24 matches found
EUVD-2006-5710
Malware in sbrugna...
EUVD-2006-5581
Malware in sbrugna...
AeP (>=0.1.0 <=0.1.3), ApacheLogAnonymizer (>=0.1.0 <=0.1.1) +24216 more potentially affected by unknown CVE via atty (>=0.1.2 <=0.2.14)
atty CARGO version =0.1.2, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.8, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.4 - IMAPServer =0.2.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2024-0375...
WordPress Awesome Contact Form7 for Elementor plugin <= 2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via AEP Contact Form 7 Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via AEP Contact Form 7 Widget vulnerability discovered by stealthcopter in WordPress Plugin Awesome Contact Form7 for Elementor versions = 2.9...
Awesome Contact Form7 for Elementor < 3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via AEP Contact Form 7 Widget
Description The Awesome Contact Form7 for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'AEP Contact Form 7' widget in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
Adobe After Effects AEP File Parsing Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe After Effects. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
Adobe After Effects AEP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe After Effects. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
Adobe After Effects AEP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe After Effects. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Adobe After Effects AEP File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe After Effects. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
CVE-2023-48633 ZDI-CAN-22173: Adobe After Effects AEP File Parsing Use-After-Free Remote Code Execution Vulnerability
Adobe After Effects versions 24.0.3 and earlier and 23.6.0 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2023-48634 ZDI-CAN-22175: Adobe After Effects AEP File Parsing Memory Corruption Remote Code Execution Vulnerability
Adobe After Effects versions 24.0.3 and earlier and 23.6.0 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a...
CVE-2023-48632 ZDI-CAN-22172: Adobe After Effects AEP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Adobe After Effects versions 24.0.3 and earlier and 23.6.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...
CVE-2023-48635 ZDI-CAN-22174: Adobe After Effects AEP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Adobe After Effects versions 24.0.3 and earlier and 23.6.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...
CVE-2023-48635 ZDI-CAN-22174: Adobe After Effects AEP File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Adobe After Effects versions 24.0.3 and earlier and 23.6.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...
Adobe After Effects has a dll hijacking vulnerability
Adobe After Effects abbreviation "AE" is a graphic video processing software launched by Adobe. Adobe After Effects has a dll hijacking vulnerability when processing aep project files, which can be exploited by attackers to load a malicious dll and execute malicious code...
Zero-day exploit (CVE-2018-8453) used in targeted attacks
Yesterday, Microsoft published their security bulletin, which patches CVE-2018-8453, among others. It is a vulnerability in win32k.sys discovered by Kaspersky Lab in August. We reported this vulnerability to Microsoft on August 17, 2018. Microsoft confirmed the vulnerability and designated it...
Ultra Electronics 7.2.0.19 and 7.4.0.7 - Multiple Vulnerabilities
No description provided by source. Ultra Electronics / AEP Networks - SSL VPN Netilla / Series A / Ultra Protect Vulnerabilities http://www.osisecurity.com.au/advisories/ultra-aep-netilla-vulnerabilities Release Date: 02-Oct-2014 Software: Ultra Electronics - Series A...
Ultra Electronics 7.2.0.197.4.0.7 - Multiple Vulnerabilities
Ultra Electronics 7.2.0.197.4.0.7 - Multiple Vulnerabilities Ultra Electronics / AEP Networks - SSL VPN Netilla / Series A / Ultra Protect Vulnerabilities http://www.osisecurity.com.au/advisories/ultra-aep-netilla-vulnerabilities Release Date: 02-Oct-2014 Software: Ultra Electronics - Series A...
Attacks on New Microsoft Zero Day Using Multi-Stage Malware
Attackers exploiting the Microsoft Windows and Office zero day revealed yesterday are using an exploit that includes a malicious RAR file as well as a fake Office document as the lure, and are installing a wide variety of malicious components on newly infected systems. The attacks seen thus far a...
South Korean social network hacked, 35 million users Data at risk
South Korean social network hacked, 35 million users Data at risk 35 million users Personal information of a South Korean social network site may have been exposed. Local authorities were quick to blame hack attacks against the Cyworld social networking website and the Nate web portal – both of...