295 matches found
CVE-2024-52988
Animate versions 23.0.8, 24.0.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2024-45155
Animate versions 23.0.8, 24.0.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2024-52996 Substance3D - Sampler | Heap-based Buffer Overflow (CWE-122)
Substance3D - Sampler versions 4.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2024-52994 Substance3D - Sampler | Out-of-bounds Write (CWE-787)
Substance3D - Sampler versions 4.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2024-52985
Adobe Animate (Windows) versions 23.0.8 and 24.0.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability (CVE-2024-52985) that could allow arbitrary code execution in the context of the current user. Exploitation requires the user to open a malicious file. The issue ...
CVE-2024-45156 Animate | NULL Pointer Dereference (CWE-476)
Animate versions 23.0.8, 24.0.5 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2024-52982 Animate | Improper Input Validation (CWE-20)
Animate versions 23.0.8, 24.0.5 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2024-52990 Animate | Buffer Underwrite ('Buffer Underflow') (CWE-124)
Animate versions 23.0.8, 24.0.5 and earlier are affected by a Buffer Underwrite 'Buffer Underflow' vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could leverage this vulnerability to manipulate memory in such a way that they could execu...
CVE-2024-53954 Animate | Integer Underflow (Wrap or Wraparound) (CWE-191)
Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2024-52988
CVE-2024-52988 – Adobe Animate is affected by an out-of-bounds write vulnerability that can lead to arbitrary code execution in the context of the current user. Affected products/versions: Animate 23.0.8, 24.0.5 and earlier. Root cause per sources: out-of-bounds write in the application; exploita...
CVE-2024-52986 Animate | Integer Underflow (Wrap or Wraparound) (CWE-191)
Animate versions 23.0.8, 24.0.5 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
CVE-2024-49538
CVE-2024-49538 (Adobe Illustrator) is an out-of-bounds write vulnerability affecting Illustrator versions 29.0.0, 28.7.2 and earlier, with arbitrary code execution in the context of the current user. Exploitation requires a user to open a malicious file (user interaction). Multiple sources confir...
Adobe Bridge 14.x < 14.1.4 / 15.x < 15.0.1 Vulnerability (APSB24-103)
The version of Adobe Bridge installed on the remote Windows host is prior to 14.1.4 or 15.0.1. It is, therefore, affected by a vulnerability as referenced in the apsb24-103 advisory. - Bridge versions 14.1.3, 15.0 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability...
AutoGPT SSTI Vulnerability Leading to Remote Code Execution (RCE)
Summary AutoGPT, an open-source AI tool that automates task execution, is vulnerable to a Server-Side Template Injection SSTI that could lead to arbitrary command execution. The vulnerability arises from the improper handling of user-supplied format strings in the AgentOutputBlock implementation,...
IrfanView JPM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPM files...
IrfanView CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CGM files...
IrfanView DXF File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files...
IrfanView DWG File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files...
IrfanView JPM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPM files...
IrfanView DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files...