Lucene search
K

131 matches found

The Hacker News
The Hacker News
added 2022/07/27 1:37 p.m.48 views

These 28+ Android Apps with 10 Million Downloads from the Play Store Contain Malware

As many as 30 malicious Android apps with cumulative downloads of nearly 10 million have been found on the Google Play Store distributing adware. "All of them were built into various programs, including image-editing software, virtual keyboards, system tools and utilities, calling apps, wallpaper...

1.3AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/04/25 12:0 a.m.6 views

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in buffer overflows in the stack, allowing attackers to execute arbitrary code.

The vulnerability of Adobe After Effects video and dynamic image editing software relates to buffer overflow in the stack. Exploiting this vulnerability allows an attacker to execute arbitrary code on the target system using a specially crafted file...

7.8CVSS8.2AI score0.03803EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/25 12:0 a.m.7 views

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in buffer overflows in the stack, allowing attackers to execute arbitrary code.

The vulnerability of Adobe After Effects video and dynamic image editing software relates to buffer overflow in the stack. Exploiting this vulnerability allows an attacker to execute arbitrary code on the target system using a specially crafted file...

7.8CVSS8.2AI score0.02332EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/12 12:0 a.m.6 views

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in its ability to read data beyond the buffer in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerability of Adobe After Effects video and dynamic image editing software relates to reading beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

5.5CVSS6.4AI score0.01832EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/01/28 12:0 a.m.8 views

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in its ability to read data beyond the buffer in memory. This allows attackers to exploit their privileges and gain unauthorized access to protected information.

The vulnerability of Adobe After Effects video and dynamic image editing software relates to reading beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to enhance their privileges and gain unauthorized access to protected information...

4.3CVSS6.3AI score0.00303EPSS
Exploits0References3Affected Software1
Microsoft KB
Microsoft KB
added 2021/12/14 8:0 a.m.68 views

December 14, 2021—KB5008215 (OS Build 22000.376)

None None...

9.8CVSS6.8AI score0.70966EPSS
Exploits5
BDU FSTEC
BDU FSTEC
added 2021/12/03 12:0 a.m.8 views

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in the possibility of an operation going beyond the buffer in memory, allowing a hacker to execute arbitrary code.

The vulnerability of Adobe After Effects video and dynamic image editing software relates to the execution of operations beyond buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code on the target system...

7.8CVSS8.1AI score0.02315EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/12/03 12:0 a.m.7 views

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in the possibility of an operation going beyond the buffer in memory, allowing a hacker to execute arbitrary code.

The vulnerability of Adobe After Effects video and dynamic image editing software relates to the execution of operations beyond buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code on the target system...

7.8CVSS8.1AI score0.02204EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/25 12:0 a.m.5 views

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in the possibility of an operation going beyond the buffer in memory, allowing a hacker to execute arbitrary code.

The vulnerability of Adobe After Effects video and dynamic image editing software relates to the execution of operations beyond buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code on the target system...

7.8CVSS8.1AI score0.01955EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/25 12:0 a.m.6 views

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in the possibility of an operation going beyond the buffer in memory, allowing a hacker to execute arbitrary code.

The vulnerability of Adobe After Effects video and dynamic image editing software relates to the execution of operations beyond buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code on the target system...

7.8CVSS8.1AI score0.01955EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/11/25 12:0 a.m.7 views

The vulnerability of Adobe After Effects’ video and dynamic image editing software relates to the manipulation of the null pointer, allowing attackers to cause service failures.

The vulnerability of Adobe After Effects video and dynamic image editing software relates to the handling of a special pointer. Exploiting this vulnerability can allow an attacker to cause service failures...

5.5CVSS6.6AI score0.0133EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2021/09/15 12:0 a.m.24 views

Adobe Photoshop Elements out-of-bounds write vulnerability

Adobe Photoshop Elements is a new image editing, photo retouching, and Web graphics solution from Adobe following Photoshop. Adobe Photoshop Elements 2021 build 19.0 and earlier versions contain an out-of-bounds write vulnerability that could be exploited by attackers to execute arbitrary code...

6.8CVSS4.9AI score0.01812EPSS
Exploits0Affected Software1
OSV
OSV
added 2021/08/05 10:15 p.m.1 views

CVE-2020-22392

Cross Site Scripting XSS vulnerability exists in Subrion CMS 4.2.2 when adding a blog and then editing an image file...

5.4CVSS5.8AI score0.00621EPSS
Exploits1References1
Prion
Prion
added 2021/08/05 10:15 p.m.20 views

Cross site scripting

Cross Site Scripting XSS vulnerability exists in Subrion CMS 4.2.2 when adding a blog and then editing an image file...

3.5CVSS5.2AI score0.00621EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/08/05 9:4 p.m.103 views

CVE-2020-22392

CVE-2020-22392 corresponds to a Cross Site Scripting (XSS) vulnerability in Subrion CMS 4.2.2, specifically exposed when adding a blog and then editing an image file. The connected documents confirm the affected product/version and the vulnerable action, but do not provide technical details about...

5.4CVSS5.2AI score0.00621EPSS
Exploits1References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/07/27 12:0 a.m.6 views

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in buffer overflows in its dynamic memory; this allows attackers to execute arbitrary code.

The vulnerability of Adobe After Effects video and dynamic image editing software is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code on the target system...

10CVSS8.1AI score0.0408EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/07/27 12:0 a.m.8 views

The vulnerability of Adobe After Effects’ video and dynamic image editing software arises from the use of a null pointer, which allows an attacker to trigger a service failure.

The vulnerability of Adobe After Effects software for video and dynamic image editing is caused by a pointer issue. Exploiting this vulnerability can allow an attacker to cause service failures...

5CVSS6.6AI score0.01374EPSS
Exploits0References2Affected Software1
ThreatPost
ThreatPost
added 2019/03/12 3:53 p.m.70 views

Adobe Patches Critical Photoshop, Digital Edition Flaws

Adobe on Tuesday released its March Security Update, reporting and fixing only two critical flaws: one in Photoshop CC and one in Adobe Digital Editions. Both critical flaws could allow a bad actor to achieve arbitrary code execution in the context of the current user, Adobe said. The company sai...

10CVSS1AI score0.67091EPSS
Exploits0References6
Talos
Talos
added 2018/07/19 12:0 a.m.57 views

ACD Systems Canvas Draw 4 Huff Table Out-of-bounds Write Code Execution Vulnerability

Summary An exploitable out-of-bounds write exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this...

8.8CVSS8AI score0.01819EPSS
Exploits1
Hacker One
Hacker One
added 2018/04/22 11:39 p.m.246 views

Shopify: SSRF in Exchange leads to ROOT access in all instances

The Exploit Chain - How to get root access on all Shopify instances 1 - Access Google Cloud Metadata - 1: Create a store partners.shopify.com - 2: Edit the template password.liquid and add the following content: html...

0.5AI score
Exploits0
Rows per page
Query Builder