PT-2024-27287 · Lighttpd · Lighttpd

Name of the Vulnerable Software and Affected Versions: lighttpd versions prior to 1.4.51 Description: A condition exists whereby a remote attacker can craft an http request which could result in multiple outcomes: 1. cause lighttpd to access freed memory in which case the process lighttpd is...

CVE-2024-30309

Substance3D - Painter versions 9.1.2 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in...

CVE-2024-30298

Animate versions 24.0.2, 23.0.5 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that...

CVE-2024-30312

Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2024-30311

Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

PT-2024-3501 · Adobe · Illustrator

Name of the Vulnerable Software and Affected Versions: Adobe Illustrator versions 28.4, 27.9.3 and earlier Description: The issue is related to an out-of-bounds read in memory, which could allow an attacker to disclose sensitive information by opening a specially crafted file. This vulnerability...

PT-2024-3498 · Adobe · Acrobat Reader

Name of the Vulnerable Software and Affected Versions: Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier Description: The issue is an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigation...

IPMI 安全漏洞

IPMI is an IPMI open source specification for a computer interface. It provides the ability to monitor and control the operational status of the system's central processor, firmware, and operating system. A security vulnerability exists in IPMI that stems from an inability to provide enough...

WordPress plugin Customer Email Verification for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

Adobe Animate 缓冲区错误漏洞

Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. Adobe Animate suffers from a buffer overflow vulnerability that stems from the application's susceptibility to out-of-bounds reads, leading to sensitive memory leaks, which can be exploited by attackers to...

PT-2024-3670 · Adobe · After Effects

Name of the Vulnerable Software and Affected Versions: After Effects versions 24.1, 23.6.2 and earlier Description: The issue is related to an out-of-bounds read vulnerability in the memory, which could allow an attacker to gain unauthorized access to protected information and bypass the ASLR...

Massive Sign1 Campaign Infects 39,000+ WordPress Sites with Scam Redirects

A massive malware campaign dubbed Sign1 has compromised over 39,000 WordPress sites in the last six months, using malicious JavaScript injections to redirect users to scam sites. The most recent variant of the malware is estimated to have infected no less than 2,500 sites over the past two months...

CVE-2024-20763

Animate versions 24.0, 23.0.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim...

PT-2024-2289 · Adobe · Animate

Name of the Vulnerable Software and Affected Versions: Animate versions 24.0, 23.0.3 and earlier Description: The issue is related to an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as...

CVE-2024-26000

An unauthenticated remote attacker can read memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization...

CVE-2024-26000

An unauthenticated remote attacker can read memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization...

CVE-2024-26001

An unauthenticated remote attacker can write memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization...

Input validation

An unauthenticated remote attacker can read memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization...

Input validation

An unauthenticated remote attacker can write memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization...

CVE-2024-26001

Phoenix Contact CHARX SEC series devices (e.g., CHARX SEC-3100/CHARX SEC-3000 family) are affected by a vulnerability in the MQTT stack where improper input validation allows an unauthenticated, remote attacker to write memory out of bounds. The issue is described as a buffer/length validation fl...