Adobe Animate 20.x < 20.5.2 / 21.x < 21.0.6 Multiple Vulnerabilities (APSB21-35)

The version of Adobe Animate installed on the remote macOS or Mac OS X host is prior to 20.5.2 or 21.0.6. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb21-35 advisory. - Adobe Animate version 21.0.5 and earlier is affected by an Out-of-bounds Read vulnerability...

CVE-2024-28576

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to cause a denial of service DoS via the opjj2ktcpdestroy function when reading images in J2K format...

CVE-2024-28576

CVE-2024-28576 concerns the FreeImage library. A buffer overflow in FreeImage v3.19.0 (r1909) allows a local attacker to cause a DoS by triggering the opj_j2k_tcp_destroy() path when reading images in J2K format. The vulnerability is due to improper handling within this function, enabling denial ...

CVE-2024-28576

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 r1909 allows a local attacker to cause a denial of service DoS via the opjj2ktcpdestroy function when reading images in J2K format...

CVE-2023-28576

creationtimestamp| type| source ---|---|--- 2024-01-03 23:08:05+00:00| seen| https://t.me/arpsyndicate/2378...

CVE-2023-28576

The buffer obtained from kernel APIs such as cammemgetcpubuf may be readable/writable in userspace after kernel accesses it. In other words, user mode may race and modify the packet header e.g. header.count, causing checks e.g. size checks in kernel code to be invalid. This may lead to...

CVE-2023-28576 Time-of-check Time-of-use (TOCTOU) Race Condition in Camera Kernel Driver

The buffer obtained from kernel APIs such as cammemgetcpubuf may be readable/writable in userspace after kernel accesses it. In other words, user mode may race and modify the packet header e.g. header.count, causing checks e.g. size checks in kernel code to be invalid. This may lead to...

CVE-2023-28576 Time-of-check Time-of-use (TOCTOU) Race Condition in Camera Kernel Driver

The buffer obtained from kernel APIs such as cammemgetcpubuf may be readable/writable in userspace after kernel accesses it. In other words, user mode may race and modify the packet header e.g. header.count, causing checks e.g. size checks in kernel code to be invalid. This may lead to...

CVE-2023-28576

CVE-2023-28576 describes a TOCTOU race in Qualcomm camera kernel driver where a buffer obtained from kernel APIs such as cam_mem_get_cpu_buf() may be readable/writable in userspace after the kernel accesses it. This can allow user-mode modification of packet headers (e.g., header.count) and inval...

CVE-2021-28576

CVE-2021-28576 affects Adobe Animate 21.0.5 and earlier. Out-of-bounds read during parsing of a crafted file can disclose partial information to an attacker. Exploitation requires a user to open a malicious file. Remediation per APSB21-35 is to update to a fixed build (e.g., 21.0.6 or 20.5.2).

Adobe Animate 20.x < 20.5.2 / 21.x < 21.0.6 Multiple Vulnerabilities (APSB21-35)

The version of Adobe Animate installed on the remote Windows host is prior to 20.5.2 or 21.0.6. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb21-35 advisory. - Adobe Animate version 21.0.5 and earlier is affected by an Out-of-bounds Read vulnerability when parsin...

CVE-2020-28576

creationtimestamp| type| source ---|---|--- 2020-12-01 22:54:18+00:00| seen| https://t.me/cibsecurity/17007...

CVE-2020-28576

CVE-2020-28576 affects Trend Micro Apex One and OfficeScan XG SP1, with an improper access control information disclosure . The issue allows an unauthenticated attacker to connect to the product server and disclose version/build information. Public details from ZDI describe exploitation via the w...