ZDI-23-1653: Adobe RoboHelp Server UpdateCommandStream XML External Entity Processing Information Disclosure Vulnerability | allinfosecnews.com

Nov. 15, 2023, 6 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe RoboHelp Server. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.2. The following CVEs are assigned: CVE-2023-22274.

adobe attackers authentication cve cves cvss disclosure exploit external information information disclosure information disclosure vulnerability rating sensitive sensitive information server vulnerability xml zdi

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-23-1763: Apple macOS Hydra Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 3 days, 1 hour ago | www.zerodayinitiative.com

apple apple macos arbitrary code attack +20

ZDI-23-1760: Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability 5 days, 1 hour ago | www.zerodayinitiative.com

acrobat acrobat reader adobe adobe acrobat +20

ZDI-23-1759: Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability 5 days, 1 hour ago | www.zerodayinitiative.com

acrobat acrobat reader adobe adobe acrobat +20

ZDI-23-1758: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability 5 days, 1 hour ago | www.zerodayinitiative.com

acrobat acrobat reader adobe adobe acrobat +20

ZDI-23-1761: Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability 5 days, 1 hour ago | www.zerodayinitiative.com

acrobat acrobat reader adobe adobe acrobat +20

ZDI-23-1762: SolarWinds Orion Platform VimChartInfo SQL Injection Remote Code Execution Vulnerability 5 days, 1 hour ago | www.zerodayinitiative.com

arbitrary code attackers authentication code +17

ZDI-23-1757: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability 5 days, 1 hour ago | www.zerodayinitiative.com

acrobat acrobat reader adobe adobe acrobat +19

ZDI-23-1752: Delta Electronics InfraSuite Device Master UploadMedia Directory Traversal Remote Code Execution Vulnerability 1 week, 3 days ago | www.zerodayinitiative.com

arbitrary code attackers authentication code +17

ZDI-23-1754: Delta Electronics InfraSuite Device Master Device-DataCollect Deserialization of Untrusted Data Remote Code Execution Vulnerability 1 week, 3 days ago | www.zerodayinitiative.com

arbitrary code attackers authentication code +18

Security Specialist

@ Protect Democracy | Remote, US

View on infosec-jobs.com

Environmental Compliance Lead

@ EDF Energy | Bristol, GB

View on infosec-jobs.com

IT Consultant Network w/m/d Wireless (WiFi6, Mobilfunk 5G)

@ Computacenter | Berlin, DE, 12099

View on infosec-jobs.com

Senior - Cyber Infrastructure Protection

@ Deloitte | Madrid, España

View on infosec-jobs.com

GRC (Governance, Risk & Compliance) | 4 to 6 Years | Mumbai, Bengaluru & Chennai

@ Capgemini | Bengaluru, MH, IN

View on infosec-jobs.com

Technology Risk & Controls Advisory - Experienced Consultant

@ Wavestone | London, United Kingdom

View on infosec-jobs.com