99 matches found
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Fla-shop.Com Interactive World Map plugin = 3.2.0 versions...
CVE-2023-45060
CVE-2023-45060 is a CSRF vulnerability in the Fla-shop.Com Interactive World Map WordPress plugin, affected versions are
PT-2023-29380 · Unknown · Fla-Shop.Com Interactive World Map
Name of the Vulnerable Software and Affected Versions: Fla-shop.Com Interactive World Map plugin versions = 3.2.0 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions ...
CVE-2023-29321 Adobe Animate FLA files Use After Free Arbitrary code execution
Adobe Animate versions 22.0.9 and earlier and 23.0.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...
WordPress plugin GRAND FlaGallery 跨站脚本漏洞
WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress GRAND FlaGallery plugin 6.1.2 and earlier versions have a cross-site scripting vulnerability that stems fr...
Signature verification failure in Tendermint
The root cause of this security vulnerability is in the Tendermint specification, and this advisory is a duplicate of https://github.com/tendermint/spec/security/advisories/GHSA-jqfc-687g-59pw. Impact Tendermint light clients running versions 0.34.0 to 0.34.8 are unable to detect and punish a new...
GHSA-F3W5-V9XX-RP8P Signature verification failure in Tendermint
The root cause of this security vulnerability is in the Tendermint specification, and this advisory is a duplicate of https://github.com/tendermint/spec/security/advisories/GHSA-jqfc-687g-59pw. Impact Tendermint light clients running versions 0.34.0 to 0.34.8 are unable to detect and punish a new...
CVE-2021-42268
Adobe Animate version 21.0.9 and earlier is affected by a Null pointer dereference vulnerability when parsing a specially crafted FLA file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of...
CVE-2021-42269
Adobe Animate version 21.0.9 and earlier are affected by a use-after-free vulnerability in the processing of a malformed FLA file that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a...
Null pointer dereference
Adobe Animate version 21.0.9 and earlier is affected by a Null pointer dereference vulnerability when parsing a specially crafted FLA file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of...
Memory corruption
Adobe Animate version 21.0.9 and earlier is affected by a memory corruption vulnerability due to insecure handling of a malicious FLA file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability...
Design/Logic Flaw
Adobe Animate version 21.0.9 and earlier are affected by a use-after-free vulnerability in the processing of a malformed FLA file that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a...
Memory corruption
Adobe Animate version 21.0.9 and earlier is affected by a memory corruption vulnerability due to insecure handling of a malicious FLA file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability...
CVE-2021-42269
CVE-2021-42269 affects Adobe Animate 21.0.9 and earlier, with a use-after-free in parsing a malformed FLA file that can lead to arbitrary code execution. Exploitation requires user interaction (victim opens a malicious file). Connected sources confirm this mapping and note patches via APSB21-105,...
CVE-2021-42269 Adobe Animate FLA File Parsing Use After Free Remote Code Execution
Adobe Animate version 21.0.9 and earlier are affected by a use-after-free vulnerability in the processing of a malformed FLA file that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a...
CVE-2021-42268 Adobe Animate FLA File Parsing Null Pointer Dereference Application Denial of Service
Adobe Animate version 21.0.9 and earlier is affected by a Null pointer dereference vulnerability when parsing a specially crafted FLA file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of...
CVE-2021-42268
Adobe Animate is affected by CVE-2021-42268: a null pointer dereference in the parser of specially crafted FLA files, enabling a denial-of-service in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). Affected version: 21.0.9 and earlier. ...
CVE-2021-42267 Adobe Animate FLA File Parsing Memory Corruption Arbitrary Code Execution
Adobe Animate version 21.0.9 and earlier is affected by a memory corruption vulnerability due to insecure handling of a malicious FLA file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability...
CVE-2021-42267 Adobe Animate FLA File Parsing Memory Corruption Arbitrary Code Execution
Adobe Animate version 21.0.9 and earlier is affected by a memory corruption vulnerability due to insecure handling of a malicious FLA file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability...
CVE-2021-42267
Adobe Animate 21.0.9 and earlier is affected by a memory corruption vulnerability caused by insecure handling of a malicious FLA file, potentially allowing arbitrary code execution in the user’s context. Exploitation requires user interaction. The issue is addressed in the APSB21-105 advisory, wh...