org.keycloak:keycloak-guides (>=23.0.0 <=23.0.7), org.keycloak:keycloak-guides-maven-plugin (>=23.0.0 <=23.0.7) +3 more potentially affected by CVE-2024-9666 via org.keycloak:keycloak-quarkus-server (>=23.0.0 <=23.0.7)

org.keycloak:keycloak-quarkus-server MAVEN version =23.0.0, =23.0.0, =23.0.0, =23.0.0, =23.0.0, =23.0.0, =23.0.7 Source cves: CVE-2024-9666 Source advisory: OSV:GHSA-JGWC-JH89-RPGQ...

CVE-2024-49528

Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-49526

Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

PT-2024-33545 · Adobe · Animate

Name of the Vulnerable Software and Affected Versions: Animate versions 23.0.7, 24.0.4 and earlier Description: The issue is an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction,...

PT-2024-33543 · Adobe · Animate

Name of the Vulnerable Software and Affected Versions: Animate versions 23.0.7, 24.0.4 and earlier Description: The issue is a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction, where...

CVE-2024-47419

Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victi...

CVE-2024-47412

Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-47416

Animate versions 23.0.7, 24.0.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-47415

Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-47411

Animate versions 23.0.7, 24.0.4 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-47410

Animate versions 23.0.7, 24.0.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-47413 Animate | Use After Free (CWE-416)

Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2024-47414 Animate | Use After Free (CWE-416)

Animate versions 23.0.7, 24.0.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

PT-2024-6893 · Adobe · Animate

Name of the Vulnerable Software and Affected Versions: Adobe Animate versions 23.0.7, 24.0.4 and earlier Description: The issue is related to an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations...

PT-2024-6903 · Adobe · Animate

Name of the Vulnerable Software and Affected Versions: Adobe Animate versions 23.0.7, 24.0.4 and earlier Description: The issue is related to a Use After Free vulnerability, which involves the use of memory after it has been freed. This can lead to arbitrary code execution in the context of the...

be.jidoka:jdk-keycloak-admin (>=2.0.0 <=2.3.0), cn.sparrowmini:sparrow-keycloak-adapter (>=0.0.1 <=0.0.2) +610 more potentially affected by CVE-2023-6841 via org.keycloak:keycloak-core (>=1.0-alpha-1 <=23.0.7)

org.keycloak:keycloak-core MAVEN version =1.0-alpha-1, =2.0.0, =0.0.1, =1.5.1, =1.5.1, =1.6.2, =1.6.2, =1.5.2, =1.5.2, =1.7.2, =1.7.2, =1.0.22, =1.0.22, =1.4.3, =1.4.3, =1.2.9, =1.6.0 and more Source cves: CVE-2023-6841 Source advisory: OSV:GHSA-W97F-W3HQ-36G2...

Security Bulletin: IBM Robotic Process Automation for Cloud Pak is vulnerable to cross-protocol attacks due to sendmail (CVE-2021-3618)

Summary sendmail is used by IBM Robotic Process Automation for Cloud Pak as part of the antivirus container. CVE-2021-3618 Vulnerability Details CVEID:CVE-2021-3618 DESCRIPTION: Sendmail, vsftpd and NGINX could provide weaker than expected security, caused by an ALPACA application layer protocol...

SUSE CVE-2022-39346

Nextcloud server is an open source personal cloud server. Affected versions of nextcloud server did not properly limit user display names which could allow a malicious users to overload the backing database and cause a denial of service. It is recommended that the Nextcloud Server is upgraded to...

Design/Logic Flaw

Nextcloud server is an open source personal cloud server. Affected versions of nextcloud server did not properly limit user display names which could allow a malicious users to overload the backing database and cause a denial of service. It is recommended that the Nextcloud Server is upgraded to...

Nextcloud 信息泄露漏洞

Nextcloud is a suite of open source, self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. An information disclosure vulnerability exists in Nextcloud server versions prior to 23.0.7, 24.0.3 and prior to 24.0.3, which stems from the inability to...