-upgrade-gimp-devel-tools-debuginfo redhat-upgrade-gimp-libs redhat-upgrade-gimp-libs-debuginfo References CVE-2023-44441 RHSA-2024:0675 RHSA-2024:0702 RHSA-2024:0716

Amazon Linux 2023: CVE-2023-36049: Medium priority package update for dotnet6.0 Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 11/14/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability A vulnerability was found in FormatFtpCommand in the .NET package that may result in a CRLF injection arbitrary file write and deletion. Solution(s) amazon-linux-2023-upgrade-aspnetcore-runtime-6-0 amazon-linux-2023-upgrade-aspnetcore-targeting-pack-6-0 amazon-linux-2023-upgrade-dotnet amazon-linux-2023-upgrade-dotnet6-0-debuginfo amazon-linux-2023-upgrade-dotnet6-0-debugsource amazon-linux-2023-upgrade-dotnet-apphost-pack-6-0 amazon-linux-2023-upgrade-dotnet-apphost-pack-6-0-debuginfo amazon-linux-2023-upgrade-dotnet-host amazon-linux-2023-upgrade-dotnet-host-debuginfo amazon-linux-2023-upgrade-dotnet-hostfxr-6-0 amazon-linux-2023-upgrade-dotnet-hostfxr-6-0-debuginfo amazon-linux-2023-upgrade-dotnet-runtime-6-0 amazon-linux-2023-upgrade-dotnet-runtime-6-0-debuginfo amazon-linux-2023-upgrade-dotnet-sdk-6-0 amazon-linux-2023-upgrade-dotnet-sdk-6-0-debuginfo amazon-linux-2023-upgrade-dotnet-sdk-6-0-source-built-artifacts amazon-linux-2023-upgrade-dotnet-targeting-pack-6-0 amazon-linux-2023-upgrade-dotnet-templates-6-0 amazon-linux-2023-upgrade-netstandard-targeting-pack-2-1 References https://attackerkb.com/topics/cve-2023-36049 CVE - 2023-36049 https://alas.aws.amazon.com/AL2023/ALAS-2023-457.html

Amazon Linux 2023: CVE-2023-36558: Medium priority package update for dotnet6.0 Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 11/14/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description ASP.NET Core - Security Feature Bypass Vulnerability A security feature bypass vulnerability was found in Blazor forms in ASP.NET in the .NET package. Solution(s) amazon-linux-2023-upgrade-aspnetcore-runtime-6-0 amazon-linux-2023-upgrade-aspnetcore-targeting-pack-6-0 amazon-linux-2023-upgrade-dotnet amazon-linux-2023-upgrade-dotnet6-0-debuginfo amazon-linux-2023-upgrade-dotnet6-0-debugsource amazon-linux-2023-upgrade-dotnet-apphost-pack-6-0 amazon-linux-2023-upgrade-dotnet-apphost-pack-6-0-debuginfo amazon-linux-2023-upgrade-dotnet-host amazon-linux-2023-upgrade-dotnet-host-debuginfo amazon-linux-2023-upgrade-dotnet-hostfxr-6-0 amazon-linux-2023-upgrade-dotnet-hostfxr-6-0-debuginfo amazon-linux-2023-upgrade-dotnet-runtime-6-0 amazon-linux-2023-upgrade-dotnet-runtime-6-0-debuginfo amazon-linux-2023-upgrade-dotnet-sdk-6-0 amazon-linux-2023-upgrade-dotnet-sdk-6-0-debuginfo amazon-linux-2023-upgrade-dotnet-sdk-6-0-source-built-artifacts amazon-linux-2023-upgrade-dotnet-targeting-pack-6-0 amazon-linux-2023-upgrade-dotnet-templates-6-0 amazon-linux-2023-upgrade-netstandard-targeting-pack-2-1 References https://attackerkb.com/topics/cve-2023-36558 CVE - 2023-36558 https://alas.aws.amazon.com/AL2023/ALAS-2023-457.html

Alpine Linux: CVE-2023-23583: Vulnerability in Multiple Components Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 11/14/2023 Created 04/09/2024 Added 03/26/2024 Modified 10/14/2024 Description Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access. Solution(s) alpine-linux-upgrade-intel-ucode References https://attackerkb.com/topics/cve-2023-23583 CVE - 2023-23583 https://security.alpinelinux.org/vuln/CVE-2023-23583

Microsoft Windows: CVE-2023-36719: Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 11/14/2023 Created 11/15/2023 Added 11/14/2023 Modified 09/06/2024 Description Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5032199 microsoft-windows-windows_10-1607-kb5032197 microsoft-windows-windows_10-1809-kb5032196 microsoft-windows-windows_10-21h2-kb5032189 microsoft-windows-windows_10-22h2-kb5032189 microsoft-windows-windows_11-21h2-kb5032192 microsoft-windows-windows_11-22h2-kb5032190 microsoft-windows-windows_11-23h2-kb5032190 microsoft-windows-windows_server_2012-kb5032247 microsoft-windows-windows_server_2012_r2-kb5032249 microsoft-windows-windows_server_2016-1607-kb5032197 microsoft-windows-windows_server_2019-1809-kb5032196 microsoft-windows-windows_server_2022-21h2-kb5032198 microsoft-windows-windows_server_2022-22h2-kb5032198 microsoft-windows-windows_server_2022-23h2-kb5032202 msft-kb5032248-06a12477-d077-4fd3-8043-74c85e3d34cc msft-kb5032248-558aba2e-6f78-4637-bcc8-7120eefb8770 msft-kb5032250-2671b498-e9e2-44dc-b130-30770b02e3f4 References https://attackerkb.com/topics/cve-2023-36719 CVE - 2023-36719 https://support.microsoft.com/help/5032189 https://support.microsoft.com/help/5032190 https://support.microsoft.com/help/5032192 https://support.microsoft.com/help/5032196 https://support.microsoft.com/help/5032197 https://support.microsoft.com/help/5032198 https://support.microsoft.com/help/5032199 https://support.microsoft.com/help/5032202 https://support.microsoft.com/help/5032247 https://support.microsoft.com/help/5032249 View more

Aruba AOS-10: CVE-2023-45621: Unauthenticated Denial-of-Service (DoS) Vulnerabilities in CLI Service Accessed via the PAPI Protocol Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 11/14/2023 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point. Solution(s) aruba-aos-10-cve-2023-45621 References https://attackerkb.com/topics/cve-2023-45621 CVE - 2023-45621 https://csaf.arubanetworks.com/2023/hpe_aruba_networking_-_2023-017.json

Microsoft Windows: CVE-2023-36393: Windows User Interface Application Core Remote Code Execution Vulnerability Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 11/14/2023 Created 11/15/2023 Added 11/14/2023 Modified 09/06/2024 Description Windows User Interface Application Core Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5032199 microsoft-windows-windows_10-1607-kb5032197 microsoft-windows-windows_10-1809-kb5032196 microsoft-windows-windows_10-21h2-kb5032189 microsoft-windows-windows_10-22h2-kb5032189 microsoft-windows-windows_11-21h2-kb5032192 microsoft-windows-windows_11-22h2-kb5032190 microsoft-windows-windows_11-23h2-kb5032190 microsoft-windows-windows_server_2012-kb5032247 microsoft-windows-windows_server_2012_r2-kb5032249 microsoft-windows-windows_server_2016-1607-kb5032197 microsoft-windows-windows_server_2019-1809-kb5032196 microsoft-windows-windows_server_2022-21h2-kb5032198 microsoft-windows-windows_server_2022-22h2-kb5032198 microsoft-windows-windows_server_2022-23h2-kb5032202 msft-kb5032248-06a12477-d077-4fd3-8043-74c85e3d34cc msft-kb5032248-558aba2e-6f78-4637-bcc8-7120eefb8770 msft-kb5032250-2671b498-e9e2-44dc-b130-30770b02e3f4 References https://attackerkb.com/topics/cve-2023-36393 CVE - 2023-36393 https://support.microsoft.com/help/5032189 https://support.microsoft.com/help/5032190 https://support.microsoft.com/help/5032192 https://support.microsoft.com/help/5032196 https://support.microsoft.com/help/5032197 https://support.microsoft.com/help/5032198 https://support.microsoft.com/help/5032199 https://support.microsoft.com/help/5032202 https://support.microsoft.com/help/5032247 https://support.microsoft.com/help/5032249 View more

Aruba AOS-10: CVE-2023-45615: Unauthenticated Buffer Overflow Vulnerabilities in CLI Service Accessed by the PAPI Protocol Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 11/14/2023 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. Solution(s) aruba-aos-10-cve-2023-45615 References https://attackerkb.com/topics/cve-2023-45615 CVE - 2023-45615 https://csaf.arubanetworks.com/2023/hpe_aruba_networking_-_2023-017.json

Microsoft Windows: CVE-2023-36405: Windows Kernel Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 11/14/2023 Created 11/15/2023 Added 11/14/2023 Modified 08/07/2024 Description Windows Kernel Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1607-kb5032197 microsoft-windows-windows_10-1809-kb5032196 microsoft-windows-windows_10-21h2-kb5032189 microsoft-windows-windows_10-22h2-kb5032189 microsoft-windows-windows_11-21h2-kb5032192 microsoft-windows-windows_11-22h2-kb5032190 microsoft-windows-windows_11-23h2-kb5032190 microsoft-windows-windows_server_2016-1607-kb5032197 microsoft-windows-windows_server_2019-1809-kb5032196 microsoft-windows-windows_server_2022-21h2-kb5032198 microsoft-windows-windows_server_2022-22h2-kb5032198 microsoft-windows-windows_server_2022-23h2-kb5032202 References https://attackerkb.com/topics/cve-2023-36405 CVE - 2023-36405 https://support.microsoft.com/help/5032189 https://support.microsoft.com/help/5032190 https://support.microsoft.com/help/5032192 https://support.microsoft.com/help/5032196 https://support.microsoft.com/help/5032197 https://support.microsoft.com/help/5032198 https://support.microsoft.com/help/5032202 View more

VMware Photon OS: CVE-2023-6111 Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 11/14/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The function nft_trans_gc_catchall did not remove the catchall set element from the catchall_list when the argument sync is true, making it possible to free a catchall set element many times. We recommend upgrading past commit 93995bf4af2c5a99e2a87f0cd5ce547d31eb7630. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-6111 CVE - 2023-6111

Alma Linux: CVE-2023-4128: Important: kernel security, bug fix, and enhancement update (ALSA-2023-7077) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2023 Created 11/29/2023 Added 11/28/2023 Modified 09/20/2024 Description This record is a duplicate of CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208. Do not use this CVE record: CVE-2023-4128. Solution(s) alma-upgrade-bpftool alma-upgrade-kernel alma-upgrade-kernel-abi-stablelists alma-upgrade-kernel-core alma-upgrade-kernel-cross-headers alma-upgrade-kernel-debug alma-upgrade-kernel-debug-core alma-upgrade-kernel-debug-devel alma-upgrade-kernel-debug-modules alma-upgrade-kernel-debug-modules-extra alma-upgrade-kernel-devel alma-upgrade-kernel-doc alma-upgrade-kernel-headers alma-upgrade-kernel-modules alma-upgrade-kernel-modules-extra alma-upgrade-kernel-tools alma-upgrade-kernel-tools-libs alma-upgrade-kernel-tools-libs-devel alma-upgrade-kernel-zfcpdump alma-upgrade-kernel-zfcpdump-core alma-upgrade-kernel-zfcpdump-devel alma-upgrade-kernel-zfcpdump-modules alma-upgrade-kernel-zfcpdump-modules-extra alma-upgrade-perf alma-upgrade-python3-perf References https://attackerkb.com/topics/cve-2023-4128 CVE - 2023-4128 https://errata.almalinux.org/8/ALSA-2023-7077.html

Microsoft Windows: CVE-2023-36428: Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability Severity 5 CVSS (AV:L/AC:L/Au:S/C:C/I:N/A:N) Published 11/14/2023 Created 11/15/2023 Added 11/14/2023 Modified 09/06/2024 Description Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5032199 microsoft-windows-windows_10-1607-kb5032197 microsoft-windows-windows_10-1809-kb5032196 microsoft-windows-windows_10-21h2-kb5032189 microsoft-windows-windows_10-22h2-kb5032189 microsoft-windows-windows_11-21h2-kb5032192 microsoft-windows-windows_11-22h2-kb5032190 microsoft-windows-windows_11-23h2-kb5032190 microsoft-windows-windows_server_2012-kb5032247 microsoft-windows-windows_server_2012_r2-kb5032249 microsoft-windows-windows_server_2016-1607-kb5032197 microsoft-windows-windows_server_2019-1809-kb5032196 microsoft-windows-windows_server_2022-21h2-kb5032198 microsoft-windows-windows_server_2022-22h2-kb5032198 microsoft-windows-windows_server_2022-23h2-kb5032202 msft-kb5032248-06a12477-d077-4fd3-8043-74c85e3d34cc msft-kb5032248-558aba2e-6f78-4637-bcc8-7120eefb8770 msft-kb5032250-2671b498-e9e2-44dc-b130-30770b02e3f4 References https://attackerkb.com/topics/cve-2023-36428 CVE - 2023-36428 https://support.microsoft.com/help/5032189 https://support.microsoft.com/help/5032190 https://support.microsoft.com/help/5032192 https://support.microsoft.com/help/5032196 https://support.microsoft.com/help/5032197 https://support.microsoft.com/help/5032198 https://support.microsoft.com/help/5032199 https://support.microsoft.com/help/5032202 https://support.microsoft.com/help/5032247 https://support.microsoft.com/help/5032249 View more

Adobe Acrobat: CVE-2023-44360: Security updates available for Adobe Acrobat and Reader (APSB23-54) Severity 5 CVSS (AV:L/AC:L/Au:N/C:C/I:N/A:N) Published 11/14/2023 Created 04/26/2024 Added 04/26/2024 Modified 10/18/2024 Description Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Solution(s) adobe-acrobat-upgrade-latest References https://attackerkb.com/topics/cve-2023-44360 https://helpx.adobe.com/security/products/acrobat/apsb23-54.html CVE - 2023-44360

Adobe Acrobat: CVE-2023-44337: Security updates available for Adobe Acrobat and Reader (APSB23-54) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 11/14/2023 Created 04/26/2024 Added 04/26/2024 Modified 10/18/2024 Description Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Solution(s) adobe-acrobat-upgrade-latest References https://attackerkb.com/topics/cve-2023-44337 https://helpx.adobe.com/security/products/acrobat/apsb23-54.html CVE - 2023-44337

Adobe Acrobat: CVE-2023-44359: Security updates available for Adobe Acrobat and Reader (APSB23-54) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 11/14/2023 Created 04/26/2024 Added 04/26/2024 Modified 10/18/2024 Description Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Solution(s) adobe-acrobat-upgrade-latest References https://attackerkb.com/topics/cve-2023-44359 https://helpx.adobe.com/security/products/acrobat/apsb23-54.html CVE - 2023-44359

Adobe Acrobat: CVE-2023-44358: Security updates available for Adobe Acrobat and Reader (APSB23-54) Severity 5 CVSS (AV:L/AC:L/Au:N/C:C/I:N/A:N) Published 11/14/2023 Created 04/26/2024 Added 04/26/2024 Modified 10/18/2024 Description Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Solution(s) adobe-acrobat-upgrade-latest References https://attackerkb.com/topics/cve-2023-44358 https://helpx.adobe.com/security/products/acrobat/apsb23-54.html CVE - 2023-44358

Adobe Acrobat: CVE-2023-44357: Security updates available for Adobe Acrobat and Reader (APSB23-54) Severity 5 CVSS (AV:L/AC:L/Au:N/C:C/I:N/A:N) Published 11/14/2023 Created 04/26/2024 Added 04/26/2024 Modified 10/18/2024 Description Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Solution(s) adobe-acrobat-upgrade-latest References https://attackerkb.com/topics/cve-2023-44357 https://helpx.adobe.com/security/products/acrobat/apsb23-54.html CVE - 2023-44357

Adobe Acrobat: CVE-2023-44338: Security updates available for Adobe Acrobat and Reader (APSB23-54) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 11/14/2023 Created 04/26/2024 Added 04/26/2024 Modified 10/18/2024 Description Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Solution(s) adobe-acrobat-upgrade-latest References https://attackerkb.com/topics/cve-2023-44338 https://helpx.adobe.com/security/products/acrobat/apsb23-54.html CVE - 2023-44338

Adobe Acrobat: CVE-2023-44339: Security updates available for Adobe Acrobat and Reader (APSB23-54) Severity 5 CVSS (AV:L/AC:L/Au:N/C:C/I:N/A:N) Published 11/14/2023 Created 04/26/2024 Added 04/26/2024 Modified 10/18/2024 Description Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Solution(s) adobe-acrobat-upgrade-latest References https://attackerkb.com/topics/cve-2023-44339 https://helpx.adobe.com/security/products/acrobat/apsb23-54.html CVE - 2023-44339

Adobe Acrobat: CVE-2023-44340: Security updates available for Adobe Acrobat and Reader (APSB23-54) Severity 5 CVSS (AV:L/AC:L/Au:N/C:C/I:N/A:N) Published 11/14/2023 Created 04/26/2024 Added 04/26/2024 Modified 10/18/2024 Description Adobe has released a security update for Adobe Acrobat and Reader for Windows and macOS. This update addresses critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Solution(s) adobe-acrobat-upgrade-latest References https://attackerkb.com/topics/cve-2023-44340 https://helpx.adobe.com/security/products/acrobat/apsb23-54.html CVE - 2023-44340