[SECURITY] Fedora 35 Update: synfig-1.4.0-4.fc35

Synfig is a powerful, industrial-strength vector-based 2D animation software, designed from the ground-up for producing feature-film quality animation with fewer people and resources. It is designed to be capable of producing feature-film quality animation. It eliminates the need for tweening,...

Mozilla Firefox Security Advisory (MFSA2014-52) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Mozilla Firefox Security Advisory (MFSA2013-79) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Mozilla Firefox Security Advisory (MFSA2011-56) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Mozilla Firefox Security Advisory (MFSA2016-92) - Linux

This host is missing a security update for Mozilla Firefox. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

Check & Log Email < 1.0.4 - Reflected Cross-Site Scripting

The plugin does not escape the d parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting PoC With the "Enable Logs" setting activated: https://example.com/wp-admin/admin.php?page=check-email-logs="+style=animation-name:rotation+onanimationstart=alert/XSS//...

Adobe Character Animator 2021 null pointer dereference vulnerability (CNVD-2022-67829)

Adobe Character Animator is a motion capture and animation tool from Adobe. Adobe Character Animator 2021 4.4 and earlier versions contain a null pointer dereference vulnerability that could be exploited by attackers to implement an application denial of service in the context of the current user...

Adobe Animate out-of-bounds write vulnerability (CNVD-2021-84298)

Adobe Animate, a multimedia creation and computer animation program, is vulnerable to an out-of-bounds write vulnerability in Adobe Animate 21.0.9 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary code...

Adobe Character Animator 2021 null pointer dereference vulnerability

Adobe Character Animator is a motion capture and animation tool that provides everyone with an easy-to-use solution for intuitive 2D character animation, real-time animation, and easy sharing and publishing of characters. Adobe Character Animator 2021 4.4 and earlier versions are vulnerable to a...

Adobe After Effects Memory Buffer Out-of-Bounds Access Vulnerability (CNVD-2021-89928)

Adobe After Effects "AE" is a graphics video processing software from Adobe for organizations involved in design and video special effects, including television stations, animation production companies, personal post-production studios, and multimedia studios. Effects 18.4.1 and earlier versions...

Adobe Animate Memory Buffer Out-of-Bounds Access Vulnerability (CNVD-2021-84304)

Adobe Animate, a multimedia creation and computer animation program, is vulnerable to an out-of-bounds memory buffer access vulnerability in Adobe Animate 21.0.9 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary code...

Adobe Animate Out-of-Bounds Write Vulnerability (CNVD-2021-84300)

Adobe Animate is a multimedia authoring and computer animation program. An out-of-bounds write vulnerability exists in Adobe Animate 21.0.9 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary code...

Adobe Animate Post-release Reuse Vulnerability (CNVD-2021-84302)

Adobe Animate, a multimedia creation and computer animation program, is vulnerable to a post-release reuse vulnerability in Adobe Animate 21.0.9 and earlier versions. An attacker can exploit this vulnerability to execute arbitrary code...

Adobe Character Animator 2021 memory corruption vulnerability

Adobe Character Animator is a motion capture and animation tool from Adobe. Adobe Character Animator 2021 4.4 and earlier versions contain a memory corruption vulnerability that could be exploited by attackers to execute arbitrary code in the context of the current user...

Adobe Character Animator 2021 out-of-bounds read vulnerability

Adobe Character Animator is a motion capture and animation tool from Adobe. Adobe Character Animator 2021 4.4 and earlier versions contain an out-of-bounds read vulnerability that can be exploited by attackers to bypass mitigations such as ASLR and cause sensitive memory leaks...

Helpful < 4.4.59 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed PoC Put the following payload in the System Miscellaneous Custom Timezone setting of the plugin: " The...

Fedora: Security Advisory for gifsicle (FEDORA-2021-b349650e52)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

qTranslate X <= 3.4.6.8 - Multiple Admin+ Stored Cross-Site Scripting

The plugin does not escape some of its settings before outputting them in attributes, allowing high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. Affected POST Parameters: - Settings Languages Languages:...

The vulnerability of Google Chrome web browser’s animation implementation allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of Google Chrome web browser’s animation implementation is related to errors in the implementation of security checks for standard elements. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information by opening a specially created...

The vulnerability of the MSCPROP.DLL library, which is part of the software for 3D modeling, animation, and visualization in Autodesk 3dsMax, allows a hacker to execute arbitrary code.

The vulnerability of the MSCPROP.DLL library, which is part of the Autodesk 3dsMax software for 3D modeling, animation, and visualization, is related to errors in processing requests. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...