Herd Effects < 5.2.3 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup In the plugin settings, add a new item...

WordPress Greenshift – animation and page builder blocks Plugin <= 2.8.4 is vulnerable to Cross Site Scripting (XSS)

Software Greenshift – animation and page builder blocks Type Plugin Vulnerable versions = 2.8.4 Fixed in 4.8.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 468204672d41 Credits Rafie...

WordPress WordPress Animation Plugin – Animated Everything Plugin <= 1.3.2 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Animation Plugin – Animated Everything Type Plugin Vulnerable versions = 1.3.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b8c549fc7717 Credits...

WordPress AnimateGL - Advanced Animation Plugin for WordPress Plugin <= 1.4.17 is vulnerable to Cross Site Scripting (XSS)

Software AnimateGL - Advanced Animation Plugin for WordPress Type Plugin Vulnerable versions = 1.4.17 Fixed in 1.4.18 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 379238029988...

animation-poker.fr Cross Site Scripting vulnerability OBB-3481216

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free Vulnerability

Mozilla Firefox, Firefox ESR, and Thunderbird contain a use-after-free vulnerability in SVG Animation, targeting Firefox and Tor browser users on Windows...

CVE-2023-21095

In canStartSystemGesture of RecentsAnimationDeviceState.java, there is a possible partial lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2023-21095

In canStartSystemGesture of RecentsAnimationDeviceState.java, there is a possible partial lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

seru-animation.com Cross Site Scripting vulnerability OBB-3368085

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Rockwell Automation Arena Simulation Software Buffer Overflow Vulnerability (CNVD-2023-49823)

Rockwell Automation Arena Simulation Software is a suite of simulation software from Rockwell Automation that provides 3D animation and graphics capabilities. A buffer overflow vulnerability exists in Rockwell Automation Arena Simulation Software, which can be exploited by an attacker to execute...

Rockwell Automation Arena Simulation Software Buffer Overflow Vulnerability

Rockwell Automation Arena Simulation Software is a suite of simulation software from Rockwell Automation that provides 3D animation and graphics capabilities. A buffer overflow vulnerability exists in Rockwell Automation Arena Simulation Software, which can be exploited by an attacker to remotely...

CVE-2023-22707

Auth. author+ Cross-Site Scripting XSS vulnerability in Wpsoul Greenshift – animation and page builder blocks plugin = 4.9.9 versions...

CVE-2023-22707

CVE-2023-22707 affects WordPress Greenshift – animation and page builder blocks plugin versions

[SECURITY] Fedora 38 Update: blender-3.4.1-16.fc38

Blender is the essential software solution you need for 3D, from modeling, animation, rendering and post-production to interactive creation and playback. Professionals and novices can easily and inexpensively publish stand-alone, secure, multi-platform content to the web, CD-ROMs, and other media...

Fedora: Security Advisory for blender (FEDORA-2023-a5e10b188a)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Adobe Animate Heap Buffer Overflow Vulnerability (CNVD-2023-13732)

Adobe Animate is a set of Flash animation software from Adobe. Adobe Animate is vulnerable to a heap buffer overflow vulnerability that could be exploited to execute arbitrary code in the context of the current user...

Adobe Animate stack buffer overflow vulnerability

Adobe Animate is a Flash animation software from Adobe. Adobe Animate is vulnerable to a stack buffer overflow vulnerability that could be exploited to execute arbitrary code in the context of the current user...

Adobe After Effects Out-of-Bounds Read Vulnerability (CNVD-2023-17024)

Adobe After Effects is a set of visual effects and motion graphics production software from the American company Audobee Adobe. The software is mainly used for 2D and 3D synthesis, animation and visual effects production. Adobe After Effects suffers from an out-of-bounds read vulnerability that...

SUSE CVE-2009-1709

Use-after-free vulnerability in the garbage-collection implementation in WebCore in WebKit in Apple Safari before 4.0 allows remote attackers to execute arbitrary code or cause a denial of service heap corruption and application crash via an SVG animation element, related to SVG set objects, SVG...

SUSE CVE-2010-0164

Use-after-free vulnerability in the imgContainer::InternalAddFrameHelper function in src/imgContainer.cpp in libpr0n in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service heap memory corruption and application crash or possibly execute arbitrary code via a...