CVE-2022-36011 TensorFlow is a machine learning platform. When `mlir::tfg::ConvertGenericFunctionToFunctionDef` gives empty function attributes, it gives a null dereference.
This issue was reported by @sjohantvergessen. We are sorry that we have taken so much time to patch this issue. This fix has been cherry-picked
CVE-2022-38996 The secure OS module has configuration defects
However, details about the vulnerability have not been announced yet. Therefore, administrators should apply the appropriate precautionary measures before installing this update. In addition, the
CVE-2022-38427 Adobe Photoshop versions 22.5.8 and 23.4.2 are affected by an Access of Uninitialized Pointer vulnerability that could lead to arbitrary code execution.
Access of Uninitialized Pointer vulnerabilities are typically found in libraries or components that handle untrusted data. In the case of Adobe Photoshop, this means images.
CVE-2022-38428 Adobe Photoshop versions 22.5.8 and 23.4.2 are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could exploit this vulnerability to bypass ASLR.
Adobe recommends users update to the latest version 23.5.1. The update is currently available through the Creative Cloud application. Adobe warned that although
CVE-2022-38430 Adobe Photoshop versions 22.5.8 and 23.4.2 are affected by a out-of-bounds read vulnerability in parsing a crafted file. This could result in a read past the end of an allocated memory structure.
Depending on the user's actions, this issue could result in information disclosure, installation of malicious software, or even elevation of privileges.
We recommend
Episode
00:00:00
00:00:00