Lucene search
K

99 matches found

Prion
Prion
added 2023/10/12 1:15 p.m.17 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Fla-shop.Com Interactive World Map plugin = 3.2.0 versions...

6.8CVSS8.8AI score0.00208EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/10/12 12:38 p.m.47 views

CVE-2023-45060

CVE-2023-45060 is a CSRF vulnerability in the Fla-shop.Com Interactive World Map WordPress plugin, affected versions are

8.8CVSS7AI score0.00208EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/10/12 12:0 a.m.5 views

PT-2023-29380 · Unknown · Fla-Shop.Com Interactive World Map

Name of the Vulnerable Software and Affected Versions: Fla-shop.Com Interactive World Map plugin versions = 3.2.0 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions ...

8.8CVSS8.4AI score0.00208EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/06/15 12:0 a.m.18 views

CVE-2023-29321 Adobe Animate FLA files Use After Free Arbitrary code execution

Adobe Animate versions 22.0.9 and earlier and 23.0.1 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS8AI score0.00418EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/02/28 12:0 a.m.5 views

WordPress plugin GRAND FlaGallery 跨站脚本漏洞

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress GRAND FlaGallery plugin 6.1.2 and earlier versions have a cross-site scripting vulnerability that stems fr...

4.8CVSS5.3AI score0.00588EPSS
Exploits2References2
Github Security Blog
Github Security Blog
added 2021/12/20 6:17 p.m.19 views

Signature verification failure in Tendermint

The root cause of this security vulnerability is in the Tendermint specification, and this advisory is a duplicate of https://github.com/tendermint/spec/security/advisories/GHSA-jqfc-687g-59pw. Impact Tendermint light clients running versions 0.34.0 to 0.34.8 are unable to detect and punish a new...

Exploits0References2Affected Software1
OSV
OSV
added 2021/12/20 6:17 p.m.12 views

GHSA-F3W5-V9XX-RP8P Signature verification failure in Tendermint

The root cause of this security vulnerability is in the Tendermint specification, and this advisory is a duplicate of https://github.com/tendermint/spec/security/advisories/GHSA-jqfc-687g-59pw. Impact Tendermint light clients running versions 0.34.0 to 0.34.8 are unable to detect and punish a new...

6.9AI score
Exploits0References1
NVD
NVD
added 2021/11/18 5:15 p.m.18 views

CVE-2021-42268

Adobe Animate version 21.0.9 and earlier is affected by a Null pointer dereference vulnerability when parsing a specially crafted FLA file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of...

5.5CVSS0.0183EPSS
Exploits0References1
NVD
NVD
added 2021/11/18 5:15 p.m.21 views

CVE-2021-42269

Adobe Animate version 21.0.9 and earlier are affected by a use-after-free vulnerability in the processing of a malformed FLA file that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a...

9.3CVSS0.04082EPSS
Exploits0References1
Prion
Prion
added 2021/11/18 5:15 p.m.23 views

Null pointer dereference

Adobe Animate version 21.0.9 and earlier is affected by a Null pointer dereference vulnerability when parsing a specially crafted FLA file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of...

4.3CVSS5.7AI score0.0183EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/11/18 5:15 p.m.22 views

Memory corruption

Adobe Animate version 21.0.9 and earlier is affected by a memory corruption vulnerability due to insecure handling of a malicious FLA file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability...

9.3CVSS7.9AI score0.02537EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/11/18 5:15 p.m.22 views

Design/Logic Flaw

Adobe Animate version 21.0.9 and earlier are affected by a use-after-free vulnerability in the processing of a malformed FLA file that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a...

9.3CVSS7.8AI score0.04082EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/11/18 5:15 p.m.17 views

Memory corruption

Adobe Animate version 21.0.9 and earlier is affected by a memory corruption vulnerability due to insecure handling of a malicious FLA file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability...

9.3CVSS7.8AI score0.02604EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/11/18 4:42 p.m.61 views

CVE-2021-42269

CVE-2021-42269 affects Adobe Animate 21.0.9 and earlier, with a use-after-free in parsing a malformed FLA file that can lead to arbitrary code execution. Exploitation requires user interaction (victim opens a malicious file). Connected sources confirm this mapping and note patches via APSB21-105,...

9.3CVSS7.8AI score0.04082EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/11/18 4:42 p.m.23 views

CVE-2021-42269 Adobe Animate FLA File Parsing Use After Free Remote Code Execution

Adobe Animate version 21.0.9 and earlier are affected by a use-after-free vulnerability in the processing of a malformed FLA file that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a...

7.8CVSS8AI score0.04082EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/11/18 4:41 p.m.26 views

CVE-2021-42268 Adobe Animate FLA File Parsing Null Pointer Dereference Application Denial of Service

Adobe Animate version 21.0.9 and earlier is affected by a Null pointer dereference vulnerability when parsing a specially crafted FLA file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of...

5.5CVSS6.3AI score0.0183EPSS
Exploits0References1
CVE
CVE
added 2021/11/18 4:41 p.m.56 views

CVE-2021-42268

Adobe Animate is affected by CVE-2021-42268: a null pointer dereference in the parser of specially crafted FLA files, enabling a denial-of-service in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). Affected version: 21.0.9 and earlier. ...

5.5CVSS5.4AI score0.0183EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2021/11/18 4:40 p.m.5 views

CVE-2021-42267 Adobe Animate FLA File Parsing Memory Corruption Arbitrary Code Execution

Adobe Animate version 21.0.9 and earlier is affected by a memory corruption vulnerability due to insecure handling of a malicious FLA file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability...

7.8CVSS7.9AI score0.02604EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/11/18 4:40 p.m.23 views

CVE-2021-42267 Adobe Animate FLA File Parsing Memory Corruption Arbitrary Code Execution

Adobe Animate version 21.0.9 and earlier is affected by a memory corruption vulnerability due to insecure handling of a malicious FLA file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability...

7.8CVSS8.1AI score0.02604EPSS
Exploits0References1
CVE
CVE
added 2021/11/18 4:40 p.m.78 views

CVE-2021-42267

Adobe Animate 21.0.9 and earlier is affected by a memory corruption vulnerability caused by insecure handling of a malicious FLA file, potentially allowing arbitrary code execution in the user’s context. Exploitation requires user interaction. The issue is addressed in the APSB21-105 advisory, wh...

9.3CVSS7.8AI score0.02604EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder