CVE-2019-8122

A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An authenticated user with privileges to create products can craft custom layout update and use import product functionality to enable remote code execution...

CVE-2019-8090

An arbitrary file deletion vulnerability exists in Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3. An authenticated users can manipulate the design layout update feature...

CVE-2019-8091

A remote code execution vulnerability exists in Magento 1 prior to 1.9.4.3 and 1.14.4.3. An authenticated admin user with privileges to access product attributes can leverage layout updates to trigger remote code execution...

CVE-2019-7876

A remote code execution vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with privileges to manipulate layouts can insert a malicious payload into the layout...

CVE-2019-10105

CMS Made Simple 2.2.10 has a Self-XSS vulnerability via the Layout Design Manager "Name" field, which is reachable via a "Create a new Template" action to the Design Manager...

CVE-2019-10254

In MISP before 2.4.105, the app/View/Layouts/default.ctp default layout template has a Reflected XSS vulnerability...

CVE-2019-8755

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15. A malicious application may be able to determine kernel memory layout...

CVE-2017-8776

Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approximately 165 PE files in the default installation that do not use ASLR/DEP protection mechanisms that provide sufficient defense against directed attacks against the...

CVE-2017-15885

Reflected XSS in the web administration portal on the Axis 2100 Network Camera 2.03 allows an attacker to execute arbitrary JavaScript via the confLayoutOwnTitle parameter to view/view.shtml. NOTE: this might overlap CVE-2007-5214...

CVE-2019-8229

In Magento prior to 1.9.4.3, and Magento prior to 1.14.4.3, an authenticated user with administrative privileges to edit product attributes can execute arbitrary code through crafted layout updates...

CVE-2011-2621

Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service application crash via vectors related to form layout...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to the swapping of pointers, allows a hacker to trigger a service failure.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to the use of pointers. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to the swapping of pointers, allows a hacker to trigger a service failure.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to the use of pointers. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2025-43003

SAP S/4 HANA allows an authenticated attacker with user privileges to configure a field not intended for their access and create a custom UI layout displaying this field. On performing this step the attacker could gain access to highly sensitive information. This could cause a high impact on...

CVE-2025-46738

An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code...

The vulnerability of Adobe After Effects’ video and dynamic image editing software lies in its ability to read data beyond the buffer limit in memory. This allows attackers to gain unauthorized access to protected information and circumvent the ASLR protection mechanism.

The vulnerability of Adobe After Effects’ video and dynamic image editing software relates to reading beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information and bypass the ASLR protection mechanism...

php: Reference counting in php_request_shutdown causes Use-After-Free

A flaw was found in PHP. This vulnerability allows remote code execution via a crafted code path involving the set magic method or the null coalescing assignment ??= operator, in combination with exception handling. Attackers can trigger a use-after-free condition by controlling the memory layout...

php: Reference counting in php_request_shutdown causes Use-After-Free

A flaw was found in PHP. This vulnerability allows remote code execution via a crafted code path involving the set magic method or the null coalescing assignment ??= operator, in combination with exception handling. Attackers can trigger a use-after-free condition by controlling the memory layout...

CVE-2025-43003

SAP S/4 HANA allows an authenticated attacker with user privileges to configure a field not intended for their access and create a custom UI layout displaying this field. On performing this step the attacker could gain access to highly sensitive information. This could cause a high impact on...

CVE-2025-46738

An authenticated attacker can maliciously modify layout data files in the SEL-5033 installation directory to execute arbitrary code...